urlscan.io logo urlscan.io
SecurityTrails logo

yalla-shoots.tv Open in urlscan Pro
104.21.235.79  Public Scan

Go To Rescan Add Verdict Report
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Submission: On April 30 via manual from TN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 71 IPs in 13 countries across 52 domains to perform 390 HTTP transactions. The main IP is 104.21.235.79, located in and belongs to CLOUDFLARENET, US. The main domain is yalla-shoots.tv. The Cisco Umbrella rank of the primary domain is 867110.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 27th 2023. Valid for: a year.
This is the only time yalla-shoots.tv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 104.21.235.79 13335 (CLOUDFLAR...)
31 2606:4700::68... 13335 (CLOUDFLAR...)
5 205.185.216.10 20446 (STACKPATH...)
2 172.67.141.250 13335 (CLOUDFLAR...)
1 188.114.96.3 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.21.233.171 13335 (CLOUDFLAR...)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
38 2a00:1450:400... 15169 (GOOGLE)
2 69.16.175.42 20446 (STACKPATH...)
1 3.215.149.208 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
51 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 45.133.44.4 39572 (ADVANCEDH...)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 145.239.139.16 16276 (OVH)
28 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 45.133.44.3 39572 (ADVANCEDH...)
6 2a0c:5c81:514... 55081 (24SHELLS)
1 2600:9000:25a... 16509 (AMAZON-02)
11 2a02:2638:3::3 44788 (ASN-CRITE...)
1 65.9.66.68 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 147.75.84.158 54825 (PACKET)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 6 216.52.2.6 32475 (SINGLEHOP...)
1 8 51.89.9.254 16276 (OVH)
4 2a02:2638:3::7 44788 (ASN-CRITE...)
1 5 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:3::9 44788 (ASN-CRITE...)
1 2a02:2638:d::4 44788 (ASN-CRITE...)
1 2 63.32.201.247 16509 (AMAZON-02)
2 35.190.39.111 15169 (GOOGLE)
1 4 2a02:2638:3::c 44788 (ASN-CRITE...)
3 162.19.138.117 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 24 142.250.185.66 15169 (GOOGLE)
5 11 185.80.39.216 27381 (CASALE-MEDIA)
5 8 185.89.210.244 29990 (ASN-APPNEX)
1 18.203.208.238 16509 (AMAZON-02)
2 178.250.7.9 44788 (ASN-CRITE...)
1 178.250.7.13 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 2a02:2638:3::10 44788 (ASN-CRITE...)
1 2a02:2638:3::1a 44788 (ASN-CRITE...)
28 2a00:1450:400... 15169 (GOOGLE)
1 64.233.166.154 15169 (GOOGLE)
1 2600:9000:25a... 16509 (AMAZON-02)
10 2600:1f18:1ac... 14618 (AMAZON-AES)
1 2a02:2638:d::c 44788 (ASN-CRITE...)
1 178.250.1.6 44788 (ASN-CRITE...)
13 45.84.217.44 212411 (MYWEB)
6 172.217.16.130 15169 (GOOGLE)
1 2 37.157.5.133 198622 (ADFORM)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 185.29.134.244 30419 (MEDIAMATH...)
1 1 18.213.43.223 14618 (AMAZON-AES)
3 3 37.157.4.24 198622 (ADFORM)
2 2 213.155.156.165 1299 (TWELVE99 ...)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
1 174.137.133.49 27257 (WEBAIR-IN...)
1 1 124.146.215.52 2514 (INFOSPHER...)
1 51.77.64.70 16276 (OVH)
1 172.64.106.16 13335 (CLOUDFLAR...)
1 85.14.248.71 24961 (MYLOC-AS ...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 35.204.74.118 396982 (GOOGLE-CL...)
1 162.19.138.82 16276 (OVH)
390 71
9    104.21.235.79 (None, )

ASN13335 (CLOUDFLARENET, US)
yalla-shoots.tv
31    2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)
live.demand.supply
5    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
jscdn.greeter.me
2    172.67.141.250 (United States)

ASN13335 (CLOUDFLARENET, US)
web-api.scorarab.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
live.shoot-yalla.tv
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    104.21.233.171 (None, )

ASN13335 (CLOUDFLARENET, US)
dalbouh.xyz
1    2a02:26f0:480:25::1726:6216 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
tg1.modoro360.com
38    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
feed.avplayer.com
player.avplayer.com
1    3.215.149.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-149-208.compute-1.amazonaws.com
servt.modoro360.com
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
51    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
pagead2.googlesyndication.com
7    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
3    45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.aplhb.adipolo.com
7    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
adipolo.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    145.239.139.16 (France)

ASN16276 (OVH, FR)
PTR: ip16.ip-145-239-139.eu
storage.de.cloud.ovh.net
28    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn-adipolo.urekamedia.com
1    45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
6    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.aplhb.adipolo.com
1    2600:9000:25a2:2c00:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
11    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
5    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
4    147.75.84.158 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
6    216.52.2.6 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
8    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
4    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
5    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
15    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
1    2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    63.32.201.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-201-247.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
4    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
id5-sync.com
3    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
24    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
11    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
8    185.89.210.244 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    18.203.208.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-208-238.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr3.eu.criteo.com
1    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
9    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
1    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
28    2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    64.233.166.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f154.1e100.net
bid.g.doubleclick.net
1    2600:9000:25a2:dc00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
10    2600:1f18:1aca:4280:27ad:6e7d:3901:7e49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
1    2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
13    45.84.217.44 (Valencia, Spain)

ASN212411 (MYWEB, BZ)
a3.koora.cloud
6    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
googleads4.g.doubleclick.net
2    37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    18.213.43.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-43-223.compute-1.amazonaws.com
fksnk.com
3    37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.165 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
1    124.146.215.52 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
1    172.64.106.16 (United States)

ASN13335 (CLOUDFLARENET, US)
us.web3-lab.com
1    85.14.248.71 (Kamp-Lintfort, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
1    2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
lb.eu-1-id5-sync.com
Apex Domain
Subdomains		 Transfer
80 googlesyndication.com
533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
419 KB
80 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
bid.g.doubleclick.net — Cisco Umbrella Rank: 986
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394
465 KB
31 demand.supply
live.demand.supply — Cisco Umbrella Rank: 32910
43 KB
28 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 373
2 MB
21 criteo.net
static.criteo.net — Cisco Umbrella Rank: 763
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9652
csm.eu.criteo.net — Cisco Umbrella Rank: 6433
242 KB
16 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 803
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 12727
ads.eu.criteo.com — Cisco Umbrella Rank: 6413
gum.criteo.com — Cisco Umbrella Rank: 442
cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 7993
mug.criteo.com — Cisco Umbrella Rank: 1686
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 13760
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 8248
56 KB
13 koora.cloud
a3.koora.cloud — Cisco Umbrella Rank: 370412
612 KB
13 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 1049
static.adsafeprotected.com — Cisco Umbrella Rank: 820
dt.adsafeprotected.com — Cisco Umbrella Rank: 738
105 KB
11 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876
8 KB
11 google.com
adservice.google.com — Cisco Umbrella Rank: 130
www.google.com — Cisco Umbrella Rank: 16
2 KB
10 adipolo.com
player.aplhb.adipolo.com — Cisco Umbrella Rank: 59541
adipolo.com — Cisco Umbrella Rank: 54300
ghb.aplhb.adipolo.com — Cisco Umbrella Rank: 67078
128 KB
9 yalla-shoots.tv
yalla-shoots.tv — Cisco Umbrella Rank: 867110
240 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 319
9 KB
8 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1124
2 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 238
316 KB
6 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 883
3 KB
6 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2474
mp.4dex.io — Cisco Umbrella Rank: 2960
25 KB
6 google.de
adservice.google.de — Cisco Umbrella Rank: 5261
1 KB
5 adform.net
track.adform.net — Cisco Umbrella Rank: 3229
c1.adform.net — Cisco Umbrella Rank: 908
3 KB
5 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 474
194 KB
5 greeter.me
jscdn.greeter.me — Cisco Umbrella Rank: 71370
19 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
34 KB
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1379
296 B
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1319
id5-sync.com — Cisco Umbrella Rank: 612
19 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 1037
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6958
647 B
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 4649
360 B
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1550
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1323
12 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
21 KB
2 avplayer.com
feed.avplayer.com — Cisco Umbrella Rank: 24675
player.avplayer.com — Cisco Umbrella Rank: 14855
61 KB
2 modoro360.com
tg1.modoro360.com — Cisco Umbrella Rank: 66220
servt.modoro360.com — Cisco Umbrella Rank: 63931
7 KB
2 scorarab.com
web-api.scorarab.com — Cisco Umbrella Rank: 212215
30 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1293
402 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1223
714 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 4805
104 B
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 9403
60 B
1 web3-lab.com
us.web3-lab.com — Cisco Umbrella Rank: 56964
724 B
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5096
321 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1266
1016 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 9072
233 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 6708
614 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 744
873 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 344
5 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
1 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 4083
2 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 3991
2 KB
1 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 8265
5 KB
1 urekamedia.com
cdn-adipolo.urekamedia.com — Cisco Umbrella Rank: 139300
1 ovh.net
storage.de.cloud.ovh.net — Cisco Umbrella Rank: 101748
15 KB
1 dalbouh.xyz
dalbouh.xyz — Cisco Umbrella Rank: 554179
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
45 KB
1 shoot-yalla.tv
live.shoot-yalla.tv — Cisco Umbrella Rank: 290277
1 KB
390 52
Domain Requested by
45 pagead2.googlesyndication.com securepubads.g.doubleclick.net
533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
yalla-shoots.tv
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
fw.adsafeprotected.com
www.googletagservices.com
s0.2mdn.net
38 securepubads.g.doubleclick.net live.demand.supply
securepubads.g.doubleclick.net
jscdn.greeter.me
yalla-shoots.tv
533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
31 live.demand.supply yalla-shoots.tv
live.demand.supply
client
28 s0.2mdn.net 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
yalla-shoots.tv
s0.2mdn.net
28 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
yalla-shoots.tv
googleads.g.doubleclick.net
s0.2mdn.net
24 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
13 a3.koora.cloud cdn.jsdelivr.net
11 dsum-sec.casalemedia.com 5 redirects googleads.g.doubleclick.net
11 googleads.g.doubleclick.net 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
yalla-shoots.tv
pagead2.googlesyndication.com
11 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
cdnjs.cloudflare.com
static.criteo.net
player.aplhb.adipolo.com
10 dt.adsafeprotected.com 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
9 imageproxy.eu.criteo.net ads.eu.criteo.com
533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
9 yalla-shoots.tv yalla-shoots.tv
8 ib.adnxs.com 5 redirects googleads.g.doubleclick.net
8 onetag-sys.com 1 redirects player.aplhb.adipolo.com
7 www.googletagservices.com jscdn.greeter.me
533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
yalla-shoots.tv
7 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 googleads4.g.doubleclick.net yalla-shoots.tv
6 ap.lijit.com 2 redirects player.aplhb.adipolo.com
6 ghb.aplhb.adipolo.com player.aplhb.adipolo.com
6 adservice.google.com securepubads.g.doubleclick.net
6 adservice.google.de securepubads.g.doubleclick.net
5 www.google.com 1 redirects tpc.googlesyndication.com
yalla-shoots.tv
533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
5 cdn.jsdelivr.net securepubads.g.doubleclick.net
yalla-shoots.tv
5 jscdn.greeter.me yalla-shoots.tv
4 gum.criteo.com 1 redirects static.criteo.net
player.aplhb.adipolo.com
4 bidder.criteo.com player.aplhb.adipolo.com
4 mp.4dex.io player.aplhb.adipolo.com
4 prebid.a-mo.net player.aplhb.adipolo.com
3 c1.adform.net 3 redirects
3 www.gstatic.com 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
3 id5-sync.com cdn.id5-sync.com
player.aplhb.adipolo.com
3 player.aplhb.adipolo.com jscdn.greeter.me
player.aplhb.adipolo.com
2 image6.pubmatic.com 2 redirects
2 d5p.de17a.com 2 redirects
2 track.adform.net 1 redirects 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
2 cat.fr3.eu.criteo.com ads.eu.criteo.com
533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 fw.adsafeprotected.com 1 redirects yalla-shoots.tv
2 rtb.nl3.eu.criteo.com yalla-shoots.tv
533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
2 script.4dex.io player.aplhb.adipolo.com
script.4dex.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 web-api.scorarab.com yalla-shoots.tv
1 lb.eu-1-id5-sync.com player.aplhb.adipolo.com
1 um.simpli.fi 1 redirects
1 dclk-match.dotomi.com 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
1 m.exactag.com 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
1 us.web3-lab.com cdn.jsdelivr.net
1 pro.ip-api.com cdn.jsdelivr.net
1 tg.socdm.com 1 redirects
1 dsp.adkernel.com 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
1 fksnk.com 1 redirects
1 sync.mathtag.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 cat.nl3.eu.criteo.com 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
1 rtb.fr3.eu.criteo.com 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
1 static.adsafeprotected.com 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
1 bid.g.doubleclick.net 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
1 csm.eu.criteo.net ads.eu.criteo.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 mug.criteo.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 fonts.googleapis.com 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
1 ads.eu.criteo.com 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 player.adtelligent.com player.aplhb.adipolo.com
1 cdn-adipolo.urekamedia.com
1 storage.de.cloud.ovh.net
1 adipolo.com
1 servt.modoro360.com
1 player.avplayer.com tg1.modoro360.com
1 feed.avplayer.com tg1.modoro360.com
1 tg1.modoro360.com yalla-shoots.tv
1 dalbouh.xyz yalla-shoots.tv
1 www.googletagmanager.com yalla-shoots.tv
1 live.shoot-yalla.tv yalla-shoots.tv
390 79
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-27 -
2024-01-26		 a year crt.sh
demand.supply
Cloudflare Inc ECC CA-3		 2023-02-19 -
2024-02-19		 a year crt.sh
greeter.me
E1		 2023-04-15 -
2023-07-14		 3 months crt.sh
*.scorarab.com
GTS CA 1P5		 2023-03-30 -
2023-06-28		 3 months crt.sh
*.shoot-yalla.tv
GTS CA 1P5		 2023-03-27 -
2023-06-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
wl1.aniview.com
R3		 2023-04-30 -
2023-07-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.avplayer.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-08-08 -
2023-09-08		 a year crt.sh
*.adservrs.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-05-25		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
player.aplhb.adipolo.com
R3		 2023-03-21 -
2023-06-19		 3 months crt.sh
storage.de.cloud.ovh.net
Sectigo RSA Domain Validation Secure Server CA		 2023-01-25 -
2024-01-25		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
1372348363.rsc.contentproxy9.cz
R3		 2023-03-23 -
2023-06-21		 3 months crt.sh
player.adtelligent.com
R3		 2023-03-22 -
2023-06-20		 3 months crt.sh
ghb.aplhb.adipolo.com
ZeroSSL ECC Domain Secure Site CA		 2023-04-06 -
2023-07-05		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-02-25 -
2023-05-26		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-04-28 -
2023-07-28		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.a-mo.net
R3		 2023-04-13 -
2023-07-12		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-14 -
2023-06-09		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-04 -
2023-06-04		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-03-20 -
2023-06-18		 3 months crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2023-06-25		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-26 -
2023-06-29		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-09-04		 6 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-05-08		 2 months crt.sh
a3.koora.cloud
R3		 2023-04-11 -
2023-07-10		 3 months crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
*.web3-lab.com
GTS CA 1P5		 2023-04-01 -
2023-06-30		 3 months crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-19 -
2023-09-15		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh

This page contains 31 frames:

Primary Page: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Frame ID: 763B2EF82C90359BBCCA9887F6E4805D
Requests: 159 HTTP requests in this frame

Frame: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 931A577782DAA7E119470402E0896471
Requests: 1 HTTP requests in this frame

Frame: https://yalla-shoots.tv/frame.php?ch=kass1_1&p=10&token=NmY2NDYxNzU2ZDZhNzUzMTZjNmE2NTc3NmM2YTY5Nzc2ZDY2NjIzMTYzMzI2Nzc5NmQ2NDY5Nzk2YjdhNjk3NzZkNmE2MTcxNzM3NTcyNjE2NTZhNjQ2ODY1NzQ3NjMyNmQ3YTc5Njg2NTZhNzU2YQ==&kt=1682876459
Frame ID: BCC66AFD275D5B75A43BDAD5BED2AF99
Requests: 22 HTTP requests in this frame

Frame: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7B6E879499F4CFAA225F9C64F108BC5F
Requests: 20 HTTP requests in this frame

Frame: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DEAC4B31D8F8185CD6C31E1D2CD9065E
Requests: 9 HTTP requests in this frame

Frame: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3E2C932A0A202DA1DA919FD55CCB2FA5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 46EA950F6D0D0D953C93E7A51109B63D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3C7BAC5D8F8D1EE682E4631C815CC349
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYqcG3zwEwAQ&v=APEucNVovFGuoXfQSpw-9YaQvDTZ_9sat9GlIecSPSX7vdKla399D0ZM892qf2wBO7lvrRdEYU4h9M6vbwkdHzbEghVVH5ek-j0eC2FsDG6j568tPH46L8pkpwgzjJxOqkfkn1VIaZm_3RpTbcQipqFQi6YYHiTykqn6NQExYWR36AGMdC_P3ZbhwL7FxfoiBlCEYLyNgCLBZ6CB4snq-OXiGkVV-S_DWw
Frame ID: 7DF78D0540F8044215D922BA84505C9C
Requests: 5 HTTP requests in this frame

Frame: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C4E67CFCBCDAD0BC333F03C89216832A
Requests: 35 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE6oLAABMrMKe4LEAAxnv7csb-Gv48xcBB-cQQ&u=%7CufNT6Q4xKtlq6lIweqN0ZgzBvWIbug3dPNi%2B%2FwOTXYA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUBLPWiYThF1J8Y-9hMT0qDtapt-UrJYVP6SwZcSJXTvC-ChTybVj31yghHg-ZlcsQfjdK4X9K7M1WLV7w1suePom-1jNOG1CVtccC6DtSFfZbbdwrmGOlwwTnfQZTTXp_0eM6rKIa9uLQbyjC57j0aekC400TsUZmgn2js72U3OM3NOwUC_c_VkQewkstFHjIheVbqKjjJOZN65W7USCc8Bgi-U1Jo3YUhEtr8kfi9QZrCjmOrLg5HaCpRZFw8VYOD2ZGJQ-Nz7zl2pJcCQCdidFtfdggw7c--K-hBzWA9OrVQzV0F0WcvGMekgFVehCs2Vzu1_RGkESw-Cyje-1fsR06enjr5PQZFeVffTAtQi_OcHV9pGJDAngbYMyYTQxHwxAepTyL10Pv6b37wH9k8K2jvTaY9lDU4GzmaqUpQL0oLEAh1uA94VCTtzKIAOyrICifr4QD3LKqDAPkmkxRxvtyQLYUJQrZuUT9_0HTi2DoN2wLPlDBlDV7pC9MSIiAS5c1WVA_nzGPdP7dfzrVcHmQtBnouhM606VdNy6rGElhnEAMxG6yI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXMruLKhOZLPlBMSF7gO_z7GQCsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC99WXD798sj7gAgCoAwGqBMoCT9B1GUORCnqZ6NWBRscUPF2Ey7N4YIZlPtR5OsKS9JBynpnlMtuDdcDONUA60XAO6IVAG4YoL3qPCvloO5pzYBpasvLqB_34I1f1unch0kGw4w1Jt4I9bEkQVriBf2qzG0BT27kFLfb5XvJV8_WPDfpjy4KW-tFbmqPfS30i82JhtsKXKxSD9ieZ1By4uEpKw1nkEQ1oQh6dLUuGe38KJal11gOLOLFVAHV6dPGNn3_XqSa457SFRqaUEiQgA2tJv8UeNNlfM5Hn1meHYwN-DAh8csq6wb8OGL6y5XKnxnfIMl1GYdWWyKgb3M78qKDQ8TkEoKWB1FlpXy5IzHRwJeIXOV5XdTGJtnPqCp8IDMvEMSoPOO0waouZD_xQ6wBvUQM0HMTSK3sYl0QRtMuHQsBqQbe1XLF49agI9l_k7xKVoBiLiE2Gb_sp4AQBgAaY_7ariIeumPUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ayXv8WccXkg1lPVhoKBzcXLG2sQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Frame ID: B589EA4685C471034B666FDDEC6EE9BD
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYnsea3gEwAQ&v=APEucNV6dfvsCzHDEh-z3XoRpxQDZ64arwZRP4J5zgBcTN4gwhLhyB1fqWkBN7g7RrA-HcXv3NEuk2Rp7b1SJYRSSLPnEhwa5-CiIq6COJJaVtNbHZtjb_6L2fZg96hsN0p5589GMNxN1tXdyvqLqGWEnNEF8fzO-k6b2kZDKx7r4n1kEkX3UfKRk-SIF0vB2zvA69jonLybflnQy0liVU0OIHnk2I_3uA
Frame ID: A10537518D786E4B52AEA49C212D06D4
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 775C195BB8603442B9B628A56972701B
Requests: 32 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=yalla-shoots.tv
Frame ID: A711D2CAF99CC9590E4EB60486454E61
Requests: 2 HTTP requests in this frame

