shehabnews.com Open in urlscan Pro
34.98.96.165 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A...
Submission: On November 24 via manual (November 24th 2022, 7:06:50 pm UTC) from US — Scanned from DE

Summary HTTP 241 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 51 IPs in 5 countries across 40 domains to perform 241 HTTP transactions. The main IP is 34.98.96.165, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is shehabnews.com. The Cisco Umbrella rank of the primary domain is 777718.
TLS certificate: Issued by GTS CA 1D4 on November 9th 2022. Valid for: 3 months.

This is the only time shehabnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	34.98.96.165 34.98.96.165	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
3	2600:9000:225... 2600:9000:225e:600:f:259d:3c40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	23.35.236.122 23.35.236.122	16625 (AKAMAI-AS) (AKAMAI-AS)
2	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:4780:a:3... 2a02:4780:a:378:0:159c:ed2f:11	47583 (AS-HOSTINGER) (AS-HOSTINGER)
2	2606:4700:310... 2606:4700:3108::ac42:2895	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3036::ac43:bda6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:b15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	52.222.236.74 52.222.236.74	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223c:4400:9:aa8b:700:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:225... 2600:9000:225e:4c00:1e:aead:3c80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
8	172.67.162.238 172.67.162.238	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:83a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 14	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
47	40.66.60.204 40.66.60.204	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.147.29 18.66.147.29	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3033::ac43:af62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2606:4700:10:... 2606:4700:10::6816:4bab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::ac43:a822	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	18.66.112.15 18.66.112.15	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6810:a710	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::6815:238b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.190.41.116 35.190.41.116	15169 (GOOGLE) (GOOGLE)
7	2600:9000:223... 2600:9000:223d:ae00:c:1fa5:2f00:93a1	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
8	45.154.206.74 45.154.206.74	48357 (K4X) (K4X)
2	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
2	106.53.80.65 106.53.80.65	() ()
241	51

21 34.98.96.165 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 165.96.98.34.bc.googleusercontent.com

shehabnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:225e:600:f:259d:3c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.jubnaadserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.35.236.122 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-122.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

egy.koooora-online.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:4780:a:378:0:159c:ed2f:11 (Manchester, United Kingdom)

ASN47583 (AS-HOSTINGER, CY)

koraarabia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3108::ac42:2895 (United States)

ASN13335 (CLOUDFLARENET, US)

online.alkoora.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::ac43:bda6 (United States)

ASN13335 (CLOUDFLARENET, US)

yalla-shoot-fawry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:b15 (United States)

ASN13335 (CLOUDFLARENET, US)

stad.yalla-shoot.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:4400:9:aa8b:700:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.jubnaadserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:225e:4c00:1e:aead:3c80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.jubnaadserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.162.238 (United States)

ASN13335 (CLOUDFLARENET, US)

earthquakecensus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:83a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bitmovin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 40.66.60.204 (Paris, France)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

kareeem10-frct1.streaming.media.azure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-29.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::ac43:af62 (United States)

ASN13335 (CLOUDFLARENET, US)

swarm.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:4bab (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:a822 (United States)

ASN13335 (CLOUDFLARENET, US)

awstats.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-15.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:a710 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnondemand.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:238b (United States)

ASN13335 (CLOUDFLARENET, US)

nigdom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.41.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.41.190.35.bc.googleusercontent.com

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:223d:ae00:c:1fa5:2f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.jubnaadserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 45.154.206.74 (United Kingdom)

ASN48357 (K4X, EE)

ceahiqnkwcwo.cdnexpress59.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 106.53.80.65 (None, )

ASN- ()

cn.cdnbye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	azure.net kareeem10-frct1.streaming.media.azure.net	3 MB
23	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	361 KB
21	shehabnews.com shehabnews.com — Cisco Umbrella Rank: 777718	1 MB
15	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 stats.g.doubleclick.net — Cisco Umbrella Rank: 94 static.doubleclick.net — Cisco Umbrella Rank: 247	111 KB
15	jubnaadserve.com app.jubnaadserve.com — Cisco Umbrella Rank: 87330 static.jubnaadserve.com — Cisco Umbrella Rank: 114886 cdn.jubnaadserve.com — Cisco Umbrella Rank: 179934 images.jubnaadserve.com — Cisco Umbrella Rank: 152959	273 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	172 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 52 jnn-pa.googleapis.com — Cisco Umbrella Rank: 201	34 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 82	763 KB
8	cdnexpress59.net ceahiqnkwcwo.cdnexpress59.net	4 MB
8	earthquakecensus.com earthquakecensus.com — Cisco Umbrella Rank: 383943	95 KB
8	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1604 m.addthis.com — Cisco Umbrella Rank: 1579 api-public.addthis.com — Cisco Umbrella Rank: 4579	221 KB
5	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 4138 adservice.google.com — Cisco Umbrella Rank: 83 www.google.com — Cisco Umbrella Rank: 2	1 KB
4	cdnondemand.org cdnondemand.org — Cisco Umbrella Rank: 418799	114 KB
4	amung.us 2 redirects whos.amung.us — Cisco Umbrella Rank: 12679 widgets.amung.us — Cisco Umbrella Rank: 19619	4 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 400	567 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 640 script.hotjar.com — Cisco Umbrella Rank: 870 vars.hotjar.com — Cisco Umbrella Rank: 925	76 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 178	142 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5405 adservice.google.de — Cisco Umbrella Rank: 7898	1 KB
3	bitmovin.com cdn.bitmovin.com — Cisco Umbrella Rank: 28540	692 KB
2	cdnbye.com cn.cdnbye.com	543 B
2	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 5496	634 B
2	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 17811	2 KB
2	swarm.video swarm.video — Cisco Umbrella Rank: 66512	255 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 40	20 KB
2	yalla-shoot-fawry.com yalla-shoot-fawry.com	4 KB
2	alkoora.live online.alkoora.live — Cisco Umbrella Rank: 109194	10 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 144	87 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 67	118 KB
1	nigdom.com nigdom.com — Cisco Umbrella Rank: 134716	34 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2163	257 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	700 B
1	awstats.cloud awstats.cloud — Cisco Umbrella Rank: 86937
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1833	707 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 407	1 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 788	25 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	6 KB
1	yalla-shoot.io stad.yalla-shoot.io — Cisco Umbrella Rank: 214358	5 KB
1	koraarabia.com koraarabia.com	5 KB
1	koooora-online.com egy.koooora-online.com — Cisco Umbrella Rank: 255695	5 KB
0	koragol.com Failed sports.koragol.com Failed
241	40

	Domain	Requested by
47	kareeem10-frct1.streaming.media.azure.net	cdn.jsdelivr.net cdn.bitmovin.com
21	shehabnews.com	shehabnews.com
15	tpc.googlesyndication.com	googleads.g.doubleclick.net
13	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com googleads.g.doubleclick.net shehabnews.com
9	www.youtube.com	shehabnews.com www.youtube.com
8	ceahiqnkwcwo.cdnexpress59.net	swarm.video
8	fonts.gstatic.com	www.youtube.com yalla-shoot-fawry.com fonts.googleapis.com
8	earthquakecensus.com	koraarabia.com earthquakecensus.com yalla-shoot-fawry.com
8	pagead2.googlesyndication.com	shehabnews.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
7	images.jubnaadserve.com	shehabnews.com
6	fonts.googleapis.com	static.jubnaadserve.com earthquakecensus.com googleads.g.doubleclick.net
6	s7.addthis.com	shehabnews.com s7.addthis.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	cdnondemand.org	earthquakecensus.com cdnondemand.org
4	jnn-pa.googleapis.com	www.youtube.com
4	cdn.jsdelivr.net	online.alkoora.live earthquakecensus.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	cdn.bitmovin.com	stad.yalla-shoot.io cdn.bitmovin.com
3	cdn.jubnaadserve.com	shehabnews.com static.jubnaadserve.com
3	app.jubnaadserve.com	shehabnews.com app.jubnaadserve.com
2	cn.cdnbye.com	cdn.jsdelivr.net
2	pro.ip-api.com	cdn.jsdelivr.net
2	www.google.com	2 redirects
2	youradexchange.com	cdnondemand.org
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	widgets.amung.us	earthquakecensus.com
2	whos.amung.us	2 redirects
2	swarm.video	earthquakecensus.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	static.jubnaadserve.com	app.jubnaadserve.com
2	yalla-shoot-fawry.com	shehabnews.com yalla-shoot-fawry.com
2	online.alkoora.live	shehabnews.com
2	static.hotjar.com	shehabnews.com
2	connect.facebook.net	shehabnews.com connect.facebook.net
2	www.googletagmanager.com	shehabnews.com
1	nigdom.com	earthquakecensus.com
1	api-public.addthis.com	s7.addthis.com
1	vc.hotjar.io	script.hotjar.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	static.doubleclick.net	www.youtube.com
1	awstats.cloud	earthquakecensus.com
1	www.google.de	shehabnews.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	vars.hotjar.com	static.hotjar.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	maxcdn.bootstrapcdn.com	static.jubnaadserve.com
1	cdnjs.cloudflare.com	static.jubnaadserve.com
1	script.hotjar.com	static.hotjar.com
1	stad.yalla-shoot.io	shehabnews.com
1	koraarabia.com	shehabnews.com
1	egy.koooora-online.com	shehabnews.com
0	sports.koragol.com Failed	shehabnews.com
241	56

This site contains links to these domains. Also see Links.

Domain
shehabsport.com
www.beinsports.com
app.jubnaadserve.com
atyaf.co
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.tiktok.com
t.me
www.baaz.com
play.google.com

Subject Issuer	Validity	Valid
shehabnews.com GTS CA 1D4	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.jubna.com Amazon	`2022-08-29` - `2023-09-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-03` - `2022-12-02`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
*.koooora-online.com E1	`2022-11-19` - `2023-02-17`	3 months	crt.sh
koraarabia.com R3	`2022-11-18` - `2023-02-16`	3 months	crt.sh
online.alkoora.live GTS CA 1P5	`2022-10-26` - `2023-01-24`	3 months	crt.sh
*.yalla-shoot-fawry.com E1	`2022-11-08` - `2023-02-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-29` - `2023-05-29`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
*.earthquakecensus.com E1	`2022-10-03` - `2023-01-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.streaming.mediaservices.windows.net Microsoft Azure TLS Issuing CA 01	`2022-11-20` - `2023-11-15`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.hotjar.io Amazon	`2022-07-18` - `2023-08-16`	a year	crt.sh
*.nigdom.com GTS CA 1P5	`2022-11-17` - `2023-02-15`	3 months	crt.sh
youradexchange.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-20` - `2023-06-20`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
ceahiqnkwcwo.cdnexpress59.net R3	`2022-10-04` - `2023-01-02`	3 months	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
*.cdnbye.com TrustAsia RSA DV TLS CA G2	`2022-04-21` - `2023-04-21`	a year	crt.sh

This page contains 31 frames:

Primary Page: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
Frame ID: 0BBEC18CE8A7D42303CD2ECDC909CADA
Requests: 69 HTTP requests in this frame

Frame: https://egy.koooora-online.com/archives/albaplayer/bein-premium-1hd
Frame ID: 44B6943D764C5ADA7F90AA53B80FFD6F
Requests: 8 HTTP requests in this frame

Frame: https://koraarabia.com/albaplayer/bein-max/
Frame ID: 18E7BF91993D752B59AA738C03245B72
Requests: 1 HTTP requests in this frame

Frame: https://online.alkoora.live/albaplayer/on-time-1/
Frame ID: FFB99A0106A64EF6BD8D0C9AA813BC3A
Requests: 28 HTTP requests in this frame

Frame: https://sports.koragol.com/tv1/hd4.php
Frame ID: 4B06CC91AA09ADCA85655DFD67D7004D
Requests: 1 HTTP requests in this frame

Frame: https://yalla-shoot-fawry.com/tv/bein-2.html
Frame ID: 73DCA70AD287F3EE27F4AD2CD2ED20DD
Requests: 2 HTTP requests in this frame

Frame: https://online.alkoora.live/albaplayer/on-time-1/
Frame ID: DC029665E5F8D10ACCA67E69F356C415
Requests: 28 HTTP requests in this frame

Frame: https://stad.yalla-shoot.io/live/1-11.php
Frame ID: 338B037CBF56ED53332A76921F96690D
Requests: 15 HTTP requests in this frame

Frame: https://sports.koragol.com/tv1/test4.php
Frame ID: 8E226DDD1DB7CB28A4DEEE7BB9F21C7E
Requests: 1 HTTP requests in this frame

Frame: https://sports.koragol.com/tv1/hd44.php
Frame ID: 01EDBF6C2C2B156BE84EB40394F2DAB6
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/5VtrmK81NG4?rel=0
Frame ID: 77C7D865D7A2DA367213D4EDD55DE524
Requests: 16 HTTP requests in this frame

Frame: https://static.jubnaadserve.com/ar/wid-info
Frame ID: 0C033CCC52F45F12A33EB01C006ED85F
Requests: 5 HTTP requests in this frame

Frame: https://earthquakecensus.com/embed/8l9tt8qo
Frame ID: F9C6A0392FECC4164628BD7D82D573A9
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: F93AA12F54E5D74540AA0D43EFCDD48E
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 29075393D2756968BD1925D8C5E417FA
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: A9A8EE97F53A38CA916900C360013CF8
Requests: 1 HTTP requests in this frame

Frame: https://yalla-shoot-fawry.com/live/bein-2.html
Frame ID: 3255DF83B0F3C1745F995515F0932385
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: 46F1D701436283CC1D7BCF0916D64C18
Requests: 1 HTTP requests in this frame

Frame: https://earthquakecensus.com/embed/8l9tt8qo
Frame ID: D3E797895A662E5D2A7937DD31DF2A0C
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312870703983241&output=html&adk=1812271804&adf=3025194257&lmt=1669314219&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fshehabnews.com%2Fpost%2F111571%2F%25D8%25A8%25D8%25A7%25D9%2584%25D9%2581%25D9%258A%25D8%25AF%25D9%258A%25D9%2588-%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B1%25D8%25A7%25D8%25A9-%25D8%25A7%25D9%2584%25D8%25A8%25D8%25B1%25D8%25A7%25D8%25B2%25D9%258A%25D9%2584-%25D8%25B6%25D8%25AF-%25D8%25B5%25D8%25B1%25D8%25A8%25D9%258A%25D8%25A7-%25D8%25A8%25D8%25AB-%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B4%25D8%25B1-%25D9%2581%25D9%258A-%25D9%2583%25D8%25A3%25D8%25B3-%25D8%25A7%25D9%2584%25D8%25B9%25D8%25A7%25D9%2584%25D9%2585-2022&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669316803271&bpp=11&bdt=832&idt=732&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4174715100172&frm=20&pv=2&ga_vid=655335985.1669316804&ga_sid=1669316804&ga_hid=1811992265&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44768832%2C31070924%2C44777948%2C21065725&oid=2&pvsid=2312339259534014&tmod=1163560948&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=754
Frame ID: 5251E56360B54C675B135910DD2CBBE5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312870703983241&output=html&h=280&adk=2636393618&adf=1869635714&pi=t.aa~a.1380864147~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1669314219&rafmt=1&to=qs&pwprc=6601389906&format=1140x280&url=https%3A%2F%2Fshehabnews.com%2Fpost%2F111571%2F%25D8%25A8%25D8%25A7%25D9%2584%25D9%2581%25D9%258A%25D8%25AF%25D9%258A%25D9%2588-%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B1%25D8%25A7%25D8%25A9-%25D8%25A7%25D9%2584%25D8%25A8%25D8%25B1%25D8%25A7%25D8%25B2%25D9%258A%25D9%2584-%25D8%25B6%25D8%25AF-%25D8%25B5%25D8%25B1%25D8%25A8%25D9%258A%25D8%25A7-%25D8%25A8%25D8%25AB-%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B4%25D8%25B1-%25D9%2581%25D9%258A-%25D9%2583%25D8%25A3%25D8%25B3-%25D8%25A7%25D9%2584%25D8%25B9%25D8%25A7%25D9%2584%25D9%2585-2022&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669316803282&bpp=2&bdt=843&idt=836&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4174715100172&frm=20&pv=1&ga_vid=655335985.1669316804&ga_sid=1669316804&ga_hid=1811992265&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-970&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44768832%2C31070924%2C44777948%2C21065725&oid=2&pvsid=2312339259534014&tmod=1163560948&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NPKyqT7Zl6&p=https%3A//shehabnews.com&dtd=839
Frame ID: 41E25C3DA5A221075606386C1E6BBD24
Requests: 14 HTTP requests in this frame

Frame: https://earthquakecensus.com/deb.html
Frame ID: 70A8B63ECD3FF92E577110EBD041F010
Requests: 1 HTTP requests in this frame

Frame: https://earthquakecensus.com/deb.html
Frame ID: 2BB4D6E2499B02A31535F60C700705C0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: CE0F950060470FD11967DFC1B21E7C93
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: F4181B21B9EB01DE7A38B42F59BA8708
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: C68380DE7070B904E60D7F7893FCFF03
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A73E633154B1FF5944381361DE1D774D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E1A4F4648A16D599F72CB737460EE874
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
Frame ID: 5071214BFAE57261F8F1595A5E0C9A43
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
Frame ID: 38278A24CC0611D713DE9BD36E73FE71
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
Frame ID: FF6167E1CFC3A7C47EB6780C46D9C1DD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

بالفيديو مشاهدة مباراة البرازيل ضد صربيا بث مباشر في كأس العالم 2022 | وكالة شهاب الإخباريةFacebookTwitterWhatsAppTelegramMessengerEmail

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AddThis (Widgets) Expand

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

241
Requests

94 %
HTTPS

75 %
IPv6

40
Domains

56
Subdomains

51
IPs

5
Countries

13376 kB
Transfer

25354 kB
Size

20
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://shehabsport.com/matches/%d8%a7%d9%84%d8%a8%d8%b1%d8%a7%d8%b2%d9%8a%d9%84-%d8%b6%d8%af-%d8%b5%d8%b1%d8%a8%d9%8a%d8%a7/
Title: البرازيل وصربيا بث مباشر

Search URL Search Domain Scan URL

URL: https://www.beinsports.com/ar/
Title: البرازيل ضد صربيا بث مباشر

Search URL Search Domain Scan URL

URL: https://app.jubnaadserve.com/api/inclick/clck7cf44116f04458d821a2aa74e84e16d8?jlp=https%3A%2F%2Fshehabnews.com%2Fpost%2F111470%2F%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D9%85%D8%BA%D8%B1%D8%A8-%D8%B6%D8%AF-%D9%83%D8%B1%D9%88%D8%A7%D8%AA%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022%3Futm_source%3Djubna%26utm_medium%3Dreferral%26utm_campaign%3Djubna_trending
Title: بالفيديو مشاهدة مباراة المغرب ضد كرواتيا بث مباشر في كأس العالم 2022 | وكالة شهاب الإخبارية

Search URL Search Domain Scan URL

URL: https://app.jubnaadserve.com/api/inclick/clck2cde3c4fedaa77972f16844145dc2464?jlp=https%3A%2F%2Fshehabnews.com%2Fpost%2F111483%2F%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A3%D9%84%D9%85%D8%A7%D9%86%D9%8A%D8%A7-%D8%B6%D8%AF-%D8%A7%D9%84%D9%8A%D8%A7%D8%A8%D8%A7%D9%86-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022%3Futm_source%3Djubna%26utm_medium%3Dreferral%26utm_campaign%3Djubna_trending
Title: بالفيديو مشاهدة مباراة ألمانيا ضد اليابان بث مباشر في كأس العالم 2022 | وكالة شهاب الإخبارية

Search URL Search Domain Scan URL

URL: https://app.jubnaadserve.com/api/inclick/clckda1699432b46d02427dc360edc97277a?jlp=https%3A%2F%2Fshehabnews.com%2Fpost%2F111491%2F%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D8%B3%D8%A8%D8%A7%D9%86%D9%8A%D8%A7-%D8%B6%D8%AF-%D9%83%D9%88%D8%B3%D8%AA%D8%A7%D8%B1%D9%8A%D9%83%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022%3Futm_source%3Djubna%26utm_medium%3Dreferral%26utm_campaign%3Djubna_trending
Title: بالفيديو مشاهدة مباراة اسبانيا ضد كوستاريكا بث مباشر في كأس العالم 2022 | وكالة شهاب الإخبارية

Search URL Search Domain Scan URL

URL: https://app.jubnaadserve.com/api/inclick/clck2e14bdd9dbd71275a37b02b7786e5bbf?jlp=https%3A%2F%2Fshehabnews.com%2Fpost%2F111470%2F%D8%A7%D9%84%D9%85%D8%BA%D8%B1%D8%A8-%D9%88%D9%83%D8%B1%D9%88%D8%A7%D8%AA%D9%8A%D8%A7-%D9%8A%D8%AA%D8%B9%D8%A7%D8%AF%D9%84%D8%A7%D9%86-%D8%A8%D8%AF%D9%88%D9%86-%D8%A3%D9%87%D8%AF%D8%A7%D9%81-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022%3Futm_source%3Djubna%26utm_medium%3Dreferral%26utm_campaign%3Djubna_trending
Title: المغرب وكرواتيا يتعادلان بدون أهداف في كأس العالم 2022 | وكالة شهاب الإخبارية

Search URL Search Domain Scan URL

URL: https://app.jubnaadserve.com/api/inclick/clckb5db43ead3a41bc79fa9516f6b14e916?jlp=https%3A%2F%2Fshehabnews.com%2Fpost%2F111403%2F%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D9%84%D8%AE%D8%B5-%D8%A3%D9%87%D8%AF%D8%A7%D9%81-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9-%D8%B6%D8%AF-%D8%A7%D9%84%D8%A3%D8%B1%D8%AC%D9%86%D8%AA%D9%8A%D9%86-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022%3Futm_source%3Djubna%26utm_medium%3Dreferral%26utm_campaign%3Djubna_trending
Title: بالفيديو ملخص أهداف مباراة السعودية ضد الأرجنتين في كأس العالم 2022 | وكالة شهاب الإخبارية

Search URL Search Domain Scan URL

URL: https://app.jubnaadserve.com/api/inclick/clckf0eb00f09d226f5e34c2935abb5fd6c9?jlp=https%3A%2F%2Fshehabnews.com%2Fpost%2F110795%2F%D8%AE%D8%A7%D8%B5-%D8%AE%D8%A8%D9%8A%D8%B1-%D8%A7%D9%82%D8%AA%D8%B5%D8%A7%D8%AF%D9%8A-%D9%8A%D9%83%D8%B4%D9%81-%D9%84%D9%80-%D8%B4%D9%87%D8%A7%D8%A8-%D8%A3%D8%B3%D8%A8%D8%A7%D8%A8-%D8%A7%D9%86%D9%87%D9%8A%D8%A7%D8%B1-%D8%B3%D8%B9%D8%B1-%D8%B5%D8%B1%D9%81-%D8%A7%D9%84%D8%AF%D9%88%D9%84%D8%A7%D8%B1-%D8%A3%D9%85%D8%A7%D9%85-%D8%A7%D9%84%D8%B4%D9%8A%D9%83%D9%84%3Futm_source%3Djubna%26utm_medium%3Dreferral%26utm_campaign%3Djubna_trending
Title: خاص خبير اقتصادي يكشف لـ شهاب أسباب انهيار سعر صرف الدولار أمام الشيكل | وكالة شهاب الإخبارية