Frame: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 641331E488BB57B639BFDD2D869EAE8D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYu_3j5wEwAQ&v=APEucNWonhFuR3wkdlIeNV5s6coVOiWYZ1PKp9L71kyjiDedIf4IZ0kDYZ5UmOZ1mXsKpoX_CvCVfx8ZymtfkJDnQzSO7f7d9HKvAOSOESAgqcEa65LS8beCqTouG7u5hA6tf3LBDN4zJ-96i_S8fO8WNWMnrAZ9PRNyoI-RGoejvEE6z06jkL4WIdbTGHZjvPfFcmZQJOffhM_343bH-cWJFKIT0T95Xw
Frame ID: 9DB09045EE16A94852CC5DB726F57BEC
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: CDA21130424EE2B684A359A8591531E5
Requests: 18 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: F69BB6F272C80FDB86C5CC43BC41816C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 83F004656E2F881BE74E314917CF3E73
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2524470958173506869/index.html
Frame ID: D17D534DC41D31714448DFBED14953CB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F0A5DAAFAC8B36656667E8421738ADF7
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F59968A1F89A95EEAD5D10E11191C172
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6339305023804019934/index.html
Frame ID: 07BCF5B8BB5D94BE3E0E18B625AAE858
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 560504E0ACAF417C26532DBC95D3C544
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1981817875426158119/index.html?e=69&leftOffset=0&topOffset=0&c=GfasX4CYsA&t=1&renderingType=2&ev=01_247
Frame ID: 20DDD004B2F775462C9BDC49A581E0BD
Requests: 12 HTTP requests in this frame

Frame: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0F447C11E9B50FF3C13E2FC7A1F611B8
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BE16E393CD05958A45520AA43C9962AF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 75B69B727995EB71A5E56CE5F7BA8BEC
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
Frame ID: 9316BE93BB3C4CE30EDB778B60B9AAAF
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1682876462257&gdpr=0
Frame ID: 97CBA9041FAA76928F37FB9718771174
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1682876460465
Frame ID: 8A113E64E12FB635B1B8EC9A70B6ECC8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

بث مباشر لمباراة النادي الإفريقي و النجم الساحلي - البطولة التونسية - 2023-04-30

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

390
Requests

93 %
HTTPS

47 %
IPv6

52
Domains

79
Subdomains

71
IPs

13
Countries

4800 kB
Transfer

11868 kB
Size

33
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 167
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL6OfTsSjJiMEUWMJK42Thw&google_cver=1
Request Chain 168
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE6oLB3RZefMcOLnDVRnGgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe5MLH8kJQLSyP8LjM0Pag&google_cver=1
Request Chain 169
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELRZ2vR-9kFFyq4DJW_iY9Y&google_cver=1
Request Chain 170
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE3NDM5Mjk0MjgxODMyOTUzOA%3D%3D
Request Chain 172
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL6OfTsSjJiMEUWMJK42Thw&google_cver=1
Request Chain 173
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE6oLB3RZefMcOLnDVRnGgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe5MLH8kJQLSyP8LjM0Pag&google_cver=1
Request Chain 174
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELRZ2vR-9kFFyq4DJW_iY9Y&google_cver=1
Request Chain 175
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE3NDM5Mjk0MjgxODMyOTUzOA%3D%3D
Request Chain 188
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=yalla-shoots.tv&sn=ChromeSyncframe&so=0&topUrl=yalla-shoots.tv&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Gq6kNXwyaGh6SVljYzFudjI0Um8vWmZPWkJPekZVcnRYSUpxVVpqVHRoclpjT1FoT3hlSkdLclJqNTZzQkhCMmpNRDJxeWRlRVJ6eHZJY1pUVjQxTndzQmtma0V5azlzZkZZS1lhNFNHaDdSTVlWSy94ZVE2WUczcldLZG9MU3h0YllkU0s3dFk4eW1xL09SbTZIRlRNd21FUEcwc1QrNGxaY0htcHJFaU1SU1VWOGgxQ0RCcVRDZ2FhYWNqY3VhYkkzVEFZWGd4bHkrb1gzUk0zZXJXQnlLV3J2TjdwU0Jucm93UjlXTmtoM05BZVREUEFXZ1RuejFRakYyVS9UbEVjdy9PZE1USmpEREsvSGtpbVRITDJPNHRQUT09fA&cppv=2
Request Chain 225
  • https://fw.adsafeprotected.com/rfw/bgd/1352960/69587949/xbbe/creative/adj?p=APEucNX6J70ZwVx17QEzoj0T2nY2WMKNMlGOYV7thstlQk8nswUzs4Q&d=CokBAKAmf-B_rrkZu_qM7YbdePvTjoZVh86jhpHAZkOPPbFbAQmGTuTPFFIUxpZQLNOBvNiAWaPnjHqlpqnoSsoUo5Th6EcHh0uBg2VpNJ7Uhyuszlzz8PB3ZiONPi4BzBb_uckyAyJSunM7M6HAdxcZsLp5-WvyPxd-9vlgkTPDFOjKUhjLTDmDLA8S2RUAoCZ_4FryRRN8fLDrtDzcWpwmwLHHKioyzOtROpdZqO-2B0cpuPS_XKOrdHvIhHQgQ1ex5FdxL81nXfkATQjKGIlwcIteSLOyhWb8wM86IfSPowxIQDAzziJkdYL2zocEXlytR-v8MaaErqA3Ho2Puspr7DVz1su4PJ3o7MI8eo2L1d7_31gJnq-SBzPSMWh-7luRik2Uc3lMq2ezsO8780kybbMIS5wWPY58OQoqqfNNYOw-yxGq_wpnwYp6P3uEFEt2Y3j708cIX1MGtLaEKi55cy3zKSpg2FGhyorKXaFT1zKiyGdhEBeV6dRRxFdd93MJJrzSV3aU2ryEWgfozTGWbTGJ6hM3FfT3Lqp1S0yhfJr0xToQJQLqW5hgsISTPcDLIHyuKOOCzNvILj-1YevPJPInWn5KnjQCW5QywjWPtVBO-1wXDAnlZAf27RucBVnuZEwclheQvO9A53z8TJ6MYMEu-LD6mB9_5q9sgQTQtKV5_yByoWTlC0XgXjMcJFa5NpG0RSDXJP9Qgu-Bzl6tvfbaQ7mtaFPHbq5fl5tQcWW8MZBpDbO3_QBUdgLHFAeAMtI_1Hzj3WEBO92O2gD63MQ9L3crLtCN0Vxv_GGeSJxSJiSmeRU6Sn_tGq1aA63vj2Y3ybgKAndFyzl5JOyGxbKsvDpAsGgNvE2Ip-5tpBECrpO_ZQgi2mJK_NsL23CagSk-H9Z2YfC3fCOGFKdeiyOYZlBx1J5kM0cUrK_SjMrTHyxIjc95Z38ZntLgBIUnuhOTVrAfu62JT-siskWRh-EuzQ0F4vYQ4Lb3iirESFfw1LIBn1DTSeHCnmNDYvt0mcWRHAG_TS4oUKz3irI3-6PHMRRF5A1wSNP_YWXVjPDP5CX0neXzQsArJUaaZSQUbI5rnqFs41Wc-OBsNI1lGAKwsAIYV1jDqlZ36TfZAZsTito_snScq1T3mOmlm5JdpaJxDmntXptqKq9aAdH20dEuJdduwbCcL9lsErZrk7DBpsYucNd_tPoT8UgkOui3rlss4WJ2Pr6qx35lsL4TNTgW03XBVUx7U9SwWwLQyBMh9tsCZ0al9dghb1p2JBpCobHmL0SYYYKpoAWCfbJn3K88xj6zhPBInGsqi-29tdvx1954-Xi5kybRADK8r9bubCC6kI6i-OrxoplfXbpuMgcmvo6p7B3uA6QkYbc8JnuveUhe2Yil4QTKjwwkPI5OezE4RmF5rc9g1LThzG7mVv-m5H1UD3ILpVYnL_GbegN3N00TJ7uzsiS5ivTfM7bmqJ2JBTm5OjvTlc6YQwj2YEvYdVIGCszV0aI85fHkWUr29zaJrtDszPLztJWH0K3LPN6sZkTQOHMl6OiJi4ysdpTzJLMbwvkx3GQ7PxUIis5Lej9kc_v5QY5cCVX8DJQ7OA9N4LiIw7TEgsnM8tzSswh7S8RcGJJ0qc0UItJ5-Q3Mxc6stKPdvbbOJvAWPUawWZfKyeSQ0Kjc9rsN0N44iimU8O6Sg6LalfIvzC3rtvwzOemCBhub3Q0lMin-vRsp0mcgdy3Lth9tXY7rtERd4lM_1cfowKnbj0829pvWZLOUgI1wccObeqb6Iauvwabt79Q49vClPm2IYZLD36luufTYbUHfJn2MQNJenGXwY6h_PbpBX44DKQG5o9ViZwQ8GZFacPfyvEO4esMSTJHy1I7vP6Aaa1lGhEd_mdNLE8SPPo9CvqBMkmklnNfPdTEpQScaG-17ac_V-beQVZGp6emrHQj94Hn_29q7wTLWiFaMTk8jMnKI_xYqgm19fRauPkgVfGkFmx4wsvQHmRUxE1Nw9UwLUFUaq96lRwTGavxEuUBVQYeL_e_IWSeQO5PvaSh_jsr4jRgHsvZxwdzKb4vaqW5HxMV9FHV_0K9iOvSXd1iip2H_nHTZW3HSh-I6xypeh8CSiCtM1gFnAqMcreiB5kaWT8vXxsQ58Y_K7daqTgN3m1MFsbbYrMIywCUu6tdiBg15LLkwLb2zuy1HaDNoeuzic20GCLBUu-dSGwnL0du9yjkde470FOzOgtTs7zuB9EHtkxJrI0l-0Vjv_dBK4tbpFmHItjBJE47xwXqtrJ94amymgIMh82ng26bAoUFL9Ycwq6EUD8uzTsN8X7Lupdwx0jzcUt8atJlD0v0ov-FJYL-QgfKaOsBKK1B92uLcJrfUWhPuY0ZGjt3fV9wwH2pv_7e0ANqBokgAXeXqD-8FPFs95DUABaZ_kkN71W8hDvZI2RicKMiTFq8ZZPK7sKch91_UOkefahmqHXoioLijTRmd4zBmziTOL8cU-2jHjsmY6UR0tQAUDo8qQPiRn8BM31xWHyz24feI_PdLmJdilgwKm5sJFKTsUgGaVeyYGvTZ3u4qlewPU8MDs9BibEIIf6G6i8coGmJIQsCrBaToz9Y-3teB_7u2GuJIpSeqZL3g-LOF-Q6-4H_hlDiF-Nmka7qF7VFbUaMhzFaadN1Ak5C43DM0V31tu252yKwmyQPa1SNXZY4RoGcdpjTe086DjzvTPx6KM_pYuPNn1e7cL6dXKHtXZ_Z3sAiEKejoIm4GT_uGvm0QP1whwqiyOFg-byRMugK_6VkUXmOw6xlp1ximAViFO_MfDZsi-58qIKP91H-QyJ3nkL2DGr9m5VMqiMjUcB-xWhRB_CXzQALWxDjq_CzGjxzpC3A2xxE7TlPC5LJlB3RWbK2-Fqh4Zut3f6e2OQroy3xH7G_LGODV_72_6wpU_IE1KNzsKzlVVx6v0VQ5RwRnkB7fJH60CvcMErKbuGsh5sYBjCP18iqYAAhFHPmLhdcJSJmSoH6qZZwY9ktUkLaAMQSH6trRQk6HWmEdDruVX88xyb_n6l4vkCN2MWNJKTSUtH01y7z7gie35sofpT3ROav8fSRdLcW1SFODjVUTw0aWnSdnVYs0TBvdiIRJUJK2dvkI1x9QQ3AKo2p8iygbHikX_9sqi52mhjO1ze4EKta60ShsrjD6Aso3a3u9tb3llliK1HSZRvrmPwF7ndiaMkg3DrsYA6r-UnuvG9nfaI-DH8wtjmOkmy0mqwUBeoNgEiUjWxKsaAE7KgnEYm7EENLK0RN-xO8UVDUzjRE_sw7OWKy_fjmZoPt1mw5hFmKdNXyNm2PLm25rZ8PuMT0Daktqxi9IEtNqqJ8Z1XC13qtADLV_zZmuSHeFK2I7feM187z9LSQkAtgkjT7smhkbgbpkVhe7OUXey1QQD03UPwCIynuh7Hd2RG_5WbPb3WrVY-nboDvTtHva5wW7t3EwQq8ke4jPup6Rh4shTeDBgSOTFKzu_LIwcve4_LHvljMIe5HJ-dvaVJFltEQ4OVRrAzdt-RMBgiU0E03ldcaGrAYLvoEW_JvwtevUZQyEKHqwemFT5PvU3nQlYZlBAWSj3jKupb-n9E0N9qCwFuz8lrkGN2_1k_jcEQ0nUW7lEN7jeHZO3rzKVfqT7fzGIBjXwJgYX8gRDh5EDcCouckLaYK2r62IzyP4hviV96jho0j2Z6z1yJQ9UEt1mcqjsIOjSWtPet_sZT71SsIBcCwYQtrOjytlE6MMjdSHl92qre5a137X4zI4vkofE28gbJgc4D-uQLZUpVpe4K_dqGRii8Yk9zD2PMJ0_4Gs89eUMUVAaExPqZEtDRQzppIfexwctr3sjpjj1sc8uSk_jlJhyblDKI3HeVg4txpECAQSPgBygQiDCrGd3Evj_fLqetRWXEE-Ko7GRfAZ3cWBDoJSg8SIMBRcWD-L_YeYNFPFQD9B2UNHKJK_ZXwM6nhlGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1010578566&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=19682531407&bidurl=https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0js16QDM96bh7h8ir81OLlh&adsafe_url=https%3A%2F%2Fyalla-shoots.tv&adsafe_type=g&adsafe_url=https%3A%2F%2Fyalla-shoots.tv%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:84e1dd65-e7ea-43c5-5809-5f4dae9a29e8,c:bi7EXY,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-67fb65999c-jh4vh,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tCVY7X2+11%7C12%7C131%7C141%7C151*.1352960-69587949%7C1511%7C16%7C17%7C18%7C19%7C1a11,idMap:151*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:22,oid:2bd6665a-e77e-11ed-902a-0ea89586c999,v:19.8.400,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNX6J70ZwVx17QEzoj0T2nY2WMKNMlGOYV7thstlQk8nswUzs4Q&d=CokBAKAmf-B_rrkZu_qM7YbdePvTjoZVh86jhpHAZkOPPbFbAQmGTuTPFFIUxpZQLNOBvNiAWaPnjHqlpqnoSsoUo5Th6EcHh0uBg2VpNJ7Uhyuszlzz8PB3ZiONPi4BzBb_uckyAyJSunM7M6HAdxcZsLp5-WvyPxd-9vlgkTPDFOjKUhjLTDmDLA8S2RUAoCZ_4FryRRN8fLDrtDzcWpwmwLHHKioyzOtROpdZqO-2B0cpuPS_XKOrdHvIhHQgQ1ex5FdxL81nXfkATQjKGIlwcIteSLOyhWb8wM86IfSPowxIQDAzziJkdYL2zocEXlytR-v8MaaErqA3Ho2Puspr7DVz1su4PJ3o7MI8eo2L1d7_31gJnq-SBzPSMWh-7luRik2Uc3lMq2ezsO8780kybbMIS5wWPY58OQoqqfNNYOw-yxGq_wpnwYp6P3uEFEt2Y3j708cIX1MGtLaEKi55cy3zKSpg2FGhyorKXaFT1zKiyGdhEBeV6dRRxFdd93MJJrzSV3aU2ryEWgfozTGWbTGJ6hM3FfT3Lqp1S0yhfJr0xToQJQLqW5hgsISTPcDLIHyuKOOCzNvILj-1YevPJPInWn5KnjQCW5QywjWPtVBO-1wXDAnlZAf27RucBVnuZEwclheQvO9A53z8TJ6MYMEu-LD6mB9_5q9sgQTQtKV5_yByoWTlC0XgXjMcJFa5NpG0RSDXJP9Qgu-Bzl6tvfbaQ7mtaFPHbq5fl5tQcWW8MZBpDbO3_QBUdgLHFAeAMtI_1Hzj3WEBO92O2gD63MQ9L3crLtCN0Vxv_GGeSJxSJiSmeRU6Sn_tGq1aA63vj2Y3ybgKAndFyzl5JOyGxbKsvDpAsGgNvE2Ip-5tpBECrpO_ZQgi2mJK_NsL23CagSk-H9Z2YfC3fCOGFKdeiyOYZlBx1J5kM0cUrK_SjMrTHyxIjc95Z38ZntLgBIUnuhOTVrAfu62JT-siskWRh-EuzQ0F4vYQ4Lb3iirESFfw1LIBn1DTSeHCnmNDYvt0mcWRHAG_TS4oUKz3irI3-6PHMRRF5A1wSNP_YWXVjPDP5CX0neXzQsArJUaaZSQUbI5rnqFs41Wc-OBsNI1lGAKwsAIYV1jDqlZ36TfZAZsTito_snScq1T3mOmlm5JdpaJxDmntXptqKq9aAdH20dEuJdduwbCcL9lsErZrk7DBpsYucNd_tPoT8UgkOui3rlss4WJ2Pr6qx35lsL4TNTgW03XBVUx7U9SwWwLQyBMh9tsCZ0al9dghb1p2JBpCobHmL0SYYYKpoAWCfbJn3K88xj6zhPBInGsqi-29tdvx1954-Xi5kybRADK8r9bubCC6kI6i-OrxoplfXbpuMgcmvo6p7B3uA6QkYbc8JnuveUhe2Yil4QTKjwwkPI5OezE4RmF5rc9g1LThzG7mVv-m5H1UD3ILpVYnL_GbegN3N00TJ7uzsiS5ivTfM7bmqJ2JBTm5OjvTlc6YQwj2YEvYdVIGCszV0aI85fHkWUr29zaJrtDszPLztJWH0K3LPN6sZkTQOHMl6OiJi4ysdpTzJLMbwvkx3GQ7PxUIis5Lej9kc_v5QY5cCVX8DJQ7OA9N4LiIw7TEgsnM8tzSswh7S8RcGJJ0qc0UItJ5-Q3Mxc6stKPdvbbOJvAWPUawWZfKyeSQ0Kjc9rsN0N44iimU8O6Sg6LalfIvzC3rtvwzOemCBhub3Q0lMin-vRsp0mcgdy3Lth9tXY7rtERd4lM_1cfowKnbj0829pvWZLOUgI1wccObeqb6Iauvwabt79Q49vClPm2IYZLD36luufTYbUHfJn2MQNJenGXwY6h_PbpBX44DKQG5o9ViZwQ8GZFacPfyvEO4esMSTJHy1I7vP6Aaa1lGhEd_mdNLE8SPPo9CvqBMkmklnNfPdTEpQScaG-17ac_V-beQVZGp6emrHQj94Hn_29q7wTLWiFaMTk8jMnKI_xYqgm19fRauPkgVfGkFmx4wsvQHmRUxE1Nw9UwLUFUaq96lRwTGavxEuUBVQYeL_e_IWSeQO5PvaSh_jsr4jRgHsvZxwdzKb4vaqW5HxMV9FHV_0K9iOvSXd1iip2H_nHTZW3HSh-I6xypeh8CSiCtM1gFnAqMcreiB5kaWT8vXxsQ58Y_K7daqTgN3m1MFsbbYrMIywCUu6tdiBg15LLkwLb2zuy1HaDNoeuzic20GCLBUu-dSGwnL0du9yjkde470FOzOgtTs7zuB9EHtkxJrI0l-0Vjv_dBK4tbpFmHItjBJE47xwXqtrJ94amymgIMh82ng26bAoUFL9Ycwq6EUD8uzTsN8X7Lupdwx0jzcUt8atJlD0v0ov-FJYL-QgfKaOsBKK1B92uLcJrfUWhPuY0ZGjt3fV9wwH2pv_7e0ANqBokgAXeXqD-8FPFs95DUABaZ_kkN71W8hDvZI2RicKMiTFq8ZZPK7sKch91_UOkefahmqHXoioLijTRmd4zBmziTOL8cU-2jHjsmY6UR0tQAUDo8qQPiRn8BM31xWHyz24feI_PdLmJdilgwKm5sJFKTsUgGaVeyYGvTZ3u4qlewPU8MDs9BibEIIf6G6i8coGmJIQsCrBaToz9Y-3teB_7u2GuJIpSeqZL3g-LOF-Q6-4H_hlDiF-Nmka7qF7VFbUaMhzFaadN1Ak5C43DM0V31tu252yKwmyQPa1SNXZY4RoGcdpjTe086DjzvTPx6KM_pYuPNn1e7cL6dXKHtXZ_Z3sAiEKejoIm4GT_uGvm0QP1whwqiyOFg-byRMugK_6VkUXmOw6xlp1ximAViFO_MfDZsi-58qIKP91H-QyJ3nkL2DGr9m5VMqiMjUcB-xWhRB_CXzQALWxDjq_CzGjxzpC3A2xxE7TlPC5LJlB3RWbK2-Fqh4Zut3f6e2OQroy3xH7G_LGODV_72_6wpU_IE1KNzsKzlVVx6v0VQ5RwRnkB7fJH60CvcMErKbuGsh5sYBjCP18iqYAAhFHPmLhdcJSJmSoH6qZZwY9ktUkLaAMQSH6trRQk6HWmEdDruVX88xyb_n6l4vkCN2MWNJKTSUtH01y7z7gie35sofpT3ROav8fSRdLcW1SFODjVUTw0aWnSdnVYs0TBvdiIRJUJK2dvkI1x9QQ3AKo2p8iygbHikX_9sqi52mhjO1ze4EKta60ShsrjD6Aso3a3u9tb3llliK1HSZRvrmPwF7ndiaMkg3DrsYA6r-UnuvG9nfaI-DH8wtjmOkmy0mqwUBeoNgEiUjWxKsaAE7KgnEYm7EENLK0RN-xO8UVDUzjRE_sw7OWKy_fjmZoPt1mw5hFmKdNXyNm2PLm25rZ8PuMT0Daktqxi9IEtNqqJ8Z1XC13qtADLV_zZmuSHeFK2I7feM187z9LSQkAtgkjT7smhkbgbpkVhe7OUXey1QQD03UPwCIynuh7Hd2RG_5WbPb3WrVY-nboDvTtHva5wW7t3EwQq8ke4jPup6Rh4shTeDBgSOTFKzu_LIwcve4_LHvljMIe5HJ-dvaVJFltEQ4OVRrAzdt-RMBgiU0E03ldcaGrAYLvoEW_JvwtevUZQyEKHqwemFT5PvU3nQlYZlBAWSj3jKupb-n9E0N9qCwFuz8lrkGN2_1k_jcEQ0nUW7lEN7jeHZO3rzKVfqT7fzGIBjXwJgYX8gRDh5EDcCouckLaYK2r62IzyP4hviV96jho0j2Z6z1yJQ9UEt1mcqjsIOjSWtPet_sZT71SsIBcCwYQtrOjytlE6MMjdSHl92qre5a137X4zI4vkofE28gbJgc4D-uQLZUpVpe4K_dqGRii8Yk9zD2PMJ0_4Gs89eUMUVAaExPqZEtDRQzppIfexwctr3sjpjj1sc8uSk_jlJhyblDKI3HeVg4txpECAQSPgBygQiDCrGd3Evj_fLqetRWXEE-Ko7GRfAZ3cWBDoJSg8SIMBRcWD-L_YeYNFPFQD9B2UNHKJK_ZXwM6nhlGAFgAQ&cry=1&bundleId=
Request Chain 228
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe5MLH8kJQLSyP8LjM0Pag&google_cver=1
Request Chain 229
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE6oLB3RZefMcOLnDVRnGgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe5MLH8kJQLSyP8LjM0Pag&google_cver=1
Request Chain 230
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOQnWezZVIqdp43jKkD-szA&google_cver=1
Request Chain 231
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE3NDM5Mjk0MjgxODMyOTUzOA%3D%3D
Request Chain 258
  • https://track.adform.net/adfserve/?bn=56654489;1x1inv=1;srctype=3;ord=3156575333 HTTP 302
  • https://track.adform.net/adfserve/?CC=1&bn=56654489;1x1inv=1;srctype=3;ord=3156575333
Request Chain 272
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEc4aSrx2lXxS8Vg3XikRTw&google_cver=1&google_push=ATf1kGPMPlejmjnmWQXACvx1BQkezHYIpchSMf0pWcsg9hKD8ZaHi5rABXjIv7trkpXFGbNSI02Roy2zdwf9JDxNEBidF6QKCABZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPMPlejmjnmWQXACvx1BQkezHYIpchSMf0pWcsg9hKD8ZaHi5rABXjIv7trkpXFGbNSI02Roy2zdwf9JDxNEBidF6QKCABZ
Request Chain 273
  • https://fksnk.com/cs/google?google_gid=CAESEFjUPx-YCLHlA3XUSxharzQ&google_cver=1&google_push=ATf1kGMYDG_NzGapcNWtwAnOavlFRMjFLbwwjLlGpYADlXrPq11ZYUaZAKk-eOcvERb93_t6b2eZwFhi67P5vdZCa2u2nfjBV2D3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QTkyMjA1MzJGOEI4Qjg2MA==
Request Chain 274
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECmsdYZu0BuaP9xyC7tvoN0&google_cver=1&google_push=ATf1kGPONaiqD0NY1CTH4qzLMe5hj9pnkKPHQTMseQyCO5M9a9A0jW-pTdeEvtpggDAsw4x_Qeiu0a_63vWanllnz1wANhcIvd8 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECmsdYZu0BuaP9xyC7tvoN0&google_cver=1&google_push=ATf1kGPONaiqD0NY1CTH4qzLMe5hj9pnkKPHQTMseQyCO5M9a9A0jW-pTdeEvtpggDAsw4x_Qeiu0a_63vWanllnz1wANhcIvd8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEwMDE2OTQ1NTcxMzYyNzIz&google_push=ATf1kGPONaiqD0NY1CTH4qzLMe5hj9pnkKPHQTMseQyCO5M9a9A0jW-pTdeEvtpggDAsw4x_Qeiu0a_63vWanllnz1wANhcIvd8
Request Chain 275
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEMXxhXRfHtGL6BXaDK8XLCs&google_cver=1&google_push=ATf1kGNIyBttJEb0OdKzL79qWCT4GJbbwylbwuys3VqZkNJsbLKlRov3wJpKG8LNtdml28YE5D-Jp4winZEl5Ul-jDxd6QYgTNOa HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMXxhXRfHtGL6BXaDK8XLCs&google_cver=1&google_push=ATf1kGNIyBttJEb0OdKzL79qWCT4GJbbwylbwuys3VqZkNJsbLKlRov3wJpKG8LNtdml28YE5D-Jp4winZEl5Ul-jDxd6QYgTNOa HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNIyBttJEb0OdKzL79qWCT4GJbbwylbwuys3VqZkNJsbLKlRov3wJpKG8LNtdml28YE5D-Jp4winZEl5Ul-jDxd6QYgTNOa
Request Chain 276
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDF6NckZd2p9NX45RcU6o_g&google_cver=1&google_push=ATf1kGMaUaYUTa09HHV6fN0Jokzkpco5El_TCSqCAS5YSisL_nfJZw71S8nYwnR3oYKnBzCos01rmhFwBr4OBgEsrRLuIT2QasEp HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDF6NckZd2p9NX45RcU6o_g&google_cver=1&google_push=ATf1kGMaUaYUTa09HHV6fN0Jokzkpco5El_TCSqCAS5YSisL_nfJZw71S8nYwnR3oYKnBzCos01rmhFwBr4OBgEsrRLuIT2QasEp&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qSoxq7ezSF-XkMxHTe5s_A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMaUaYUTa09HHV6fN0Jokzkpco5El_TCSqCAS5YSisL_nfJZw71S8nYwnR3oYKnBzCos01rmhFwBr4OBgEsrRLuIT2QasEp
Request Chain 278
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEGRHwS954gL_vubomCwBOJM&google_cver=1&google_push=ATf1kGPWgR1xTFrMuLt4UMCHmkFQ4DQMloDFWVmORs-93VZZ0Rm4exsQb0Ev8MWCeLxtjyNfXN-HppgG642ZPvDINkAZa7YWYAI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGPWgR1xTFrMuLt4UMCHmkFQ4DQMloDFWVmORs-93VZZ0Rm4exsQb0Ev8MWCeLxtjyNfXN-HppgG642ZPvDINkAZa7YWYAI&google_hm=WkU2b0xzQ284WHdBQUE0Mk9yNEFBQUFB
Request Chain 335
  • https://um.simpli.fi/gp_match?google_gid=CAESECkM2Vc1XUp5LyRNwMFVELU&google_cver=1&google_push=ATf1kGOvSxCbrPFFM2N23lQLFcKAsqC3RdaDrXq69bXf8Ax8oRBAurMCsFshD6YLPfJ9baaVBBNZGIEhQ_RoTD4rMqISnestPgffjw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0BE73B331CA948419325BC40E8E86E43&google_push=ATf1kGOvSxCbrPFFM2N23lQLFcKAsqC3RdaDrXq69bXf8Ax8oRBAurMCsFshD6YLPfJ9baaVBBNZGIEhQ_RoTD4rMqISnestPgffjw
Request Chain 336
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECmsdYZu0BuaP9xyC7tvoN0&google_cver=1&google_push=ATf1kGONmf8bQYFgEYuFtzThC9Y45hGQM9OBHG3NmWCC5LjEVlNd2_VcO4z3Fz0pm_zyETsOPLtIpcU2resx4yk3nbjqjf18dlcSIQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEwMDE2OTQ1NTcxMzYyNzIz&google_push=ATf1kGONmf8bQYFgEYuFtzThC9Y45hGQM9OBHG3NmWCC5LjEVlNd2_VcO4z3Fz0pm_zyETsOPLtIpcU2resx4yk3nbjqjf18dlcSIQ
Request Chain 337
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENkzw-3d_KnqMYYn7jNpRVc&google_cver=1&google_push=ATf1kGNOdjKjoWSl-zZekshN5x8lU_CEUMQM3EFZRKg4e6u8QsYeBX_SiZvNh8xxHp-MBLnPL7HgFqLFk6EXTdo23WioVMZGw8OW9A HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENkzw-3d_KnqMYYn7jNpRVc&google_cver=1&google_push=ATf1kGNOdjKjoWSl-zZekshN5x8lU_CEUMQM3EFZRKg4e6u8QsYeBX_SiZvNh8xxHp-MBLnPL7HgFqLFk6EXTdo23WioVMZGw8OW9A&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNOdjKjoWSl-zZekshN5x8lU_CEUMQM3EFZRKg4e6u8QsYeBX_SiZvNh8xxHp-MBLnPL7HgFqLFk6EXTdo23WioVMZGw8OW9A&google_hm=GkYFqGZHh_9O8W8_Qw6N85gv
Request Chain 338
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESED8Eo_kT8ZeORvOzTkoXfXc&google_cver=1&google_push=ATf1kGOhribDUQRPTwyHmBqgYMLEOCmZKC5zwA_GsyQVeLq03TpNIpTMxxbIFT-8t37FQHogq6uaC-JRuFo8aRTCbTDk-2mhGw8Q3TA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOhribDUQRPTwyHmBqgYMLEOCmZKC5zwA_GsyQVeLq03TpNIpTMxxbIFT-8t37FQHogq6uaC-JRuFo8aRTCbTDk-2mhGw8Q3TA HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 341
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

390 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/ 		190 KB
60 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bac5ead1a01ae0c58b566ac4c3530da84f3430464ab0f3bd0477ea86ca446867
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=60
cf-cache-status
DYNAMIC
cf-ray
7c0192afbf2635fd-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 17:40:59 GMT
expires
Sun, 30 Apr 2023 17:41:59 GMT
feature-policy
microphone none;camera none;geolocation none;
last-modified
Sun, 30 Apr 2023 17:40:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), microphone=(), geolocation=()
pragma
public
referrer-policy
strict-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Akr9dpb%2FJ%2FjNDT7LaDK22qswRes4YmWB8y8y6oMQ7cNU8GTG4MLlV8M1P8fzDO8IoWzthzp2LcRaTsjSZs9Ts5TWIYW%2Bqo8awQS7lqsuRZmxZgwhEOlVWtX9gsbO4tiV3%2FE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
up.js
live.demand.supply/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/up.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6bc9fb769612e75707d922870265c431de9c30a6ca25302e8e8e74c169bcab3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GZ226KJ9YP1S7M986D1Q0X1C
date
Sun, 30 Apr 2023 17:40:59 GMT
content-encoding
br
cf-cache-status
HIT
age
1155
cf-polished
origSize=4391
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"0587974d325a68869c432f0483e6df63-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
7c0192b07af4bbfd-FRA
link
<https://live.demand.supply/impl.v16.8.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/eWFsbGEtc2hvb3RzLnR2Lw==>; rel=preload; as=script
timing-allow-origin
*
A-letterbigger_Savir.png
jscdn.greeter.me/ 		945 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jscdn.greeter.me/A-letterbigger_Savir.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:40:59 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Sun, 10 Jul 2022 13:45:06 GMT
x-amz-request-id
tx00000000000004ca96352-00644ea3f4-9733ce3a-fra1b
etag
"f07519ec5fbc46385f386b577e6e2a1d"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1682876459.dop015.fr8.t,1682876459.cds292.fr8.hn,1682876459.cds205.fr8.c
content-type
image/png
cache-control
max-age=2521
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
945
yalla-shoot.png
yalla-shoots.tv/uploads/logo/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yalla-shoots.tv/uploads/logo/yalla-shoot.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3790ed75687a3b6c3d71bcf4bd62c99f82a3dd738ae4b6b2639bd36e4f6bca29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:40:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1033524
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6352
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Sat, 23 Jul 2022 01:22:27 GMT
server
cloudflare
etag
"62db4d53-18d0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l6nfc0E1t3ZW1Jf7AFwPSElj%2F14jOqj3J1qWHVUURIXdhCppKHroP1LNhkW%2FSiIjG0o2fB4hkAqAXFggIPt%2FXWjj6ohutR8zSaa7LnrhZ7idhuo8A13YWdKqwc3T2sScCRg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
cf-ray
7c0192b0582635fd-FRA
expires
Thu, 18 May 2023 18:35:35 GMT
truncated
/ 		451 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		944 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		248 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		460 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		500 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
NeoSansArabic.woff
yalla-shoots.tv/assets/fonts/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/assets/fonts/NeoSansArabic.woff
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Origin
https://yalla-shoots.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:40:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1033523
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
57364
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Sat, 23 Jul 2022 01:21:21 GMT
server
cloudflare
etag
"62db4d11-e014"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FTV4rh76G3Bs%2BXAkD5GcariPFfJ8rl996D6yZnEyZHQFPzJSPkmld%2B0Isnu56WMbBzw%2FZWmgloDRhfrufLYWblrwjtFt%2BLMSZI9P%2BTnw4wZ1pJEE%2FOLXqvAT6HjExT265vk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
cf-ray
7c0192b0683435fd-FRA
expires
Thu, 18 May 2023 18:35:36 GMT
1559557337.png
web-api.scorarab.com/uploads/team/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-api.scorarab.com/uploads/team/1559557337.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
005e16839d2855c6fe98710d6f4c33846c93a146218990028c580e6d549a1f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:40:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
417546
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12570
x-xss-protection
1; mode=block
last-modified
Wed, 08 Dec 2021 17:06:39 GMT
server
cloudflare
etag
"61b0e61f-311a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZxCHW3Y2xx2RioDg4b8HsAPBt8KUrr0Qp86tkAwFiN8LuXqaqD28bTNdHgKJS2uzherXNuEE0Ry3QPQSSV19xQ2mmR5gvau6VR9TsJySJ0Ls2b1neB%2FIPLSP8CBzE%2FIKARI0vmKjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c0192b0cd00928f-FRA
expires
Thu, 25 May 2023 21:41:53 GMT
1557008660.png
web-api.scorarab.com/uploads/team/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-api.scorarab.com/uploads/team/1557008660.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2f981cd0c42bb4a1b60734d0d38d3e0cbbc63252b92a7b93427c85d9fbbbfb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:40:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1314158
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16823
x-xss-protection
1; mode=block
last-modified
Wed, 08 Dec 2021 17:06:40 GMT
server
cloudflare
etag
"61b0e620-41b7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cobGhiCr1Tevm15dxEtVzl29AoWDrz7F0jExtItDjWcFu2aZBs7BcSJY4mxeitRw1rZ271vQKogImDoiMZ1XDUgN4jlTad3olswW%2FMFeKUKOU5QlXnfXPvk4qN%2Fyu3jiCQGqBI27Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c0192b0cd03928f-FRA
expires
Mon, 15 May 2023 12:38:21 GMT
rocket-loader.min.js
yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:40:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 25 Apr 2023 11:29:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6447b986-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKDy%2B5aAyv7zUD0UQJKPWQC2%2FlAcNgVxec3Ox1M%2BET93EIp9%2BtfZXGEW%2FKYomHILEmggd%2BbLCNQ496KCi4qxTPnv49mA0VHegSP4dHLRDU2OyAMS83bVu2TbWa7OpzfukdQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7c0192b0e872bb37-FRA
expires
Tue, 02 May 2023 17:40:59 GMT
telegram.svg
live.shoot-yalla.tv/uploads/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.shoot-yalla.tv/uploads/img/telegram.svg
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45dd60aee8728ca8786226233d74694db5f4c0110647c8e48710c49cdd5bdf41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:40:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1033528
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Fri, 03 Jun 2022 01:24:02 GMT
server
cloudflare
etag
W/"629962b2-424"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jzbh1yLuNm7srfIvbdl4akWNU9137uGW8eoM6Ad%2BcKR93UVANJlJI%2BAVNMnTqqZCskRweSeBs9Nkiw4n%2FNW%2BJOzYyCd0E9W%2F2ITnOxaCtuKfXQLDqnaBSHawVOHa3yDnZLkivD3"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
7c0192b10d6b03a6-FRA
expires
Thu, 18 May 2023 18:35:31 GMT
js
www.googletagmanager.com/gtag/ 		114 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-230085360-1
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c4e0d213ccc8ca5ac52dd6ca7b951c10fa969e629cc5bc1d5a89c0bbc93066f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:40:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45409
x-xss-protection
0
last-modified
Sun, 30 Apr 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 30 Apr 2023 17:40:59 GMT
lazyload.js
yalla-shoots.tv/assets/themes/yalla-shoot/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/assets/themes/yalla-shoot/js/lazyload.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1b682cb1fee45d7f80c900aba4d8ddcb18ac1016dcf38ece495801ac65eb14f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:40:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1033425
cf-polished
origSize=7249
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-bgj
minify
last-modified
Sat, 23 Jul 2022 01:24:16 GMT
server
cloudflare
etag
W/"62db4dc0-1c51"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfIaPF4uRBtsv5YZJm1gumur9m1ItscadaFPeWlYjM14R6zMEiS8byNlY1qxifmUGCGAuVDEMQj5mvZpWfc95rn2bViXi8HuytrK0Rfcr0agZwI0SMXrcWZGboBWpW8a9m0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
cf-ray
7c0192b10898bb37-FRA
expires
Thu, 18 May 2023 18:37:14 GMT
matche
dalbouh.xyz/api/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dalbouh.xyz/api/matche?t=1682876457
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.233.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
spt
tg1.modoro360.com/api/adserver/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=63e0c53d06b87484dc0f3a56&AV_PUBLISHERID=63e0c30829bdc76cde070e85
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:25::1726:6216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cfab72944cc1e9ad9991d37aec7c1d588c99cd820aa8c80010da1f86ae2a04f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