Search URL Search Domain Scan URL

URL: https://app.jubnaadserve.com/api/inclick/clck66b524f8b1fa2a9f7dc514e64fbe1051?jlp=https%3A%2F%2Fshehabnews.com%2Fpost%2F111483%2F%D8%A7%D9%84%D9%8A%D8%A7%D8%A8%D8%A7%D9%86-%D8%AA%D9%82%D9%84%D8%A8-%D8%A7%D9%84%D8%B7%D8%A7%D9%88%D9%84%D8%A9-%D8%B9%D9%84%D9%89-%D8%A3%D9%84%D9%85%D8%A7%D9%86%D9%8A%D8%A7-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022%3Futm_source%3Djubna%26utm_medium%3Dreferral%26utm_campaign%3Djubna_trending
Title: اليابان تقلب الطاولة على ألمانيا في كأس العالم 2022 | وكالة شهاب الإخبارية

Search URL Search Domain Scan URL

URL: https://app.jubnaadserve.com/api/inclick/clckcaf4f5386a838a216a80cf593e123d11?jlp=https%3A%2F%2Fshehabnews.com%2Fpost%2F111356%2F%D8%A7%D9%86%D8%AC%D9%84%D8%AA%D8%B1%D8%A7-%D8%AA%D9%83%D8%AA%D8%B3%D8%AD-%D8%A5%D9%8A%D8%B1%D8%A7%D9%86-%D9%81%D9%8A-%D9%85%D9%88%D9%86%D8%AF%D9%8A%D8%A7%D9%84-%D9%82%D8%B7%D8%B1-2022%3Futm_source%3Djubna%26utm_medium%3Dreferral%26utm_campaign%3Djubna_trending
Title: انجلترا تكتسح إيران في مونديال قطر 2022 | وكالة شهاب الإخبارية

Search URL Search Domain Scan URL

URL: https://app.jubnaadserve.com/api/inclick/clck87a054b2db05e112f7611e2f9ae877d9?jlp=https%3A%2F%2Fshehabnews.com%2Fpost%2F111436%2F%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D9%81%D8%B1%D9%86%D8%B3%D8%A7-%D8%B6%D8%AF-%D8%A3%D8%B3%D8%AA%D8%B1%D8%A7%D9%84%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022%3Futm_source%3Djubna%26utm_medium%3Dreferral%26utm_campaign%3Djubna_trending
Title: بالفيديو مشاهدة مباراة فرنسا ضد أستراليا بث مباشر في كأس العالم 2022 | وكالة شهاب الإخبارية

Search URL Search Domain Scan URL

URL: http://atyaf.co/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Shehab.MainPage/

Search URL Search Domain Scan URL

URL: https://twitter.com/ShehabAgency?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor

Search URL Search Domain Scan URL

URL: https://www.instagram.com/shehabagency/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UChvBXfexWtP5gdGZespJnZw/featured

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@shehabagency?lang=ar

Search URL Search Domain Scan URL

URL: https://t.me/ShehabTelegram

Search URL Search Domain Scan URL

URL: https://www.baaz.com/shehab.agency

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.shehab.shehab_app

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://whos.amung.us/cwidget/h6qfsjssi5/000000ffffff.png HTTP 307
https://widgets.amung.us/draw/?w=colored&n=405200&c=000000ffffff&p=left

Request Chain 93

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 132

https://whos.amung.us/cwidget/h6qfsjssi5/000000ffffff.png HTTP 307
https://widgets.amung.us/draw/?w=colored&n=405200&c=000000ffffff&p=left

Request Chain 195

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 198

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

241 HTTP transactions
22 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request %D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1... Show response
shehabnews.com/post/111571/ 146 KB
31 KB 132ms
59ms Document
text/html 34.98.96.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.96.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 165.96.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 863e49b7fa41857e35ab5cb772a0e88f781cf497f518b16698bd0046339862af

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 31314
content-type: text/html
date: Thu, 24 Nov 2022 19:06:42 GMT
expires: Thu, 24 Nov 2022 19:06:42 GMT
last-modified: Thu, 24 Nov 2022 18:23:39 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 main.css
shehabnews.com/ 252 KB
42 KB 34ms
31ms Stylesheet
text/css 34.98.96.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://shehabnews.com/main.css
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.96.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 165.96.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 1430d9e6c12583774c0deb46943f671f4c6493905bab53391f277e49b57f07f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 13:03:13 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Sat, 28 Aug 2021 09:58:11 GMT
server: Apache
age: 1231409
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 42765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 197ms
98ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5312870703983241

Requested by

Host: shehabnews.com
URL: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10f57c6ee5ed06f7d6c6ed5a0279f28ab987671b4bb2e0b910a3b82fced5871a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shehabnews.com/
Origin: https://shehabnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49181
x-xss-protection: 0
server: cafe
etag: 15066932648343652679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 24 Nov 2022 19:06:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 181ms
88ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-169288917-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ef3fc81c28ca27ab74b5ae644b724e6d4696cec02005847c9153ef62c8969eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43680
x-xss-protection: 0
last-modified: Thu, 24 Nov 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 24 Nov 2022 19:06:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 140ms
47ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J94WBQNM5V

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd03ea671791f42bc1dffded117c4f283135f782d3ad1350dd244d7de5dc75b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76601
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 24 Nov 2022 19:06:42 GMT

GET
H3 200 logo.png
shehabnews.com/assets/images/ 24 KB
24 KB 178ms
175ms Image
image/png 34.98.96.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shehabnews.com/assets/images/logo.png?v=1.1
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.96.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 165.96.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 48f6a40df7da38bbee5e50f736d8499075dca18f7faf9089d56d78d711025d09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 16:22:31 GMT
via: 1.1 google
last-modified: Tue, 05 Apr 2022 13:48:35 GMT
server: Apache
age: 1046651
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 24622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 BdSEm.png
shehabnews.com/thumb/750x400/uploads/images/2022/11/ 425 KB
426 KB 173ms
170ms Image
image/png 34.98.96.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shehabnews.com/thumb/750x400/uploads/images/2022/11/BdSEm.png?v=1
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.96.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 165.96.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 9aa71f21f10c314828a1a72655c0225280a6baa650cd8cf11ac341ae3f213b8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 17:37:22 GMT
via: 1.1 google
last-modified: Thu, 24 Nov 2022 17:36:24 GMT
server: Apache
age: 5360
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 435680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 08bb0f866d0c322cc1be7ab21baf85cc Show response
app.jubnaadserve.com/api/widget/ 49 KB
50 KB 89ms
37ms Script
application/javascript 2600:9000:225e:600:f:259d:3c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.jubnaadserve.com/api/widget/08bb0f866d0c322cc1be7ab21baf85cc
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:600:f:259d:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a1cb3cf905c857922563cc88ce311318a5f8be5435e83a3f963541f4815d30d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Nov 2022 19:06:42 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=259200, public
x-amz-cf-id: ktNtVvPvoacUcwRfbSQTEpoT2yUlfQn3kErDixKDgreT9TNt3o-OQg==

GET
H3 200 p6Few.gif
shehabnews.com/uploads/images/2022/10/ 270 KB
270 KB 195ms
192ms Image
image/gif 34.98.96.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shehabnews.com/uploads/images/2022/10/p6Few.gif
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.96.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 165.96.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 56ab732c57aa1dd93224b47c4ea599fc1b045a9f9c81162482d6fb8a3a119746

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 19:06:42 GMT
via: 1.1 google
last-modified: Thu, 13 Oct 2022 10:54:44 GMT
server: Apache
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
access-control-allow-headers: *
content-length: 276548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 24 Dec 2022 19:06:42 GMT

GET
H3 200 footer-logo.png
shehabnews.com/assets/images/ 4 KB
4 KB 171ms
168ms Image
image/png 34.98.96.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shehabnews.com/assets/images/footer-logo.png?v=1.1
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.96.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 165.96.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 25a2ecc0ecf7dd20ac03d0376e908821909d7600fad2c6b3909042a30049a84f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 13:01:45 GMT
via: 1.1 google
last-modified: Thu, 14 Apr 2022 11:50:23 GMT
server: Apache
age: 1231497
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 4328
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 atyafco.png
shehabnews.com/assets/images/ 1 KB
1 KB 177ms
174ms Image
image/png 34.98.96.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shehabnews.com/assets/images/atyafco.png
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.96.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 165.96.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: cf979ad00f3d0be695306dc68d25e8e958de12331f27c468d5062c59efae03b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 13:01:45 GMT
via: 1.1 google
last-modified: Tue, 04 May 2021 12:09:00 GMT
server: Apache
age: 1231497
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1445
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 28ms
9ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3119c8e75125e15e49405cd27598d9fcad880b2e8a772c341e4a027c2b190462

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 19:06:42 GMT
content-md5: FQ3Y/7mrifHa3zKoush2hw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: Ken7LZIGe03jIRPMvT7E6xj/GYUWIeWK0G93swLAt6Q0ZnnYaoDFA+0jnIdYq5OtntfuwdiYD1SQa8kuwFHt+A==
x-fb-trip-id: 686109401
x-fb-content-md5: ee6860f66279c6954e8bd5b9c74cd3cc
cross-origin-opener-policy: same-origin-allow-popups
etag: "0219b1ee9c9c655ed3eac843ee9e6e77"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Thu, 24 Nov 2022 19:07:23 GMT

GET
H2 200 runtime.bundle.js Show response
shehabnews.com/ 1 KB
846 B 32ms
32ms Script
application/javascript 34.98.96.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://shehabnews.com/runtime.bundle.js?v=2.1
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.96.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 165.96.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 5ef4aebef51739ba8dc54847cf12b850562a4b56aecb218bce5840deacf70ec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 17:32:19 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Sat, 28 Aug 2021 10:34:01 GMT
server: Apache
age: 1128863
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 738
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 main.bundle.js Show response
shehabnews.com/ 109 KB
32 KB 36ms
31ms Script
application/javascript 34.98.96.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://shehabnews.com/main.bundle.js?v=2.1
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.96.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 165.96.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 2d36b3c980e5af4a5f82a6d04d39e07246d76beda2024e29f0260fe2d836d428

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 15:56:49 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Sat, 28 Aug 2021 10:33:58 GMT
server: Apache
age: 11393
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 32994
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 plugins.bundle.js Show response
shehabnews.com/ 188 KB
55 KB 45ms
41ms Script
application/javascript 34.98.96.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://shehabnews.com/plugins.bundle.js?v=2.1
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.96.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 165.96.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 08425cc4b28fee39ddaa61b09516226643e9c0d6854c25a004192792fa9dbe77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:05:22 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Sat, 28 Aug 2021 10:33:59 GMT
server: Apache
age: 122480
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 56205
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 form.bundle.js Show response
shehabnews.com/ 695 KB
176 KB 112ms
108ms Script
application/javascript 34.98.96.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://shehabnews.com/form.bundle.js?v=2.1
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.96.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 165.96.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 05d68c63bb0aea0ed7093a5e2a4c999066380848a3948717c51931f2bb36206c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 13:01:44 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Sat, 28 Aug 2021 10:33:56 GMT
server: Apache
age: 1231498
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 180395
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 jquery-3.2.1.min.js Show response
shehabnews.com/ 85 KB
29 KB 115ms
110ms Script
application/javascript 34.98.96.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://shehabnews.com/jquery-3.2.1.min.js
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.96.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 165.96.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 14:24:49 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 07 Dec 2017 13:31:12 GMT
server: Apache
age: 1140113
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 30138
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 moment-with-locales.js Show response
shehabnews.com/ 462 KB
93 KB 121ms
117ms Script
application/javascript 34.98.96.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://shehabnews.com/moment-with-locales.js
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.96.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 165.96.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 2bde280de9232c9f713fd1a9b4adcd2d385a87956885078a6cd16ad7bc59820c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 13:01:44 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 09 Apr 2018 06:52:20 GMT
server: Apache
age: 1231498
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 94764
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 moment-timezone-with-data.js Show response
shehabnews.com/ 190 KB
27 KB 103ms
99ms Script
application/javascript 34.98.96.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://shehabnews.com/moment-timezone-with-data.js
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.96.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 165.96.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 9b0430444ed374078b45fce59417e8bc02f7d28db8d27b638f2746ff69cf57d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:05:23 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 09 Apr 2018 06:52:20 GMT
server: Apache
age: 122479
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 27835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 o2.js Show response
shehabnews.com/ 2 KB
935 B 110ms
106ms Script
application/javascript 34.98.96.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://shehabnews.com/o2.js?v=2.1
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.96.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 165.96.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 7bbf38f04c2d40a266f96c2cda1652027eb31229bbc3e0ad3ba83496dadd6d01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 13:01:44 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Sat, 28 Aug 2021 11:06:54 GMT
server: Apache
age: 1231498
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 breaking.js Show response
shehabnews.com/ 2 KB
746 B 110ms
106ms Script
application/javascript 34.98.96.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://shehabnews.com/breaking.js
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.96.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 165.96.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 62e14ee0c347ecf461e96e9f12c56708b43a18bcce36c8badbe332f0d85bcda5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:05:23 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Sun, 23 May 2021 20:32:38 GMT
server: Apache
age: 122479
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 722
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 69ms
13ms Script
application/javascript 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-236-122.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 24 Nov 2022 19:06:42 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
x-host: s7.addthis.com
content-length: 116388

GET
H2 200 hotjar-3009994.js Show response
static.hotjar.com/c/ 6 KB
3 KB 57ms
8ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3009994.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

748905a8c83cce10463d0af35cb576c258fdbe20cf1fd786d18977334641de30

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 19:06:12 GMT
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 32
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/bc95b2af712961c3a3d7778953149ee9
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: uR-o7bl35JSa-VK9Ic5Zc2RNPZJG3ofn-FRcAzxnG1SZCHozDnYYow==

GET
H2 200 hotjar-2579684.js Show response
static.hotjar.com/c/ 6 KB
3 KB 61ms
12ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2579684.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

66d399202e4b2db3993d13927a2f77bbe6903604afeeb4d1b1cdc7e0cbfa6aac

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 19:06:42 GMT
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/3bde6ca2127b15310156358cf859ddb6
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: FEch3PPE752GYyhRwBa0-_TE0R_t3beVkSJqs1f8Ibjqs2MX-0-HpA==

GET
H3 200 header-bg.jpg
shehabnews.com/assets/images/ 90 KB
90 KB 170ms
170ms Image
image/jpeg 34.98.96.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shehabnews.com/assets/images/header-bg.jpg
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.96.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 165.96.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 6263ad9d5cb8c217878a30ad997ce3e73a6cafdf37ea49282635b7639dc6fac0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 16:16:08 GMT
via: 1.1 google
last-modified: Tue, 04 May 2021 12:09:00 GMT
server: Apache
age: 1047034
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 91944
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 HelveticaNeueMEforSKYW21-Rg_web.woff2
shehabnews.com/assets/font/ 49 KB
48 KB 39ms
39ms Font
font/woff2 34.98.96.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://shehabnews.com/assets/font/HelveticaNeueMEforSKYW21-Rg_web.woff2
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.96.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 165.96.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 558715e8dd6668102e5bd3c4da5d43f03cf329a3ba65d8903d42b879a0077f66

Request headers

Referer: https://shehabnews.com/main.css
Origin: https://shehabnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 20:03:13 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 04 May 2021 12:09:00 GMT
server: Apache
age: 1119809
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 49260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 bein-premium-1hd Show response
egy.koooora-online.com/archives/albaplayer/ Frame 44B6 14 KB
5 KB 123ms
76ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://egy.koooora-online.com/archives/albaplayer/bein-premium-1hd

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e03c5564607e48cf13186f760203dd1a522039e37edbd307ed3c996f1460e794

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shehabnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76f46c603d62b8a9-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 24 Nov 2022 19:06:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rm54o2eYWNCZNlRWNDCro35zqwrlqhCEbCMt%2BrbxXzTapJfXyTpmbAAZPYpcg7jt8OXVGRN9CsgZMf7KQLzna6vssWoOFfE3fKS3IWV0HXpUe4IKVXFtFQ5qCuiEsN%2FKNf2%2FogULYYZ0Yiw3Kai8d%2B3v9Gqg"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: HIT
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
koraarabia.com/albaplayer/bein-max/ Frame 18E7 11 KB
5 KB 161ms
47ms Document
text/html 2a02:4780:a:378:0:159c:ed2f:11
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://koraarabia.com/albaplayer/bein-max/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:a:378:0:159c:ed2f:11 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.32

Resource Hash

f2ae3ad921aab18f398416e3c0631a382d2ee2ab099d585fec681b1b490727a0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://shehabnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 4626
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 24 Nov 2022 19:06:42 GMT
etag: "477554-1669315632;br"
link: <https://koraarabia.com/wp-json/>; rel="https://api.w.org/" <https://koraarabia.com/?p=57902>; rel=shortlink
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding
x-litespeed-cache: hit
x-powered-by: PHP/7.4.32

GET
H3 200 HelveticaNeueMEforSKYW21-Bd_web.woff2
shehabnews.com/assets/font/ 49 KB
48 KB 34ms
34ms Font
font/woff2 34.98.96.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://shehabnews.com/assets/font/HelveticaNeueMEforSKYW21-Bd_web.woff2
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.96.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 165.96.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: f8b1efffaf85dff743257c1b4b8650dcfe52034ea1e1a13804d022f403509eb4

Request headers

Referer: https://shehabnews.com/main.css
Origin: https://shehabnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 09:05:23 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 04 May 2021 12:09:00 GMT
server: Apache
age: 122479
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 49216
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 / Show response
online.alkoora.live/albaplayer/on-time-1/ Frame FFB9 16 KB
5 KB 77ms
40ms Document
text/html 2606:4700:3108::ac42:2895
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://online.alkoora.live/albaplayer/on-time-1/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2895 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9b46ce552aeb702d9a260987b3e2805e21145f44432ebbcf56c4628c36f9e5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shehabnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76f46c6019939052-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 24 Nov 2022 19:06:42 GMT
link: <https://online.alkoora.live/wp-json/>; rel="https://api.w.org/", <https://online.alkoora.live/?p=18>; rel=shortlink
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: HIT
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

GET hd4.php
sports.koragol.com/tv1/ Frame 4B06 0
0

GET
H2 200 bein-2.html Show response
yalla-shoot-fawry.com/tv/ Frame 73DC 9 KB
4 KB 315ms
259ms Document
text/html 2606:4700:3036::ac43:bda6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yalla-shoot-fawry.com/tv/bein-2.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:bda6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dae7b6f6d532b8ac018ec8bfb07eecdc7b789f12dd2548f7556a64b552a4b73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shehabnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76f46c6039c978a6-VIE
content-encoding: br
content-type: text/html
date: Thu, 24 Nov 2022 19:06:42 GMT
last-modified: Mon, 21 Nov 2022 12:52:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cf4ZK83wrPIX1Mov7jrg%2FNHq4lOgHFrZ7ZIgbYPw9OPs%2F5j6c1Vd9dqrZ12JWUYgBIbEyDhSEqpfw7vIl8%2BrSDtmojCoQb98hmGD06COmUMNd2lachzMYEtq%2By3ckZGMTeg%2BkUEHmnitm4YF4JVpEf7W210%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: HIT
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
online.alkoora.live/albaplayer/on-time-1/ Frame DC02 16 KB
5 KB 85ms
51ms Document
text/html 2606:4700:3108::ac42:2895
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://online.alkoora.live/albaplayer/on-time-1/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2895 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9b46ce552aeb702d9a260987b3e2805e21145f44432ebbcf56c4628c36f9e5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shehabnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76f46c6019989052-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 24 Nov 2022 19:06:42 GMT
link: <https://online.alkoora.live/wp-json/>; rel="https://api.w.org/", <https://online.alkoora.live/?p=18>; rel=shortlink
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: HIT
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

GET
H2 200 1-11.php Show response
stad.yalla-shoot.io/live/ Frame 338B 11 KB
5 KB 149ms
117ms Document
text/html 2606:4700:20::681a:b15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stad.yalla-shoot.io/live/1-11.php
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ba39d7c9b32afde1d742bd0f3d23185a1bc51edc86c73fb9320b0b3b4ef67eb

Request headers

Referer: https://shehabnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 76f46c601c37bb9e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 24 Nov 2022 19:06:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BjVvokcVhaPDx2YxcJGWfl8t0vcEyYXXriyZBxMd86NrSm1PvX1iPuTMxvj5WHMzdDVbb5hwnAFuSVb0rMyG2zfvOuQZ33685ECuKNmclgX2eGWdEBi%2BWKxReZthRTqG4E1JJ6LCNpK3KqvDwyyOZFg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-fastcgi-cache: BYPASS

GET test4.php
sports.koragol.com/tv1/ Frame 8E22 0
0

GET hd44.php
sports.koragol.com/tv1/ Frame 01ED 0
0

GET
H2 200 5VtrmK81NG4 Show response
www.youtube.com/embed/ Frame 77C7 61 KB
27 KB 191ms
95ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/5VtrmK81NG4?rel=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

22edf534b44d034339eb2b5eb10cf6e91b32655a50a086fd12536b165e6f6a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shehabnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 19:06:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc5152fc29a4f1e3632f03133aecd83f55d1f257dc2ac3480c24b0b8d1f4aa57

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 300 KB
85 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=bb53192083fa8915167bc08319eb0848

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1c9dd95dbc24d47bf229ac9eed6cf938aebb0e61c479527c04ff368781ee562a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://shehabnews.com/
Origin: https://shehabnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 19:06:42 GMT
content-md5: sfXHAfaicNjqPpvpgFPA6A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86898
x-fb-rlafr: 0
x-fb-debug: SMEpUpcN0x05kbwzFn+FMiAa5EfdYwkRK8TpNMdSZ0CEDvNZVkXBHluI1daCgQgw8jTF5xIRvqaejMpDT30epQ==
x-fb-content-md5: e7094dd7d19621299fd1b023a7f0da23
cross-origin-opener-policy: same-origin-allow-popups
etag: "bc5b18120af4f92a66f82a64f1feb9ff"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 24 Nov 2023 17:56:54 GMT

GET
H2 200 modules.e1bdbadbcc63daea6270.js Show response
script.hotjar.com/ 263 KB
68 KB 39ms
9ms Script
application/javascript 52.222.236.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e1bdbadbcc63daea6270.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3009994.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-74.fra56.r.cloudfront.net

Software

Resource Hash

92d302a80bb49dc2b379f3a4996f276d8ca392c07435557c06e55d5ba876daaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 08:09:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 39456
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68720
last-modified: Thu, 24 Nov 2022 08:08:08 GMT
etag: "53db6c810ee48127f87a9c79e206fc67"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ASQJRQgKlMLpX4bJGGtd6iAyWjL4MGPsLURexZ_6uDP2_b_H2y5bqQ==

GET
H2 200 wid-info Show response
static.jubnaadserve.com/ar/ Frame 0C03 10 KB
10 KB 59ms
11ms Document
text/html 2600:9000:223c:4400:9:aa8b:700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.jubnaadserve.com/ar/wid-info
Requested by: Host: app.jubnaadserve.com
URL: https://app.jubnaadserve.com/api/widget/08bb0f866d0c322cc1be7ab21baf85cc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4400:9:aa8b:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a3b07fd68438e49a69e669bba6332cf92dfc38cbd335743dbf365056a4164d52

Request headers

Referer: https://shehabnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14461457
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Fri, 10 Jun 2022 10:02:25 GMT
server: nginx/1.18.0 (Ubuntu)
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-amz-cf-id: gTqOj9ih1Ab8NNGE7zkH_iOH21eU75Br0FCE0EfdBHgjrcIn6EXwvg==
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront

GET
H2 200 content Show response
app.jubnaadserve.com/api/page/ 0
298 B 61ms
60ms Script
application/javascript 2600:9000:225e:600:f:259d:3c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.jubnaadserve.com/api/page/content?rq_p=aHR0cHM6Ly9zaGVoYWJuZXdzLmNvbS9wb3N0LzExMTU3MS8lRDglQTglRDglQTclRDklODQlRDklODElRDklOEElRDglQUYlRDklOEElRDklODgtJUQ5JTg1JUQ4JUI0JUQ4JUE3JUQ5JTg3JUQ4JUFGJUQ4JUE5LSVEOSU4NSVEOCVBOCVEOCVBNyVEOCVCMSVEOCVBNyVEOCVBOS0lRDglQTclRDklODQlRDglQTglRDglQjElRDglQTclRDglQjIlRDklOEElRDklODQtJUQ4JUI2JUQ4JUFGLSVEOCVCNSVEOCVCMSVEOCVBOCVEOSU4QSVEOCVBNy0lRDglQTglRDglQUItJUQ5JTg1JUQ4JUE4JUQ4JUE3JUQ4JUI0JUQ4JUIxLSVEOSU4MSVEOSU4QS0lRDklODMlRDglQTMlRDglQjMtJUQ4JUE3JUQ5JTg0JUQ4JUI5JUQ4JUE3JUQ5JTg0JUQ5JTg1LTIwMjI%3D&rfs=&rq_pt=JUQ4JUE4JUQ4JUE3JUQ5JTg0JUQ5JTgxJUQ5JThBJUQ4JUFGJUQ5JThBJUQ5JTg4JTIwJUQ5JTg1JUQ4JUI0JUQ4JUE3JUQ5JTg3JUQ4JUFGJUQ4JUE5JTIwJUQ5JTg1JUQ4JUE4JUQ4JUE3JUQ4JUIxJUQ4JUE3JUQ4JUE5JTIwJUQ4JUE3JUQ5JTg0JUQ4JUE4JUQ4JUIxJUQ4JUE3JUQ4JUIyJUQ5JThBJUQ5JTg0JTIwJUQ4JUI2JUQ4JUFGJTIwJUQ4JUI1JUQ4JUIxJUQ4JUE4JUQ5JThBJUQ4JUE3JTIwJUQ4JUE4JUQ4JUFCJTIwJUQ5JTg1JUQ4JUE4JUQ4JUE3JUQ4JUI0JUQ4JUIxJTIwJUQ5JTgxJUQ5JThBJTIwJUQ5JTgzJUQ4JUEzJUQ4JUIzJTIwJUQ4JUE3JUQ5JTg0JUQ4JUI5JUQ4JUE3JUQ5JTg0JUQ5JTg1JTIwMjAyMiUyMCU3QyUyMCVEOSU4OCVEOSU4MyVEOCVBNyVEOSU4NCVEOCVBOSUyMCVEOCVCNCVEOSU4NyVEOCVBNyVEOCVBOCUyMCVEOCVBNyVEOSU4NCVEOCVBNSVEOCVBRSVEOCVBOCVEOCVBNyVEOCVCMSVEOSU4QSVEOCVBOQ%3D%3D&rq_pi=aHR0cHMlM0ElMkYlMkZzaGVoYWJuZXdzLmNvbSUyRnRodW1iJTJGMTIwMHg2MzAlMkZ1cGxvYWRzJTJGaW1hZ2VzJTJGMjAyMiUyRjExJTJGQmRTRW0ucG5nJTNGdiUzRDE%3D
Requested by: Host: app.jubnaadserve.com
URL: https://app.jubnaadserve.com/api/widget/08bb0f866d0c322cc1be7ab21baf85cc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:600:f:259d:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:42 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: w0omio3pTSSAILBrFe66LRkMzBajdfDvjcI7AX5v9XIGZ-ah2NT7IA==

GET
H2 200 close_grey.png
cdn.jubnaadserve.com/images/jubna-ads-logo/icons/ 954 B
1 KB 47ms
9ms Image
image/png 2600:9000:225e:4c00:1e:aead:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jubnaadserve.com/images/jubna-ads-logo/icons/close_grey.png
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:4c00:1e:aead:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4bb8d709382e7b3b4faeeb1c416d0901763c91bc04bfed955e2d9df52c3a6093

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 05:33:27 GMT
via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
last-modified: Wed, 30 Jun 2021 12:42:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 19402396
etag: "533044b0c0d824a9ff42d1b225108b05"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 954
x-amz-cf-id: IP27Ax9_NLR4K01xc7MkVbYvP2gNdQdiI2rjauXPTRUjMKHkayfNRA==

GET
DATA 200
OK truncated
/ 161 B
161 B Image
image/vnd.ms-photo

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/vnd.ms-photo

GET
H2 200 cdnbye@latest Show response
cdn.jsdelivr.net/npm/ Frame FFB9 525 KB
144 KB 71ms
41ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cdnbye@latest

Requested by

Host: online.alkoora.live
URL: https://online.alkoora.live/albaplayer/on-time-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e237fa7ceb4574406b727e55d86b336bfa1b53d5b100524dd37e1db5b7bb0faa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8658
x-jsd-version: 1.20.10
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19124-FRA, cache-yyz4564-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"833b0-J7+Mth+kCvTEfA4z+WK7V2rxbO8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZFsTOdlrb1mUn%2FGipu0El4KefbdAGe%2FxfdSxnu5pjko%2Flc8%2B0g5rdDfBXl4sKc4StPuMjhfVXZZ2F8KQFybwzsp0gwDKlbJif23HGQxok5jNWBZiINoEcWUhkCWOQCMeZuqhL953HARMY8V8o0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 76f46c60cb58900a-FRA

GET
H2 200 cdnbye@latest Show response
cdn.jsdelivr.net/npm/ Frame DC02 525 KB
145 KB 50ms
33ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cdnbye@latest

Requested by

Host: online.alkoora.live
URL: https://online.alkoora.live/albaplayer/on-time-1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e237fa7ceb4574406b727e55d86b336bfa1b53d5b100524dd37e1db5b7bb0faa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8658
x-jsd-version: 1.20.10
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19124-FRA, cache-yyz4564-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"833b0-J7+Mth+kCvTEfA4z+WK7V2rxbO8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYKT92mNaifT5XkUl9GlOYUDWPAdL8AnRVBeurMdVjPFlI%2BHD7BlPme3cc9dEe%2FyGTlkAYcBYNtz4OzAEskcCh2B4oUSxwM6CmcwMqUpVttY5o4OiG%2BpyR9WoTSu%2Bfq6tc1kQTfJQkg12V9UUeE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 76f46c60cb5d900a-FRA

GET
DATA 200
OK truncated
/ 35 B
35 B Image
image/jxl

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/jxl

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame 0C03 30 KB
6 KB 58ms
27ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: static.jubnaadserve.com
URL: https://static.jubnaadserve.com/ar/wid-info

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.jubnaadserve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1197191
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aiS%2Ft3L%2BrmzcTTJowq4H5uzrJfibZENNla8xvIngyiODaB82JEA6bap9HvK66DO2NGQz3A3EmQ8Qj2w9sdj2%2Bx0vSKYdoZ3s6ORuXpb9pxzi3C26F%2BfUdvmN4Q6svQGbKJcsqbhK8u3NiwK59aNengTH"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76f46c616a61bb37-FRA
expires: Tue, 14 Nov 2023 19:06:42 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/ Frame 0C03 157 KB
25 KB 50ms
33ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css

Requested by

Host: static.jubnaadserve.com
URL: https://static.jubnaadserve.com/ar/wid-info

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.jubnaadserve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 601
age: 13340813
cdn-cachedat: 08/03/2021 15:44:07
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0c835de6853c3382b93a518481c93460
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 76f46c6158d3904c-FRA
cdn-requestpullsuccess: True

GET
H2 200 css2
fonts.googleapis.com/ Frame 0C03 4 KB
998 B 143ms
48ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Cairo:wght@300;400;600;700&display=swap

Requested by

Host: static.jubnaadserve.com
URL: https://static.jubnaadserve.com/ar/wid-info

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3e2518463a591e1f683f93f0a0c5af563985747200820937ca37e48f16331c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.jubnaadserve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Nov 2022 19:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Nov 2022 17:57:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Nov 2022 19:06:42 GMT

GET
H2 200 logo_en.png
cdn.jubnaadserve.com/images/dashboard/ Frame 0C03 3 KB
3 KB 7ms
7ms Image
image/png 2600:9000:225e:4c00:1e:aead:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jubnaadserve.com/images/dashboard/logo_en.png
Requested by: Host: static.jubnaadserve.com
URL: https://static.jubnaadserve.com/ar/wid-info
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:4c00:1e:aead:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ac936bd064713af79db371132abcce7c64470bddd1a37920fc7f9dc3023eecb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.jubnaadserve.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 08:23:34 GMT
via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
last-modified: Tue, 04 Jan 2022 07:58:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 28032189
etag: "d612c46bcf7fef9b8227327f53f4c774"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3216
x-amz-cf-id: l9p2r6qO-dpmBMfVILsLpaD-qjDI-9Esbbhj0XDO9xPVHnrtbvadVw==

GET
H3 200 111571 Show response
shehabnews.com/v/posts/ 0
17 B 51ms
51ms XHR
text/html 34.98.96.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://shehabnews.com/v/posts/111571
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/plugins.bundle.js?v=2.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.96.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 165.96.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 19:06:43 GMT
via: 1.1 google
server: Apache
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 24 Nov 2022 19:06:43 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 36ms
7ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:43 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=15151
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
DATA 200
OK truncated
/ Frame 44B6 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 44B6 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 www-player.css
www.youtube.com/s/player/4eb6b35d/ Frame 77C7 359 KB
49 KB 122ms
40ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eb6b35d/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5VtrmK81NG4?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b47e5ab37362998b55b8d8eddca591867a23f45f2d8169f07e0d908463cd375c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5VtrmK81NG4?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:22:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49788
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 24 Nov 2023 12:22:47 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4eb6b35d/www-embed-player.vflset/ Frame 77C7 312 KB
97 KB 120ms
40ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eb6b35d/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5VtrmK81NG4?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2995690e9dfac900bebef6d09af2b89ddaa8a699ad19a0339d2938171b2d1ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5VtrmK81NG4?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 15:52:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 270853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99035
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 Nov 2023 15:52:30 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/ Frame 77C7 2 MB
580 KB 168ms
88ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5VtrmK81NG4?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd95ed1dc6e84cac53ee409bfe80e6a985e0efbba98dcba010a5bf2b76fdd2f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5VtrmK81NG4?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 15:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 270843
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 593364
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 Nov 2023 15:52:40 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4eb6b35d/fetch-polyfill.vflset/ Frame 77C7 9 KB
3 KB 166ms
86ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eb6b35d/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5VtrmK81NG4?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5VtrmK81NG4?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 15:52:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 270853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 Nov 2023 15:52:30 GMT

GET
DATA 200
OK truncated
/ Frame 44B6 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 44B6 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 44B6 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 44B6 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 44B6 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 311 B
0 Image
image/avif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/avif

GET
H2 200 8l9tt8qo Show response
earthquakecensus.com/embed/ Frame F9C6 35 KB
10 KB 411ms
368ms Document
text/html 172.67.162.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://earthquakecensus.com/embed/8l9tt8qo
Requested by: Host: koraarabia.com
URL: https://koraarabia.com/albaplayer/bein-max/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.162.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd2ef07d6a5bd3198ab2f4a0b49c690f6b2bcec6d743afb71433886864b379c1

Request headers

Referer: https://koraarabia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76f46c6479539a33-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 24 Nov 2022 19:06:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ir2vP%2BfN6tIpbsVV007QrpRpvDyLoFAwINjzmsMleXQ1aIzBciK%2Bkh28XN%2FAkGhkqfId8lcbosiVpuo3M8C0pZ2uirqQdz0w3sa7bwrdpGEtHEXeeT9YF3R3Kz%2BrQ2ePrsSjKYSfzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 bitmovinplayer.js Show response
cdn.bitmovin.com/player/web/8/ Frame 338B 2 MB
635 KB 104ms
60ms Script
application/javascript 2606:4700::6810:83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bitmovin.com/player/web/8/bitmovinplayer.js
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/live/1-11.php
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:83a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27633bb30a3d1b18d4e643890d245d0ff5d0e1ae03c0e0e9ef00cb84b57aee8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:43 GMT
content-encoding: br
cf-cache-status: HIT
age: 3064
x-guploader-uploadid: ADPycdts2Camm8efR5pZlAZOodv-0Zy6GP3UYCD-mYn7M-prlZR52uhVmx_t8mSQJ7BNrkiMY3FkkMnNWOZZ7DpSk3wrEQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 22 Nov 2022 10:36:41 GMT
server: cloudflare
etag: W/"3cff92883b2a388eb567198892ea4468"
vary: Accept-Encoding
x-goog-generation: 1669113400906417
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=dj5Vdg==, md5=PP+SiDsqOI61ZxmIkupEaA==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
x-goog-stored-content-length: 2220657
x-goog-meta-bitmovinplayerversion: 8.98.0
x-robots-tag: noindex
cf-ray: 76f46c64982c9b49-FRA
expires: Thu, 24 Nov 2022 23:06:43 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/ 354 KB
116 KB 207ms
126ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5312870703983241&plah=shehabnews.com&bust=31070924

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5312870703983241

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ae53b07981fd201eb507bed7d8eb2aff2a8d489763ea4b4ff615ab9df9c98c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119226
x-xss-protection: 0
server: cafe
etag: 6715972425412564201
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 24 Nov 2022 19:06:43 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame F93A 10 KB
5 KB 141ms
40ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5312870703983241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shehabnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11398
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 15:56:45 GMT
etag: 10353107486223812946
expires: Thu, 08 Dec 2022 15:56:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-61051ba460e3ec5a/ 1 KB
707 B 24ms
17ms Script
application/javascript 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-61051ba460e3ec5a/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-122.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c4e23140ff4396d69e410f2ddbeac0ae2bf0b38c862849ca9813547c5c99b6c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:43 GMT
content-encoding: gzip
etag: -1371810686--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=18, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 530

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 180ms
143ms Script
application/javascript 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=637fc0c3cd4128ca&bkl=0&bl=1&pdt=190&sid=637fc0c3cd4128ca&pub=ra-61051ba460e3ec5a&rev=v8.28.8-wp&ln=ar&pc=men&cb=0&ab=-&dp=shehabnews.com&fp=post%2F111571%2F%25D8%25A8%25D8%25A7%25D9%2584%25D9%2581%25D9%258A%25D8%25AF%25D9%258A%25D9%2588-%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B1%25D8%25A7%25D8%25A9-%25D8%25A7%25D9%2584%25D8%25A8%25D8%25B1%25D8%25A7%25D8%25B2%25D9%258A%25D9%2584-%25D8%25B6%25D8%25AF-%25D8%25B5%25D8%25B1%25D8%25A8%25D9%258A%25D8%25A7-%25D8%25A8%25D8%25AB-%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B4%25D8%25B1-%25D9&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7%2C%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84%2C%D9%83%D8%A3%D8%B3%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%2C%D9%85%D9%88%D9%86%D8%AF%D9%8A%D8%A7%D9%84%20%D9%82%D8%B7%D8%B1%2C%D9%83%D8%A3%D8%B3%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%2C%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84%20%D8%B6%D8%AF%20%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7%2C%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7%20%D8%B6%D8%AF%20%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84%2C%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84%20%D9%88%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7%2C%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9%20%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84%20%D9%88%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7%2C%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9%20%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84%20%D8%B6%D8%AF%20%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7%2C%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84%20%D8%B6%D8%AF%20%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1&colc=1669316803412&jsl=129&uvs=637fc0c368dc792e000&skipb=1&callback=addthis.cbs.jsonp__63951278833714960
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-122.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fbfc674d967b7348e7b3a28b8d71576dff73133a3cc21280207348a33a29ec02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 19:06:43 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 2907 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame A9A8 71 KB
26 KB 11ms
11ms Document
text/html 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-236-122.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://shehabnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Thu, 24 Nov 2022 19:06:43 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 client.ar.min.json Show response
s7.addthis.com/l10n/ 4 KB
2 KB 46ms
17ms XHR
application/json 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.ar.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-236-122.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

72d2367dc35967c758f93deefb69e76a1cfed9be0dcab06fc8ae2bf8d37bc879

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 24 Nov 2022 19:06:43 GMT
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
etag: W/"5d77be05-11fd"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 1925

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 77C7 15 KB
16 KB 138ms
41ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5VtrmK81NG4?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 11:55:05 GMT
x-content-type-options: nosniff
age: 544298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 11:55:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 77C7 15 KB
15 KB 146ms
50ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5VtrmK81NG4?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 247524
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 22:21:19 GMT

GET
H2 503 manifest(format=m3u8-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/ Frame DC02 27 B
141 B 77ms
15ms XHR
text/html 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/manifest(format=m3u8-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

6468ac9f9bca964f3910fc967b80781c1c8634300e36f95ae49056d91a2734bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 24 Nov 2022 19:06:43 GMT
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
content-length: 27
content-type: text/html

GET
H2 503 manifest(format=m3u8-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/ Frame FFB9 27 B
61 B 67ms
15ms XHR
text/html 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/manifest(format=m3u8-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

6468ac9f9bca964f3910fc967b80781c1c8634300e36f95ae49056d91a2734bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 24 Nov 2022 19:06:43 GMT
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
content-length: 27
content-type: text/html

GET
H3 200 bein-2.html Show response
yalla-shoot-fawry.com/live/ Frame 3255 273 B
722 B 132ms
88ms Document
text/html 2606:4700:3036::ac43:bda6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yalla-shoot-fawry.com/live/bein-2.html

Requested by

Host: yalla-shoot-fawry.com
URL: https://yalla-shoot-fawry.com/tv/bein-2.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:bda6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e7aa0d4a4190463723e45bf98a6248b758c3d3c6aa7287ae838ec1fe44f200e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yalla-shoot-fawry.com/tv/bein-2.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76f46c6648f2741f-LHR
content-encoding: br
content-type: text/html
date: Thu, 24 Nov 2022 19:06:43 GMT
last-modified: Wed, 23 Nov 2022 17:54:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcjfoj7ZxarS%2FhI8Sq%2BgpfYmtWGPt5XZW6CFEeZMVeexWQrwMZyUrpiqK61%2FHCB1VDkvAv2JWy7tWEb4q37wO8dB1ETOu5EMmaTpn09PDX3tMf8xaKLVep4SWo2EwHQQbMEW3L15ds5KzrO5eWwCKRJw78g%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: HIT
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

GET
H3 200 breaking Show response
shehabnews.com/ 2 B
23 B 55ms
55ms XHR
application/json 34.98.96.165
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://shehabnews.com/breaking?_=1669316803081
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/jquery-3.2.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.96.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 165.96.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 19:06:43 GMT
via: 1.1 google
last-modified: Thu, 24 Nov 2022 19:06:02 GMT
server: Apache
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
access-control-allow-headers: *
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 24 Nov 2022 19:06:43 GMT

GET
H2 200 RLgQnjqLWN5-LcxkRZr1cBTbgVql8nDJpwnrE27mub0.woff2
fonts.gstatic.com/s/cairo/v2/ Frame 73DC 19 KB
19 KB 114ms
100ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v2/RLgQnjqLWN5-LcxkRZr1cBTbgVql8nDJpwnrE27mub0.woff2

Requested by

Host: yalla-shoot-fawry.com
URL: https://yalla-shoot-fawry.com/tv/bein-2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

827e4c5288548b930b54b74447c5e93ce460c584333e1985716917c6e84131cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yalla-shoot-fawry.com/
Origin: https://yalla-shoot-fawry.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 16:36:21 GMT
x-content-type-options: nosniff
age: 268222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19400
x-xss-protection: 0
last-modified: Tue, 10 Oct 2017 23:16:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 16:36:21 GMT

GET
H2 200 box-5e66f98b4ee957db209dc6f63e3d59dd.html Show response
vars.hotjar.com/ Frame 46F1 2 KB
1 KB 38ms
9ms Document
text/html 18.66.147.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3009994.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-29.fra60.r.cloudfront.net

Software

Resource Hash

cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://shehabnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 107797
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 13:10:06 GMT
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-id: sFubRWS65puQFX1oy_dR2KPozVjRS5zSanFXAAI5u7u1LvJMzQptyQ==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H2 204 collect
region1.analytics.google.com/g/ 0
346 B 123ms
38ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-J94WBQNM5V&gtm=2oeb90&_p=1811992265&_gaz=1&cid=655335985.1669316804&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669316803&sct=1&seg=0&dl=https%3A%2F%2Fshehabnews.com%2Fpost%2F111571%2F%25D8%25A8%25D8%25A7%25D9%2584%25D9%2581%25D9%258A%25D8%25AF%25D9%258A%25D9%2588-%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B1%25D8%25A7%25D8%25A9-%25D8%25A7%25D9%2584%25D8%25A8%25D8%25B1%25D8%25A7%25D8%25B2%25D9%258A%25D9%2584-%25D8%25B6%25D8%25AF-%25D8%25B5%25D8%25B1%25D8%25A8%25D9%258A%25D8%25A7-%25D8%25A8%25D8%25AB-%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B4%25D8%25B1-%25D9%2581%25D9%258A-%25D9%2583%25D8%25A3%25D8%25B3-%25D8%25A7%25D9%2584%25D8%25B9%25D8%25A7%25D9%2584%25D9%2585-2022&dt=%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88%20%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9%20%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84%20%D8%B6%D8%AF%20%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D9%81%D9%8A%20%D9%83%D8%A3%D8%B3%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%202022%20%7C%20%D9%88%D9%83%D8%A7%D9%84%D8%A9%20%D8%B4%D9%87%D8%A7%D8%A8%20%D8%A7%D9%84%D8%A5%D8%AE%D8%A8%D8%A7%D8%B1%D9%8A%D8%A9&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J94WBQNM5V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 19:06:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shehabnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
346 B 69ms
18ms Ping
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-J94WBQNM5V&cid=655335985.1669316804&gtm=2oeb90&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J94WBQNM5V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 19:06:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shehabnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 168ms
76ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-J94WBQNM5V&cid=655335985.1669316804&gtm=2oeb90&aip=1&z=1373544501

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 19:06:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 140ms
33ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-169288917-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 17:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6649
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 24 Nov 2022 19:15:54 GMT

GET
H3 200 embed.min.css
earthquakecensus.com/css/ Frame F9C6 1 KB
986 B 70ms
46ms Stylesheet
text/css 172.67.162.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://earthquakecensus.com/css/embed.min.css?v=0.4
Requested by: Host: earthquakecensus.com
URL: https://earthquakecensus.com/embed/8l9tt8qo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c7cf941b4eb9254e850875107ded812b5cf2da9de46f85919561f2a73876257

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/embed/8l9tt8qo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Jun 2022 09:49:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3207
etag: W/"62a1c21c-4f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZ9fTbGnTcPC9LfxC9btIYKfmYzFFbMSPHSrOprbAFlWhzl6MRvObc3cgPcKT%2Fge6l1UvrewloONANrQOug7yqk%2Fph01dK1KrgWVwBxmAqL1D%2Fssyrm2PRXpxPzG3eRz4IE%2FGceXbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 76f46c684db11aff-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
earthquakecensus.com/js/ Frame F9C6 85 KB
31 KB 53ms
29ms Script
application/javascript 172.67.162.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://earthquakecensus.com/js/jquery.min.js
Requested by: Host: earthquakecensus.com
URL: https://earthquakecensus.com/embed/8l9tt8qo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/embed/8l9tt8qo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 09 Nov 2020 18:05:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 840
etag: W/"5fa984ce-15283"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBlrhiei4Equer4mMQonP5fAso3tHPKYlX8DMkbsXnOnR1%2BBoRBr5VfDp%2FhMAWncIgQD8z%2FYgIyopHkFGrsUUlvs5cliV5UJqgQUqFcvtzPHtqgB6j6aYWYsqcAhbioRw7a7u4dw4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 76f46c684da91aff-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 nsns.js Show response
swarm.video/ Frame F9C6 506 KB
128 KB 102ms
58ms Script
application/javascript 2606:4700:3033::ac43:af62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://swarm.video/nsns.js
Requested by: Host: earthquakecensus.com
URL: https://earthquakecensus.com/embed/8l9tt8qo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:af62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3dfed3a9800cc7221ac336a2da595938d815edcbd90cd0d08a09f7b296e14db2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 103341
cf-polished: origSize=519718
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 16 Oct 2022 16:04:04 GMT
server: cloudflare
etag: W/"7ee26-183e189bf03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkJ24rewvuvLMSo5yQS1BY7FUwOTfTZ%2BdYU3fKB8GCrR2kAHldmUxLO5NlgIt7iYs2gsQS9zU8D%2FypZxAE3qX1bVUYfY4bFsY%2BsjaBQfLoFXsrpQEQWLDr2vRyUGSR0GUYiU%2B%2Fu14TGG%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 76f46c686bae1c1d-AMS

GET
H3 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame F9C6 513 KB
139 KB 56ms
38ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: earthquakecensus.com
URL: https://earthquakecensus.com/embed/8l9tt8qo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 27357
x-jsd-version: 0.3.13
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19145-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cjeMjQhormgYGpXew0M6BtBWo6lXXbTMtrIeq5iJBYY6Pq7lL29Tuxzm3bWg0EbRutBCoyrJfqcKEh5pacFVGsObG3DkOOv2zWyjbLQWHvyS3YmLiuzTLOHQpe7BVhDH7cewre3mOKmTWtpMtR4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 76f46c683c4d9bd4-FRA

GET
H2

200

/
widgets.amung.us/draw/ Frame F9C6
Redirect Chain

https://whos.amung.us/cwidget/h6qfsjssi5/000000ffffff.png
https://widgets.amung.us/draw/?w=colored&n=405200&c=000000ffffff&p=left

2 KB
2 KB

39ms
29ms

Image
image/png

2606:4700:10::6816:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=405200&c=000000ffffff&p=left
Requested by: Host: earthquakecensus.com
URL: https://earthquakecensus.com/embed/8l9tt8qo
Protocol: H2
Server: 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a637638c5994cd5d730aaac9a38847579a57a52579f41fcd9a5dab05dabc226

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:44 GMT
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 16:04:54 GMT
server: cloudflare
age: 10910
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2678400
content-disposition: filename=wau-widget.png
cf-ray: 76f46c6abd15b91e-AMS
expires: Fri, 25 Nov 2022 16:04:54 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=405200&c=000000ffffff&p=left
date: Thu, 24 Nov 2022 19:06:44 GMT
cache-control: max-age=295
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76f46c696a85b91e-AMS
content-type: text/html; charset=UTF-8

GET
H2 502 plausible.js
awstats.cloud/js/ Frame F9C6 0
0 3085ms
3037ms Script
text/html 2606:4700:3035::ac43:a822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://awstats.cloud/js/plausible.js
Requested by: Host: earthquakecensus.com
URL: https://earthquakecensus.com/embed/8l9tt8qo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a822 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 bitmovinplayer-ui.css
cdn.bitmovin.com/player/web/8/ Frame 338B 113 KB
14 KB 57ms
56ms Stylesheet
text/css 2606:4700::6810:83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bitmovin.com/player/web/8/bitmovinplayer-ui.css
Requested by: Host: cdn.bitmovin.com
URL: https://cdn.bitmovin.com/player/web/8/bitmovinplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:83a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 062f1443f6ef01d4716b82180b42845873ebd66f9fe35e37997f6732e1a1888a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:44 GMT
content-encoding: br
cf-cache-status: HIT
age: 3063
x-guploader-uploadid: ADPycduGblF-rEIhRjLFAVhUVUz_dJx_3vBumRJqMzS41MEl6q-7BWbuNlS3mP34tPZGk2HgU-69QdPyS-Hky9xavLNmyw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 22 Nov 2022 10:36:39 GMT
server: cloudflare
etag: W/"f6f321893c47600e1422f85591cda89d"
vary: Accept-Encoding
x-goog-generation: 1669113399201640
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=rt+p1g==, md5=9vMhiTxHYA4UIvhVkc2onQ==
access-control-expose-headers: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 115434
x-goog-meta-bitmovinplayerversion: 8.98.0
x-robots-tag: noindex
cf-ray: 76f46c68d9089b49-FRA
expires: Thu, 24 Nov 2022 23:06:43 GMT

GET
H2 200 bitmovinplayer-ui.js Show response
cdn.bitmovin.com/player/web/8/ Frame 338B 235 KB
43 KB 58ms
58ms Script
application/javascript 2606:4700::6810:83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bitmovin.com/player/web/8/bitmovinplayer-ui.js
Requested by: Host: cdn.bitmovin.com
URL: https://cdn.bitmovin.com/player/web/8/bitmovinplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:83a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37ec76f312300e2addbfb9dbccca98f98736f58fa46ee4b2bf2bf13b4a024ef3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:44 GMT
content-encoding: br
cf-cache-status: HIT
age: 3063
x-guploader-uploadid: ADPycdsQwSJTb_U2hfjYHbf0nRBUfWF4cXgAng_dI49LrTIHTRUszx-308jy99gNqSMbQ6iysOKpNFb7lZ_D1nx8NhxWZg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 22 Nov 2022 10:36:39 GMT
server: cloudflare
etag: W/"8f8df7b2535213f2e20d9cf6a329d4b8"
vary: Accept-Encoding
x-goog-generation: 1669113399653945
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=tzOMSQ==, md5=j433slNSE/LiDZz2oynUuA==
access-control-expose-headers: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 240826
x-goog-meta-bitmovinplayerversion: 8.98.0
x-robots-tag: noindex
cf-ray: 76f46c68d9159b49-FRA
expires: Thu, 24 Nov 2022 23:06:43 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 77C7
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

45ms
45ms

XHR
application/json

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5VtrmK81NG4?rel=0

Protocol

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49f5529ef4b30fcca89045567e0074b1b841c40f15f45d083d97126d7a119ee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 24 Nov 2022 19:06:44 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 77C7 29 B
587 B 128ms
37ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:05:09 GMT
x-content-type-options: nosniff
age: 95
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Nov 2022 19:20:09 GMT

GET
H3 200 8l9tt8qo Show response
earthquakecensus.com/embed/ Frame D3E7 35 KB
10 KB 371ms
370ms Document
text/html 172.67.162.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://earthquakecensus.com/embed/8l9tt8qo
Requested by: Host: yalla-shoot-fawry.com
URL: https://yalla-shoot-fawry.com/live/bein-2.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b671461c96b1083a20600cb95b26f3b20b99c36c8158e887e30d4b2b3b38c816

Request headers

Referer: https://yalla-shoot-fawry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76f46c690f2b1aff-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 24 Nov 2022 19:06:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LeLSRH0ENtCD6O1Ki1ZyKedFOf1Tmup8I78fwtyAil3Wd6lArg9ZN%2BtSqKQ3mkPSSJ7JPzB4G1vRCkIMkjV0DakDsSAke4y1uxtvV%2BSy4VGBA76kizf8Hs1M8WgVZs%2FPu%2FrZz1mcOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
700 B 136ms
48ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=shehabnews.com&callback=_gfp_s_&client=ca-pub-5312870703983241&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5312870703983241&plah=shehabnews.com&bust=31070924

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69e74d4da9628070b304beaa75b91c818f6cc6e5ca7c1e23931eb5041f4727aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 158ms
48ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=shehabnews.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 153ms
49ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=shehabnews.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 78ms
78ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fshehabnews.com%2Fpost%2F111571%2F%25D8%25A8%25D8%25A7%25D9%2584%25D9%2581%25D9%258A%25D8%25AF%25D9%258A%25D9%2588-%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B1%25D8%25A7%25D8%25A9-%25D8%25A7%25D9%2584%25D8%25A8%25D8%25B1%25D8%25A7%25D8%25B2%25D9%258A%25D9%2584-%25D8%25B6%25D8%25AF-%25D8%25B5%25D8%25B1%25D8%25A8%25D9%258A%25D8%25A7-%25D8%25A8%25D8%25AB-%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B4%25D8%25B1-%25D9%2581%25D9%258A-%25D9%2583%25D8%25A3%25D8%25B3-%25D8%25A7%25D9%2584%25D8%25B9%25D8%25A7%25D9%2584%25D9%2585-2022&tn=HEADER&cls=main-header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 19:06:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5251 247 KB
66 KB 941ms
914ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312870703983241&output=html&adk=1812271804&adf=3025194257&lmt=1669314219&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fshehabnews.com%2Fpost%2F111571%2F%25D8%25A8%25D8%25A7%25D9%2584%25D9%2581%25D9%258A%25D8%25AF%25D9%258A%25D9%2588-%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B1%25D8%25A7%25D8%25A9-%25D8%25A7%25D9%2584%25D8%25A8%25D8%25B1%25D8%25A7%25D8%25B2%25D9%258A%25D9%2584-%25D8%25B6%25D8%25AF-%25D8%25B5%25D8%25B1%25D8%25A8%25D9%258A%25D8%25A7-%25D8%25A8%25D8%25AB-%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B4%25D8%25B1-%25D9%2581%25D9%258A-%25D9%2583%25D8%25A3%25D8%25B3-%25D8%25A7%25D9%2584%25D8%25B9%25D8%25A7%25D9%2584%25D9%2585-2022&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669316803271&bpp=11&bdt=832&idt=732&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4174715100172&frm=20&pv=2&ga_vid=655335985.1669316804&ga_sid=1669316804&ga_hid=1811992265&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44768832%2C31070924%2C44777948%2C21065725&oid=2&pvsid=2312339259534014&tmod=1163560948&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=754

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7983055b801d63c27037068596cfff2485d1012fc27cb92989a81b21f3dde5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shehabnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 67420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 19:06:44 GMT
expires: Thu, 24 Nov 2022 19:06:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame F9C6 1 KB
396 B 140ms
50ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700

Requested by

Host: earthquakecensus.com
URL: https://earthquakecensus.com/css/embed.min.css?v=0.4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Nov 2022 19:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Nov 2022 18:18:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Nov 2022 19:06:44 GMT

POST
DATA 200
OK truncated Show response
/ Frame 338B 46 B
46 B XHR
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f6e491fc4bfd479bae390c9b720af5ab1d5bc5709ee26358cdb5ecc1a37560

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: text/plain;charset=utf-8

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 133ms
45ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 24 Nov 2022 19:06:44 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 77C7 66 KB
30 KB 137ms
54ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52cc180ee1384f5c541af3495f555598088fbbef28cb0c71203570ba1909355f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 24 Nov 2022 19:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30680
x-xss-protection: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 77C7 0
19 B 48ms
47ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?cpn=PmEHNNa5c3boluFt&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24078244%2C24080738%2C24135310%2C24169501%2C24198080%2C24219381%2C24255163%2C24292955%2C24293803%2C24406605%2C24407200%2C24408610%2C24414162%2C24416291&cl=489849437&seq=1&event=streamingstats&docid=5VtrmK81NG4&cbr=Chrome&cbrver=107.0.5304.110&c=WEB_EMBEDDED_PLAYER&cver=1.20221120.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth::0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/5VtrmK81NG4?rel=0
X-YouTube-Client-Version: 1.20221120.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs1cmloN3FqbXVXbyjCgf-bBg%3D%3D
X-YouTube-Ad-Signals: dt=1669316803926&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C703%2C396&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 19:06:44 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/ Frame 77C7 26 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b63ed4c3792f6acb0b70a6083ad090bbac092cfcf021106be33f5f73690363e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5VtrmK81NG4?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 15:56:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 270624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8297
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 Nov 2023 15:56:20 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 11ms
11ms Script
application/javascript 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-236-122.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 24 Nov 2022 19:06:44 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 41E2 85 KB
31 KB 1044ms
1042ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312870703983241&output=html&h=280&adk=2636393618&adf=1869635714&pi=t.aa~a.1380864147~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1669314219&rafmt=1&to=qs&pwprc=6601389906&format=1140x280&url=https%3A%2F%2Fshehabnews.com%2Fpost%2F111571%2F%25D8%25A8%25D8%25A7%25D9%2584%25D9%2581%25D9%258A%25D8%25AF%25D9%258A%25D9%2588-%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B1%25D8%25A7%25D8%25A9-%25D8%25A7%25D9%2584%25D8%25A8%25D8%25B1%25D8%25A7%25D8%25B2%25D9%258A%25D9%2584-%25D8%25B6%25D8%25AF-%25D8%25B5%25D8%25B1%25D8%25A8%25D9%258A%25D8%25A7-%25D8%25A8%25D8%25AB-%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B4%25D8%25B1-%25D9%2581%25D9%258A-%25D9%2583%25D8%25A3%25D8%25B3-%25D8%25A7%25D9%2584%25D8%25B9%25D8%25A7%25D9%2584%25D9%2585-2022&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669316803282&bpp=2&bdt=843&idt=836&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4174715100172&frm=20&pv=1&ga_vid=655335985.1669316804&ga_sid=1669316804&ga_hid=1811992265&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-970&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44768832%2C31070924%2C44777948%2C21065725&oid=2&pvsid=2312339259534014&tmod=1163560948&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NPKyqT7Zl6&p=https%3A//shehabnews.com&dtd=839

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be798fedc961f27939e2a6a14bd0230d3fed57588cfb984be3e24c9bfd0d16b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shehabnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 19:06:45 GMT
expires: Thu, 24 Nov 2022 19:06:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 77C7 317 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30aaebfce21aa802531f5ccdebd75099f437a56f09d26013e6332390b281b79e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 110ms
41ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1811992265&t=pageview&_s=1&dl=https%3A%2F%2Fshehabnews.com%2Fpost%2F111571%2F%25D8%25A8%25D8%25A7%25D9%2584%25D9%2581%25D9%258A%25D8%25AF%25D9%258A%25D9%2588-%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B1%25D8%25A7%25D8%25A9-%25D8%25A7%25D9%2584%25D8%25A8%25D8%25B1%25D8%25A7%25D8%25B2%25D9%258A%25D9%2584-%25D8%25B6%25D8%25AF-%25D8%25B5%25D8%25B1%25D8%25A8%25D9%258A%25D8%25A7-%25D8%25A8%25D8%25AB-%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B4%25D8%25B1-%25D9%2581%25D9%258A-%25D9%2583%25D8%25A3%25D8%25B3-%25D8%25A7%25D9%2584%25D8%25B9%25D8%25A7%25D9%2584%25D9%2585-2022&ul=en-us&de=UTF-8&dt=%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88%20%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9%20%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84%20%D8%B6%D8%AF%20%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D9%81%D9%8A%20%D9%83%D8%A3%D8%B3%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%202022%20%7C%20%D9%88%D9%83%D8%A7%D9%84%D8%A9%20%D8%B4%D9%87%D8%A7%D8%A8%20%D8%A7%D9%84%D8%A5%D8%AE%D8%A8%D8%A7%D8%B1%D9%8A%D8%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1002371449&gjid=2006197094&cid=655335985.1669316804&tid=UA-169288917-1&_gid=2110210366.1669316804&_r=1&gtm=2oub90&z=1789352568

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shehabnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 19:06:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shehabnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 503 manifest(format=m3u8-cmaf).m3u8 Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/ Frame 338B 27 B
61 B 15ms
14ms XHR
text/html 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/manifest(format=m3u8-cmaf).m3u8

Requested by

Host: cdn.bitmovin.com
URL: https://cdn.bitmovin.com/player/web/8/bitmovinplayer.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

6468ac9f9bca964f3910fc967b80781c1c8634300e36f95ae49056d91a2734bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 24 Nov 2022 19:06:43 GMT
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
content-length: 27
content-type: text/html

GET
H2 204 3009994 Show response
vc.hotjar.io/sessions/ 0
257 B 75ms
37ms XHR
text/plain 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/3009994?s=0.25&r=0.007594637272509974
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e1bdbadbcc63daea6270.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:44 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: QPslpyqacYh7g9LLlKBe3RFu7_sogcKzK1s_Ev7g_S7vKmdlcNJqGw==

GET
DATA 200
OK truncated
/ Frame 338B 862 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4650a3a498d83e1aa89e8edf7a23a119b9829fb0a8e752586a0d5fb1c50bdb5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 338B 704 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e2dfffbffa48cd06089d246e3091e6d3e514445b56291994187f7c7f24e781a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 338B 564 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7321ff71dae3ca52b4e2dce02a95d3fdfabdb41d9f48bb8be1c5af8d8dcd3d9b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 338B 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11e2214aefe3c99f89d73ee55785d72d2e8f007e8e821307fc4fae18ec257b86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 338B 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b1396e60a8fdaad7d753a3dfe6887c6a5d53dc23efa63773fbdf4f3473ea138

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 338B 776 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93ceb4f2482a266ca851186a9123c5e58f1dbaedb611ff07362ab8670c457170

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 338B 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb8a3b23f2cfb344ca84f11444c4d2ad39ebc5e79ad1f5329361b8590235f324

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 159.1c3fceccbc80f2a3615f.js Show response
s7.addthis.com/static/ 564 B
634 B 18ms
17ms Script
application/javascript 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-236-122.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

c02d2e4ee660f561338f717a6dc83745ea23c4ad356a57bdfee60c3643b25b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 24 Nov 2022 19:06:44 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-234"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 394

GET
H2 200 195.461912c47007775093ae.js Show response
s7.addthis.com/static/ 384 B
538 B 17ms
17ms Script
application/javascript 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/195.461912c47007775093ae.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-236-122.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b4fbd6cf87898b005b09546b1c4e82654918b11e5f64ccb8fc32ea0a04e237a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 24 Nov 2022 19:06:44 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-180"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 298

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
520 B 28ms
14ms XHR
application/json 23.35.236.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fshehabnews.com%2Fpost%2F111571%2F%25D8%25A8%25D8%25A7%25D9%2584%25D9%2581%25D9%258A%25D8%25AF%25D9%258A%25D9%2588-%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B1%25D8%25A7%25D8%25A9-%25D8%25A7%25D9%2584%25D8%25A8%25D8%25B1%25D8%25A7%25D8%25B2%25D9%258A%25D9%2584-%25D8%25B6%25D8%25AF-%25D8%25B5%25D8%25B1%25D8%25A8%25D9%258A%25D8%25A7-%25D8%25A8%25D8%25AB-%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B4%25D8%25B1-%25D9%2581%25D9%258A-%25D9%2583%25D8%25A3%25D8%25B3-%25D8%25A7%25D9%2584%25D8%25B9%25D8%25A7%25D9%2584%25D9%2585-2022

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.236.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-236-122.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://shehabnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
date: Thu, 24 Nov 2022 19:06:44 GMT
surrogate-key: sFbt=https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
last-modified: Thu, 24 Nov 2022 18:00:00 GMT
server: nginx/1.15.8
content-type: application/json
access-control-allow-origin: https://shehabnews.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 bootstrap.js Show response
cdnondemand.org/script/ Frame F9C6 98 KB
33 KB 74ms
30ms Script
application/javascript 2606:4700::6810:a710
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnondemand.org/script/bootstrap.js
Requested by: Host: earthquakecensus.com
URL: https://earthquakecensus.com/embed/8l9tt8qo
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a710 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab1897b374e76000c289e1491e74d94e2a30584f4388b57b6b3ec8dab467ee2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 230
x-guploader-uploadid: ADPycdvY2scTWiZbvmSv0ckeB_a2MT18JxM0p72oTZiO8KzlWfJAiXL2grliTFHnlT2LDaMb97izRJPo604c6TNAjnVSxw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Wed, 23 Nov 2022 08:16:16 GMT
server: cloudflare
etag: W/"58a3706369493493b3ca003a227b6fa6"
vary: Accept-Encoding
x-goog-hash: crc32c=mktFgA==, md5=WKNwY2lJNJOzygA6Intvpg==
x-goog-generation: 1669191375948071
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 100584
cf-ray: 76f46c6bcd689110-FRA
expires: Thu, 24 Nov 2022 23:06:44 GMT

GET
H3 200 deb.html Show response
earthquakecensus.com/ Frame 70A8 25 KB
6 KB 86ms
86ms Document
text/html 172.67.162.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://earthquakecensus.com/deb.html
Requested by: Host: earthquakecensus.com
URL: https://earthquakecensus.com/embed/8l9tt8qo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b184888665b6cb9e154760bae131eaf01c140197506afd50abcbe98dc9d9438f

Request headers

Referer: https://earthquakecensus.com/embed/8l9tt8qo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76f46c6b9bc61aff-AMS
content-encoding: br
content-type: text/html
date: Thu, 24 Nov 2022 19:06:44 GMT
last-modified: Sat, 18 Jun 2022 16:00:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IG6t3D7ZLjfg8UnISmJxpt3ecfLAlXyiggabrax%2F8xggNVfR6LpOgqPk%2Fa0E%2BHq6axPy1YRB2e2oHQ9UDpxYTUlZ%2B4a0f3stvwnTXHKhAj891vrC7e%2BK8wGIIRtMkpk0LuLDnqM4bA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame F9C6 23 KB
23 KB 121ms
41ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://earthquakecensus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 179970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 17:07:14 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 77C7 90 B
134 B 52ms
51ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ae30bd23241d6874ea48a68f3b4fd44a883a6248f939465f91c85f9a91f7c07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 24 Nov 2022 19:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 48ms
48ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 24 Nov 2022 19:06:44 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 embed.min.css
earthquakecensus.com/css/ Frame D3E7 1 KB
984 B 34ms
34ms Stylesheet
text/css 172.67.162.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://earthquakecensus.com/css/embed.min.css?v=0.4
Requested by: Host: earthquakecensus.com
URL: https://earthquakecensus.com/embed/8l9tt8qo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c7cf941b4eb9254e850875107ded812b5cf2da9de46f85919561f2a73876257

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/embed/8l9tt8qo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Jun 2022 09:49:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3208
etag: W/"62a1c21c-4f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRibVOd5QR4c0NIV1XkIKwz4B6tsA8%2BSmpZZGsn6cqsQ1j1ZgP0hbvupEeTSjYxNifyOKiGZxLS5e4QYMUyKQCARvBnb8HOZsM4ZATeW4BOKMVLcliBV7cFyP%2Btcp0hXAlIgTsNTkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 76f46c6c3cea1aff-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
earthquakecensus.com/js/ Frame D3E7 85 KB
31 KB 39ms
38ms Script
application/javascript 172.67.162.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://earthquakecensus.com/js/jquery.min.js
Requested by: Host: earthquakecensus.com
URL: https://earthquakecensus.com/embed/8l9tt8qo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/embed/8l9tt8qo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 09 Nov 2020 18:05:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 841
etag: W/"5fa984ce-15283"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jm%2Bfhh2hypAhXHxuLOzn1tYS0FfTrbaYiDKBvEYWuP52gAhziALcsS2TNUH%2B9gD4BBBgaNyq1VukdoSjMLsFGc5OxzkuD4B1EAOm30seMBb2Ky531jeM5K7oD90UmST2A%2BwrpkKSyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 76f46c6c3ceb1aff-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 nsns.js Show response
swarm.video/ Frame D3E7 506 KB
128 KB 67ms
44ms Script
application/javascript 2606:4700:3033::ac43:af62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://swarm.video/nsns.js
Requested by: Host: earthquakecensus.com
URL: https://earthquakecensus.com/embed/8l9tt8qo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:af62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3dfed3a9800cc7221ac336a2da595938d815edcbd90cd0d08a09f7b296e14db2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 103342
cf-polished: origSize=519718
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 16 Oct 2022 16:04:21 GMT
server: cloudflare
etag: W/"7ee26-183e189fff7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYmbkadNneMZb0EOytNi20YwptPjFbSFUuk78zaYs5GlYRWBJm%2BIFgKQZLl%2B0kiK1lkg90RopUHTxXu5zw8zaMuE%2BYEoC5wDPF6PB00kfNHIbKb9aPT250yLRRPNapCKodk2Q8m4RAgvag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 76f46c6c5b6bb72b-AMS