X-Bamboo-C-SkSt
1
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
Date
Sun, 30 Apr 2023 17:40:59 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Vary
Accept-Encoding
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Content-Length
6880
Expires
Sun, 30 Apr 2023 17:45:59 GMT
yalla-shoots.tvdynamic.js
jscdn.greeter.me/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jscdn.greeter.me/yalla-shoots.tvdynamic.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
35cf75de5d617b7a8e395dc30579c7245e3001a2b8227d55f3d3ddc2e773741d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:40:59 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Wed, 11 Jan 2023 19:24:32 GMT
x-amz-request-id
tx00000000000004a0a75a5-00644e9de0-9655fbac-fra1b
etag
"3cc898bc27a1b9035922667e9a7e891a"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1682876459.dop015.fr8.t,1682876459.cds292.fr8.hn,1682876459.cds321.fr8.c
content-type
text/javascript
cache-control
max-age=965
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
7957
yalla-shoots.tvhead.js
jscdn.greeter.me/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jscdn.greeter.me/yalla-shoots.tvhead.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
c73e7fcf76232d28a1760877bd3eccada211feb797fd25ba824df3bac45b46eb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:40:59 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Wed, 11 Jan 2023 19:35:56 GMT
x-amz-request-id
tx00000000000004cc607f3-00644e9de0-9620c93c-fra1b
etag
"559fe7c18011a3e1db9adb6276cba3f6"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1682876459.dop015.fr8.t,1682876459.cds292.fr8.hn,1682876459.cds149.fr8.c
content-type
text/javascript
cache-control
max-age=965
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
7559
jquery.min.js
yalla-shoots.tv/assets/js/ 		87 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/assets/js/jquery.min.js?t=1682876457
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7e05b68eb47f0167793018bfc04a5fd640d8a9f406b6b2c1892a97f084f6769
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:40:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 21 Sep 2022 18:59:19 GMT
server
cloudflare
etag
W/"632b5f07-15d3a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zOs61rip5CBuIuEWtaJgfYrj6afeUGa3tTbny6%2BRCJeHBgTBOCgECGyQ8e8wIPa4PpDm1P90UX6dAiK0Qx0TatCK%2BYkuXC8FsHS9t4ef4Rud5WAW2%2FGlNhyc0P6A8yw5kkg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
cf-ray
7c0192b10899bb37-FRA
expires
Tue, 30 May 2023 17:40:59 GMT
impl.v16.8.0.js
live.demand.supply/ 		73 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/impl.v16.8.0.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee0da5140d8c395da1befebd9cc39629786a9f924ecc3486467e75ad6c89c2e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GZ226FBHFZ67A1Z109CDN6D6
date
Sun, 30 Apr 2023 17:40:59 GMT
content-encoding
br
cf-cache-status
HIT
age
253601
cf-polished
origSize=75348
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"b227a5bf63e1ce682553e3ba750fec27-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
7c0192b14c57bbfd-FRA
eWFsbGEtc2hvb3RzLnR2Lw==
live.demand.supply/p4/v16-2-0/ 		2 KB
987 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v16-2-0/eWFsbGEtc2hvb3RzLnR2Lw==
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e70ee364886165008206efced3124ed63360600857931298a8b7536a6da5bb93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:40:59 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
7c0192b14c55bbfd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
e.js
live.demand.supply/e/ 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?e=ll&d=166&cs=c&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA3NTAvMTAwNDk5Mi9jbHViLWFmcmljYWluLXZzLWVzLXNhaGVsLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Sun, 30 Apr 2023 17:40:59 GMT
cf-cache-status
HIT
age
2465029
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c0192b16e86381a-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c22c74423d664391a535ec46e10e51dbe1d41ccba87724dac54ae18afa125006
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:40:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24757
x-xss-protection
0
server
cafe
etag
938 / 19477 / m202304250101 / config-hash: 17856767610576847833
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 30 Apr 2023 17:40:59 GMT
eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA3NTAvMTAwNDk5Mi9jbHViLWFmcmljYWluLXZzLWVzLXNhaGVsLw==
live.demand.supply/p4/v16-2-0/ 		2 KB
942 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v16-2-0/eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA3NTAvMTAwNDk5Mi9jbHViLWFmcmljYWluLXZzLWVzLXNhaGVsLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80384cdd093fee3bb30043daf08c7f62465b5a14dd284917d11e91cda91563dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:40:59 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
7c0192b14c59bbfd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ds.2.html
live.demand.supply/ 		413 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GWKXNNK2Q6J4EK436CXFQ5N7
date
Sun, 30 Apr 2023 17:40:59 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
2463772
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
7c0192b16e88381a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
yalla-shoots.tv_fluid_lb+sq
live.demand.supply/cp/ 		30 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_fluid_lb+sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA3NTAvMTAwNDk5Mi9jbHViLWFmcmljYWluLXZzLWVzLXNhaGVsLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3ec8596d2b6392ea14fa88d3f63197de592266ccdd6ccbd15148a771518c0f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:40:59 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7c0192b17ea9381a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30
yalla-shoots.tv_native_multi_native1
live.demand.supply/cp/ 		21 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_native_multi_native1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA3NTAvMTAwNDk5Mi9jbHViLWFmcmljYWluLXZzLWVzLXNhaGVsLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:40:59 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7c0192b17eab381a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21
yalla-shoots.tv_fluid_sky+sq
live.demand.supply/cp/ 		29 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_fluid_sky+sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA3NTAvMTAwNDk5Mi9jbHViLWFmcmljYWluLXZzLWVzLXNhaGVsLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec3cd9b7a8d079c4990ebbc5ddae6a6294d87b0a68da43dee6872328a24d0f92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:40:59 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7c0192b17ead381a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29
yalla-shoots.tv_fluid_lb+sq
live.demand.supply/cp/ 		30 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_fluid_lb+sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA3NTAvMTAwNDk5Mi9jbHViLWFmcmljYWluLXZzLWVzLXNhaGVsLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3ec8596d2b6392ea14fa88d3f63197de592266ccdd6ccbd15148a771518c0f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:40:59 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7c0192b17eae381a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30
yalla-shoots.tv_auto_728x90_sticky_display_bottom
live.demand.supply/cp/ 		30 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA3NTAvMTAwNDk5Mi9jbHViLWFmcmljYWluLXZzLWVzLXNhaGVsLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb6f13fbb295d8abb0586cb0260b284f8a9561de5dd149b13fd76a7a58b54cbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:40:59 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7c0192b1df7e381a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/ 		398 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 14:34:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
11206
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126109
x-xss-protection
0
server
cafe
etag
6695821980177688499
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 29 Apr 2024 14:34:13 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		2 KB
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
272976e47a2b186641def1054de0d584af41c25eda9295804560b6f638473ab4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:40:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
557
x-xss-protection
0
expires
Sun, 30 Apr 2023 17:40:59 GMT
key.php
yalla-shoots.tv/ 		162 B
773 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/key.php?kt=1682876459
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f252f109c7c1cd7bf4114ee4a974075e0ec37e442031326b058a09e8a51357c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7cQwjqWPxf25noxSAFlf0fTnnlATE2Esa%2BKaK4x7Q4N1KB%2Bu5cfMCchy4GThhKSQdR7ky3%2BiGR8VaMJY%2FsGsFgaX1fY77LR228lkkA%2FPHibIPP4LHscFa5rFYl2YsYMAXM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=60
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
cf-ray
7c0192b2bab8bb37-FRA
expires
Sun, 30 Apr 2023 17:42:00 GMT
e.js
live.demand.supply/e/ 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&pdc=0.10001247525215148&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA3NTAvMTAwNDk5Mi9jbHViLWFmcmljYWluLXZzLWVzLXNhaGVsLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Sun, 30 Apr 2023 17:40:59 GMT
cf-cache-status
HIT
age
2465029
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c0192b2b8bd381a-FRA
e.js
live.demand.supply/x/ 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=da&r=yalla-shoots.tv_fluid_lb%2Bsq&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA3NTAvMTAwNDk5Mi9jbHViLWFmcmljYWluLXZzLWVzLXNhaGVsLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GT697DWCG03Y95C7R5741DG8
date
Sun, 30 Apr 2023 17:40:59 GMT
cf-cache-status
HIT
age
2464123
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c0192b2b8bf381a-FRA
e.js
live.demand.supply/e/ 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&pdc=0.10001247525215148&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA3NTAvMTAwNDk5Mi9jbHViLWFmcmljYWluLXZzLWVzLXNhaGVsLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Sun, 30 Apr 2023 17:40:59 GMT
cf-cache-status
HIT
age
2465029
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c0192b2c8c5381a-FRA
e.js
live.demand.supply/x/ 		0
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=da&r=yalla-shoots.tv_fluid_lb%2Bsq&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA3NTAvMTAwNDk5Mi9jbHViLWFmcmljYWluLXZzLWVzLXNhaGVsLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GT697DWCG03Y95C7R5741DG8
date
Sun, 30 Apr 2023 17:40:59 GMT
cf-cache-status
HIT
age
2464123
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c0192b2c8c7381a-FRA
e.js
live.demand.supply/e/ 		0
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_sky%2Bsq&pdc=0.4577215313911438&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA3NTAvMTAwNDk5Mi9jbHViLWFmcmljYWluLXZzLWVzLXNhaGVsLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Sun, 30 Apr 2023 17:40:59 GMT
cf-cache-status
HIT
age
2465029
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c0192b2c8cc381a-FRA
get
feed.avplayer.com/backend/ 		4 KB
813 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://feed.avplayer.com/backend/get?cmsType=playlist&id=631a2480b3d08269680f4be2&AV_TAGID=63e0c53d06b87484dc0f3a56&pid=63e0c30829bdc76cde070e85&cid=63e0c35e9283893b7f0c04f6&AV_TEMPID=62c2a28af9382161a05f9104&AV_PUBLISHERID=63e0c30829bdc76cde070e85
Requested by
Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=63e0c53d06b87484dc0f3a56&AV_PUBLISHERID=63e0c30829bdc76cde070e85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
cce1aee65b9f2093ba86119d6ef979fd5183c77b513a1f6c735e0cd56f951070

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
gzip
x-hw
1682876460.dop236.fr8.t,1682876460.cds052.fr8.hn,1682876460.cds205.fr8.c
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
content-length
608
avcplayer.js
player.avplayer.com/script/2/v/ 		251 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/v/avcplayer.js
Requested by
Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=63e0c53d06b87484dc0f3a56&AV_PUBLISHERID=63e0c30829bdc76cde070e85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 17:18:44 GMT
etag
"1646327924"
x-hw
1682876460.dop215.fr8.t,1682876460.cds206.fr8.hn,1682876460.cds249.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
61326
track
servt.modoro360.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.modoro360.com/track?pid=63e0c30829bdc76cde070e85&cid=63e0c35e9283893b7f0c04f6&cb=1682876459967&r=yalla-shoots.tv&stagid=63e0c53d06b87484dc0f3a56&stplid=62c2a28af9382161a05f9104&d35=&d65=Test1&d66=7&d74=&e=playerLoaded&cpid=631a2480b3d08269680f4be2&str=viewable
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.149.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-149-208.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		2 KB
1004 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177432777658012&correlator=710027625240396&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C175844fe-17b4-47e6-9355-28af1ff828c4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=1711219817&didk=1133630126&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D8123a0e5-1a1b-4b2a-8d0f-e93e30ecd216%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D13%26bid-p%3Dgoogle%26bsc%3D87&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682876459983&lmt=1682876457&dlt=1682876459554&idt=333&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1078497215.1682876460&ga_sid=1682876460&ga_hid=1112211741&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
080d4ed4201df9b0003442bfc962f04b2851f681b797584edb5708f14670a5a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
974
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 931A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 17:41:00 GMT
expires
Mon, 29 Apr 2024 17:41:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d94d22087df59281d402ce90aac94a521602f6429ce32bf987a3dd5d46692ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 14:43:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
10666
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11983
x-xss-protection
0
server
cafe
etag
3857569901812544741
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 29 Apr 2024 14:43:13 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		174 KB
46 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177432777658012&correlator=2519349714053266&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cnative-multi%2C3d4ab4c6-6d5f-4b8c-9e83-ea0e7b3534e1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=2&adks=3933977197&didk=3429720028&sfv=1-0-40&prev_scp=ti%3D8123a0e5-1a1b-4b2a-8d0f-e93e30ecd216%26chrand%3Dn%26pof%3D1%26rfi%3D30%26bsc%3D87%26format%3Dmulti-native&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682876459999&lmt=1682876457&dlt=1682876459554&idt=333&adxs=262&adys=504&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F&frm=20&vis=1&psz=1076x0&msz=1076x0&fws=4&ohw=1076&ga_vid=1078497215.1682876460&ga_sid=1682876460&ga_hid=1112211741&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8be7504aaf244a233b5a55d43f5669ff976678201c1e786181a48ea03911cb31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46781
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177432777658012&correlator=2896475816153403&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C356922b4-0932-42d8-8698-9fc099d8e22d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=3&adks=3366209244&didk=1418515199&sfv=1-0-40&prev_scp=ti%3D8123a0e5-1a1b-4b2a-8d0f-e93e30ecd216%26chrand%3Dn%26pof%3D1%26rfi%3D30%26bsc%3D87&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682876460024&lmt=1682876457&dlt=1682876459554&idt=333&adxs=302&adys=220&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F&frm=20&vis=1&psz=1052x116&msz=1052x116&fws=4&ohw=1100&ga_vid=1078497215.1682876460&ga_sid=1682876460&ga_hid=1112211741&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dcea0d440e9d5b82b6192657e1d90b7e718f9e77c1279a000d8c9411e9d991df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10822
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177432777658012&correlator=3045022866258278&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C7b9be0bc-7aae-4298-84dd-8d5becb2ea92&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x600&ifi=4&adks=1131662217&didk=412460673&sfv=1-0-40&prev_scp=ti%3D8123a0e5-1a1b-4b2a-8d0f-e93e30ecd216%26chrand%3Dn%26pof%3D1%26bsc%3D87&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682876460043&lmt=1682876457&dlt=1682876459554&idt=333&adxs=302&adys=504&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F&frm=20&vis=1&psz=1052x616&msz=1052x616&fws=4&ohw=1100&ga_vid=1078497215.1682876460&ga_sid=1682876460&ga_hid=1112211741&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf261de0ec7d17c3770e7c6db3a78117d7557e6ce5314862196bb6da3481f420
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10929
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177432777658012&correlator=2051247927368886&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C356922b4-0932-42d8-8698-9fc099d8e22d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=5&adks=401769933&didk=1418515193&sfv=1-0-40&prev_scp=ti%3D8123a0e5-1a1b-4b2a-8d0f-e93e30ecd216%26chrand%3Dn%26pof%3D1%26rfi%3D30%26bsc%3D87&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682876460048&lmt=1682876457&dlt=1682876459554&idt=333&adxs=314&adys=2377&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F&frm=20&vis=1&psz=1076x116&msz=1076x116&fws=4&ohw=1100&ga_vid=1078497215.1682876460&ga_sid=1682876460&ga_hid=1112211741&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56d5b654f06e43c53f4bd56b0262658b77aa7859432820eb5e099c1255f7b9ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
549
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/ 		0
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_728x90_sticky_display_bottom&pdc=0.16235687732696535&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA3NTAvMTAwNDk5Mi9jbHViLWFmcmljYWluLXZzLWVzLXNhaGVsLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Sun, 30 Apr 2023 17:41:00 GMT
cf-cache-status
HIT
age
2465030
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c0192b35999381a-FRA
sdb.css
live.demand.supply/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/css/sdb.css
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GTP882AJGXJCM3VNH3JF57QN
date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
977469
etag
W/"14c5381be186641471a926a081d90c88-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
7c0192b36db79b6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
e.js
live.demand.supply/x/ 		0
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=bb&r=yalla-shoots.tv_auto_728x90_sticky_display_bottom&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA3NTAvMTAwNDk5Mi9jbHViLWFmcmljYWluLXZzLWVzLXNhaGVsLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GT697DWCG03Y95C7R5741DG8
date
Sun, 30 Apr 2023 17:41:00 GMT
cf-cache-status
HIT
age
2464124
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c0192b369b6381a-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177432777658012&correlator=818717197702578&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C2f5dd645-0d0d-422d-99d2-d7bef2ca8963&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=6&adks=3202367356&didk=4055989924&sfv=1-0-40&prev_scp=ti%3D8123a0e5-1a1b-4b2a-8d0f-e93e30ecd216%26chrand%3Dn%26pof%3D1%26rfi%3D30%26stt%3Dbhs%26bsc%3D87&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682876460065&lmt=1682876457&dlt=1682876459554&idt=333&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1078497215.1682876460&ga_sid=1682876460&ga_hid=1112211741&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cdec027516a116ad003aa28ed52dcb0be0ffd7e0b66774c10eb29d59c03ead62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7254
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/x/ 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=fs&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA3NTAvMTAwNDk5Mi9jbHViLWFmcmljYWluLXZzLWVzLXNhaGVsLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GT697DWCG03Y95C7R5741DG8
date
Sun, 30 Apr 2023 17:41:00 GMT
cf-cache-status
HIT
age
2464124
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c0192b379c1381a-FRA
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304250101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
89f91bf61e1980f946c200539b5ce6fc47c4f0cb3229d8cfdb1c7ab4f0d12c04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11150
x-xss-protection
0
A-letterbigger_Savir.png
jscdn.greeter.me/ 		945 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jscdn.greeter.me/A-letterbigger_Savir.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Sun, 10 Jul 2022 13:45:06 GMT
x-amz-request-id
tx00000000000004ca96352-00644ea3f4-9733ce3a-fra1b
etag
"f07519ec5fbc46385f386b577e6e2a1d"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1682876460.dop015.fr8.t,1682876460.cds292.fr8.hn,1682876460.cds205.fr8.c
content-type
image/png
cache-control
max-age=2520
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
945
hb_739813_17175.js
player.aplhb.adipolo.com/prebidlink/467465/ 		290 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.tvhead.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
f8aa9a880d6e487e7842722fbaee7c4c914803cef2baf4f92b76167b48df3bad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2022 12:00:43 GMT
server
nginx
etag
W/"63a0526b-48644"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Sun, 30 Apr 2023 18:41:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.tvhead.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15b87fc7047ffb7e232be92c746ca06c5868933d562a0cc56d67a14a3627968b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24847
x-xss-protection
0
server
cafe
etag
352 / 19477 / 31074164 / config-hash: 17856767610576847833
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 30 Apr 2023 17:41:00 GMT
wrapper_hb_739813_17175.js
player.aplhb.adipolo.com/prebidlink/467465/ 		2 KB
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aplhb.adipolo.com/prebidlink/467465/wrapper_hb_739813_17175.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.tvhead.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
cba78783503f962e24d09c78f38add0360021817317c6972d14e37e250b52e3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2022 12:13:01 GMT
server
nginx
etag
W/"63a0554d-685"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Sun, 30 Apr 2023 18:41:00 GMT
gpt.js
www.googletagservices.com/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.tvhead.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6fa9d241855652a642addb35f3f4d8d4a37a4739489c3134acd1f8e303dc4477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24757
x-xss-protection
0
server
cafe
etag
499 / 19477 / m202304250101 / config-hash: 17856767610576847833
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 30 Apr 2023 17:41:00 GMT
adipolo_logo.png
adipolo.com/wp-content/uploads/2020/06/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
cf-cache-status
HIT
last-modified
Tue, 02 Jun 2020 09:04:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
219074
etag
"5ed61610-1b9c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kNOzsKn%2FavwpFyF3TawXCzgrDR9eaSbhgL1aHQ9PzcaYPDaXZOsiRyfokmnvvxDc3okRJJKDMTwWq9rQzdAQpy22zey0FlngoOK1%2FAa1wrm24dPtbJbGJvTmgjDhS8rLjDInmYreyLWqRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7c0192b40d159235-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7068
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-230085360-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 30 Apr 2023 17:05:04 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
2156
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Sun, 30 Apr 2023 19:05:04 GMT
frame.php
yalla-shoots.tv/ Frame BCC6 		198 KB
72 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/frame.php?ch=kass1_1&p=10&token=NmY2NDYxNzU2ZDZhNzUzMTZjNmE2NTc3NmM2YTY5Nzc2ZDY2NjIzMTYzMzI2Nzc5NmQ2NDY5Nzk2YjdhNjk3NzZkNmE2MTcxNzM3NTcyNjE2NTZhNjQ2ODY1NzQ3NjMyNmQ3YTc5Njg2NTZhNzU2YQ==&kt=1682876459
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9815f3aeab5f84828e7ad175a4b475fa5bf9c378a6a811de219d1ade88ad327
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=60
cf-cache-status
DYNAMIC
cf-ray
7c0192b3eca8bb37-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 17:41:00 GMT
expires
Sun, 30 Apr 2023 17:42:00 GMT
feature-policy
microphone none;camera none;geolocation none;
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), microphone=(), geolocation=()
referrer-policy
strict-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWb8FAgGFstYvTLTiJtmPJJCnNLZmyWSgb7YQ4Mh2TrdlAz%2BzDzlg%2BmcbZHu2FaHvl17bVffVr5ELbpXRK35WfNsO9%2FxarQ0GI0zIa8QP6I20uezVBk%2B8IIyhHxLe1Wrj7w%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
A-letterbigger_Savir.png
jscdn.greeter.me/ 		945 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jscdn.greeter.me/A-letterbigger_Savir.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Sun, 10 Jul 2022 13:45:06 GMT
x-amz-request-id
tx00000000000004ca96352-00644ea3f4-9733ce3a-fra1b
etag
"f07519ec5fbc46385f386b577e6e2a1d"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1682876460.dop015.fr8.t,1682876460.cds292.fr8.hn,1682876460.cds205.fr8.c
content-type
image/png
cache-control
max-age=2520
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
945
truncated
/ 		385 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
favicon.ico
storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.139.16 , France, ASN16276 (OVH, FR),
Reverse DNS
ip16.ip-145-239-139.eu
Software
/
Resource Hash
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 17:41:00 GMT
X-Openstack-Request-Id
tx07ed152642a14bf3be6e5-00644ea82c
Last-Modified
Sun, 31 Jan 2021 12:57:34 GMT
Etag
7bf4f6782dee3b520a65ff84286e3691
Content-Type
image/x-icon
X-Timestamp
1612097853.12655
Accept-Ranges
bytes
Content-Length
15086
X-Trans-Id
tx07ed152642a14bf3be6e5-00644ea82c
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Apr 2023 17:41:00 GMT
Yamkarish.mp4
cdn-adipolo.urekamedia.com/test/a92a53cfdb1b435a8/ 		320 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn-adipolo.urekamedia.com/test/a92a53cfdb1b435a8/Yamkarish.mp4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash

Request headers

Referer
https://yalla-shoots.tv/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

x-77-pop
frankfurtDE
date
Sun, 30 Apr 2023 17:41:00 GMT
x-cache
HIT
x-77-cache
HIT
Content-Range
bytes 0-900871/900872
x-age
268330
x-accel-date
1682608130
Content-Length
900872
x-77-nzt
AcO1ryfOY2j/KhgEAA
x-accel-expires
@1683644930
last-modified
Tue, 06 Sep 2022 14:19:18 GMT
server
CDN77-Turbo
etag
"631756e6-dbf08"
x-77-nzt-ray
25b021317846c6432ca84e6496663218
content-type
video/mp4
access-control-allow-origin
*
collect
www.google-analytics.com/j/ 		1 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1112211741&t=pageview&_s=1&dl=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F&ul=en-us&de=UTF-8&dt=%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9%20%D8%A7%D9%84%D9%86%D8%A7%D8%AF%D9%8A%20%D8%A7%D9%84%D8%A5%D9%81%D8%B1%D9%8A%D9%82%D9%8A%20%D9%88%20%D8%A7%D9%84%D9%86%D8%AC%D9%85%20%D8%A7%D9%84%D8%B3%D8%A7%D8%AD%D9%84%D9%8A%20-%20%D8%A7%D9%84%D8%A8%D8%B7%D9%88%D9%84%D8%A9%20%D8%A7%D9%84%D8%AA%D9%88%D9%86%D8%B3%D9%8A%D8%A9%20-%202023-04-30&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=175426470&gjid=266759173&cid=1078497215.1682876460&tid=UA-230085360-1&_gid=130744006.1682876460&_r=1&gtm=457e34q0&jsscut=1&z=1200469982
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/ 		0
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_interstitial_desktop&e=nai&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA3NTAvMTAwNDk5Mi9jbHViLWFmcmljYWluLXZzLWVzLXNhaGVsLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Sun, 30 Apr 2023 17:41:00 GMT
cf-cache-status
HIT
age
2465030
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c0192b47b47381a-FRA
hbw_master_739813_17175.js
player.aplhb.adipolo.com/prebidlink/19477/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aplhb.adipolo.com/prebidlink/19477/hbw_master_739813_17175.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/wrapper_hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
a31e81b5ee962da98d89c99da3f964c57755440e8b8e0c950b6cf63f4f29b7fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2022 12:13:01 GMT
server
nginx
etag
W/"63a0554d-152fa"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Sun, 30 Apr 2023 18:41:00 GMT
e.js
live.demand.supply/e/ 		0
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&e=nai&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA3NTAvMTAwNDk5Mi9jbHViLWFmcmljYWluLXZzLWVzLXNhaGVsLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Sun, 30 Apr 2023 17:41:00 GMT
cf-cache-status
HIT
age
2465030
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c0192b49b69381a-FRA
rocket-loader.min.js
yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame BCC6 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/frame.php?ch=kass1_1&p=10&token=NmY2NDYxNzU2ZDZhNzUzMTZjNmE2NTc3NmM2YTY5Nzc2ZDY2NjIzMTYzMzI2Nzc5NmQ2NDY5Nzk2YjdhNjk3NzZkNmE2MTcxNzM3NTcyNjE2NTZhNjQ2ODY1NzQ3NjMyNmQ3YTc5Njg2NTZhNzU2YQ==&kt=1682876459
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 25 Apr 2023 11:29:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6447b986-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2l3BwG3dFFNhAAQ7TzHoASuOfvrmGCd%2FE5TF9ATEOUVAJsDy5AWnfBgniaay95WekL2obb3CyXMBSpIYkyFYtulDC5mNhouj7nw3j%2FTOsd8amRorOEtB9q2kiCHC%2FtHNHE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7c0192b49d78bb37-FRA
expires
Tue, 02 May 2023 17:41:00 GMT
config.json
player.adtelligent.com/exchange_rates/313490/ 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
2a47ca36bec8c3beead01bf8294ef0d2dfb66db557e9e20eda8e613899b75992

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

expires
Tue, 02 May 2023 17:41:00 GMT
date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
gzip
last-modified
Sun, 30 Apr 2023 12:02:27 GMT
server
nginx
etag
W/"644e58d3-2aae"
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=172800
x-proxy-cache
HIT
e.js
live.demand.supply/x/ 		0
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=nsi&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA3NTAvMTAwNDk5Mi9jbHViLWFmcmljYWluLXZzLWVzLXNhaGVsLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GT697DWCG03Y95C7R5741DG8
date
Sun, 30 Apr 2023 17:41:00 GMT
cf-cache-status
HIT
age
2464124
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c0192b4bbb3381a-FRA
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		384 B
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177432777658012&correlator=1388079108636356&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Cnativefeedapl&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=7&adks=1483024627&didk=3551856684&sfv=1-0-40&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3De9661d51b77e2727%3AT%3D1682876460%3AS%3DALNI_MZR_shZCT0sQcHUeYCwNvSVm-37nw&gpic=UID%3D00000bf38cf8a777%3AT%3D1682876460%3ART%3D1682876460%3AS%3DALNI_MYCVxryzSlTp1iTiBiejAfQkJ9ZaA&abxe=1&dt=1682876460298&lmt=1682876457&dlt=1682876459554&idt=333&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1078497215.1682876460&ga_sid=1682876460&ga_hid=1112211741&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e023fb3bd7b0d1ce5f6e7b8ff408cd1c7078ba7f53c77ce88e26b10a5f85b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		570 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177432777658012&correlator=3920408318692811&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Canchor%2Canchortop&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=8&adks=1163496608&didk=3847343502&sfv=1-0-40&ists=1&fas=2&eri=1&sc=1&cookie=ID%3De9661d51b77e2727%3AT%3D1682876460%3AS%3DALNI_MZR_shZCT0sQcHUeYCwNvSVm-37nw&gpic=UID%3D00000bf38cf8a777%3AT%3D1682876460%3ART%3D1682876460%3AS%3DALNI_MYCVxryzSlTp1iTiBiejAfQkJ9ZaA&abxe=1&dt=1682876460299&lmt=1682876457&dlt=1682876459554&idt=333&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1078497215.1682876460&ga_sid=1682876460&ga_hid=1112211741&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3bfbff70409a0d8f2705c617b6f8353d3729e5d3e6e949e88c03b2e5875f4de9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177432777658012&correlator=3640113294381572&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2Cb17090f6-08a6-4b68-a0ee-9e4e6b306a62&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=9&adks=4082428376&didk=3642258492&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D8123a0e5-1a1b-4b2a-8d0f-e93e30ecd216%26chrand%3Dn%26pof%3D1%26bsc%3D87&eri=1&sc=1&cookie=ID%3De9661d51b77e2727%3AT%3D1682876460%3AS%3DALNI_MZR_shZCT0sQcHUeYCwNvSVm-37nw&gpic=UID%3D00000bf38cf8a777%3AT%3D1682876460%3ART%3D1682876460%3AS%3DALNI_MYCVxryzSlTp1iTiBiejAfQkJ9ZaA&abxe=1&dt=1682876460300&lmt=1682876457&dlt=1682876459554&idt=333&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1078497215.1682876460&ga_sid=1682876460&ga_hid=1112211741&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f4dafae397e31fb29c1bd1c567704713a1a975686ab62e65cdca165e378edc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
702
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177432777658012&correlator=2603001713306000&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C39a08c37-8599-49df-916b-1911d54fde51&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=10&adks=3861532423&didk=1418515193&sfv=1-0-40&prev_scp=ti%3D8123a0e5-1a1b-4b2a-8d0f-e93e30ecd216%26chrand%3Dnbs%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26rfi%3D30%26bsc%3D87%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3De9661d51b77e2727%3AT%3D1682876460%3AS%3DALNI_MZR_shZCT0sQcHUeYCwNvSVm-37nw&gpic=UID%3D00000bf38cf8a777%3AT%3D1682876460%3ART%3D1682876460%3AS%3DALNI_MYCVxryzSlTp1iTiBiejAfQkJ9ZaA&abxe=1&dt=1682876460303&lmt=1682876457&dlt=1682876459554&idt=333&adxs=314&adys=2377&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F&frm=20&vis=1&psz=1076x116&msz=1076x116&fws=4&ohw=1100&ga_vid=1078497215.1682876460&ga_sid=1682876460&ga_hid=1112211741&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df2817e58d3b91b195eafff2022734129d5b36610cf986efce8bd43446d5d48c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9389
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ghb.aplhb.adipolo.com/geo/ 		134 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/geo/
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19477/hbw_master_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
1d12945e8815260a4d2b2dd486a2902bd40318192c64627ca4b49848aa939c39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 17:41:00 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
134
tracking
ghb.aplhb.adipolo.com/adunit/ 		43 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=739813&site_id=17175&pbjsv=v6.25.4&full_page_url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F&adid=3p6z8p.iz&features=81952&vpbv=N108&tte=189&lifecycle_tte=898
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19477/hbw_master_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 17:41:00 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:2c00:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:50:38 GMT
Via
1.1 8f2341b304c32ec6530aa5361edb2fe4.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Jan 2023 04:07:36 GMT
Server
AmazonS3
X-Amz-Cf-Pop
ZRH55-P1
Age
53423
x-amz-server-side-encryption
AES256
ETag
"aded621b17723f487b3c9d0e43cf2f94"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1859
X-Amz-Cf-Id
PCsN19QNT43paCc81dKXtRdbO2Ts1ES1TgQ1GiOLTOAytqX3Or1fyg==
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-9c21"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 01 May 2023 17:41:00 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 00:30:12 GMT
content-encoding
gzip
via
1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 00:14:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
61849
x-amz-server-side-encryption
AES256
etag
W/"37e703da55f96b973658b8e7aeed0e93"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
zfMWz5l736Lf45U1TJSYcNDGvaKuSHVXJ-Z4RGT0DjDX55cXlsZKCA==
esp.js
cdn.id5-sync.com/api/1.0/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
RJG8P9KGT25NARJA
age
2800
etag
W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7c0192b53c0539bc-FRA
x-amz-id-2
p9caGrESjWYwkHsxUB/95tSAMOAWdfigQO7CUyIVO+HkWK6LxeSkGY+AhjJC0xfpQ02CliLtx7w=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
794 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
32708
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230037-FRA, cache-yyz4557-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kt%2B1n4o0PTDFuSTYXQBR8L58wCHeLPeR5jYzma%2FO4qfGJcHNKrugUp0XRfTMQ2BC7nBiE5uA2b4nlyd1H%2Bi9vdAT1y6WH5M51GsjNoqO92MQrG6kiBZRHSFmFf%2Bemj4%2FmH9aCI%2FuwgJFD1tEyR8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7c0192b52d94bba7-FRA
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:11:54 GMT
via
1.1 google
age
1746
x-guploader-uploadid
ADPycdvYDx3x-wueKUaVg2MmsRtzoTJTa0emUpI4ngVkkGY5pP4NMJelKRDSB2WeFiDkYubnbOm75iRXNVTP_qfR2PYdJQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1938
last-modified
Thu, 27 Apr 2023 19:53:17 GMT
server
UploadServer
etag
"0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation
1682625197861193
x-goog-hash
crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
1938
accept-ranges
bytes
expires
Sun, 30 Apr 2023 18:11:54 GMT
container.html
533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7B6E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 17:41:00 GMT
expires
Mon, 29 Apr 2024 17:41:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		182 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		834 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
e.js
live.demand.supply/e/ 		0
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=-1&r=yalla-shoots.tv_auto_728x90_sticky_display_bottom&sy=03c52cc3-86c0-43eb-8828-203235cab922&ts=87&cd=2&pud=166&pus=c&pue=306&pid=24&pis=c&pie=331&ppd=83&pps=a&ppe=390&pcl=266&ttc=401&tti=916&ttif=0&lca=390&lcak=ppe&lct=390&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=8123a0e5-1a1b-4b2a-8d0f-e93e30ecd216&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA3NTAvMTAwNDk5Mi9jbHViLWFmcmljYWluLXZzLWVzLXNhaGVsLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Sun, 30 Apr 2023 17:41:00 GMT
cf-cache-status
HIT
age
2465030
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c0192b51c3d381a-FRA
localstore.js
script.4dex.io/ 		483 B
1017 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 17:41:00 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
2052684
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQQCO4BaV3zeyQBWxCKKmG6t0u1CJ%2FpGul9ezmi7HIAxf9kuRgsgIoNy0d0EnbQqhICQjpFO6rDjFstIoSyelyR%2F0EiJyHytiptna1LUGxEMuZRZv162GL1EaUUs1encalogapJfS0ZRlgY2"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7c0192b55c04373b-FRA
clappr-p2p-plugin.min.js
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/ Frame BCC6 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/clappr-p2p-plugin.min.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8eb7e24873bb65c9b7193534bda15761d8853b24ca4a41d7749360972504141
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
27320
x-jsd-version
2.6.5
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230036-FRA, cache-jnb7023-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"c19-SLjttAW8dcDjADi6J1T2hbhokWc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awxJ1cfCdWGibr9PR6RVKR53Bim%2BBACO31LV75UOg3ypDUzz3wZq1FE9xtEsIvNuP7qeGwxTQYuHVS%2Ftx6b7QchIAo30K4oavklMicD0Kovf6%2FRpx7fAWb6mv%2BvsEoi3D%2BzE4H%2FrlxoICh1hx%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7c0192b52d93bba7-FRA
p2p-engine.min.js
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/ Frame BCC6 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c618d0210f46e9b9c6decff2ab712bf2f64546b3ac7d25e59996d3106d7adc32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
13918
x-jsd-version
2.7.0
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230112-FRA, cache-yyz4582-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"2acf7-zjDh6eFmUFvA+lQTGAEaiWfu5tM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5y1dZtZoA41A3eUnNtcUwaP8fwMegAIS%2FwAS%2FZqapv8ce9tE2Swg35HOc140a%2BAwpSZQbZy%2BydUqW%2FagdLAumv7LQcqV68UaG0I1ZB%2F36wV7nQS7eo7pvbmBi%2FrFTpwT5esdUJqkvigfnTJYbD0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7c0192b52d8cbba7-FRA
level-selector.min.js
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame BCC6 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
29271
x-jsd-version
0.3.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230055-FRA, cache-yyz4526-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBbrJLW9VWioQmHEbYZJS4MM%2B4xShaM5f37rsKYlAWP2qCWK%2FZIPB3VaHJ5iktTOlToU0Hke8SDrb68Xl1OLDX1efkWkq3Wxv%2FpXOQkj8kUoC1YRD3xx%2BzUM%2FT6JVll%2Fp4jJJb1uSwTPjei5pNs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7c0192b52d8fbba7-FRA
clappr.min.js
cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/ Frame BCC6 		470 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce00e20b1de71ae06025269109fb0cb9482ba6af1dbc262ba4eda319aaef9229
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5820776
x-jsd-version
0.4.7
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230102-FRA, cache-yyz4521-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"7569d-g/bZEgP/0XCbPxVx7RLqUXpxxzU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NeQ%2FsZ%2BwJctzNoocOSm2HtdmqUzvqL5KUAFEz9VzLPLTLyKlm%2Ba1TtxCBOjlgKHLlnHKXyKP9%2BRFrWjG5m%2FILdmtZijPhyTaI2%2Foalq2rpCMV6smeZnE0peFbs3LbuAfM0g71yIrJQ%2BePexDbQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7c0192b52d90bba7-FRA
container.html
533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DEAC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 17:41:00 GMT
expires
Mon, 29 Apr 2024 17:41:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=-1&r=yalla-shoots.tv_fluid_sky%2Bsq&sy=03c52cc3-86c0-43eb-8828-203235cab922&ts=87&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=1024x600&mlbw=4g&mlcs=NaN&mltp=8123a0e5-1a1b-4b2a-8d0f-e93e30ecd216&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA3NTAvMTAwNDk5Mi9jbHViLWFmcmljYWluLXZzLWVzLXNhaGVsLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Sun, 30 Apr 2023 17:41:00 GMT
cf-cache-status
HIT
age
2465030
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c0192b53c5c381a-FRA
container.html
533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3E2C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 17:41:00 GMT
expires
Mon, 29 Apr 2024 17:41:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=-1&r=yalla-shoots.tv_fluid_lb%2Bsq&sy=03c52cc3-86c0-43eb-8828-203235cab922&ts=87&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=8123a0e5-1a1b-4b2a-8d0f-e93e30ecd216&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA3NTAvMTAwNDk5Mi9jbHViLWFmcmljYWluLXZzLWVzLXNhaGVsLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Sun, 30 Apr 2023 17:41:00 GMT
cf-cache-status
HIT
age
2465030
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c0192b54c72381a-FRA
c
prebid.a-mo.net/a/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Sun, 30 Apr 2023 17:40:59 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
prebid
mp.4dex.io/ 		0
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:00 GMT
x-err
Parsing the Prebid Request. org/site not found
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7c0192b5acef3642-FRA
expires
0
bid
ap.lijit.com/rtb/ 		25 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.4
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
71ff5ce265f59e219e67016c10261e8862fa01370b942cee40343a67b468414f