GET
H3 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame D3E7 513 KB
139 KB 43ms
42ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: earthquakecensus.com
URL: https://earthquakecensus.com/embed/8l9tt8qo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 27358
x-jsd-version: 0.3.13
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19145-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPtayBqreggmibSZNa3civjTJsX6yzuYOc0g7cOjJMnszfS0eRMk7qyOjLP%2Flml7BLT4pAJmRfLXJE878vVmU%2Bfzwr7O6fgreS62vv7iysnOZDKKFqmTVy3M7DmXWvlk%2Bh3nzwVNHk82T%2FyB7Q8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 76f46c6c3bb69bd4-FRA

GET
H2

200

/
widgets.amung.us/draw/ Frame D3E7
Redirect Chain

https://whos.amung.us/cwidget/h6qfsjssi5/000000ffffff.png
https://widgets.amung.us/draw/?w=colored&n=405200&c=000000ffffff&p=left

2 KB
2 KB

40ms
40ms

Image
image/png

2606:4700:10::6816:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=405200&c=000000ffffff&p=left
Requested by: Host: earthquakecensus.com
URL: https://earthquakecensus.com/embed/8l9tt8qo
Protocol: H2
Server: 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a637638c5994cd5d730aaac9a38847579a57a52579f41fcd9a5dab05dabc226

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:44 GMT
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 16:04:54 GMT
server: cloudflare
age: 10910
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2678400
content-disposition: filename=wau-widget.png
cf-ray: 76f46c6d6a7ab91e-AMS
expires: Fri, 25 Nov 2022 16:04:54 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=405200&c=000000ffffff&p=left
date: Thu, 24 Nov 2022 19:06:44 GMT
cache-control: max-age=295
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76f46c6c789bb91e-AMS
content-type: text/html; charset=UTF-8

GET plausible.js
awstats.cloud/js/ Frame D3E7 0
0

GET
H2 503 manifest(format=m3u8-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/ Frame DC02 27 B
84 B 15ms
14ms XHR
text/html 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/manifest(format=m3u8-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

6468ac9f9bca964f3910fc967b80781c1c8634300e36f95ae49056d91a2734bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 24 Nov 2022 19:06:44 GMT
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
content-length: 27
content-type: text/html

GET
H2 503 manifest(format=m3u8-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/ Frame FFB9 27 B
61 B 15ms
15ms XHR
text/html 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/manifest(format=m3u8-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

6468ac9f9bca964f3910fc967b80781c1c8634300e36f95ae49056d91a2734bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 24 Nov 2022 19:06:44 GMT
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
content-length: 27
content-type: text/html

GET
H3 200 css
fonts.googleapis.com/ Frame D3E7 1 KB
396 B 51ms
50ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700

Requested by

Host: earthquakecensus.com
URL: https://earthquakecensus.com/css/embed.min.css?v=0.4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Nov 2022 19:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Nov 2022 17:43:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Nov 2022 19:06:44 GMT

GET
H2 200 bootstrap.js Show response
nigdom.com/script/ Frame F9C6 98 KB
34 KB 111ms
49ms Script
application/javascript 2606:4700:3030::6815:238b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nigdom.com/script/bootstrap.js
Requested by: Host: earthquakecensus.com
URL: https://earthquakecensus.com/embed/8l9tt8qo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:238b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab1897b374e76000c289e1491e74d94e2a30584f4388b57b6b3ec8dab467ee2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1961
x-guploader-uploadid: ADPycdu9X1qlTnVF2dik4O4yRP1AMtAFKLvALCSX1pz32Ne0rPv-fhA5Ec2xFaNbpp-wTTpTEzBdNWdnLwrPPrLTYlwSPw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 08:16:16 GMT
server: cloudflare
etag: W/"58a3706369493493b3ca003a227b6fa6"
vary: Accept-Encoding
x-goog-hash: crc32c=mktFgA==, md5=WKNwY2lJNJOzygA6Intvpg==
x-goog-generation: 1669191375948071
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FhxoCDwFKAXDzOqSe%2BwtgVJ4bY%2FxobOTjLKEoefsurcf2PzgvUX835lnFc0wicagbClBEGa6Hblw7WQe6qAjU6Z74JKaqxGj8tfZWntcxWJc6LOE3tlijZMoVMkyUnM5yQfapeHQzpbc"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 100584
cf-ray: 76f46c6d1c91c2c3-VIE
expires: Thu, 24 Nov 2022 18:51:15 GMT

GET
H2 200 ut.js Show response
cdnondemand.org/script/ Frame F9C6 70 KB
24 KB 26ms
25ms Script
application/javascript 2606:4700::6810:a710
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnondemand.org/script/ut.js?cb=1669316804599
Requested by: Host: cdnondemand.org
URL: https://cdnondemand.org/script/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a710 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f6ce602bed449940565c8bfea9921659efafc0c5409a8242eda17e6e6554c31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1873
x-guploader-uploadid: ADPycdtsF6dORb567ZowlBPbKjyNFfkxeH0hbghA3PPugX0Gjju4ZAOTEXy7Xy64yZf8ZJJm0jGENoCv_uY5yqN1wT2jPLRCjNHG
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Mon, 29 Aug 2022 11:45:52 GMT
server: cloudflare
etag: W/"c7304eebcb5069f68bd3fa9e74218a36"
vary: Accept-Encoding
x-goog-hash: crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-generation: 1661773552581597
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 71356
cf-ray: 76f46c6ccef99110-FRA
expires: Thu, 24 Nov 2022 23:06:44 GMT

GET
H2 200 suurl4.php Show response
youradexchange.com/script/ Frame F9C6 925 B
880 B 262ms
224ms Fetch
application/json 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/suurl4.php?r=5954546&chmob=?0&cbur=0.5714976752457874&cbiframe=1&cbWidth=703&cbHeight=500&cbtitle=&cbpage=https%3A%2F%2Fkoraarabia.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=cdnondemand.org&aggr=0
Requested by: Host: cdnondemand.org
URL: https://cdnondemand.org/script/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 0efb6837db57d44c79c28ba941a93718c635fb148f2238aeed025e962b762398

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 24 Nov 2022 19:06:44 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

GET
H2 200 08bb0f866d0c322cc1be7ab21baf85cc Show response
app.jubnaadserve.com/api/widget/js/ 27 KB
27 KB 116ms
116ms Script
application/javascript 2600:9000:225e:600:f:259d:3c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.jubnaadserve.com/api/widget/js/08bb0f866d0c322cc1be7ab21baf85cc?jr=1669316804635&rq_p=aHR0cHM6Ly9zaGVoYWJuZXdzLmNvbS9wb3N0LzExMTU3MS8lRDglQTglRDglQTclRDklODQlRDklODElRDklOEElRDglQUYlRDklOEElRDklODgtJUQ5JTg1JUQ4JUI0JUQ4JUE3JUQ5JTg3JUQ4JUFGJUQ4JUE5LSVEOSU4NSVEOCVBOCVEOCVBNyVEOCVCMSVEOCVBNyVEOCVBOS0lRDglQTclRDklODQlRDglQTglRDglQjElRDglQTclRDglQjIlRDklOEElRDklODQtJUQ4JUI2JUQ4JUFGLSVEOCVCNSVEOCVCMSVEOCVBOCVEOSU4QSVEOCVBNy0lRDglQTglRDglQUItJUQ5JTg1JUQ4JUE4JUQ4JUE3JUQ4JUI0JUQ4JUIxLSVEOSU4MSVEOSU4QS0lRDklODMlRDglQTMlRDglQjMtJUQ4JUE3JUQ5JTg0JUQ4JUI5JUQ4JUE3JUQ5JTg0JUQ5JTg1LTIwMjI%253D&rfs=&jbVId=5ae4b5dde1f24dafeeb7ce95cb54c1f8&jbImgF=avif&insights=eyJqYl9wYWdlX3RpdGxlIjoiJUQ4JUE4JUQ4JUE3JUQ5JTg0JUQ5JTgxJUQ5JThBJUQ4JUFGJUQ5JThBJUQ5JTg4JTIwJUQ5JTg1JUQ4JUI0JUQ4JUE3JUQ5JTg3JUQ4JUFGJUQ4JUE5JTIwJUQ5JTg1JUQ4JUE4JUQ4JUE3JUQ4JUIxJUQ4JUE3JUQ4JUE5JTIwJUQ4JUE3JUQ5JTg0JUQ4JUE4JUQ4JUIxJUQ4JUE3JUQ4JUIyJUQ5JThBJUQ5JTg0JTIwJUQ4JUI2JUQ4JUFGJTIwJUQ4JUI1JUQ4JUIxJUQ4JUE4JUQ5JThBJUQ4JUE3JTIwJUQ4JUE4JUQ4JUFCJTIwJUQ5JTg1JUQ4JUE4JUQ4JUE3JUQ4JUI0JUQ4JUIxJTIwJUQ5JTgxJUQ5JThBJTIwJUQ5JTgzJUQ4JUEzJUQ4JUIzJTIwJUQ4JUE3JUQ5JTg0JUQ4JUI5JUQ4JUE3JUQ5JTg0JUQ5JTg1JTIwMjAyMiUyMCU3QyUyMCVEOSU4OCVEOSU4MyVEOCVBNyVEOSU4NCVEOCVBOSUyMCVEOCVCNCVEOSU4NyVEOCVBNyVEOCVBOCUyMCVEOCVBNyVEOSU4NCVEOCVBNSVEOCVBRSVEOCVBOCVEOCVBNyVEOCVCMSVEOSU4QSVEOCVBOSIsImpiX3BhZ2VfaW1hZ2UiOiJodHRwcyUzQSUyRiUyRnNoZWhhYm5ld3MuY29tJTJGdGh1bWIlMkYxMjAweDYzMCUyRnVwbG9hZHMlMkZpbWFnZXMlMkYyMDIyJTJGMTElMkZCZFNFbS5wbmclM0Z2JTNEMSIsImpiX3BhZ2VfZGVzY3JpcHRpb24iOiIlRDglQjElRDglQTclRDglQTglRDglQjclMjAlRDklODUlRDglQjQlRDglQTclRDklODclRDglQUYlRDglQTklMjAlRDklODUlRDglQTglRDglQTclRDglQjElRDglQTclRDglQTklMjAlRDglQTclRDklODQlRDglQTglRDglQjElRDglQTclRDglQjIlRDklOEElRDklODQlMjAlRDklODglRDglQjUlRDglQjElRDglQTglRDklOEElRDglQTclMjAlRDglQTglRDglQUIlMjAlRDklODUlRDglQTglRDglQTclRDglQjQlRDglQjElMjAlRDglQTclRDklODQlRDklOEElRDklODglRDklODUlMjAlRDklODElRDklOEElMjAlRDklODMlRDglQTMlRDglQjMlMjAlRDglQTclRDklODQlRDglQjklRDglQTclRDklODQlRDklODUlMjAlRDklODUlRDklODglRDklODYlRDglQUYlRDklOEElRDglQTclRDklODQlMjAlRDklODIlRDglQjclRDglQjElMjAyMDIyJTIwJUQ5JThBJUQ5JTg0JUQ4JUE3JTIwJUQ4JUI0JUQ5JTg4JUQ4JUFBJTIwJUQ4JUE4JUQ4JUFBJUQ5JTg4JUQ5JTgyJUQ5JThBJUQ4JUFBJTIwJUQ4JUE3JUQ5JTg0JUQ4JUIzJUQ4JUI5JUQ5JTg4JUQ4JUFGJUQ5JThBJUQ4JUE5JTIwJUQ5JTg1JUQ4JUI1JUQ4JUIxJTIwJUQ5JTgxJUQ5JTg0JUQ4JUIzJUQ4JUI3JUQ5JThBJUQ5JTg2JTIwJUQ4JUFBJUQ5JTg4JUQ5JTg2JUQ4JUIzJTIwJUQ4JUE3JUQ5JTg0JUQ5JTg1JUQ4JUJBJUQ4JUIxJUQ4JUE4JTIwJUQ4JUE3JUQ5JTg0JUQ4JUFDJUQ4JUIyJUQ4JUE3JUQ4JUE2JUQ4JUIxJTIwJUQ4JUE3JUQ5JTg0JUQ4JUIzJUQ5JTg4JUQ4JUFGJUQ4JUE3JUQ5JTg2JTIwJUQ4JUFBJUQ4JUIxJUQ5JTgzJUQ5JThBJUQ4JUE3In0%253D&dataId=1669316804635
Requested by: Host: app.jubnaadserve.com
URL: https://app.jubnaadserve.com/api/widget/08bb0f866d0c322cc1be7ab21baf85cc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:600:f:259d:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b031468066ae75b97fe3cad3cfcab1b74177d1146c98cdf831eb4c07e7f96e92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Nov 2022 19:06:44 GMT
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amz-cf-id: wxCxkqZvWvH4uU9kw5vOFlb_GhlGG94JnRFX6G4xaMtg9aCTW09ycg==

GET
H2 200 bootstrap.js Show response
cdnondemand.org/script/ Frame D3E7 98 KB
33 KB 25ms
25ms Script
application/javascript 2606:4700::6810:a710
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnondemand.org/script/bootstrap.js
Requested by: Host: earthquakecensus.com
URL: https://earthquakecensus.com/embed/8l9tt8qo
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a710 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab1897b374e76000c289e1491e74d94e2a30584f4388b57b6b3ec8dab467ee2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 230
x-guploader-uploadid: ADPycdvY2scTWiZbvmSv0ckeB_a2MT18JxM0p72oTZiO8KzlWfJAiXL2grliTFHnlT2LDaMb97izRJPo604c6TNAjnVSxw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Wed, 23 Nov 2022 08:16:16 GMT
server: cloudflare
etag: W/"58a3706369493493b3ca003a227b6fa6"
vary: Accept-Encoding
x-goog-hash: crc32c=mktFgA==, md5=WKNwY2lJNJOzygA6Intvpg==
x-goog-generation: 1669191375948071
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 100584
cf-ray: 76f46c6d2f929110-FRA
expires: Thu, 24 Nov 2022 23:06:44 GMT

GET
H3 200 deb.html Show response
earthquakecensus.com/ Frame 2BB4 25 KB
6 KB 83ms
83ms Document
text/html 172.67.162.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://earthquakecensus.com/deb.html
Requested by: Host: earthquakecensus.com
URL: https://earthquakecensus.com/embed/8l9tt8qo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b184888665b6cb9e154760bae131eaf01c140197506afd50abcbe98dc9d9438f

Request headers

Referer: https://earthquakecensus.com/embed/8l9tt8qo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76f46c6d3ead1aff-AMS
content-encoding: br
content-type: text/html
date: Thu, 24 Nov 2022 19:06:44 GMT
last-modified: Sat, 18 Jun 2022 16:00:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLkWDkF4XxBAHXeicCHBmp5LtRVZuhfASFiR%2FM9yK4bat1Qec6wgy2ao3IKNoUOzzNU8qOM1frOQd4TYJpFUUfYXoFq1Q8ZsuOwKtegUFz4qE4ALtz4iPu%2FM7TCVfFkRDfQ0EOjM3w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame D3E7 23 KB
23 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://earthquakecensus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 179970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 17:07:14 GMT

GET
H2 200 ut.js Show response
cdnondemand.org/script/ Frame D3E7 70 KB
24 KB 37ms
37ms Script
application/javascript 2606:4700::6810:a710
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnondemand.org/script/ut.js?cb=1669316804702
Requested by: Host: cdnondemand.org
URL: https://cdnondemand.org/script/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a710 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f6ce602bed449940565c8bfea9921659efafc0c5409a8242eda17e6e6554c31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1873
x-guploader-uploadid: ADPycdtsF6dORb567ZowlBPbKjyNFfkxeH0hbghA3PPugX0Gjju4ZAOTEXy7Xy64yZf8ZJJm0jGENoCv_uY5yqN1wT2jPLRCjNHG
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Mon, 29 Aug 2022 11:45:52 GMT
server: cloudflare
etag: W/"c7304eebcb5069f68bd3fa9e74218a36"
vary: Accept-Encoding
x-goog-hash: crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-generation: 1661773552581597
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 71356
cf-ray: 76f46c6d6ffa9110-FRA
expires: Thu, 24 Nov 2022 23:06:44 GMT

GET
H2 200 suurl4.php Show response
youradexchange.com/script/ Frame D3E7 957 B
808 B 222ms
222ms Fetch
application/json 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/suurl4.php?r=5954546&chmob=?0&cbur=0.3919020073992452&cbiframe=1&cbWidth=687&cbHeight=444&cbtitle=&cbpage=https%3A%2F%2Fyalla-shoot-fawry.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=cdnondemand.org&aggr=0
Requested by: Host: cdnondemand.org
URL: https://cdnondemand.org/script/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 9d14c7d3f78e67f002aad08a80157565e9e083c4e7bdb11b6880896e4be188eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 24 Nov 2022 19:06:44 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

GET
H2 200 08bb0f866d0c322cc1be7ab21baf85cc
static.jubnaadserve.com/api/widget/css/ 3 KB
4 KB 7ms
7ms Stylesheet
text/css 2600:9000:223c:4400:9:aa8b:700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.jubnaadserve.com/api/widget/css/08bb0f866d0c322cc1be7ab21baf85cc?jv=11191&d=shehabnews.com&m=Desktop
Requested by: Host: app.jubnaadserve.com
URL: https://app.jubnaadserve.com/api/widget/08bb0f866d0c322cc1be7ab21baf85cc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4400:9:aa8b:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c029404e4919e6d5fcb01eaf64e84eda5a49c2b4d0b9911c95af871d7116a49c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Nov 2022 11:58:10 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P2
age: 25714
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-id: 6Thbf8n_ZeuR2KrUjfX-mjktAFcDzUqexS9sbnCZyimENLldwuk1iQ==

GET
H2 200 https%3A%2F%2Fshehabnews.com%2Fthumb%2F1200x630%2Fuploads%2Fimages%2F2022%2F11%2FKlV11.png%3Fv%3D1
images.jubnaadserve.com/image/fetch/f_avif,q_auto,h_312,w_450,c_fill,g_faces:auto,e_sharpen/ 20 KB
21 KB 55ms
8ms Image
image/avif 2600:9000:223d:ae00:c:1fa5:2f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.jubnaadserve.com/image/fetch/f_avif,q_auto,h_312,w_450,c_fill,g_faces:auto,e_sharpen/https%3A%2F%2Fshehabnews.com%2Fthumb%2F1200x630%2Fuploads%2Fimages%2F2022%2F11%2FKlV11.png%3Fv%3D1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:ae00:c:1fa5:2f00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

6f907bc4d8dd3a21d50ab1f925ecebe800fb568ca27712f5f53cd6387469e22c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:06:21 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 68423
x-cache: Hit from cloudfront
content-length: 20651
x-request-id: 41804c689f57578906d4c1d736714913
last-modified: Thu, 24 Nov 2022 00:05:06 GMT
server: Cloudinary
etag: "fe7d3a18f69349fc84a728d5dd7c5614"
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: GCZ_XVV0kKSGZEG-460vWhIuyeMFVEVosj3nHkW1YfBgPdjcHV8kmQ==

GET
H2 200 https%3A%2F%2Fshehabnews.com%2Fthumb%2F1200x630%2Fuploads%2Fimages%2F2022%2F11%2FxUpyQ.png%3Fv%3D1
images.jubnaadserve.com/image/fetch/f_avif,q_auto,h_312,w_450,c_fill,g_faces:auto,e_sharpen/ 10 KB
10 KB 60ms
14ms Image
image/avif 2600:9000:223d:ae00:c:1fa5:2f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.jubnaadserve.com/image/fetch/f_avif,q_auto,h_312,w_450,c_fill,g_faces:auto,e_sharpen/https%3A%2F%2Fshehabnews.com%2Fthumb%2F1200x630%2Fuploads%2Fimages%2F2022%2F11%2FxUpyQ.png%3Fv%3D1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:ae00:c:1fa5:2f00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

f5f6d9d01e6e32d0c69684446ea7880b66deedbb1aa88cd3be1f6222e7a05e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:06:21 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 68423
x-cache: Hit from cloudfront
content-length: 9775
x-request-id: bdbb37351f87c100a1a77a6742185bee
last-modified: Thu, 24 Nov 2022 00:05:09 GMT
server: Cloudinary
etag: "491a4f75cc876efb0c67355668a1dd72"
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: PfeUEgc-mVSBV4DcAj7RxLMgImkBTeXZdn1L7CYURDx7hORPzEMyKQ==

GET
H2 200 https%3A%2F%2Fshehabnews.com%2Fthumb%2F1200x630%2Fuploads%2Fimages%2F2022%2F11%2FnR5sY.png%3Fv%3D1
images.jubnaadserve.com/image/fetch/f_avif,q_auto,h_312,w_450,c_fill,g_faces:auto,e_sharpen/ 8 KB
8 KB 58ms
11ms Image
image/avif 2600:9000:223d:ae00:c:1fa5:2f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.jubnaadserve.com/image/fetch/f_avif,q_auto,h_312,w_450,c_fill,g_faces:auto,e_sharpen/https%3A%2F%2Fshehabnews.com%2Fthumb%2F1200x630%2Fuploads%2Fimages%2F2022%2F11%2FnR5sY.png%3Fv%3D1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:ae00:c:1fa5:2f00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

df361312d57f424efe49ed6e23ef68eb2052457d359126a3add066ba2ea266ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:06:21 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 68423
x-cache: Hit from cloudfront
content-length: 7741
x-request-id: dfdc5fa9721780f75caf9464ade5b9e1
last-modified: Thu, 24 Nov 2022 00:05:05 GMT
server: Cloudinary
etag: "69d8b827ac53b9289fcd5eded2b3f71f"
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: mAHAMsq_h03DobDqtJv0zUwdKb70XCE5bppfwa2UHDii2NdHQCTnyg==

GET
H2 200 https%3A%2F%2Fshehabnews.com%2Fthumb%2F1200x630%2Fuploads%2Fimages%2F2022%2F11%2FeVa48.png%3Fv%3D1
images.jubnaadserve.com/image/fetch/f_avif,q_auto,h_312,w_450,c_fill,g_faces:auto,e_sharpen/ 20 KB
20 KB 62ms
15ms Image
image/avif 2600:9000:223d:ae00:c:1fa5:2f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.jubnaadserve.com/image/fetch/f_avif,q_auto,h_312,w_450,c_fill,g_faces:auto,e_sharpen/https%3A%2F%2Fshehabnews.com%2Fthumb%2F1200x630%2Fuploads%2Fimages%2F2022%2F11%2FeVa48.png%3Fv%3D1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:ae00:c:1fa5:2f00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

5a39be83844562239ac56c31824506046cf0f64c7d566aa374cfff86dd4d3a33

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 00:10:53 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 154551
x-cache: Hit from cloudfront
content-length: 20087
x-request-id: b1f9a3d92bc00a9f3437fa5687a92af1
last-modified: Wed, 23 Nov 2022 00:05:12 GMT
server: Cloudinary
etag: "3a665414a0e465840debc3b3a1259ea3"
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: PymWTR0cHo6G37_BRp59ao6buEaHvbG-Ha7hOEuKWbnfqIJk2wVKlg==

GET
H2 200 https%3A%2F%2Fshehabnews.com%2Fthumb%2F1200x630%2Fuploads%2Fimages%2F2022%2F11%2FWoX8D.jpg%3Fv%3D1
images.jubnaadserve.com/image/fetch/f_avif,q_auto,h_312,w_450,c_fill,g_faces:auto,e_sharpen/ 33 KB
33 KB 61ms
15ms Image
image/avif 2600:9000:223d:ae00:c:1fa5:2f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.jubnaadserve.com/image/fetch/f_avif,q_auto,h_312,w_450,c_fill,g_faces:auto,e_sharpen/https%3A%2F%2Fshehabnews.com%2Fthumb%2F1200x630%2Fuploads%2Fimages%2F2022%2F11%2FWoX8D.jpg%3Fv%3D1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:ae00:c:1fa5:2f00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

906df63dc13f3efb3872d5a23f0cf6ad34b513402cb42e0d8fa1d2b76f8541ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 00:16:38 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 1018206
x-cache: Hit from cloudfront
content-length: 33315
x-request-id: 1b9b1c0c0ec288797b3b987d57b1a3e0
last-modified: Sun, 13 Nov 2022 00:11:26 GMT
server: Cloudinary
etag: "57155712177443e8817e2e2347f3958f"
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: FgTZX3E2Ml0nfitI3izQ7GhNnw30FCdCGl0QRnvPE9S5TJoALjTXFw==

GET
H2 200 https%3A%2F%2Fshehabnews.com%2Fthumb%2F1200x630%2Fuploads%2Fimages%2F2022%2F11%2F1CaN0.png%3Fv%3D1
images.jubnaadserve.com/image/fetch/f_avif,q_auto,h_312,w_450,c_fill,g_faces:auto,e_sharpen/ 52 KB
53 KB 61ms
15ms Image
image/avif 2600:9000:223d:ae00:c:1fa5:2f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.jubnaadserve.com/image/fetch/f_avif,q_auto,h_312,w_450,c_fill,g_faces:auto,e_sharpen/https%3A%2F%2Fshehabnews.com%2Fthumb%2F1200x630%2Fuploads%2Fimages%2F2022%2F11%2F1CaN0.png%3Fv%3D1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:ae00:c:1fa5:2f00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

d4502c979269d27ad38471919a5dd48a3f5b6e328612d47179b713798d31a5c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:12:49 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 240835
x-cache: Hit from cloudfront
content-length: 53366
last-modified: Tue, 22 Nov 2022 00:03:58 GMT
server: Cloudinary
etag: "b1faa84b7cd09a541592a7b47740e03a"
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: bgD6xMt5woPrIbZT_OI-x0W06020_Q3ktMCqGRC2JO8CHzV-bqogtQ==

GET
H2 200 https%3A%2F%2Fshehabnews.com%2Fthumb%2F1200x630%2Fuploads%2Fimages%2F2022%2F11%2FGLVWg.png%3Fv%3D1
images.jubnaadserve.com/image/fetch/f_avif,q_auto,h_312,w_450,c_fill,g_faces:auto,e_sharpen/ 29 KB
29 KB 21ms
21ms Image
image/avif 2600:9000:223d:ae00:c:1fa5:2f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.jubnaadserve.com/image/fetch/f_avif,q_auto,h_312,w_450,c_fill,g_faces:auto,e_sharpen/https%3A%2F%2Fshehabnews.com%2Fthumb%2F1200x630%2Fuploads%2Fimages%2F2022%2F11%2FGLVWg.png%3Fv%3D1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:ae00:c:1fa5:2f00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

cf89b17e858888ac03c9aeb6aeb2c991a8adf48356d82f9acb1ec34d4280f3e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 00:10:53 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 154551
x-cache: Hit from cloudfront
content-length: 29528
x-request-id: b27cfc6c3a001878b4548b9465ed8b95
last-modified: Wed, 23 Nov 2022 00:05:14 GMT
server: Cloudinary
etag: "ae3ee9a3b994fb250a7e6f1148df0485"
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: r1mMxsq-P32Xzb8k3oOyCc36tzga4833Jr4dG3ve4s4PwEEN5CR8WQ==

GET
H2 200 jb_credit_icn_rcmby_adc_ar.png
cdn.jubnaadserve.com/images/jubna-ads-logo/icons/ 2 KB
2 KB 8ms
7ms Image
image/png 2600:9000:225e:4c00:1e:aead:3c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jubnaadserve.com/images/jubna-ads-logo/icons/jb_credit_icn_rcmby_adc_ar.png
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:4c00:1e:aead:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce5e19b792353885bb816ee8c50c953cc3f24ccacb1f0b71b3500cdb0fc95f9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 03:26:44 GMT
via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
last-modified: Wed, 30 Jun 2021 08:57:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 8350801
etag: "2b62215a09654198c818de682640e251"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1592
x-amz-cf-id: vWUXd5UeB96K1k5mLrBKmnw6c3aEqdFZt83K2X6-pMOPmpqUPnCOAA==

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/ 150 KB
51 KB 93ms
92ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/reactive_library_fy2021.js?bust=31070924

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d3d347d1f287357f3a7a22ee99ca3e70d25f0310d8173acd4e07c95bdc15f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52281
x-xss-protection: 0
server: cafe
etag: 9580050816700618818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Nov 2022 19:06:45 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 123ms
47ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=shehabnews.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 123ms
46ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=shehabnews.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shehabnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame CE0F 10 KB
4 KB 39ms
37ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shehabnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30168
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 10:43:57 GMT
etag: 10353107486223812946
expires: Thu, 08 Dec 2022 10:43:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame F418 10 KB
4 KB 38ms
37ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shehabnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30168
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 10:43:57 GMT
etag: 10353107486223812946
expires: Thu, 08 Dec 2022 10:43:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 41E2 6 KB
672 B 51ms
49ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312870703983241&output=html&h=280&adk=2636393618&adf=1869635714&pi=t.aa~a.1380864147~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1669314219&rafmt=1&to=qs&pwprc=6601389906&format=1140x280&url=https%3A%2F%2Fshehabnews.com%2Fpost%2F111571%2F%25D8%25A8%25D8%25A7%25D9%2584%25D9%2581%25D9%258A%25D8%25AF%25D9%258A%25D9%2588-%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B1%25D8%25A7%25D8%25A9-%25D8%25A7%25D9%2584%25D8%25A8%25D8%25B1%25D8%25A7%25D8%25B2%25D9%258A%25D9%2584-%25D8%25B6%25D8%25AF-%25D8%25B5%25D8%25B1%25D8%25A8%25D9%258A%25D8%25A7-%25D8%25A8%25D8%25AB-%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B4%25D8%25B1-%25D9%2581%25D9%258A-%25D9%2583%25D8%25A3%25D8%25B3-%25D8%25A7%25D9%2584%25D8%25B9%25D8%25A7%25D9%2584%25D9%2585-2022&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669316803282&bpp=2&bdt=843&idt=836&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4174715100172&frm=20&pv=1&ga_vid=655335985.1669316804&ga_sid=1669316804&ga_hid=1811992265&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-970&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44768832%2C31070924%2C44777948%2C21065725&oid=2&pvsid=2312339259534014&tmod=1163560948&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NPKyqT7Zl6&p=https%3A//shehabnews.com&dtd=839

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Nov 2022 19:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Nov 2022 17:48:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Nov 2022 19:06:45 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 41E2 2 KB
818 B 200ms
86ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 11:55:15 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 41E2 23 KB
10 KB 149ms
36ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 11:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 11:28:37 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 41E2 3 KB
1 KB 222ms
116ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 18:58:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 18:58:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 41E2 18 KB
7 KB 155ms
42ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:34:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 16:34:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 41E2 154 KB
48 KB 186ms
73ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 19:06:45 GMT

GET
H2 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame 41E2 34 KB
14 KB 139ms
34ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 15:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 15:56:11 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 41E2 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CS1mixMB_Y7zVEvWIid4P5uqRuA-gruXBbanrjrf4EIiU-IezAhABIKCupi1gleKQgqAHoAHggfD4KMgBCakCmCP7z1x3sT6oAwHIA8sEqgTZA0_QprvYm1JWpQ2iDUwsOY3d-8lGJWiotadhB-7-SQHqpA7ig3G5Q-_tH_Wn-TQ_cI9X-xrQ4_IiMIjsjX45UzkQ0uRx8ofQmbjGVyxXWQtb3w-ncJIgsJDbi74v_IelejRhvqKH2sSCJyMloN_RX3E2Q5cxHOPLLWI6NffePq6L1JQqe5Bzf9xLa92USxucW8tK_zmtGckSh4bDHhIjMUo7JM0SDCo1nnmXSeg3OZ7g-pT3cxcI8rBhleL_FmeUIF08KUKJH-vfX7DVmC5u-yrjXE7PkXsVipsiiEG_sE0ezjf6y8klB5p1brjfUuvpsZCIT7pieQBLk2lGEZ66LRJQ3OK0dlKC5o7I6riH8It84VI-DbMqPEcSGbBTqfimyPGTncu9aAZLljnmm__Bqj4Lu5z2zkWx9N-hX-ahM0IwOmfgSig3YjmW3w3kizDRY0BXghAs_EdA6XJuDWASLaLEvEO3jA-feZE9WNPuItfv_MHEQ8WJBYAkFwDv_ZSyXwmyw1PY09oxI9QbiSqITIDihDpcMFV44wZMn-wt_lQX7KOv6nOncAXqT7BVRJ1yYg2zuzSSaeKIbdVDZjUsnpP24hkxHNpU3IAXfxNzW3gay8KUXKZnJ2bawASaovCoggSSBQQIBBgBkgUECAUYBKAGLoAH4LnA2AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDp4AbSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEw2IFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNTMxMjg3MDcwMzk4MzI0MRgA&sigh=OCMl-wG6P8o&uach_m=[UACH]&cid=CAQSGwDq26N9S10XtIrjVovCV0BN57RAEveWCGONchgBIBM&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312870703983241&output=html&h=280&adk=2636393618&adf=1869635714&pi=t.aa~a.1380864147~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1669314219&rafmt=1&to=qs&pwprc=6601389906&format=1140x280&url=https%3A%2F%2Fshehabnews.com%2Fpost%2F111571%2F%25D8%25A8%25D8%25A7%25D9%2584%25D9%2581%25D9%258A%25D8%25AF%25D9%258A%25D9%2588-%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B1%25D8%25A7%25D8%25A9-%25D8%25A7%25D9%2584%25D8%25A8%25D8%25B1%25D8%25A7%25D8%25B2%25D9%258A%25D9%2584-%25D8%25B6%25D8%25AF-%25D8%25B5%25D8%25B1%25D8%25A8%25D9%258A%25D8%25A7-%25D8%25A8%25D8%25AB-%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B4%25D8%25B1-%25D9%2581%25D9%258A-%25D9%2583%25D8%25A3%25D8%25B3-%25D8%25A7%25D9%2584%25D8%25B9%25D8%25A7%25D9%2584%25D9%2585-2022&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669316803282&bpp=2&bdt=843&idt=836&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4174715100172&frm=20&pv=1&ga_vid=655335985.1669316804&ga_sid=1669316804&ga_hid=1811992265&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-970&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44768832%2C31070924%2C44777948%2C21065725&oid=2&pvsid=2312339259534014&tmod=1163560948&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NPKyqT7Zl6&p=https%3A//shehabnews.com&dtd=839
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 24 Nov 2022 19:06:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 24 Nov 2022 19:06:45 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16466493746143053049/ Frame 41E2 16 KB
17 KB 193ms
92ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16466493746143053049/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed71d47801ba353bcd5cc58d8a4ca47ded2bba6a8c004bfae45f771e653c34bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 04:48:33 GMT
x-content-type-options: nosniff
age: 569892
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16883
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 09:31:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 18 Nov 2023 04:48:33 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame CE0F 4 KB
636 B 59ms
59ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Nov 2022 19:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Nov 2022 17:29:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Nov 2022 19:06:45 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CE0F 205 B
294 B 113ms
46ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 18:52:27 GMT
x-content-type-options: nosniff
age: 858
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 24 Nov 2023 18:52:27 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CE0F 604 B
917 B 110ms
44ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:02:44 GMT
x-content-type-options: nosniff
age: 241
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 24 Nov 2023 19:02:44 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame CE0F 19 KB
8 KB 116ms
49ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8086
x-xss-protection: 0
server: cafe
etag: 7427986489964165156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 11:55:15 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F418 0
0 83ms
83ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMMwqxMB_Y9HsBZngZ8zKh8gJpuDR32zd56LKxA-n-NO-ji8QASCgrqYtYJXikIKgB6ABpN2aiwPIAQKoAwHIA8kEqgS8A0_Q6Tu-JtVyrAZojJfqDFj_ZoZsDd7chjqseyMTpX6uw3DKdUBLPEaBvzkLFQp69U3P82wQcuq39sD_EilnlbOeKZ_e4dc9COBuaIV-HwJk-pqi5y-jVunxR7blTJAsnXq5iV7xEMMhwzsLSq0jKLfoIB4Ia7kUvy54HBR6OAswr8zaKoDo_NypGQAnsNOkJu3dQzTDTwPvDceCXjPo8aLw8oMZAo2dHvnoLwa3_GNYeD44lF6FNmAsDvusL3dFphl828K_cIKb2uEr4Q24ivQI5oCJB4Fwy7ISylkfiflVM7c0PjyO8HuV6prBS8xlmJ3eTa8pR_IQf5HSewL59rgpYQQtxvx5bXZKLGcarWICgOhUGqbzjOk1Ha6SWN90gX33JwLOvMWtrkoA08TcfM0Sf1tf5ldBa-q1KyQ_X3F90svcVkcGh3lX_lXV29eNgF4DeoYS5BAeqTHKuzHt44Xlz6Mv-XmRiqz7YUI4mIQDy0s4378uS9P9dlb2yq5I9CoyBaKeK_SYImQx1MpTnizzN3hLez7SJWZch0MOQRKixhAnr0NG21LcRdkjNW23ivYd1hjPMyFoaU1nPsAEof3cqO4DkgUECAQYAZIFBAgFGASgBgKAB8Si5XSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCPowLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi01MzEyODcwNzAzOTgzMjQxGAA&sigh=_3vE7PObF4E&uach_m=[UACH]&cid=CAQSGwDq26N9D3B3OFw358vIqj6VzXC2RWe8PEuS9hgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 24 Nov 2022 19:06:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 24 Nov 2022 19:06:45 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame F418 23 KB
9 KB 134ms
75ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 11:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 11:28:37 GMT

GET
H2 200 2384088834180617703
tpc.googlesyndication.com/simgad/ Frame F418 4 KB
4 KB 146ms
88ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2384088834180617703?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qklUJ8wGLDDvr60gVnEQwn4y1E9ng

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e370fecce4e39a2960185acf1482babf68aface4bcb853ffcc2317908250cba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 05:45:54 GMT
x-content-type-options: nosniff
age: 134451
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4062
x-xss-protection: 0
last-modified: Wed, 20 Jan 2021 02:11:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 23 Nov 2023 05:45:54 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F418 3 KB
1 KB 175ms
117ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 18:58:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 18:58:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F418 18 KB
7 KB 139ms
81ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:34:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 16:34:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F418 154 KB
47 KB 190ms
132ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 19:06:45 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F418 34 KB
13 KB 161ms
104ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac67eba217cc24846f0d650dbf24e7e1f96928839f20a70ddeba99bfa284ca23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 17:43:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5024
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: cafe
etag: 7011066814545187240
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 17:43:01 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C683 8 KB
895 B 52ms
50ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Nov 2022 19:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Nov 2022 17:25:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Nov 2022 19:06:45 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C683 2 KB
765 B 125ms
40ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 11:55:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame C683 23 KB
9 KB 127ms
46ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 11:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 11:28:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C683 3 KB
1 KB 134ms
55ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 18:58:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 18:58:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C683 18 KB
7 KB 119ms
41ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:34:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 16:34:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C683 154 KB
47 KB 95ms
91ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 19:06:45 GMT

GET
H3 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame C683 34 KB
14 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 15:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 15:56:11 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A73E 143 B
166 B 38ms
37ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2281
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 18:28:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 41E2 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b4eecc0fc56986c7ab5b803b57f774f30616b6cbefb29fc917cc0d23d62cdb1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F418 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 914ec05342f413e7668616e18cd05a636c0ceafc3b1d77726ea75d28a0d486d8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 41E2 15 KB
16 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 267713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 16:44:52 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 41E2 15 KB
15 KB 54ms
54ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 512761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 20:40:44 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 41E2 15 KB
15 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 602670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 19:42:15 GMT

GET
H2 503 manifest(format=m3u8-cmaf).m3u8 Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/ Frame 338B 27 B
84 B 15ms
14ms XHR
text/html 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/manifest(format=m3u8-cmaf).m3u8

Requested by

Host: cdn.bitmovin.com
URL: https://cdn.bitmovin.com/player/web/8/bitmovinplayer.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

6468ac9f9bca964f3910fc967b80781c1c8634300e36f95ae49056d91a2734bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 24 Nov 2022 19:06:45 GMT
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
content-length: 27
content-type: text/html

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E1A4 143 B
166 B 37ms
37ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2281
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 18:28:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A73E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

52ms
51ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 19:06:45 GMT
expires: Thu, 24 Nov 2022 19:06:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 19:06:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5071 36 KB
16 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 18:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 18:58:29 GMT

GET
H3 200 M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response
pagead2.googlesyndication.com/bg/ Frame 3827 36 KB
16 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 18:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 18:58:29 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E1A4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

51ms
50ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 19:06:45 GMT
expires: Thu, 24 Nov 2022 19:06:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 19:06:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response
pagead2.googlesyndication.com/bg/ Frame FF61 36 KB
16 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 18:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 18:58:29 GMT

GET
H2 503 manifest(format=m3u8-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/ Frame DC02 27 B
61 B 35ms
33ms XHR
text/html 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/manifest(format=m3u8-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

6468ac9f9bca964f3910fc967b80781c1c8634300e36f95ae49056d91a2734bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 24 Nov 2022 19:06:45 GMT
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
content-length: 27
content-type: text/html

GET
H2 503 manifest(format=m3u8-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/ Frame FFB9 27 B
61 B 37ms
36ms XHR
text/html 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/manifest(format=m3u8-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

6468ac9f9bca964f3910fc967b80781c1c8634300e36f95ae49056d91a2734bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 24 Nov 2022 19:06:45 GMT
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
content-length: 27
content-type: text/html

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 77C7 28 B
54 B 56ms
55ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-Goog-Request-Time: 1669316806426
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/5VtrmK81NG4?rel=0
X-YouTube-Client-Version: 1.20221120.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs1cmloN3FqbXVXbyjCgf-bBg%3D%3D
X-YouTube-Ad-Signals: dt=1669316803828&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C703%2C396&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 24 Nov 2022 19:06:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 24 Nov 2022 19:06:46 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F418 42 B
64 B 160ms
76ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstO961gOhlxF4d9SRjLZIUqQSuau5N9v3l-4325WDLL88BSIF_qrz8fZgOgD_kkpjt4UopQ24P9U7kScoRn1-EdEG569sqvyr1SIwDMLdtJfi7rD3coFsvc4O6nWn8v5tnqoqBJHg&sai=AMfl-YRUgkDtAbLQTZ4na-D7mWgGOfIedCupPKdxhVNlc2UidiSDLn0XfMr1sieU9XrjOl0LB0i8o6kKXxhSakc&sig=Cg0ArKJSzOi7A8bFXl5VEAE&cid=CAQSGwDq26N9D3B3OFw358vIqj6VzXC2RWe8PEuS9hgBIBM&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=132,739,1000,1064,1064&tos=132,607,261,64,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669316805176&rpt=345&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 19:06:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 77C7 28 B
54 B 54ms
53ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-Goog-Request-Time: 1669316806618
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/5VtrmK81NG4?rel=0
X-YouTube-Client-Version: 1.20221120.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs1cmloN3FqbXVXbyjCgf-bBg%3D%3D
X-YouTube-Ad-Signals: dt=1669316803828&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C703%2C396&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 24 Nov 2022 19:06:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 24 Nov 2022 19:06:46 GMT

GET
H2 503 manifest(format=m3u8-cmaf).m3u8 Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/ Frame 338B 27 B
84 B 16ms
15ms XHR
text/html 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/manifest(format=m3u8-cmaf).m3u8

Requested by

Host: cdn.bitmovin.com
URL: https://cdn.bitmovin.com/player/web/8/bitmovinplayer.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

6468ac9f9bca964f3910fc967b80781c1c8634300e36f95ae49056d91a2734bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 24 Nov 2022 19:06:46 GMT
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
content-length: 27
content-type: text/html

GET
H/1.1 200
OK 8l9tt8qo.m3u8 Show response
ceahiqnkwcwo.cdnexpress59.net/hls/ Frame F9C6 836 B
1 KB 57ms
14ms XHR
application/vnd.apple.mpegurl 45.154.206.74
K4X

General

Check archive.org

Show headers Download Go to

Full URL: https://ceahiqnkwcwo.cdnexpress59.net:8443/hls/8l9tt8qo.m3u8?s=9zRuUQjdCftwKysiqL6aHw&e=1669338403
Requested by: Host: swarm.video
URL: https://swarm.video/nsns.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.154.206.74 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: dd09e92e6746b32f1f655d9628fe1791d3c526591accb9492b831eba1e57aa37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 24 Nov 2022 19:06:47 GMT
Last-Modified: Thu, 24 Nov 2022 19:06:42 GMT
Server: nginx/1.18.0
ETag: "637fc0c2-344"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Range
Content-Length: 836

GET
H/1.1 200
OK 8l9tt8qo.m3u8 Show response
ceahiqnkwcwo.cdnexpress59.net/hls/ Frame F9C6 836 B
1 KB 14ms
14ms XHR
application/vnd.apple.mpegurl 45.154.206.74
K4X

General

Check archive.org

Show headers Download Go to

Full URL: https://ceahiqnkwcwo.cdnexpress59.net:8443/hls/8l9tt8qo.m3u8?s=9zRuUQjdCftwKysiqL6aHw&e=1669338403
Requested by: Host: swarm.video
URL: https://swarm.video/nsns.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.154.206.74 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: dd09e92e6746b32f1f655d9628fe1791d3c526591accb9492b831eba1e57aa37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 24 Nov 2022 19:06:47 GMT
Last-Modified: Thu, 24 Nov 2022 19:06:42 GMT
Server: nginx/1.18.0
ETag: "637fc0c2-344"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Range
Content-Length: 836

GET
BLOB 200
OK 46f43108-c204-4c6f-a3ab-d4beb14b277c
https://earthquakecensus.com/ Frame F9C6 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://earthquakecensus.com/46f43108-c204-4c6f-a3ab-d4beb14b277c
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 62280
Content-Type: text/javascript