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 Apr 2023 17:41:00 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ 		18 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=97429038715
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 17:40:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yalla-shoots.tv
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 46EA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
26880
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 10:13:00 GMT
expires
Mon, 29 Apr 2024 10:13:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3C7B 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2d553d39008b5c09e3a218c698fbe369c0eaf25b86eb2f9184fdb97664c7fd5d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-M85tuBKwPKZDYpgMxThlGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-M85tuBKwPKZDYpgMxThlGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 17:41:00 GMT
expires
Sun, 30 Apr 2023 17:41:00 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7DF7 		624 B
826 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYqcG3zwEwAQ&v=APEucNVovFGuoXfQSpw-9YaQvDTZ_9sat9GlIecSPSX7vdKla399D0ZM892qf2wBO7lvrRdEYU4h9M6vbwkdHzbEghVVH5ek-j0eC2FsDG6j568tPH46L8pkpwgzjJxOqkfkn1VIaZm_3RpTbcQipqFQi6YYHiTykqn6NQExYWR36AGMdC_P3ZbhwL7FxfoiBlCEYLyNgCLBZ6CB4snq-OXiGkVV-S_DWw
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 17:41:00 GMT
expires
Sun, 30 Apr 2023 17:41:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 7B6E 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 30 Apr 2023 17:41:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B6E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BT5BH8HBLhdPll8TGs6awoMKnfXU4O41lxv40NQPxqEykd_2yCMDJQmN4AffNzVtBpINDhA7CRFbzhgnvl59QwArPL2g9hmc2t0ebg2FTHXkKr8E0
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B6E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14060517603652199942&x=1&ct=76
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 7B6E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:52:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
78483
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 19:52:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 7B6E 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:05:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
77738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:05:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7B6E 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 17:41:00 GMT
container.html
533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C4E6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 17:41:00 GMT
expires
Mon, 29 Apr 2024 17:41:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=-1&r=yalla-shoots.tv_native_multi_native1&sy=03c52cc3-86c0-43eb-8828-203235cab922&ts=87&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=1024x600&mlbw=4g&mlcs=NaN&mltp=8123a0e5-1a1b-4b2a-8d0f-e93e30ecd216&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA3NTAvMTAwNDk5Mi9jbHViLWFmcmljYWluLXZzLWVzLXNhaGVsLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Sun, 30 Apr 2023 17:41:00 GMT
cf-cache-status
HIT
age
2465030
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c0192b5dd5f381a-FRA
adview
securepubads.g.doubleclick.net/pagead/ Frame DEAC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CUc5sLKhOZLPlBMSF7gO_z7GQCsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC99WXD798sj7gAgCoAwGqBMcCT9B1GUORCnqZ6NWBRscUPF2Ey7N4YIZlPtR5OsKS9JBynpnlMtuDdcDONUA60XAO6IVAG4YoL3qPCvloO5pzYBpasvLqB_34I1f1unch0kGw4w1Jt4I9bEkQVriBf2qzG0BT27kFLfb5XvJV8_WPDfpjy4KW-tFbmqPfS30i82JhtsKXKxSD9ieZ1By4uEpKw1nkEQ1oQh6dLUuGe38KJal11gOLOLFVAHV6dPGNn3_XqSa457SFRqaUEiQgA2tJv8UeNNlfM5Hn1meHYwN-DAh8csq6wb8OGL6y5XKnxnfIMl1GYdWWyKgb3M78qKDQ8TkEoKWB1FlpXy5IzHRwJeIXOV5XdTGJtnPqCp8IDMvEMSoPOO0waouZD_xQ6wBvUUE2PVZVpOcLKNgFFxu65DhjVb0DVp9gdxzAy_kWUAy5uJ0hDF454AQBgAaY_7ariIeumPUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=iB-B8CAd6mE&uach_m=[UACH]&cid=CAQSTABygQiD0S8bxUCT9nLSqh9IHw-hm4Ye9ygnWdGBRfXSOtVBJrJmZgVJ4lpEzEs8HIMSgvO5JLYHPTqBu2dZBW6pwseOORUl1buQ0BwYAQ
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame DEAC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kI2YFuzZW4AI2ASdg2ICAgAAAHobFO5qgn2yECuoTmSqM9GoJ4OAYPmbAAASAAAKCkFRVUJBUUVCQVE&wp=ZE6oLAABMrMKe4LEAAxnv7csb-Gv48xcBB-cQQ
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
29097115
server
Kestrel
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame B589 		138 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE6oLAABMrMKe4LEAAxnv7csb-Gv48xcBB-cQQ&u=%7CufNT6Q4xKtlq6lIweqN0ZgzBvWIbug3dPNi%2B%2FwOTXYA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUBLPWiYThF1J8Y-9hMT0qDtapt-UrJYVP6SwZcSJXTvC-ChTybVj31yghHg-ZlcsQfjdK4X9K7M1WLV7w1suePom-1jNOG1CVtccC6DtSFfZbbdwrmGOlwwTnfQZTTXp_0eM6rKIa9uLQbyjC57j0aekC400TsUZmgn2js72U3OM3NOwUC_c_VkQewkstFHjIheVbqKjjJOZN65W7USCc8Bgi-U1Jo3YUhEtr8kfi9QZrCjmOrLg5HaCpRZFw8VYOD2ZGJQ-Nz7zl2pJcCQCdidFtfdggw7c--K-hBzWA9OrVQzV0F0WcvGMekgFVehCs2Vzu1_RGkESw-Cyje-1fsR06enjr5PQZFeVffTAtQi_OcHV9pGJDAngbYMyYTQxHwxAepTyL10Pv6b37wH9k8K2jvTaY9lDU4GzmaqUpQL0oLEAh1uA94VCTtzKIAOyrICifr4QD3LKqDAPkmkxRxvtyQLYUJQrZuUT9_0HTi2DoN2wLPlDBlDV7pC9MSIiAS5c1WVA_nzGPdP7dfzrVcHmQtBnouhM606VdNy6rGElhnEAMxG6yI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXMruLKhOZLPlBMSF7gO_z7GQCsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC99WXD798sj7gAgCoAwGqBMoCT9B1GUORCnqZ6NWBRscUPF2Ey7N4YIZlPtR5OsKS9JBynpnlMtuDdcDONUA60XAO6IVAG4YoL3qPCvloO5pzYBpasvLqB_34I1f1unch0kGw4w1Jt4I9bEkQVriBf2qzG0BT27kFLfb5XvJV8_WPDfpjy4KW-tFbmqPfS30i82JhtsKXKxSD9ieZ1By4uEpKw1nkEQ1oQh6dLUuGe38KJal11gOLOLFVAHV6dPGNn3_XqSa457SFRqaUEiQgA2tJv8UeNNlfM5Hn1meHYwN-DAh8csq6wb8OGL6y5XKnxnfIMl1GYdWWyKgb3M78qKDQ8TkEoKWB1FlpXy5IzHRwJeIXOV5XdTGJtnPqCp8IDMvEMSoPOO0waouZD_xQ6wBvUQM0HMTSK3sYl0QRtMuHQsBqQbe1XLF49agI9l_k7xKVoBiLiE2Gb_sp4AQBgAaY_7ariIeumPUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ayXv8WccXkg1lPVhoKBzcXLG2sQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
401a764412c203335e4ac21ef20dbb015bb496ba83befcd62aa745ea50cae24c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 17:40:59 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=rUAjgfhOTJERbbW1tMwlsqii0krUFVHXgjLQuSn6udSBkskeyLWVPZLKhHYvML2vR-WOBxQgfWPtrFvtcv3FwVckEOn-syW8Q6VAMVUfxYtXKSrJH5gtTCDBO70JP0jolT905h-8fpKQFC5jfepecuO4d_qXjteNP09yQ5sf2BYtuiSOTwL5FTzVkL4J3wpTp92bQXm-UTucT6uBUcqRPORLSQXeu-Go-YeWILCJb47nrISGI6nhvWmFV35TfmNfLGXVEg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
62883253
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame DEAC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:52:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
78483
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 19:52:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame DEAC 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:05:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
77738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:05:22 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DEAC 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:36:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
79493
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 28 Apr 2024 19:36:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DEAC 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 17:41:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A105 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYnsea3gEwAQ&v=APEucNV6dfvsCzHDEh-z3XoRpxQDZ64arwZRP4J5zgBcTN4gwhLhyB1fqWkBN7g7RrA-HcXv3NEuk2Rp7b1SJYRSSLPnEhwa5-CiIq6COJJaVtNbHZtjb_6L2fZg96hsN0p5589GMNxN1tXdyvqLqGWEnNEF8fzO-k6b2kZDKx7r4n1kEkX3UfKRk-SIF0vB2zvA69jonLybflnQy0liVU0OIHnk2I_3uA
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 17:41:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 775C 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 30 Apr 2023 17:41:00 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1352960/69587949/xbbe/creative/ Frame 775C 		251 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1352960/69587949/xbbe/creative/adj?p=APEucNX6J70ZwVx17QEzoj0T2nY2WMKNMlGOYV7thstlQk8nswUzs4Q&d=CokBAKAmf-B_rrkZu_qM7YbdePvTjoZVh86jhpHAZkOPPbFbAQmGTuTPFFIUxpZQLNOBvNiAWaPnjHqlpqnoSsoUo5Th6EcHh0uBg2VpNJ7Uhyuszlzz8PB3ZiONPi4BzBb_uckyAyJSunM7M6HAdxcZsLp5-WvyPxd-9vlgkTPDFOjKUhjLTDmDLA8S2RUAoCZ_4FryRRN8fLDrtDzcWpwmwLHHKioyzOtROpdZqO-2B0cpuPS_XKOrdHvIhHQgQ1ex5FdxL81nXfkATQjKGIlwcIteSLOyhWb8wM86IfSPowxIQDAzziJkdYL2zocEXlytR-v8MaaErqA3Ho2Puspr7DVz1su4PJ3o7MI8eo2L1d7_31gJnq-SBzPSMWh-7luRik2Uc3lMq2ezsO8780kybbMIS5wWPY58OQoqqfNNYOw-yxGq_wpnwYp6P3uEFEt2Y3j708cIX1MGtLaEKi55cy3zKSpg2FGhyorKXaFT1zKiyGdhEBeV6dRRxFdd93MJJrzSV3aU2ryEWgfozTGWbTGJ6hM3FfT3Lqp1S0yhfJr0xToQJQLqW5hgsISTPcDLIHyuKOOCzNvILj-1YevPJPInWn5KnjQCW5QywjWPtVBO-1wXDAnlZAf27RucBVnuZEwclheQvO9A53z8TJ6MYMEu-LD6mB9_5q9sgQTQtKV5_yByoWTlC0XgXjMcJFa5NpG0RSDXJP9Qgu-Bzl6tvfbaQ7mtaFPHbq5fl5tQcWW8MZBpDbO3_QBUdgLHFAeAMtI_1Hzj3WEBO92O2gD63MQ9L3crLtCN0Vxv_GGeSJxSJiSmeRU6Sn_tGq1aA63vj2Y3ybgKAndFyzl5JOyGxbKsvDpAsGgNvE2Ip-5tpBECrpO_ZQgi2mJK_NsL23CagSk-H9Z2YfC3fCOGFKdeiyOYZlBx1J5kM0cUrK_SjMrTHyxIjc95Z38ZntLgBIUnuhOTVrAfu62JT-siskWRh-EuzQ0F4vYQ4Lb3iirESFfw1LIBn1DTSeHCnmNDYvt0mcWRHAG_TS4oUKz3irI3-6PHMRRF5A1wSNP_YWXVjPDP5CX0neXzQsArJUaaZSQUbI5rnqFs41Wc-OBsNI1lGAKwsAIYV1jDqlZ36TfZAZsTito_snScq1T3mOmlm5JdpaJxDmntXptqKq9aAdH20dEuJdduwbCcL9lsErZrk7DBpsYucNd_tPoT8UgkOui3rlss4WJ2Pr6qx35lsL4TNTgW03XBVUx7U9SwWwLQyBMh9tsCZ0al9dghb1p2JBpCobHmL0SYYYKpoAWCfbJn3K88xj6zhPBInGsqi-29tdvx1954-Xi5kybRADK8r9bubCC6kI6i-OrxoplfXbpuMgcmvo6p7B3uA6QkYbc8JnuveUhe2Yil4QTKjwwkPI5OezE4RmF5rc9g1LThzG7mVv-m5H1UD3ILpVYnL_GbegN3N00TJ7uzsiS5ivTfM7bmqJ2JBTm5OjvTlc6YQwj2YEvYdVIGCszV0aI85fHkWUr29zaJrtDszPLztJWH0K3LPN6sZkTQOHMl6OiJi4ysdpTzJLMbwvkx3GQ7PxUIis5Lej9kc_v5QY5cCVX8DJQ7OA9N4LiIw7TEgsnM8tzSswh7S8RcGJJ0qc0UItJ5-Q3Mxc6stKPdvbbOJvAWPUawWZfKyeSQ0Kjc9rsN0N44iimU8O6Sg6LalfIvzC3rtvwzOemCBhub3Q0lMin-vRsp0mcgdy3Lth9tXY7rtERd4lM_1cfowKnbj0829pvWZLOUgI1wccObeqb6Iauvwabt79Q49vClPm2IYZLD36luufTYbUHfJn2MQNJenGXwY6h_PbpBX44DKQG5o9ViZwQ8GZFacPfyvEO4esMSTJHy1I7vP6Aaa1lGhEd_mdNLE8SPPo9CvqBMkmklnNfPdTEpQScaG-17ac_V-beQVZGp6emrHQj94Hn_29q7wTLWiFaMTk8jMnKI_xYqgm19fRauPkgVfGkFmx4wsvQHmRUxE1Nw9UwLUFUaq96lRwTGavxEuUBVQYeL_e_IWSeQO5PvaSh_jsr4jRgHsvZxwdzKb4vaqW5HxMV9FHV_0K9iOvSXd1iip2H_nHTZW3HSh-I6xypeh8CSiCtM1gFnAqMcreiB5kaWT8vXxsQ58Y_K7daqTgN3m1MFsbbYrMIywCUu6tdiBg15LLkwLb2zuy1HaDNoeuzic20GCLBUu-dSGwnL0du9yjkde470FOzOgtTs7zuB9EHtkxJrI0l-0Vjv_dBK4tbpFmHItjBJE47xwXqtrJ94amymgIMh82ng26bAoUFL9Ycwq6EUD8uzTsN8X7Lupdwx0jzcUt8atJlD0v0ov-FJYL-QgfKaOsBKK1B92uLcJrfUWhPuY0ZGjt3fV9wwH2pv_7e0ANqBokgAXeXqD-8FPFs95DUABaZ_kkN71W8hDvZI2RicKMiTFq8ZZPK7sKch91_UOkefahmqHXoioLijTRmd4zBmziTOL8cU-2jHjsmY6UR0tQAUDo8qQPiRn8BM31xWHyz24feI_PdLmJdilgwKm5sJFKTsUgGaVeyYGvTZ3u4qlewPU8MDs9BibEIIf6G6i8coGmJIQsCrBaToz9Y-3teB_7u2GuJIpSeqZL3g-LOF-Q6-4H_hlDiF-Nmka7qF7VFbUaMhzFaadN1Ak5C43DM0V31tu252yKwmyQPa1SNXZY4RoGcdpjTe086DjzvTPx6KM_pYuPNn1e7cL6dXKHtXZ_Z3sAiEKejoIm4GT_uGvm0QP1whwqiyOFg-byRMugK_6VkUXmOw6xlp1ximAViFO_MfDZsi-58qIKP91H-QyJ3nkL2DGr9m5VMqiMjUcB-xWhRB_CXzQALWxDjq_CzGjxzpC3A2xxE7TlPC5LJlB3RWbK2-Fqh4Zut3f6e2OQroy3xH7G_LGODV_72_6wpU_IE1KNzsKzlVVx6v0VQ5RwRnkB7fJH60CvcMErKbuGsh5sYBjCP18iqYAAhFHPmLhdcJSJmSoH6qZZwY9ktUkLaAMQSH6trRQk6HWmEdDruVX88xyb_n6l4vkCN2MWNJKTSUtH01y7z7gie35sofpT3ROav8fSRdLcW1SFODjVUTw0aWnSdnVYs0TBvdiIRJUJK2dvkI1x9QQ3AKo2p8iygbHikX_9sqi52mhjO1ze4EKta60ShsrjD6Aso3a3u9tb3llliK1HSZRvrmPwF7ndiaMkg3DrsYA6r-UnuvG9nfaI-DH8wtjmOkmy0mqwUBeoNgEiUjWxKsaAE7KgnEYm7EENLK0RN-xO8UVDUzjRE_sw7OWKy_fjmZoPt1mw5hFmKdNXyNm2PLm25rZ8PuMT0Daktqxi9IEtNqqJ8Z1XC13qtADLV_zZmuSHeFK2I7feM187z9LSQkAtgkjT7smhkbgbpkVhe7OUXey1QQD03UPwCIynuh7Hd2RG_5WbPb3WrVY-nboDvTtHva5wW7t3EwQq8ke4jPup6Rh4shTeDBgSOTFKzu_LIwcve4_LHvljMIe5HJ-dvaVJFltEQ4OVRrAzdt-RMBgiU0E03ldcaGrAYLvoEW_JvwtevUZQyEKHqwemFT5PvU3nQlYZlBAWSj3jKupb-n9E0N9qCwFuz8lrkGN2_1k_jcEQ0nUW7lEN7jeHZO3rzKVfqT7fzGIBjXwJgYX8gRDh5EDcCouckLaYK2r62IzyP4hviV96jho0j2Z6z1yJQ9UEt1mcqjsIOjSWtPet_sZT71SsIBcCwYQtrOjytlE6MMjdSHl92qre5a137X4zI4vkofE28gbJgc4D-uQLZUpVpe4K_dqGRii8Yk9zD2PMJ0_4Gs89eUMUVAaExPqZEtDRQzppIfexwctr3sjpjj1sc8uSk_jlJhyblDKI3HeVg4txpECAQSPgBygQiDCrGd3Evj_fLqetRWXEE-Ko7GRfAZ3cWBDoJSg8SIMBRcWD-L_YeYNFPFQD9B2UNHKJK_ZXwM6nhlGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1010578566&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=19682531407&bidurl=https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0js16QDM96bh7h8ir81OLlh
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.201.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-201-247.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a4213bd525e29a17244aaf42cac12b991e347b837c7399fb9447418d2d76a16c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 775C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:52:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
78483
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 19:52:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 775C 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:05:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
77738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:05:22 GMT
l
www.google.com/ads/measurement/ Frame 775C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRseI2T4ypYxRKLSfR7-OH2azhCdCNikE2KthihHVsPJ2260tNh_ZwZfUkhJ0HGnBSZpvhDxyndO5o01K5HMYyrEiPk9A
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 775C 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 17:41:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 775C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CWSk8aaHIqkuR-QDMpctaeTedoZs3Bk5w0Kk_pkBQTSIt9DuD29_DTwO5WA2BSLlgtigyLueZhTpUKaAACICRswKsstwE2SCRAre91PBU72XgLvHM
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 775C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6215970652432958763&x=1&ct=76
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/ 		0
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_interstitial_desktop&e=nai&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA3NTAvMTAwNDk5Mi9jbHViLWFmcmljYWluLXZzLWVzLXNhaGVsLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Sun, 30 Apr 2023 17:41:00 GMT
cf-cache-status
HIT
age
2465030
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c0192b60d9f381a-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
740 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177432777658012&correlator=3362363457478690&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C0d2503d0-0ba5-488d-b5c8-a33cd4dbb165&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=11&adks=382925298&didk=2510433324&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D8123a0e5-1a1b-4b2a-8d0f-e93e30ecd216%26chrand%3Dn%26pof%3D1%26bsc%3D87&eri=1&sc=1&cookie=ID%3D42a4877d5e8abf72%3AT%3D1682876460%3AS%3DALNI_MYTEubU7026_sbxLOiLCSOB6xEH0Q&gpic=UID%3D00000bf38db9a062%3AT%3D1682876460%3ART%3D1682876460%3AS%3DALNI_MYN1HFRwq3P_-L8BNVBU3E1wyxr6Q&abxe=1&dt=1682876460487&lmt=1682876457&dlt=1682876459554&idt=333&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1078497215.1682876460&ga_sid=1682876460&ga_hid=1112211741&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYoNqDmv0wSABSAghkEhkKCnB1YmNpZC5vcmcYoNqDmv0wSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGKDag5r9MEgAUgIIZBIXCghydGJob3VzZRig2oOa_TBIAFICCGQSGQoKdWlkYXBpLmNvbRif2oOa_TBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKDag5r9MEgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
62abe9feec4e55a93300f54aac989d4b9e4fc725f99e20f0596e17cb6b09c269
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
711
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
encrypt
esp.rtbhouse.com/ 		265 B
360 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
c33c81ab1001e25595c85981fea8d7d4198c6da123115cdf6c59f589983801eb