GET
H/1.1 200
OK 8l9tt8qo.m3u8 Show response
ceahiqnkwcwo.cdnexpress59.net/hls/ Frame D3E7 836 B
1 KB 14ms
14ms XHR
application/vnd.apple.mpegurl 45.154.206.74
K4X

General

Check archive.org

Show headers Download Go to

Full URL: https://ceahiqnkwcwo.cdnexpress59.net:8443/hls/8l9tt8qo.m3u8?s=USpVgAIk0F_fMAYFrIkZ_Q&e=1669338404
Requested by: Host: swarm.video
URL: https://swarm.video/nsns.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.154.206.74 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: dd09e92e6746b32f1f655d9628fe1791d3c526591accb9492b831eba1e57aa37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 24 Nov 2022 19:06:47 GMT
Last-Modified: Thu, 24 Nov 2022 19:06:42 GMT
Server: nginx/1.18.0
ETag: "637fc0c2-344"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Range
Content-Length: 836

GET
H/1.1 200
OK 8l9tt8qo.m3u8 Show response
ceahiqnkwcwo.cdnexpress59.net/hls/ Frame D3E7 836 B
1 KB 14ms
14ms XHR
application/vnd.apple.mpegurl 45.154.206.74
K4X

General

Check archive.org

Show headers Download Go to

Full URL: https://ceahiqnkwcwo.cdnexpress59.net:8443/hls/8l9tt8qo.m3u8?s=USpVgAIk0F_fMAYFrIkZ_Q&e=1669338404
Requested by: Host: swarm.video
URL: https://swarm.video/nsns.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.154.206.74 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: dd09e92e6746b32f1f655d9628fe1791d3c526591accb9492b831eba1e57aa37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 24 Nov 2022 19:06:47 GMT
Last-Modified: Thu, 24 Nov 2022 19:06:42 GMT
Server: nginx/1.18.0
ETag: "637fc0c2-344"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Range
Content-Length: 836

GET
BLOB 200
OK 777c8bbc-14af-4e32-b246-b1528363f841
https://earthquakecensus.com/ Frame D3E7 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://earthquakecensus.com/777c8bbc-14af-4e32-b246-b1528363f841
Requested by: Host: earthquakecensus.com
URL: https://earthquakecensus.com/embed/8l9tt8qo
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 62280
Content-Type: text/javascript

GET
H/1.1 200
OK 8l9tt8qo-3159695880.ts Show response
ceahiqnkwcwo.cdnexpress59.net/hls/ Frame D3E7 1 MB
1 MB 28ms
28ms XHR
video/mp2t 45.154.206.74
K4X

General

Check archive.org

Show headers Download Go to

Full URL: https://ceahiqnkwcwo.cdnexpress59.net:8443/hls/8l9tt8qo-3159695880.ts
Requested by: Host: swarm.video
URL: https://swarm.video/nsns.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.154.206.74 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 72c4d6b4a006d8e2c476760fa32a1170c14395e2a616038b77357301513255dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 24 Nov 2022 19:06:47 GMT
Last-Modified: Thu, 24 Nov 2022 19:05:44 GMT
Server: nginx/1.18.0
ETag: "637fc088-113294"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Range
Content-Length: 1127060

GET
H/1.1 200
OK 8l9tt8qo-3159695880.ts Show response
ceahiqnkwcwo.cdnexpress59.net/hls/ Frame F9C6 1 MB
1 MB 137ms
108ms XHR
video/mp2t 45.154.206.74
K4X

General

Check archive.org

Show headers Download Go to

Full URL: https://ceahiqnkwcwo.cdnexpress59.net:8443/hls/8l9tt8qo-3159695880.ts
Requested by: Host: swarm.video
URL: https://swarm.video/nsns.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.154.206.74 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 72c4d6b4a006d8e2c476760fa32a1170c14395e2a616038b77357301513255dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 24 Nov 2022 19:06:47 GMT
Last-Modified: Thu, 24 Nov 2022 19:05:44 GMT
Server: nginx/1.18.0
ETag: "637fc088-113294"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Range
Content-Length: 1127060

GET
H/1.1 200
OK 8l9tt8qo-3160445940.ts Show response
ceahiqnkwcwo.cdnexpress59.net/hls/ Frame D3E7 1 MB
1 MB 14ms
14ms XHR
video/mp2t 45.154.206.74
K4X

General

Check archive.org

Show headers Download Go to

Full URL: https://ceahiqnkwcwo.cdnexpress59.net:8443/hls/8l9tt8qo-3160445940.ts
Requested by: Host: swarm.video
URL: https://swarm.video/nsns.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.154.206.74 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e6efd8cb7962ed0479795c87eec77197fa43e1f4012a1fff08c783cbf0fea589

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 24 Nov 2022 19:06:47 GMT
Last-Modified: Thu, 24 Nov 2022 19:05:51 GMT
Server: nginx/1.18.0
ETag: "637fc08f-108ed0"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Range
Content-Length: 1085136

GET
H/1.1 200
OK 8l9tt8qo-3160445940.ts Show response
ceahiqnkwcwo.cdnexpress59.net/hls/ Frame F9C6 1 MB
1 MB 14ms
14ms XHR
video/mp2t 45.154.206.74
K4X

General

Check archive.org

Show headers Download Go to

Full URL: https://ceahiqnkwcwo.cdnexpress59.net:8443/hls/8l9tt8qo-3160445940.ts
Requested by: Host: swarm.video
URL: https://swarm.video/nsns.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.154.206.74 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e6efd8cb7962ed0479795c87eec77197fa43e1f4012a1fff08c783cbf0fea589

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earthquakecensus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 24 Nov 2022 19:06:48 GMT
Last-Modified: Thu, 24 Nov 2022 19:05:51 GMT
Server: nginx/1.18.0
ETag: "637fc08f-108ed0"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Range
Content-Length: 1085136

GET
H2 200 manifest(format=m3u8-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/ Frame DC02 1 KB
781 B 21ms
20ms XHR
application/vnd.apple.mpegurl 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/manifest(format=m3u8-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

d2ae8dd887e6e0aeadbb80aa16f2d6c5a314376248546e081971a233fd1a9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
content-encoding: gzip
x-ms-streaming-duration: 0
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "928103901lv"
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: max-age=2
content-length: 546
expires: Thu, 24 Nov 2022 19:06:50 GMT

GET
H2 200 manifest(format=m3u8-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/ Frame FFB9 1 KB
587 B 21ms
20ms XHR
application/vnd.apple.mpegurl 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/manifest(format=m3u8-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

d2ae8dd887e6e0aeadbb80aa16f2d6c5a314376248546e081971a233fd1a9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
content-encoding: gzip
x-ms-streaming-duration: 0
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "928103901lv"
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: max-age=2
content-length: 546
expires: Thu, 24 Nov 2022 19:06:50 GMT

GET
H2 200 Manifest(video,format=m3u8-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(200000)/ Frame DC02 108 KB
8 KB 16ms
16ms XHR
application/vnd.apple.mpegurl 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(200000)/Manifest(video,format=m3u8-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

18e5c4f4a5724abdb710cee22ed79cffb4162f5abe0b47c8095c312c1889d97d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
content-encoding: gzip
x-ms-streaming-duration: 0
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "928103901lv"
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: max-age=2
content-length: 7954
expires: Thu, 24 Nov 2022 19:06:50 GMT

GET
H2 200 Manifest(audio_und,format=m3u8-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/ Frame DC02 113 KB
12 KB 17ms
16ms XHR
application/vnd.apple.mpegurl 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/Manifest(audio_und,format=m3u8-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

f7fb7c6318b0e1221f5783a31ce57ba39d9dc88a88f9b88b4a65807dec27fff0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
content-encoding: gzip
x-ms-streaming-duration: 0
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "928103901lv"
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: max-age=2
content-length: 11882
expires: Thu, 24 Nov 2022 19:06:50 GMT

GET
H2 200 Manifest(video,format=m3u8-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(200000)/ Frame FFB9 108 KB
8 KB 26ms
25ms XHR
application/vnd.apple.mpegurl 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(200000)/Manifest(video,format=m3u8-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

18e5c4f4a5724abdb710cee22ed79cffb4162f5abe0b47c8095c312c1889d97d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
content-encoding: gzip
x-ms-streaming-duration: 0
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "928103901lv"
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: max-age=2
content-length: 7954
expires: Thu, 24 Nov 2022 19:06:50 GMT

GET
H2 200 Manifest(audio_und,format=m3u8-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/ Frame FFB9 113 KB
12 KB 27ms
27ms XHR
application/vnd.apple.mpegurl 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/Manifest(audio_und,format=m3u8-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

f7fb7c6318b0e1221f5783a31ce57ba39d9dc88a88f9b88b4a65807dec27fff0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
content-encoding: gzip
x-ms-streaming-duration: 0
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "928103901lv"
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: max-age=2
content-length: 11882
expires: Thu, 24 Nov 2022 19:06:50 GMT

GET
H2 200 Fragments(video=i,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(200000)/ Frame DC02 829 B
923 B 17ms
17ms XHR
video/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(200000)/Fragments(video=i,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

4ef7339b646790a2f5c11b9ea4135520961fde8a53667558e6be157386b0b98e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: 0
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "0000030d"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 829
expires: Sun, 27 Nov 2022 19:06:48 GMT

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ Frame DC02 161 B
317 B 40ms
7ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?fields=2181826&key=XOpiansRgYxGTho
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: e4624d1cdb6e6659b349e395a217cfad5540ef3b263b0ddf9a79cdc4e1e572da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 24 Nov 2022 19:06:48 GMT
Content-Length: 161
Content-Type: application/json; charset=utf-8

GET
H2 200 Fragments(audio_und=i,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/ Frame DC02 746 B
806 B 16ms
16ms XHR
audio/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/Fragments(audio_und=i,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

004c90f1a366b7f79e21fcfc1d33ad5c0c3447a0097ca9ce192cf67ffb6ab166

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: 0
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "000002ba"
content-type: audio/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 746
expires: Sun, 27 Nov 2022 19:06:48 GMT

GET
H2 200 Fragments(video=i,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(200000)/ Frame FFB9 829 B
868 B 16ms
15ms XHR
video/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(200000)/Fragments(video=i,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

4ef7339b646790a2f5c11b9ea4135520961fde8a53667558e6be157386b0b98e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: 0
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "0000030d"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 829
expires: Sun, 27 Nov 2022 19:06:48 GMT

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ Frame FFB9 161 B
317 B 21ms
7ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?fields=2181826&key=XOpiansRgYxGTho
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: e4624d1cdb6e6659b349e395a217cfad5540ef3b263b0ddf9a79cdc4e1e572da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 24 Nov 2022 19:06:48 GMT
Content-Length: 161
Content-Type: application/json; charset=utf-8

GET
H2 200 Fragments(audio_und=i,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/ Frame FFB9 746 B
785 B 15ms
15ms XHR
audio/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/Fragments(audio_und=i,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

004c90f1a366b7f79e21fcfc1d33ad5c0c3447a0097ca9ce192cf67ffb6ab166

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: 0
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "000002ba"
content-type: audio/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 746
expires: Sun, 27 Nov 2022 19:06:48 GMT

GET
H2 200 Fragments(video=603182880,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(200000)/ Frame DC02 52 KB
52 KB 23ms
22ms XHR
video/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(200000)/Fragments(video=603182880,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

26f4384e4294cba3abd0018cb6003028f8470d8886f3c59ba64a328d198badb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: 0
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "Ny8xNS8yMDEz"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 52794
expires: Sun, 27 Nov 2022 19:06:48 GMT

GET
H2 200 Fragments(video=603182880,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(200000)/ Frame FFB9 52 KB
52 KB 29ms
29ms XHR
video/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(200000)/Fragments(video=603182880,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

26f4384e4294cba3abd0018cb6003028f8470d8886f3c59ba64a328d198badb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: video=2000
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "Ny8xNS8yMDEz"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 52794
expires: Sun, 27 Nov 2022 19:06:48 GMT

POST
H2 200 channel Show response
cn.cdnbye.com/v1/ Frame DC02 167 B
272 B 785ms
209ms Fetch
application/json 106.53.80.65

General

Check archive.org

Show headers Download Go to

Full URL: https://cn.cdnbye.com/v1/channel
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 106.53.80.65 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e770d4ef3e601b47a0eb0b5cb888ea604921831c51d6d5a004f8f67ce93cd6e9

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 24 Nov 2022 19:06:49 GMT
content-length: 167
content-type: application/json; charset=utf-8

POST
H2 200 channel Show response
cn.cdnbye.com/v1/ Frame FFB9 167 B
271 B 989ms
414ms Fetch
application/json 106.53.80.65

General

Check archive.org

Show headers Download Go to

Full URL: https://cn.cdnbye.com/v1/channel
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 106.53.80.65 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e770d4ef3e601b47a0eb0b5cb888ea604921831c51d6d5a004f8f67ce93cd6e9

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 24 Nov 2022 19:06:49 GMT
content-length: 167
content-type: application/json; charset=utf-8

GET
H2 200 Fragments(video=603182880,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(200000)/ Frame DC02 52 KB
52 KB 102ms
101ms XHR
video/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(200000)/Fragments(video=603182880,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

26f4384e4294cba3abd0018cb6003028f8470d8886f3c59ba64a328d198badb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Range: bytes=0-0

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: video=2000
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "Ny8xNS8yMDEz"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 52794
expires: Sun, 27 Nov 2022 19:06:49 GMT

GET
BLOB 200
OK f7763b81-f8d4-4ff3-88d9-aa787ea08b0e
https://online.alkoora.live/ Frame DC02 87 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://online.alkoora.live/f7763b81-f8d4-4ff3-88d9-aa787ea08b0e
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0e5e751eae4d31a998a163a91ddd67388ed1b960462f4951dd7cf1316c1a6b9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 88740
Content-Type: text/javascript

GET
H2 200 Fragments(video=603182880,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(200000)/ Frame FFB9 52 KB
52 KB 82ms
81ms XHR
video/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(200000)/Fragments(video=603182880,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

26f4384e4294cba3abd0018cb6003028f8470d8886f3c59ba64a328d198badb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Range: bytes=0-0

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: video=2000
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "Ny8xNS8yMDEz"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 52794
expires: Sun, 27 Nov 2022 19:06:49 GMT

GET
BLOB 200
OK f03d9d4d-a868-4ba4-a6cd-bbc6e76bed9e
https://online.alkoora.live/ Frame FFB9 87 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://online.alkoora.live/f03d9d4d-a868-4ba4-a6cd-bbc6e76bed9e
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0e5e751eae4d31a998a163a91ddd67388ed1b960462f4951dd7cf1316c1a6b9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 88740
Content-Type: text/javascript

GET
H2 200 Fragments(audio_und=321689688,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/ Frame DC02 35 KB
35 KB 30ms
29ms XHR
audio/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/Fragments(audio_und=321689688,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

541c7ba76af9c68354e4810695352e076ed052f15b8c8418c060c1090c28e3d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: audio=2005
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "Ny8xNS8yMDEz"
content-type: audio/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 35583
expires: Sun, 27 Nov 2022 19:06:49 GMT

GET
H2 200 Fragments(audio_und=321689688,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/ Frame FFB9 35 KB
35 KB 32ms
32ms XHR
audio/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/Fragments(audio_und=321689688,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

541c7ba76af9c68354e4810695352e076ed052f15b8c8418c060c1090c28e3d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: audio=2005
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "Ny8xNS8yMDEz"
content-type: audio/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 35583
expires: Sun, 27 Nov 2022 19:06:49 GMT

GET
BLOB 200
OK 59fbe4a9-2c16-4732-b5e9-09045cdebc0c
https://online.alkoora.live/ Frame DC02 87 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://online.alkoora.live/59fbe4a9-2c16-4732-b5e9-09045cdebc0c
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0e5e751eae4d31a998a163a91ddd67388ed1b960462f4951dd7cf1316c1a6b9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 88740
Content-Type: text/javascript

GET
BLOB 200
OK b076f55b-361c-4c97-aa6b-ffb1540d1902
https://online.alkoora.live/ Frame FFB9 87 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://online.alkoora.live/b076f55b-361c-4c97-aa6b-ffb1540d1902
Requested by: Host: shehabnews.com
URL: https://shehabnews.com/post/111571/%D8%A8%D8%A7%D9%84%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84-%D8%B6%D8%AF-%D8%B5%D8%B1%D8%A8%D9%8A%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-2022
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0e5e751eae4d31a998a163a91ddd67388ed1b960462f4951dd7cf1316c1a6b9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 88740
Content-Type: text/javascript

GET
H2 200 Manifest(video,format=m3u8-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(1350000)/ Frame DC02 108 KB
8 KB 21ms
21ms XHR
application/vnd.apple.mpegurl 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(1350000)/Manifest(video,format=m3u8-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

18e5c4f4a5724abdb710cee22ed79cffb4162f5abe0b47c8095c312c1889d97d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
content-encoding: gzip
x-ms-streaming-duration: 0
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "928103901lv"
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: max-age=2
content-length: 7954
expires: Thu, 24 Nov 2022 19:06:51 GMT

GET
H2 200 Manifest(video,format=m3u8-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(1350000)/ Frame FFB9 108 KB
8 KB 19ms
19ms XHR
application/vnd.apple.mpegurl 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(1350000)/Manifest(video,format=m3u8-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

18e5c4f4a5724abdb710cee22ed79cffb4162f5abe0b47c8095c312c1889d97d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
content-encoding: gzip
x-ms-streaming-duration: 0
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "928103901lv"
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: max-age=2
content-length: 7954
expires: Thu, 24 Nov 2022 19:06:51 GMT

GET
H2 200 Fragments(audio_und=321785944,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/ Frame DC02 33 KB
33 KB 19ms
19ms XHR
audio/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/Fragments(audio_und=321785944,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

245ce17348902b0e7c7959aa5f8c35fb2e0d95a1c993e0cf4f5dc49b566e22fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: audio=2005
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "Ny8xNS8yMDEz"
content-type: audio/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 33914
expires: Sun, 27 Nov 2022 19:06:49 GMT

GET
H2 200 Fragments(audio_und=321785944,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/ Frame FFB9 33 KB
33 KB 18ms
18ms XHR
audio/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/Fragments(audio_und=321785944,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

245ce17348902b0e7c7959aa5f8c35fb2e0d95a1c993e0cf4f5dc49b566e22fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: audio=2005
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "Ny8xNS8yMDEz"
content-type: audio/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 33914
expires: Sun, 27 Nov 2022 19:06:49 GMT

GET
H2 200 Fragments(video=i,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(1350000)/ Frame DC02 831 B
883 B 15ms
15ms XHR
video/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(1350000)/Fragments(video=i,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

bdb043cb95eeefc3f03fd2e6fb84dcffe106add1b9d0753ee5c07dd176008a56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: 0
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "0000030f"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 831
expires: Sun, 27 Nov 2022 19:06:49 GMT

GET
H2 200 Fragments(video=i,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(1350000)/ Frame FFB9 831 B
870 B 16ms
15ms XHR
video/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(1350000)/Fragments(video=i,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

bdb043cb95eeefc3f03fd2e6fb84dcffe106add1b9d0753ee5c07dd176008a56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: 0
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "0000030f"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 831
expires: Sun, 27 Nov 2022 19:06:49 GMT

GET
H2 200 Fragments(video=603362880,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(1350000)/ Frame DC02 315 KB
315 KB 16ms
16ms XHR
video/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(1350000)/Fragments(video=603362880,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

3324b395b29c4900c56fd1de0f5585ab6878dbd04122bb345760dcbda5419c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: video=2000
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "Ny8xNS8yMDEz"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 322194
expires: Sun, 27 Nov 2022 19:06:49 GMT

GET
H2 200 Fragments(audio_und=321882200,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/ Frame DC02 33 KB
34 KB 28ms
28ms XHR
audio/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/Fragments(audio_und=321882200,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

009db00d28f52cee0e924b408ca625b4b8c33d5a7b4b670c05a915373d4df22b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: audio=2005
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "Ny8xNS8yMDEz"
content-type: audio/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 34295
expires: Sun, 27 Nov 2022 19:06:49 GMT

GET
H2 200 Fragments(audio_und=321882200,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/ Frame FFB9 33 KB
34 KB 28ms
27ms XHR
audio/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/Fragments(audio_und=321882200,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

009db00d28f52cee0e924b408ca625b4b8c33d5a7b4b670c05a915373d4df22b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: audio=2005
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "Ny8xNS8yMDEz"
content-type: audio/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 34295
expires: Sun, 27 Nov 2022 19:06:49 GMT

GET
H2 200 Fragments(video=603362880,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(1350000)/ Frame FFB9 315 KB
315 KB 26ms
26ms XHR
video/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(1350000)/Fragments(video=603362880,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

3324b395b29c4900c56fd1de0f5585ab6878dbd04122bb345760dcbda5419c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: video=2000
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "Ny8xNS8yMDEz"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 322194
expires: Sun, 27 Nov 2022 19:06:49 GMT

GET
H2 200 Fragments(video=603542880,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(1350000)/ Frame DC02 408 KB
409 KB 28ms
28ms XHR
video/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(1350000)/Fragments(video=603542880,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

d55a55b05e2d55acfe5c141edc7ebc108027060a10e625c05b9b0eb076f50ff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: video=2000
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "Ny8xNS8yMDEz"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 418137
expires: Sun, 27 Nov 2022 19:06:49 GMT

GET
H2 200 Fragments(audio_und=321978456,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/ Frame DC02 32 KB
33 KB 33ms
32ms XHR
audio/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/Fragments(audio_und=321978456,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

dc544f9d75f65259ac56f1c9404f32cd0d8ce4e1289d38c05f24e7ced1a881fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: 0
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "Ny8xNS8yMDEz"
content-type: audio/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 33221
expires: Sun, 27 Nov 2022 19:06:49 GMT

GET
H2 200 Fragments(audio_und=321978456,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/ Frame FFB9 32 KB
32 KB 42ms
42ms XHR
audio/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/Fragments(audio_und=321978456,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

dc544f9d75f65259ac56f1c9404f32cd0d8ce4e1289d38c05f24e7ced1a881fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: audio=2005
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "Ny8xNS8yMDEz"
content-type: audio/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 33221
expires: Sun, 27 Nov 2022 19:06:49 GMT

GET
H2 200 Fragments(video=603542880,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(1350000)/ Frame FFB9 408 KB
409 KB 42ms
42ms XHR
video/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(1350000)/Fragments(video=603542880,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

d55a55b05e2d55acfe5c141edc7ebc108027060a10e625c05b9b0eb076f50ff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: video=2000
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "Ny8xNS8yMDEz"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 418137
expires: Sun, 27 Nov 2022 19:06:49 GMT

GET
H2 200 Fragments(video=603722880,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(1350000)/ Frame DC02 387 KB
387 KB 47ms
47ms XHR
video/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(1350000)/Fragments(video=603722880,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

4234fde25796d06413d3aafbc9092b67bf4a5d4f3662df121cc92583d548c1ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: video=2000
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "Ny8xNS8yMDEz"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 396167
expires: Sun, 27 Nov 2022 19:06:49 GMT

GET
H2 200 Fragments(audio_und=322074712,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/ Frame DC02 33 KB
33 KB 46ms
46ms XHR
audio/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/Fragments(audio_und=322074712,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

2794498e10331529ff681b16df163143a4abc6c6e78c5c07744590a2fa478ce3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: audio=2005
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "Ny8xNS8yMDEz"
content-type: audio/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 33595
expires: Sun, 27 Nov 2022 19:06:49 GMT