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
via
1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
65666c6eb7dc626fd65d0446371beaa1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
265
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://yalla-shoots.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://yalla-shoots.tv
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Sun, 30 Apr 2023 17:41:00 GMT
server
Google Frontend
vary
Origin
via
1.1 google
x-cloud-trace-context
2b69f7a61beea8fea109345dbc52aadd
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 17:41:00 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
383842
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljCWoOcYQiADJspO%2B8B0qly8VvZVUfRqZnpdr9Ekoqg4uzpV8oud0bPAWVrbuJYKNKSb059qX4KF99uKcK5nApgv1PquZc%2Bl3gVN1%2Bdnw%2BVQjwl0RlBBcM1UDDC4OQkeAo0uHOsTRLmyVakj"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7c0192b65b7b18bd-FRA
syncframe
gum.criteo.com/ Frame A711 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=yalla-shoots.tv
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 17:41:00 GMT
server
Kestrel
server-processing-duration-in-ticks
526017
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
increment
id5-sync.com/api/esp/ 		0
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://yalla-shoots.tv
date
Sun, 30 Apr 2023 17:40:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177432777658012&correlator=3106610211823967&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Ccube&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=12&adks=323800357&didk=2675907389&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D42a4877d5e8abf72%3AT%3D1682876460%3AS%3DALNI_MYTEubU7026_sbxLOiLCSOB6xEH0Q&gpic=UID%3D00000bf38db9a062%3AT%3D1682876460%3ART%3D1682876460%3AS%3DALNI_MYN1HFRwq3P_-L8BNVBU3E1wyxr6Q&abxe=1&dt=1682876460560&lmt=1682876457&dlt=1682876459554&idt=333&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1078497215.1682876460&ga_sid=1682876460&ga_hid=1112211741&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYoNqDmv0wSABSAghkEhkKCnB1YmNpZC5vcmcY4tuDmv0wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKDag5r9MEgAUgIIZBIXCghydGJob3VzZRig2oOa_TBIAFICCGQSGQoKdWlkYXBpLmNvbRif2oOa_TBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKDag5r9MEgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19ffb43622838ef5f0c49f5fe46a964f41f4cf6acf4be27e47db75ca1f9ae6c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9430
x-xss-protection
0
google-lineitem-id
5818019657
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374033787
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177432777658012&correlator=3106610211823967&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Ccube2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=13&adks=2685385890&didk=2675907388&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D42a4877d5e8abf72%3AT%3D1682876460%3AS%3DALNI_MYTEubU7026_sbxLOiLCSOB6xEH0Q&gpic=UID%3D00000bf38db9a062%3AT%3D1682876460%3ART%3D1682876460%3AS%3DALNI_MYN1HFRwq3P_-L8BNVBU3E1wyxr6Q&abxe=1&dt=1682876460562&lmt=1682876457&dlt=1682876459554&idt=333&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1078497215.1682876460&ga_sid=1682876460&ga_hid=1112211741&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYoNqDmv0wSABSAghkEhkKCnB1YmNpZC5vcmcY4tuDmv0wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKDag5r9MEgAUgIIZBIXCghydGJob3VzZRig2oOa_TBIAFICCGQSGQoKdWlkYXBpLmNvbRif2oOa_TBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKDag5r9MEgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a612911e1c39f5eb7a9c32c54151e14ee35b977a504780bfef8ec2b0fe27bf6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9438
x-xss-protection
0
google-lineitem-id
5818019657
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374438803
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177432777658012&correlator=3106610211823967&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Ccube3&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=14&adks=1315967423&didk=2675907387&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D42a4877d5e8abf72%3AT%3D1682876460%3AS%3DALNI_MYTEubU7026_sbxLOiLCSOB6xEH0Q&gpic=UID%3D00000bf38db9a062%3AT%3D1682876460%3ART%3D1682876460%3AS%3DALNI_MYN1HFRwq3P_-L8BNVBU3E1wyxr6Q&abxe=1&dt=1682876460565&lmt=1682876457&dlt=1682876459554&idt=333&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1078497215.1682876460&ga_sid=1682876460&ga_hid=1112211741&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYoNqDmv0wSABSAghkEhkKCnB1YmNpZC5vcmcY4tuDmv0wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKDag5r9MEgAUgIIZBIXCghydGJob3VzZRig2oOa_TBIAFICCGQSGQoKdWlkYXBpLmNvbRif2oOa_TBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKDag5r9MEgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ea5642bd5efb384bd3ba27f0fea62821334f379482c68053b81d04ef2924a20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9441
x-xss-protection
0
google-lineitem-id
5818019657
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374037624
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		380 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177432777658012&correlator=3106610211823967&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Crich&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C320x50%7C320x100&ifi=15&adks=4183778&didk=2675907386&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D42a4877d5e8abf72%3AT%3D1682876460%3AS%3DALNI_MYTEubU7026_sbxLOiLCSOB6xEH0Q&gpic=UID%3D00000bf38db9a062%3AT%3D1682876460%3ART%3D1682876460%3AS%3DALNI_MYN1HFRwq3P_-L8BNVBU3E1wyxr6Q&abxe=1&dt=1682876460567&lmt=1682876457&dlt=1682876459554&idt=333&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=f&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1078497215.1682876460&ga_sid=1682876460&ga_hid=1112211741&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYoNqDmv0wSABSAghkEhkKCnB1YmNpZC5vcmcY4tuDmv0wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKDag5r9MEgAUgIIZBIXCghydGJob3VzZRig2oOa_TBIAFICCGQSGQoKdWlkYXBpLmNvbRif2oOa_TBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKDag5r9MEgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
134561314f3ecc4dddb1c4e1093682ee6cf05fc301ed180814f1e4d3924512af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		381 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177432777658012&correlator=3106610211823967&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Crich2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C320x50%7C320x100&ifi=16&adks=861436630&didk=2675907385&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D42a4877d5e8abf72%3AT%3D1682876460%3AS%3DALNI_MYTEubU7026_sbxLOiLCSOB6xEH0Q&gpic=UID%3D00000bf38db9a062%3AT%3D1682876460%3ART%3D1682876460%3AS%3DALNI_MYN1HFRwq3P_-L8BNVBU3E1wyxr6Q&abxe=1&dt=1682876460568&lmt=1682876457&dlt=1682876459554&idt=333&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=g&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1078497215.1682876460&ga_sid=1682876460&ga_hid=1112211741&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYoNqDmv0wSABSAghkEhkKCnB1YmNpZC5vcmcY4tuDmv0wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKDag5r9MEgAUgIIZBIXCghydGJob3VzZRig2oOa_TBIAFICCGQSGQoKdWlkYXBpLmNvbRif2oOa_TBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKDag5r9MEgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1afd18a2e2170735db3f48a902daabe424794978e10826988cb2d6ddce29dfe2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177432777658012&correlator=3106610211823967&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Csky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=120x600%7C160x600%7C300x600&ifi=17&adks=2501595801&didk=2675907384&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D42a4877d5e8abf72%3AT%3D1682876460%3AS%3DALNI_MYTEubU7026_sbxLOiLCSOB6xEH0Q&gpic=UID%3D00000bf38db9a062%3AT%3D1682876460%3ART%3D1682876460%3AS%3DALNI_MYN1HFRwq3P_-L8BNVBU3E1wyxr6Q&abxe=1&dt=1682876460569&lmt=1682876457&dlt=1682876459554&idt=333&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=h&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1078497215.1682876460&ga_sid=1682876460&ga_hid=1112211741&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYoNqDmv0wSABSAghkEhkKCnB1YmNpZC5vcmcY4tuDmv0wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKDag5r9MEgAUgIIZBIXCghydGJob3VzZRig2oOa_TBIAFICCGQSGQoKdWlkYXBpLmNvbRif2oOa_TBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKDag5r9MEgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38e8bd830531a70e4765017275e56988c609e7a82d939f331395f7eb1ae9c45c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9395
x-xss-protection
0
google-lineitem-id
5850403633
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374456614
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		386 B
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177432777658012&correlator=3106610211823967&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cresponsive&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=18&adks=656180126&didk=2675907335&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D42a4877d5e8abf72%3AT%3D1682876460%3AS%3DALNI_MYTEubU7026_sbxLOiLCSOB6xEH0Q&gpic=UID%3D00000bf38db9a062%3AT%3D1682876460%3ART%3D1682876460%3AS%3DALNI_MYN1HFRwq3P_-L8BNVBU3E1wyxr6Q&abxe=1&dt=1682876460571&lmt=1682876457&dlt=1682876459554&idt=333&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=i&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1078497215.1682876460&ga_sid=1682876460&ga_hid=1112211741&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYoNqDmv0wSABSAghkEhkKCnB1YmNpZC5vcmcY4tuDmv0wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKDag5r9MEgAUgIIZBIXCghydGJob3VzZRig2oOa_TBIAFICCGQSGQoKdWlkYXBpLmNvbRif2oOa_TBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKDag5r9MEgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44d8c591187b9ddd122768fcf7a030da9fe5c8b4dae6948f065a9661229b2b32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		387 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177432777658012&correlator=3106610211823967&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cresponsive3&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=19&adks=1041763575&didk=2675907334&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D42a4877d5e8abf72%3AT%3D1682876460%3AS%3DALNI_MYTEubU7026_sbxLOiLCSOB6xEH0Q&gpic=UID%3D00000bf38db9a062%3AT%3D1682876460%3ART%3D1682876460%3AS%3DALNI_MYN1HFRwq3P_-L8BNVBU3E1wyxr6Q&abxe=1&dt=1682876460573&lmt=1682876457&dlt=1682876459554&idt=333&adxs=1018&adys=635&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=j&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F&frm=20&vis=1&psz=1076x293&msz=1076x0&fws=4&ohw=1076&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1078497215.1682876460&ga_sid=1682876460&ga_hid=1112211741&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYoNqDmv0wSABSAghkEhkKCnB1YmNpZC5vcmcY4tuDmv0wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKDag5r9MEgAUgIIZBIXCghydGJob3VzZRig2oOa_TBIAFICCGQSGQoKdWlkYXBpLmNvbRif2oOa_TBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKDag5r9MEgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0023c156980232908bdefc88742c06cd255c2ad7de18a82dbed38906c8b85fb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177432777658012&correlator=3106610211823967&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cresponsive4&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=20&adks=2149091243&didk=2675907333&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D42a4877d5e8abf72%3AT%3D1682876460%3AS%3DALNI_MYTEubU7026_sbxLOiLCSOB6xEH0Q&gpic=UID%3D00000bf38db9a062%3AT%3D1682876460%3ART%3D1682876460%3AS%3DALNI_MYN1HFRwq3P_-L8BNVBU3E1wyxr6Q&abxe=1&dt=1682876460579&lmt=1682876457&dlt=1682876459554&idt=333&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=k&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1078497215.1682876460&ga_sid=1682876460&ga_hid=1112211741&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYoNqDmv0wSABSAghkEhkKCnB1YmNpZC5vcmcY4tuDmv0wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKDag5r9MEgAUgIIZBIXCghydGJob3VzZRig2oOa_TBIAFICCGQSGQoKdWlkYXBpLmNvbRif2oOa_TBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKDag5r9MEgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25aa40ba4064e8b308f28a7d4be03efcaa64378aca5617df4f1260be550fd6ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9435
x-xss-protection
0
google-lineitem-id
5818019657
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374037645
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		97 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177432777658012&correlator=3106610211823967&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cresponsive5&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=21&adks=2023909493&didk=1220294050&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D42a4877d5e8abf72%3AT%3D1682876460%3AS%3DALNI_MYTEubU7026_sbxLOiLCSOB6xEH0Q&gpic=UID%3D00000bf38db9a062%3AT%3D1682876460%3ART%3D1682876460%3AS%3DALNI_MYN1HFRwq3P_-L8BNVBU3E1wyxr6Q&abxe=1&dt=1682876460581&lmt=1682876457&dlt=1682876459554&idt=333&adxs=1018&adys=3937&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=l&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F&frm=20&vis=1&psz=1076x2447&msz=1076x0&fws=4&ohw=1100&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1078497215.1682876460&ga_sid=1682876460&ga_hid=1112211741&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYoNqDmv0wSABSAghkEhkKCnB1YmNpZC5vcmcY4tuDmv0wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKDag5r9MEgAUgIIZBIXCghydGJob3VzZRig2oOa_TBIAFICCGQSGQoKdWlkYXBpLmNvbRif2oOa_TBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKDag5r9MEgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d8d05bdd4bf95f89deb48619ed9b545017df60baea61c2fc868dc736022adb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37326
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		382 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177432777658012&correlator=3106610211823967&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90&ifi=22&adks=3539973942&didk=1959687422&sfv=1-0-40&prev_scp=test%3Drefresh%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D42a4877d5e8abf72%3AT%3D1682876460%3AS%3DALNI_MYTEubU7026_sbxLOiLCSOB6xEH0Q&gpic=UID%3D00000bf38db9a062%3AT%3D1682876460%3ART%3D1682876460%3AS%3DALNI_MYN1HFRwq3P_-L8BNVBU3E1wyxr6Q&abxe=1&dt=1682876460583&lmt=1682876457&dlt=1682876459554&idt=333&adxs=315&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=m&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1078497215.1682876460&ga_sid=1682876460&ga_hid=1112211741&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYoNqDmv0wSABSAghkEhkKCnB1YmNpZC5vcmcY4tuDmv0wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKDag5r9MEgAUgIIZBIXCghydGJob3VzZRig2oOa_TBIAFICCGQSGQoKdWlkYXBpLmNvbRif2oOa_TBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKDag5r9MEgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0c9afa9d586cc887871a2ffd516cb785c0449879b5aa13a35a0c6bd9b843ef1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e6ca7bffdb571b122f7e2a992921a2d5.js
www.gstatic.com/mysidia/ Frame C4E6 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e6ca7bffdb571b122f7e2a992921a2d5.js?tag=client_fast_engine_2019
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
671485b0714fdbb8c1c7fd0d2e632f0b183e62577af1fc2dc38933cb8bfb46a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 12:11:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
451770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3681
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 00:18:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 24 Jul 2023 12:11:30 GMT
eb00f17bb265bdd6892aeb3b525ac0ac.js
www.gstatic.com/mysidia/ Frame C4E6 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/eb00f17bb265bdd6892aeb3b525ac0ac.js?tag=core/multiplex_design_v1
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0cc21ecaf4824d23d265034a6f81e73983d5e8e2b20d8f99c442ea91deb905e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 00:48:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
492734
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4602
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 00:18:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 24 Jul 2023 00:48:46 GMT
css
fonts.googleapis.com/ Frame C4E6 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3018c5284222e82380ec1570f914f544c35e062c4ff9c64e46fdc01695b2b274
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 30 Apr 2023 17:38:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Apr 2023 17:41:00 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame C4E6 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:05:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
77738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:05:22 GMT
7bb08d5e0e26c5d5f128de343772c847.js
www.gstatic.com/mysidia/ Frame C4E6 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/7bb08d5e0e26c5d5f128de343772c847.js?tag=exit_2019
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5ec8fd0ece1a01f7408aec97064efeea62ba1005623dc8a922d550929c130a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 17:56:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171870
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9101
x-xss-protection
0
last-modified
Fri, 28 Apr 2023 17:44:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 27 Jul 2023 17:56:30 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame C4E6 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:05:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
77738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8751
x-xss-protection
0
server
cafe
etag
8024400250147624166
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:05:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame C4E6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:52:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
78483
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 19:52:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame C4E6 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:05:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
77738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:05:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C4E6 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 17:41:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7DF7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL6OfTsSjJiMEUWMJK42Thw&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL6OfTsSjJiMEUWMJK42Thw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYqcG3zwEwAQ&v=APEucNVovFGuoXfQSpw-9YaQvDTZ_9sat9GlIecSPSX7vdKla399D0ZM892qf2wBO7lvrRdEYU4h9M6vbwkdHzbEghVVH5ek-j0eC2FsDG6j568tPH46L8pkpwgzjJxOqkfkn1VIaZm_3RpTbcQipqFQi6YYHiTykqn6NQExYWR36AGMdC_P3ZbhwL7FxfoiBlCEYLyNgCLBZ6CB4snq-OXiGkVV-S_DWw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 17:41:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL6OfTsSjJiMEUWMJK42Thw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7DF7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE6oLB3RZefMcOLnDVRnGgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe5MLH8kJQLSyP8LjM0Pag&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe5MLH8kJQLSyP8LjM0Pag&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYqcG3zwEwAQ&v=APEucNVovFGuoXfQSpw-9YaQvDTZ_9sat9GlIecSPSX7vdKla399D0ZM892qf2wBO7lvrRdEYU4h9M6vbwkdHzbEghVVH5ek-j0eC2FsDG6j568tPH46L8pkpwgzjJxOqkfkn1VIaZm_3RpTbcQipqFQi6YYHiTykqn6NQExYWR36AGMdC_P3ZbhwL7FxfoiBlCEYLyNgCLBZ6CB4snq-OXiGkVV-S_DWw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 17:41:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe5MLH8kJQLSyP8LjM0Pag&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 7DF7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELRZ2vR-9kFFyq4DJW_iY9Y&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELRZ2vR-9kFFyq4DJW_iY9Y&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYqcG3zwEwAQ&v=APEucNVovFGuoXfQSpw-9YaQvDTZ_9sat9GlIecSPSX7vdKla399D0ZM892qf2wBO7lvrRdEYU4h9M6vbwkdHzbEghVVH5ek-j0eC2FsDG6j568tPH46L8pkpwgzjJxOqkfkn1VIaZm_3RpTbcQipqFQi6YYHiTykqn6NQExYWR36AGMdC_P3ZbhwL7FxfoiBlCEYLyNgCLBZ6CB4snq-OXiGkVV-S_DWw
Protocol
HTTP/1.1
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 17:41:00 GMT
AN-X-Request-Uuid
ccc53933-0f5c-4de7-b5a9-0b71db9ccf4b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.200; 80.255.10.200; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELRZ2vR-9kFFyq4DJW_iY9Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7DF7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE3NDM5Mjk0MjgxODMyOTUzOA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE3NDM5Mjk0MjgxODMyOTUzOA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYqcG3zwEwAQ&v=APEucNVovFGuoXfQSpw-9YaQvDTZ_9sat9GlIecSPSX7vdKla399D0ZM892qf2wBO7lvrRdEYU4h9M6vbwkdHzbEghVVH5ek-j0eC2FsDG6j568tPH46L8pkpwgzjJxOqkfkn1VIaZm_3RpTbcQipqFQi6YYHiTykqn6NQExYWR36AGMdC_P3ZbhwL7FxfoiBlCEYLyNgCLBZ6CB4snq-OXiGkVV-S_DWw
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 17:41:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.200; 80.255.10.200; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9d8307f1-be30-4fd3-8b1b-b8a25b611041
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE3NDM5Mjk0MjgxODMyOTUzOA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.208.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-208-238.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c403c003a67f1c4918a85017445d2924dd939b9a81a15b6c956b05c9531b316f