GET
H2 200 Fragments(audio_und=322074712,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/ Frame FFB9 33 KB
33 KB 38ms
38ms XHR
audio/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/Fragments(audio_und=322074712,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

2794498e10331529ff681b16df163143a4abc6c6e78c5c07744590a2fa478ce3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: audio=2005
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "Ny8xNS8yMDEz"
content-type: audio/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 33595
expires: Sun, 27 Nov 2022 19:06:49 GMT

GET
H2 200 Fragments(video=603722880,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(1350000)/ Frame FFB9 387 KB
387 KB 37ms
37ms XHR
video/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(1350000)/Fragments(video=603722880,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

4234fde25796d06413d3aafbc9092b67bf4a5d4f3662df121cc92583d548c1ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: video=2000
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "Ny8xNS8yMDEz"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 396167
expires: Sun, 27 Nov 2022 19:06:49 GMT

GET
H2 200 Fragments(video=603902880,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(1350000)/ Frame DC02 277 KB
277 KB 35ms
35ms XHR
video/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(1350000)/Fragments(video=603902880,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

e7a02342e5bb80f9a1ffb2efbb49d74e7b059f7387af2890dc69563af4a8e9f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: video=2000
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "Ny8xNS8yMDEz"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 283230
expires: Sun, 27 Nov 2022 19:06:49 GMT

GET
H2 200 Fragments(video=603902880,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(1350000)/ Frame FFB9 277 KB
277 KB 25ms
25ms XHR
video/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(1350000)/Fragments(video=603902880,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

e7a02342e5bb80f9a1ffb2efbb49d74e7b059f7387af2890dc69563af4a8e9f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:48 GMT
x-ms-streaming-duration: video=2000
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "Ny8xNS8yMDEz"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 283230
expires: Sun, 27 Nov 2022 19:06:49 GMT

GET
H2 200 Fragments(audio_und=322170968,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/ Frame DC02 33 KB
33 KB 31ms
30ms XHR
audio/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/Fragments(audio_und=322170968,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

7769779ca89e5f6c5b791a73e65aca7ad4fa7fc88aa4e729da8d2929f4150b4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:49 GMT
x-ms-streaming-duration: audio=2005
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "Ny8xNS8yMDEz"
content-type: audio/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 33610
expires: Sun, 27 Nov 2022 19:06:49 GMT

GET
H2 200 Fragments(audio_und=322170968,format=mpd-time-cmaf) Show response
kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/ Frame FFB9 33 KB
33 KB 30ms
30ms XHR
audio/mp4 40.66.60.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/QualityLevels(128000)/Fragments(audio_und=322170968,format=mpd-time-cmaf)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cdnbye@latest

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.66.60.204 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 IISMS/6.0 /

Resource Hash

7769779ca89e5f6c5b791a73e65aca7ad4fa7fc88aa4e729da8d2929f4150b4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
date: Thu, 24 Nov 2022 19:06:49 GMT
x-ms-streaming-duration: audio=2005
x-content-type-options: nosniff
server: Microsoft-IIS/10.0 IISMS/6.0
etag: "Ny8xNS8yMDEz"
content-type: audio/mp4
access-control-allow-origin: *
cache-control: max-age=259200
content-length: 33610
expires: Sun, 27 Nov 2022 19:06:49 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sports.koragol.com
URL: https://sports.koragol.com/tv1/hd4.php

Domain: sports.koragol.com
URL: https://sports.koragol.com/tv1/test4.php

Domain: sports.koragol.com
URL: https://sports.koragol.com/tv1/hd44.php

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: awstats.cloud
URL: https://awstats.cloud/js/plausible.js

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: EoOBIGRrq7o
.youtube.com/	1970-01-20 12:01:08	Name: VISITOR_INFO1_LIVE Value: 5rih7qjmuWo
shehabnews.com/	1970-01-20 17:10:44	Name: __atuvc Value: 1%7C47
shehabnews.com/	1970-01-20 07:41:58	Name: __atuvs Value: 637fc0c368dc792e000
.shehabnews.com/	1970-01-20 17:17:56	Name: _ga_J94WBQNM5V Value: GS1.1.1669316803.1.0.1669316803.60.0.0
.addthis.com/	1970-01-20 17:10:44	Name: uvc Value: 1%7C47
.shehabnews.com/	1970-01-20 17:17:56	Name: _ga Value: GA1.2.655335985.1669316804
.shehabnews.com/	1970-01-20 07:43:23	Name: _gid Value: GA1.2.2110210366.1669316804
.shehabnews.com/	1970-01-20 07:41:56	Name: _gat_gtag_UA_169288917_1 Value: 1
.addthis.com/	1970-01-20 17:10:44	Name: loc Value: MDAwMDBFVURFQlkyMjk0MTkwMjAwNTAwMDBDSA==
.shehabnews.com/	1970-01-20 16:27:32	Name: _hjSessionUser_3009994 Value: eyJpZCI6IjRiNDMzYjczLTg0NTItNWU1OS1iMDcwLWNkNWY0ODU5MGMwZCIsImNyZWF0ZWQiOjE2NjkzMTY4MDMyMDAsImV4aXN0aW5nIjpmYWxzZX0=
.shehabnews.com/	1970-01-20 07:41:58	Name: _hjFirstSeen Value: 1
shehabnews.com/	1970-01-20 07:41:56	Name: _hjIncludedInSessionSample Value: 0
.shehabnews.com/	1970-01-20 07:41:58	Name: _hjSession_3009994 Value: eyJpZCI6ImQwMDk4NjBkLTMwMDQtNDgzMS04Njk5LTQzMWEwODE2NGMxZSIsImNyZWF0ZWQiOjE2NjkzMTY4MDQxNzIsImluU2FtcGxlIjpmYWxzZX0=
.shehabnews.com/	1970-01-20 07:41:58	Name: _hjAbsoluteSessionInProgress Value: 1
.shehabnews.com/	1970-01-20 17:03:32	Name: __gads Value: ID=68479de94a69fe40-22ef75cd8dd700cb:T=1669316804:RT=1669316804:S=ALNI_MZEs9w_FmBlUhGOH7XhEWfvZMF96Q
.shehabnews.com/	1970-01-20 17:03:32	Name: __gpi Value: UID=00000b86a7af9961:T=1669316804:RT=1669316804:S=ALNI_MaDAbx4zRp8s6-LIxg5m3X5ufbpaQ
earthquakecensus.com/	1970-01-20 07:42:40	Name: hf3 Value: 2
.doubleclick.net/	1970-01-20 17:03:32	Name: IDE Value: AHWqTUmB5nfknyEa6tkNgpgUNj6x9kzbzEmB71xMU4R9mp0r-0wKHI0h-w9pR5-ayw0
.doubleclick.net/	1970-01-20 07:42:00	Name: DSID Value: NO_DATA

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/manifest(format=m3u8-cmaf) Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/manifest(format=m3u8-cmaf) Message: Failed to load resource: the server responded with a status of 503 ()
rendering	warning	URL: https://earthquakecensus.com/embed/8l9tt8qo(Line 6) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
network	error	URL: https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/manifest(format=m3u8-cmaf).m3u8 Message: Failed to load resource: the server responded with a status of 503 ()
rendering	warning	URL: https://earthquakecensus.com/embed/8l9tt8qo(Line 6) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
network	error	URL: https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/manifest(format=m3u8-cmaf) Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/manifest(format=m3u8-cmaf) Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/manifest(format=m3u8-cmaf).m3u8 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/manifest(format=m3u8-cmaf) Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/manifest(format=m3u8-cmaf) Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://awstats.cloud/js/plausible.js Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://kareeem10-frct1.streaming.media.azure.net/47188904-7d21-4764-9dcb-bdb744a971e0/output-20221124-191239-manifest.ism/manifest(format=m3u8-cmaf).m3u8 Message: Failed to load resource: the server responded with a status of 503 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api-public.addthis.com
app.jubnaadserve.com
awstats.cloud
cdn.bitmovin.com
cdn.jsdelivr.net
cdn.jubnaadserve.com
cdnjs.cloudflare.com
cdnondemand.org
ceahiqnkwcwo.cdnexpress59.net
cn.cdnbye.com
connect.facebook.net
earthquakecensus.com
egy.koooora-online.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.jubnaadserve.com
jnn-pa.googleapis.com
kareeem10-frct1.streaming.media.azure.net
koraarabia.com
m.addthis.com
maxcdn.bootstrapcdn.com
nigdom.com
online.alkoora.live
pagead2.googlesyndication.com
partner.googleadservices.com
pro.ip-api.com
region1.analytics.google.com
s7.addthis.com
script.hotjar.com
shehabnews.com
sports.koragol.com
stad.yalla-shoot.io
static.doubleclick.net
static.hotjar.com
static.jubnaadserve.com
stats.g.doubleclick.net
swarm.video
tpc.googlesyndication.com
v1.addthisedge.com
vars.hotjar.com
vc.hotjar.io
whos.amung.us
widgets.amung.us
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yalla-shoot-fawry.com
youradexchange.com
z.moatads.com
awstats.cloud
s7.addthis.com
sports.koragol.com
106.53.80.65
172.67.162.238
18.66.112.15
18.66.147.29
18.66.97.49
2001:4860:4802:32::36
2001:4860:4802:38::178
23.35.236.122
23.35.237.151
2600:9000:223c:4400:9:aa8b:700:93a1
2600:9000:223d:ae00:c:1fa5:2f00:93a1
2600:9000:225e:4c00:1e:aead:3c80:93a1
2600:9000:225e:600:f:259d:3c40:93a1
2606:4700:10::6816:4bab
2606:4700:20::681a:b15
2606:4700:3030::6815:238b
2606:4700:3033::ac43:af62
2606:4700:3035::ac43:a822
2606:4700:3036::ac43:bda6
2606:4700:3108::ac42:2895
2606:4700::6810:5614
2606:4700::6810:83a
2606:4700::6810:a710
2606:4700::6811:190e
2606:4700::6812:acf
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2004
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2003
2a00:1450:4001:831::2006
2a00:1450:400c:c1b::9c
2a02:4780:a:378:0:159c:ed2f:11
2a03:2880:f01c:216:face:b00c:0:3
2a06:98c1:3121::3
34.98.96.165
35.190.41.116
40.66.60.204
45.154.206.74
51.77.64.70
52.222.236.74
004c90f1a366b7f79e21fcfc1d33ad5c0c3447a0097ca9ce192cf67ffb6ab166
009db00d28f52cee0e924b408ca625b4b8c33d5a7b4b670c05a915373d4df22b
04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05d68c63bb0aea0ed7093a5e2a4c999066380848a3948717c51931f2bb36206c
062f1443f6ef01d4716b82180b42845873ebd66f9fe35e37997f6732e1a1888a
08425cc4b28fee39ddaa61b09516226643e9c0d6854c25a004192792fa9dbe77
0efb6837db57d44c79c28ba941a93718c635fb148f2238aeed025e962b762398
10f57c6ee5ed06f7d6c6ed5a0279f28ab987671b4bb2e0b910a3b82fced5871a
11e2214aefe3c99f89d73ee55785d72d2e8f007e8e821307fc4fae18ec257b86
1430d9e6c12583774c0deb46943f671f4c6493905bab53391f277e49b57f07f1
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e5c4f4a5724abdb710cee22ed79cffb4162f5abe0b47c8095c312c1889d97d
1c9dd95dbc24d47bf229ac9eed6cf938aebb0e61c479527c04ff368781ee562a
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
22edf534b44d034339eb2b5eb10cf6e91b32655a50a086fd12536b165e6f6a06
245ce17348902b0e7c7959aa5f8c35fb2e0d95a1c993e0cf4f5dc49b566e22fa
25a2ecc0ecf7dd20ac03d0376e908821909d7600fad2c6b3909042a30049a84f
26f4384e4294cba3abd0018cb6003028f8470d8886f3c59ba64a328d198badb4
27633bb30a3d1b18d4e643890d245d0ff5d0e1ae03c0e0e9ef00cb84b57aee8a
2794498e10331529ff681b16df163143a4abc6c6e78c5c07744590a2fa478ce3
2bde280de9232c9f713fd1a9b4adcd2d385a87956885078a6cd16ad7bc59820c
2c7cf941b4eb9254e850875107ded812b5cf2da9de46f85919561f2a73876257
2d36b3c980e5af4a5f82a6d04d39e07246d76beda2024e29f0260fe2d836d428
2d3d347d1f287357f3a7a22ee99ca3e70d25f0310d8173acd4e07c95bdc15f24
2e2dfffbffa48cd06089d246e3091e6d3e514445b56291994187f7c7f24e781a
2e7aa0d4a4190463723e45bf98a6248b758c3d3c6aa7287ae838ec1fe44f200e
30aaebfce21aa802531f5ccdebd75099f437a56f09d26013e6332390b281b79e
3119c8e75125e15e49405cd27598d9fcad880b2e8a772c341e4a027c2b190462
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3324b395b29c4900c56fd1de0f5585ab6878dbd04122bb345760dcbda5419c27
33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7
37ec76f312300e2addbfb9dbccca98f98736f58fa46ee4b2bf2bf13b4a024ef3
3ba39d7c9b32afde1d742bd0f3d23185a1bc51edc86c73fb9320b0b3b4ef67eb
3dfed3a9800cc7221ac336a2da595938d815edcbd90cd0d08a09f7b296e14db2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4234fde25796d06413d3aafbc9092b67bf4a5d4f3662df121cc92583d548c1ef
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48f6a40df7da38bbee5e50f736d8499075dca18f7faf9089d56d78d711025d09
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49f5529ef4b30fcca89045567e0074b1b841c40f15f45d083d97126d7a119ee0
4bb8d709382e7b3b4faeeb1c416d0901763c91bc04bfed955e2d9df52c3a6093
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ef7339b646790a2f5c11b9ea4135520961fde8a53667558e6be157386b0b98e
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
52cc180ee1384f5c541af3495f555598088fbbef28cb0c71203570ba1909355f
541c7ba76af9c68354e4810695352e076ed052f15b8c8418c060c1090c28e3d1
558715e8dd6668102e5bd3c4da5d43f03cf329a3ba65d8903d42b879a0077f66
56ab732c57aa1dd93224b47c4ea599fc1b045a9f9c81162482d6fb8a3a119746
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
5a39be83844562239ac56c31824506046cf0f64c7d566aa374cfff86dd4d3a33
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a637638c5994cd5d730aaac9a38847579a57a52579f41fcd9a5dab05dabc226
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ef4aebef51739ba8dc54847cf12b850562a4b56aecb218bce5840deacf70ec4
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
6263ad9d5cb8c217878a30ad997ce3e73a6cafdf37ea49282635b7639dc6fac0
62e14ee0c347ecf461e96e9f12c56708b43a18bcce36c8badbe332f0d85bcda5
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
62f6e491fc4bfd479bae390c9b720af5ab1d5bc5709ee26358cdb5ecc1a37560
6468ac9f9bca964f3910fc967b80781c1c8634300e36f95ae49056d91a2734bf
66d399202e4b2db3993d13927a2f77bbe6903604afeeb4d1b1cdc7e0cbfa6aac
69e74d4da9628070b304beaa75b91c818f6cc6e5ca7c1e23931eb5041f4727aa
6ae30bd23241d6874ea48a68f3b4fd44a883a6248f939465f91c85f9a91f7c07
6ae53b07981fd201eb507bed7d8eb2aff2a8d489763ea4b4ff615ab9df9c98c1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dae7b6f6d532b8ac018ec8bfb07eecdc7b789f12dd2548f7556a64b552a4b73
6e370fecce4e39a2960185acf1482babf68aface4bcb853ffcc2317908250cba
6f6ce602bed449940565c8bfea9921659efafc0c5409a8242eda17e6e6554c31
6f907bc4d8dd3a21d50ab1f925ecebe800fb568ca27712f5f53cd6387469e22c
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
72c4d6b4a006d8e2c476760fa32a1170c14395e2a616038b77357301513255dd
72d2367dc35967c758f93deefb69e76a1cfed9be0dcab06fc8ae2bf8d37bc879
7321ff71dae3ca52b4e2dce02a95d3fdfabdb41d9f48bb8be1c5af8d8dcd3d9b
748905a8c83cce10463d0af35cb576c258fdbe20cf1fd786d18977334641de30
7769779ca89e5f6c5b791a73e65aca7ad4fa7fc88aa4e729da8d2929f4150b4a
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b4eecc0fc56986c7ab5b803b57f774f30616b6cbefb29fc917cc0d23d62cdb1
7b4fbd6cf87898b005b09546b1c4e82654918b11e5f64ccb8fc32ea0a04e237a
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7bbf38f04c2d40a266f96c2cda1652027eb31229bbc3e0ad3ba83496dadd6d01
827e4c5288548b930b54b74447c5e93ce460c584333e1985716917c6e84131cc
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
863e49b7fa41857e35ab5cb772a0e88f781cf497f518b16698bd0046339862af
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8b1396e60a8fdaad7d753a3dfe6887c6a5d53dc23efa63773fbdf4f3473ea138
906df63dc13f3efb3872d5a23f0cf6ad34b513402cb42e0d8fa1d2b76f8541ff
914ec05342f413e7668616e18cd05a636c0ceafc3b1d77726ea75d28a0d486d8
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92d302a80bb49dc2b379f3a4996f276d8ca392c07435557c06e55d5ba876daaa
93ceb4f2482a266ca851186a9123c5e58f1dbaedb611ff07362ab8670c457170
9aa71f21f10c314828a1a72655c0225280a6baa650cd8cf11ac341ae3f213b8b
9ac936bd064713af79db371132abcce7c64470bddd1a37920fc7f9dc3023eecb
9b0430444ed374078b45fce59417e8bc02f7d28db8d27b638f2746ff69cf57d3
9d14c7d3f78e67f002aad08a80157565e9e083c4e7bdb11b6880896e4be188eb
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a1cb3cf905c857922563cc88ce311318a5f8be5435e83a3f963541f4815d30d5
a3b07fd68438e49a69e669bba6332cf92dfc38cbd335743dbf365056a4164d52
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7983055b801d63c27037068596cfff2485d1012fc27cb92989a81b21f3dde5b
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ab1897b374e76000c289e1491e74d94e2a30584f4388b57b6b3ec8dab467ee2c
ac67eba217cc24846f0d650dbf24e7e1f96928839f20a70ddeba99bfa284ca23
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b031468066ae75b97fe3cad3cfcab1b74177d1146c98cdf831eb4c07e7f96e92
b184888665b6cb9e154760bae131eaf01c140197506afd50abcbe98dc9d9438f
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4650a3a498d83e1aa89e8edf7a23a119b9829fb0a8e752586a0d5fb1c50bdb5
b47e5ab37362998b55b8d8eddca591867a23f45f2d8169f07e0d908463cd375c
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
b63ed4c3792f6acb0b70a6083ad090bbac092cfcf021106be33f5f73690363e4
b671461c96b1083a20600cb95b26f3b20b99c36c8158e887e30d4b2b3b38c816
bb8a3b23f2cfb344ca84f11444c4d2ad39ebc5e79ad1f5329361b8590235f324
bd2ef07d6a5bd3198ab2f4a0b49c690f6b2bcec6d743afb71433886864b379c1
bdb043cb95eeefc3f03fd2e6fb84dcffe106add1b9d0753ee5c07dd176008a56
be798fedc961f27939e2a6a14bd0230d3fed57588cfb984be3e24c9bfd0d16b5
c029404e4919e6d5fcb01eaf64e84eda5a49c2b4d0b9911c95af871d7116a49c
c02d2e4ee660f561338f717a6dc83745ea23c4ad356a57bdfee60c3643b25b1a
c0e5e751eae4d31a998a163a91ddd67388ed1b960462f4951dd7cf1316c1a6b9
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2995690e9dfac900bebef6d09af2b89ddaa8a699ad19a0339d2938171b2d1ba
c4e23140ff4396d69e410f2ddbeac0ae2bf0b38c862849ca9813547c5c99b6c5
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
cd03ea671791f42bc1dffded117c4f283135f782d3ad1350dd244d7de5dc75b9
cd95ed1dc6e84cac53ee409bfe80e6a985e0efbba98dcba010a5bf2b76fdd2f3
ce5e19b792353885bb816ee8c50c953cc3f24ccacb1f0b71b3500cdb0fc95f9e
cf89b17e858888ac03c9aeb6aeb2c991a8adf48356d82f9acb1ec34d4280f3e5
cf979ad00f3d0be695306dc68d25e8e958de12331f27c468d5062c59efae03b3
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d2ae8dd887e6e0aeadbb80aa16f2d6c5a314376248546e081971a233fd1a9d71
d4502c979269d27ad38471919a5dd48a3f5b6e328612d47179b713798d31a5c8
d55a55b05e2d55acfe5c141edc7ebc108027060a10e625c05b9b0eb076f50ff4
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
dc544f9d75f65259ac56f1c9404f32cd0d8ce4e1289d38c05f24e7ced1a881fc
dd09e92e6746b32f1f655d9628fe1791d3c526591accb9492b831eba1e57aa37
df361312d57f424efe49ed6e23ef68eb2052457d359126a3add066ba2ea266ee
e03c5564607e48cf13186f760203dd1a522039e37edbd307ed3c996f1460e794
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e237fa7ceb4574406b727e55d86b336bfa1b53d5b100524dd37e1db5b7bb0faa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e2518463a591e1f683f93f0a0c5af563985747200820937ca37e48f16331c8
e4624d1cdb6e6659b349e395a217cfad5540ef3b263b0ddf9a79cdc4e1e572da
e6efd8cb7962ed0479795c87eec77197fa43e1f4012a1fff08c783cbf0fea589
e770d4ef3e601b47a0eb0b5cb888ea604921831c51d6d5a004f8f67ce93cd6e9
e7a02342e5bb80f9a1ffb2efbb49d74e7b059f7387af2890dc69563af4a8e9f6
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ed71d47801ba353bcd5cc58d8a4ca47ded2bba6a8c004bfae45f771e653c34bc
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3fc81c28ca27ab74b5ae644b724e6d4696cec02005847c9153ef62c8969eb1
f2ae3ad921aab18f398416e3c0631a382d2ee2ab099d585fec681b1b490727a0
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5f6d9d01e6e32d0c69684446ea7880b66deedbb1aa88cd3be1f6222e7a05e2a
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7fb7c6318b0e1221f5783a31ce57ba39d9dc88a88f9b88b4a65807dec27fff0
f8b1efffaf85dff743257c1b4b8650dcfe52034ea1e1a13804d022f403509eb4
f9b46ce552aeb702d9a260987b3e2805e21145f44432ebbcf56c4628c36f9e5a
fbfc674d967b7348e7b3a28b8d71576dff73133a3cc21280207348a33a29ec02
fc5152fc29a4f1e3632f03133aecd83f55d1f257dc2ac3480c24b0b8d1f4aa57

shehabnews.com Open in urlscan Pro 34.98.96.165 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

241 Requests

94 %HTTPS

75 %IPv6

40 Domains

56 Subdomains

51 IPs

5 Countries

13376 kBTransfer

25354 kBSize

20 Cookies

20 Outgoing links

Redirected requests

241 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 22 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

shehabnews.com Open in urlscan Pro
34.98.96.165 Public Scan

Screenshot
Live screenshot

Full Image

241
Requests

94 %
HTTPS

75 %
IPv6

40
Domains

56
Subdomains

51
IPs

5
Countries

13376 kB
Transfer

25354 kB
Size

20
Cookies

241 HTTP transactions
22 data transactions