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:00 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache
x-server
10.45.24.139
access-control-allow-credentials
true
content-length
60
expires
0
rum
dsum-sec.casalemedia.com/ Frame A105
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL6OfTsSjJiMEUWMJK42Thw&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL6OfTsSjJiMEUWMJK42Thw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYnsea3gEwAQ&v=APEucNV6dfvsCzHDEh-z3XoRpxQDZ64arwZRP4J5zgBcTN4gwhLhyB1fqWkBN7g7RrA-HcXv3NEuk2Rp7b1SJYRSSLPnEhwa5-CiIq6COJJaVtNbHZtjb_6L2fZg96hsN0p5589GMNxN1tXdyvqLqGWEnNEF8fzO-k6b2kZDKx7r4n1kEkX3UfKRk-SIF0vB2zvA69jonLybflnQy0liVU0OIHnk2I_3uA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 17:41:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL6OfTsSjJiMEUWMJK42Thw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A105
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE6oLB3RZefMcOLnDVRnGgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe5MLH8kJQLSyP8LjM0Pag&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe5MLH8kJQLSyP8LjM0Pag&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYnsea3gEwAQ&v=APEucNV6dfvsCzHDEh-z3XoRpxQDZ64arwZRP4J5zgBcTN4gwhLhyB1fqWkBN7g7RrA-HcXv3NEuk2Rp7b1SJYRSSLPnEhwa5-CiIq6COJJaVtNbHZtjb_6L2fZg96hsN0p5589GMNxN1tXdyvqLqGWEnNEF8fzO-k6b2kZDKx7r4n1kEkX3UfKRk-SIF0vB2zvA69jonLybflnQy0liVU0OIHnk2I_3uA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 17:41:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe5MLH8kJQLSyP8LjM0Pag&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A105
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELRZ2vR-9kFFyq4DJW_iY9Y&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELRZ2vR-9kFFyq4DJW_iY9Y&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYnsea3gEwAQ&v=APEucNV6dfvsCzHDEh-z3XoRpxQDZ64arwZRP4J5zgBcTN4gwhLhyB1fqWkBN7g7RrA-HcXv3NEuk2Rp7b1SJYRSSLPnEhwa5-CiIq6COJJaVtNbHZtjb_6L2fZg96hsN0p5589GMNxN1tXdyvqLqGWEnNEF8fzO-k6b2kZDKx7r4n1kEkX3UfKRk-SIF0vB2zvA69jonLybflnQy0liVU0OIHnk2I_3uA
Protocol
HTTP/1.1
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 17:41:00 GMT
AN-X-Request-Uuid
4a97b68f-ac7e-4eac-a4a2-86af16c356b8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.200; 80.255.10.200; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELRZ2vR-9kFFyq4DJW_iY9Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A105
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE3NDM5Mjk0MjgxODMyOTUzOA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE3NDM5Mjk0MjgxODMyOTUzOA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYnsea3gEwAQ&v=APEucNV6dfvsCzHDEh-z3XoRpxQDZ64arwZRP4J5zgBcTN4gwhLhyB1fqWkBN7g7RrA-HcXv3NEuk2Rp7b1SJYRSSLPnEhwa5-CiIq6COJJaVtNbHZtjb_6L2fZg96hsN0p5589GMNxN1tXdyvqLqGWEnNEF8fzO-k6b2kZDKx7r4n1kEkX3UfKRk-SIF0vB2zvA69jonLybflnQy0liVU0OIHnk2I_3uA
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 17:41:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.200; 80.255.10.200; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
54996001-6815-406c-9b85-3115d7efb39f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE3NDM5Mjk0MjgxODMyOTUzOA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
container.html
533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6413 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 17:41:00 GMT
expires
Mon, 29 Apr 2024 17:41:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&pn=-1&sn=3&pc=0.10001247525215148&ds=true&e=wdp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA3NTAvMTAwNDk5Mi9jbHViLWFmcmljYWluLXZzLWVzLXNhaGVsLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Sun, 30 Apr 2023 17:41:00 GMT
cf-cache-status
HIT
age
2465030
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c0192b72f5c381a-FRA
e.js
live.demand.supply/e/ 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=yalla-shoots.tv_fluid_lb%2Bsq&sy=03c52cc3-86c0-43eb-8828-203235cab922&ts=87&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=8123a0e5-1a1b-4b2a-8d0f-e93e30ecd216&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA3NTAvMTAwNDk5Mi9jbHViLWFmcmljYWluLXZzLWVzLXNhaGVsLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Sun, 30 Apr 2023 17:41:00 GMT
cf-cache-status
HIT
age
2465030
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c0192b72f5e381a-FRA
privacy_small.svg
static.criteo.net/flash/icon/ Frame B589 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE6oLAABMrMKe4LEAAxnv7csb-Gv48xcBB-cQQ&u=%7CufNT6Q4xKtlq6lIweqN0ZgzBvWIbug3dPNi%2B%2FwOTXYA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUBLPWiYThF1J8Y-9hMT0qDtapt-UrJYVP6SwZcSJXTvC-ChTybVj31yghHg-ZlcsQfjdK4X9K7M1WLV7w1suePom-1jNOG1CVtccC6DtSFfZbbdwrmGOlwwTnfQZTTXp_0eM6rKIa9uLQbyjC57j0aekC400TsUZmgn2js72U3OM3NOwUC_c_VkQewkstFHjIheVbqKjjJOZN65W7USCc8Bgi-U1Jo3YUhEtr8kfi9QZrCjmOrLg5HaCpRZFw8VYOD2ZGJQ-Nz7zl2pJcCQCdidFtfdggw7c--K-hBzWA9OrVQzV0F0WcvGMekgFVehCs2Vzu1_RGkESw-Cyje-1fsR06enjr5PQZFeVffTAtQi_OcHV9pGJDAngbYMyYTQxHwxAepTyL10Pv6b37wH9k8K2jvTaY9lDU4GzmaqUpQL0oLEAh1uA94VCTtzKIAOyrICifr4QD3LKqDAPkmkxRxvtyQLYUJQrZuUT9_0HTi2DoN2wLPlDBlDV7pC9MSIiAS5c1WVA_nzGPdP7dfzrVcHmQtBnouhM606VdNy6rGElhnEAMxG6yI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXMruLKhOZLPlBMSF7gO_z7GQCsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC99WXD798sj7gAgCoAwGqBMoCT9B1GUORCnqZ6NWBRscUPF2Ey7N4YIZlPtR5OsKS9JBynpnlMtuDdcDONUA60XAO6IVAG4YoL3qPCvloO5pzYBpasvLqB_34I1f1unch0kGw4w1Jt4I9bEkQVriBf2qzG0BT27kFLfb5XvJV8_WPDfpjy4KW-tFbmqPfS30i82JhtsKXKxSD9ieZ1By4uEpKw1nkEQ1oQh6dLUuGe38KJal11gOLOLFVAHV6dPGNn3_XqSa457SFRqaUEiQgA2tJv8UeNNlfM5Hn1meHYwN-DAh8csq6wb8OGL6y5XKnxnfIMl1GYdWWyKgb3M78qKDQ8TkEoKWB1FlpXy5IzHRwJeIXOV5XdTGJtnPqCp8IDMvEMSoPOO0waouZD_xQ6wBvUQM0HMTSK3sYl0QRtMuHQsBqQbe1XLF49agI9l_k7xKVoBiLiE2Gb_sp4AQBgAaY_7ariIeumPUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ayXv8WccXkg1lPVhoKBzcXLG2sQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 24 Apr 2024 17:41:00 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame B589 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE6oLAABMrMKe4LEAAxnv7csb-Gv48xcBB-cQQ&u=%7CufNT6Q4xKtlq6lIweqN0ZgzBvWIbug3dPNi%2B%2FwOTXYA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUBLPWiYThF1J8Y-9hMT0qDtapt-UrJYVP6SwZcSJXTvC-ChTybVj31yghHg-ZlcsQfjdK4X9K7M1WLV7w1suePom-1jNOG1CVtccC6DtSFfZbbdwrmGOlwwTnfQZTTXp_0eM6rKIa9uLQbyjC57j0aekC400TsUZmgn2js72U3OM3NOwUC_c_VkQewkstFHjIheVbqKjjJOZN65W7USCc8Bgi-U1Jo3YUhEtr8kfi9QZrCjmOrLg5HaCpRZFw8VYOD2ZGJQ-Nz7zl2pJcCQCdidFtfdggw7c--K-hBzWA9OrVQzV0F0WcvGMekgFVehCs2Vzu1_RGkESw-Cyje-1fsR06enjr5PQZFeVffTAtQi_OcHV9pGJDAngbYMyYTQxHwxAepTyL10Pv6b37wH9k8K2jvTaY9lDU4GzmaqUpQL0oLEAh1uA94VCTtzKIAOyrICifr4QD3LKqDAPkmkxRxvtyQLYUJQrZuUT9_0HTi2DoN2wLPlDBlDV7pC9MSIiAS5c1WVA_nzGPdP7dfzrVcHmQtBnouhM606VdNy6rGElhnEAMxG6yI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXMruLKhOZLPlBMSF7gO_z7GQCsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC99WXD798sj7gAgCoAwGqBMoCT9B1GUORCnqZ6NWBRscUPF2Ey7N4YIZlPtR5OsKS9JBynpnlMtuDdcDONUA60XAO6IVAG4YoL3qPCvloO5pzYBpasvLqB_34I1f1unch0kGw4w1Jt4I9bEkQVriBf2qzG0BT27kFLfb5XvJV8_WPDfpjy4KW-tFbmqPfS30i82JhtsKXKxSD9ieZ1By4uEpKw1nkEQ1oQh6dLUuGe38KJal11gOLOLFVAHV6dPGNn3_XqSa457SFRqaUEiQgA2tJv8UeNNlfM5Hn1meHYwN-DAh8csq6wb8OGL6y5XKnxnfIMl1GYdWWyKgb3M78qKDQ8TkEoKWB1FlpXy5IzHRwJeIXOV5XdTGJtnPqCp8IDMvEMSoPOO0waouZD_xQ6wBvUQM0HMTSK3sYl0QRtMuHQsBqQbe1XLF49agI9l_k7xKVoBiLiE2Gb_sp4AQBgAaY_7ariIeumPUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ayXv8WccXkg1lPVhoKBzcXLG2sQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 24 Apr 2024 17:41:00 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame B589 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE6oLAABMrMKe4LEAAxnv7csb-Gv48xcBB-cQQ&u=%7CufNT6Q4xKtlq6lIweqN0ZgzBvWIbug3dPNi%2B%2FwOTXYA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUBLPWiYThF1J8Y-9hMT0qDtapt-UrJYVP6SwZcSJXTvC-ChTybVj31yghHg-ZlcsQfjdK4X9K7M1WLV7w1suePom-1jNOG1CVtccC6DtSFfZbbdwrmGOlwwTnfQZTTXp_0eM6rKIa9uLQbyjC57j0aekC400TsUZmgn2js72U3OM3NOwUC_c_VkQewkstFHjIheVbqKjjJOZN65W7USCc8Bgi-U1Jo3YUhEtr8kfi9QZrCjmOrLg5HaCpRZFw8VYOD2ZGJQ-Nz7zl2pJcCQCdidFtfdggw7c--K-hBzWA9OrVQzV0F0WcvGMekgFVehCs2Vzu1_RGkESw-Cyje-1fsR06enjr5PQZFeVffTAtQi_OcHV9pGJDAngbYMyYTQxHwxAepTyL10Pv6b37wH9k8K2jvTaY9lDU4GzmaqUpQL0oLEAh1uA94VCTtzKIAOyrICifr4QD3LKqDAPkmkxRxvtyQLYUJQrZuUT9_0HTi2DoN2wLPlDBlDV7pC9MSIiAS5c1WVA_nzGPdP7dfzrVcHmQtBnouhM606VdNy6rGElhnEAMxG6yI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXMruLKhOZLPlBMSF7gO_z7GQCsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC99WXD798sj7gAgCoAwGqBMoCT9B1GUORCnqZ6NWBRscUPF2Ey7N4YIZlPtR5OsKS9JBynpnlMtuDdcDONUA60XAO6IVAG4YoL3qPCvloO5pzYBpasvLqB_34I1f1unch0kGw4w1Jt4I9bEkQVriBf2qzG0BT27kFLfb5XvJV8_WPDfpjy4KW-tFbmqPfS30i82JhtsKXKxSD9ieZ1By4uEpKw1nkEQ1oQh6dLUuGe38KJal11gOLOLFVAHV6dPGNn3_XqSa457SFRqaUEiQgA2tJv8UeNNlfM5Hn1meHYwN-DAh8csq6wb8OGL6y5XKnxnfIMl1GYdWWyKgb3M78qKDQ8TkEoKWB1FlpXy5IzHRwJeIXOV5XdTGJtnPqCp8IDMvEMSoPOO0waouZD_xQ6wBvUQM0HMTSK3sYl0QRtMuHQsBqQbe1XLF49agI9l_k7xKVoBiLiE2Gb_sp4AQBgAaY_7ariIeumPUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ayXv8WccXkg1lPVhoKBzcXLG2sQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 24 Apr 2024 17:41:00 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame B589 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE6oLAABMrMKe4LEAAxnv7csb-Gv48xcBB-cQQ&u=%7CufNT6Q4xKtlq6lIweqN0ZgzBvWIbug3dPNi%2B%2FwOTXYA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUBLPWiYThF1J8Y-9hMT0qDtapt-UrJYVP6SwZcSJXTvC-ChTybVj31yghHg-ZlcsQfjdK4X9K7M1WLV7w1suePom-1jNOG1CVtccC6DtSFfZbbdwrmGOlwwTnfQZTTXp_0eM6rKIa9uLQbyjC57j0aekC400TsUZmgn2js72U3OM3NOwUC_c_VkQewkstFHjIheVbqKjjJOZN65W7USCc8Bgi-U1Jo3YUhEtr8kfi9QZrCjmOrLg5HaCpRZFw8VYOD2ZGJQ-Nz7zl2pJcCQCdidFtfdggw7c--K-hBzWA9OrVQzV0F0WcvGMekgFVehCs2Vzu1_RGkESw-Cyje-1fsR06enjr5PQZFeVffTAtQi_OcHV9pGJDAngbYMyYTQxHwxAepTyL10Pv6b37wH9k8K2jvTaY9lDU4GzmaqUpQL0oLEAh1uA94VCTtzKIAOyrICifr4QD3LKqDAPkmkxRxvtyQLYUJQrZuUT9_0HTi2DoN2wLPlDBlDV7pC9MSIiAS5c1WVA_nzGPdP7dfzrVcHmQtBnouhM606VdNy6rGElhnEAMxG6yI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXMruLKhOZLPlBMSF7gO_z7GQCsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC99WXD798sj7gAgCoAwGqBMoCT9B1GUORCnqZ6NWBRscUPF2Ey7N4YIZlPtR5OsKS9JBynpnlMtuDdcDONUA60XAO6IVAG4YoL3qPCvloO5pzYBpasvLqB_34I1f1unch0kGw4w1Jt4I9bEkQVriBf2qzG0BT27kFLfb5XvJV8_WPDfpjy4KW-tFbmqPfS30i82JhtsKXKxSD9ieZ1By4uEpKw1nkEQ1oQh6dLUuGe38KJal11gOLOLFVAHV6dPGNn3_XqSa457SFRqaUEiQgA2tJv8UeNNlfM5Hn1meHYwN-DAh8csq6wb8OGL6y5XKnxnfIMl1GYdWWyKgb3M78qKDQ8TkEoKWB1FlpXy5IzHRwJeIXOV5XdTGJtnPqCp8IDMvEMSoPOO0waouZD_xQ6wBvUQM0HMTSK3sYl0QRtMuHQsBqQbe1XLF49agI9l_k7xKVoBiLiE2Gb_sp4AQBgAaY_7ariIeumPUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ayXv8WccXkg1lPVhoKBzcXLG2sQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 24 Apr 2024 17:41:00 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame B589 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=xIolXO2d0BEu6oSG1F9wPW828ePrz7RGLkLMYH8p4HSmb3ldOuJj2gjMkwyYC8YJBgBbIvoGDVAeKufX2LChzmwD1rRD-bKgj4FSsYVRC_OYtqK2OYB24wlggmzi8ZnFm1nTy45OL6Gdt3OHwKb_v24BOk_S9DDZgQO4iniQODxr4rKfZa8ptxQFvMKz_JtwuDfKSjNKOe68bjf45swRUEu-jqavWQOKb1LhQy4Sugu4w2SBCelAX7dgllAfk6QTgiyTHwrRixZrZaoiHVndtKhBfOEeWHxxp7wSdoLM-lOQ085q71SSq0M98ZMpuSYwmin_EjrE9Laa85Yga6qrOScwRMJvUEh3T0sv-ArBqd04iVOOEe8L44bJR978tp1tghyhHy93yjxAMdJFV3UpoS6iG_fqYsVps2F3HPlInq599f00
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE6oLAABMrMKe4LEAAxnv7csb-Gv48xcBB-cQQ&u=%7CufNT6Q4xKtlq6lIweqN0ZgzBvWIbug3dPNi%2B%2FwOTXYA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUBLPWiYThF1J8Y-9hMT0qDtapt-UrJYVP6SwZcSJXTvC-ChTybVj31yghHg-ZlcsQfjdK4X9K7M1WLV7w1suePom-1jNOG1CVtccC6DtSFfZbbdwrmGOlwwTnfQZTTXp_0eM6rKIa9uLQbyjC57j0aekC400TsUZmgn2js72U3OM3NOwUC_c_VkQewkstFHjIheVbqKjjJOZN65W7USCc8Bgi-U1Jo3YUhEtr8kfi9QZrCjmOrLg5HaCpRZFw8VYOD2ZGJQ-Nz7zl2pJcCQCdidFtfdggw7c--K-hBzWA9OrVQzV0F0WcvGMekgFVehCs2Vzu1_RGkESw-Cyje-1fsR06enjr5PQZFeVffTAtQi_OcHV9pGJDAngbYMyYTQxHwxAepTyL10Pv6b37wH9k8K2jvTaY9lDU4GzmaqUpQL0oLEAh1uA94VCTtzKIAOyrICifr4QD3LKqDAPkmkxRxvtyQLYUJQrZuUT9_0HTi2DoN2wLPlDBlDV7pC9MSIiAS5c1WVA_nzGPdP7dfzrVcHmQtBnouhM606VdNy6rGElhnEAMxG6yI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXMruLKhOZLPlBMSF7gO_z7GQCsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC99WXD798sj7gAgCoAwGqBMoCT9B1GUORCnqZ6NWBRscUPF2Ey7N4YIZlPtR5OsKS9JBynpnlMtuDdcDONUA60XAO6IVAG4YoL3qPCvloO5pzYBpasvLqB_34I1f1unch0kGw4w1Jt4I9bEkQVriBf2qzG0BT27kFLfb5XvJV8_WPDfpjy4KW-tFbmqPfS30i82JhtsKXKxSD9ieZ1By4uEpKw1nkEQ1oQh6dLUuGe38KJal11gOLOLFVAHV6dPGNn3_XqSa457SFRqaUEiQgA2tJv8UeNNlfM5Hn1meHYwN-DAh8csq6wb8OGL6y5XKnxnfIMl1GYdWWyKgb3M78qKDQ8TkEoKWB1FlpXy5IzHRwJeIXOV5XdTGJtnPqCp8IDMvEMSoPOO0waouZD_xQ6wBvUQM0HMTSK3sYl0QRtMuHQsBqQbe1XLF49agI9l_k7xKVoBiLiE2Gb_sp4AQBgAaY_7ariIeumPUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ayXv8WccXkg1lPVhoKBzcXLG2sQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:40:59 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3713084
expires
Mon, 26 Jul 1997 05:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3C7B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304250101&jk=177432777658012&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B6E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=141598162232&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B6E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=141598162232&version=m202301230201&ct=76&x=1&cor=14060517603652200000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 7B6E 		83 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BcTkGDZoa5a58zgH10FCX4m2p_B6nvPQFcKzkrCVnwCwLedsqpMmgp7LYK-nXeANxEhCH1Ay7vb7ou2HkkPEeEZY5jtg&cry=1&dbm_d=AKAmf-CuujhWABjQ0lZ-3pHxGUkh9JBTD9-I7OlqFSgDuiOViAK5WStUlhER0nVJjA7baYqKov-anu4_FYsdAtOxDw2XAyql8dU9YiRdKIcQYXKcHR4SwoLanYewi8HlJQBEIPLdaim4UxK6hOGWKxo7X3UrjPv-6cdSXEvr-IL-gz09qg4sYWgFqM4iCZIwQifpmO85C-K6NfcpusVflu8kNd3anhd07mjfn_yf1INor6XQLIIisXpG_nF40UXfDRtRt6B2fMTfJhSv_SpGBibuMJhPPIndDvAFU8wm-JtCk6eDO0VJfxyV1Jiq0Dndw3EguQc8dgnLWMg2Pl-V5Rvf59_tnYdrS-1gipQ-2h_SitbdXJgGWalpazzMpRYtMjXdoIL_mLDmoXyIm1cCU0PhUbcdQQ4D7B4JewfPE_nfIU69HmEJE-vHGL9V6CryWWtrvDl2GmMuAGhRxdwRXjLKflcFM7gsfpFyqU1FiumzsPux3keuv-QC-mOxk4fH36MtIA4lZRcSgVwRVLCfFxY4fokz8SJjHzWFkMCWwjjfxA6HjHwVpJ2BMOWvN-3wv1Pb5dy6zGxxMWwiVOcX2HR0tKEgCsl3IVtTM6n3x6MDAgq1wgV_PHHiZFTW_clDEj4f8_EHCF40JjgbjXVJb33XSxr3kaw83IIX2xII3eLXwgp29E42JhTkuRYw0FqCt1BK7n2Gdi35Hjdgq9H09-Ro1H9dj8VSopxpPdoC_agI7O7YO0o7HAbqms01JG0F7ybH6Uh1EpeMiY7KVtoyd9RQNTYneAWdsWO9C3ERKL9dTc4xc68JB15wtIKl5i8qB0cdUrM9u6uOyKlcKBesnmA-etzANymnjreG8NHJoraixKXqZyqfp5X6AWRA9ChxuvAzKmrr-l4168ZG5zgGByKFY1Q4yuYQZlx_Vu4uOvVvtroyI7ueqRhYUWGJipTamnBDV59QnoSrUZFlQCKcICt9b31UbK8VygKH9zKbGZNwkZg4m_8-NXbfI6X8bt71OcAcKwZoTSE5tEQaFu9NSAbIHSK18u_cVC-3igIOFgc9yUO8LdCJYG6qYmEP0JlVa7QJwznzrnRJv0umBSldTyEd50J-yZeZLeaNz5IJjiqR9cujKxJdSxMpQhWQ0h2mKqYtPzo9p3Y5dZ0MBcKp5hYIG5V5OdSgVZqdL84k-1s8keJoQNI3O_PTMEggJzU0xed1yvJl_Yr3npO4tSeRP2H3v_cjOW2EMAx_FU0nW8Mu5vlCEyPajgBG7QKtxgklrWsJYrglq1ym4BpBYMbPnt1IP08daU87X9kT3GUVAjJudzU6WYnVrV-Mc6BJo4--hGMo7_r3WFaig31VO92zqeVXFepOeauekdn39vpS4eoUFRGLfDaN-BgoymLAH809CrboKJqj0zFPhRlmEMOd2kBC_aOs-VBxkGCGMtgc_JHNWo4WNr_IXHPS5yEZYdeoY2O38j-RCU0gvH1x0ED_GcE_RcQ7QdMg_thLTKaKD-svV_zv4oZHEelIohJqJuP_NCPUJPH3R-2VmdCtKc64n5HxWIhIho8OBVl28AhCxAESM4M3_4U8_YuA4VEzDqzu1yVS5iftk3WKfOCc88LYk-ff8v_vsPsyOxuqexF3s3x8YC847M_jJjJqKLVKtRWOj7a4BeuHVWzNrINGSxOXj7gE4mn-ygxTzzLaRE-gNNtWAvNadvEKMe4LLkwRjnKC84c_jiXjbkSqgY_GCBvVpv3_Hj7n1mIU_IqclFaXYr6rSoDinrF2Jy-Jg_UZeeEaWcV3QO5Df4UX1DzKgELMZwxpytEEk1cSANp5MYhzIatyEhs4qzqbn0oTx9w7NqKGJgVJgNQPLF8CBHoDponzEyLIHRoYYrlOWsP0sOJ5HRp0khMAs2kg9x4lBShP9R-TS8J1RSKnGVoZsM8gmWMbfDW185HMcHBj7BIFMJzN5qoWNkNjw64wZUu2mzoY3aJEe_aZdRuWUwgxVazKRk_X2s3xOwfnz96eXcyR--wP2gw6kGkwig2sAG2RnbsJyvvLCNQ99FRhPAo3T1r1B7mc3rdyfTr8QnS4o9IulxC-Y6BOsLRDPbxW4ezhlp2Y_Zg2c6QpPOPYttT3jeBIK89a5upDq3zRIAFRsSb8OpvIyabMh-x_9VkE1123eVduMWkPwOC3FC7USwJTb29Gd2qvYmz7jfiC-TZ_eQjmPqkvKAKfwdbw0YAFKfmw9nwomm9_A_03y0OJJ-yExAtCtwtqEsjcdLgDbC-gJi7U0jcjqzG2sHzEa5GZPrJLnYvkQx8Wv3smQNvtgf-ijzedl8wq2YMYxOZ8s_HiA06djvN1DmUWaizt9G6jc65rIEFx5nvW_RCR8oZBIKaNR2P6PdrQeEXIpfx1iczgIqovqIcA5AfK9DkfzKzLBMeBRaZMe4TflTxSYg9DcjroP3WVJ6evpue24UixyLqaPUa0Koe3d1CzCEL6uKccAXH3y0rd_3iXmHOgL_DtgmvwsvqkAPi_g8iZg2abIbys3YH5neCDnt8GrganRqRKGTL0bZg-KYDQMoD-0NBhiRw4dPnuOcjQI8rkGs2SklaED3vICtlWsbpatrhCNAZDNA1h6zhCHEQ8sQkjBf48KdVGQ6QOyQOwlJf1XehsTZIsrZB7i3vJ9bfOrfOGigdjmGqWhtpUHz3Ch2cwqVL2jpA8WYWW4AqoVgovPW2SxKaNB-UWHUC3azh26Tc-fcuJ6rlsrv5xr05Krqr3ufDsGVEq5T29o346_2QfYFwlsGd6_vOdECN4aQvr5byvuszxA0UyBQdfgyiOpEbZQO1deYoqVgL6yUmchdiDsA7AhOtd-omOxFJJqFB5K15y7VE__S2AtD44ZDGX7NzKAgHg66ixkkO00y2DsZo2g9DdhzpAxUJl_TjdAD7jks7WFqBJaawGzEKLR8IT9iwROFekfCA5u9sQfURxzN8mWdCY_8lf3_fiE3qbdwDimOzfpEriSWHAEW61uO571944oXna9cI77nXmSpJblMvicQ1VMUMIF5TunsUvrEmU5JXeoBbk10tVohsWTFb2riBSC9fWntQ9Rvyh1OZ0HGnWImmnXBJSzseFSWFeLQnYC4bYA5XUZPF77CqvJjRs4bTy49BEa3NpQP1w_-NF_CNnXSpAHOrAJDC-HvkZLeAKDxm0u0aRMV8V5l_XTQsIBOnZguWZN8claj8zCfn8eEkow5B-13ceKlrYKUwSVtEsotwsiaaeYNghz60utA34Id1X6RWyM0r--I60alYEvhy0MZVthgiaMa7yvUiWS8rFC2K7nIc9CYgoP_RpiSVTCR18jzZQvFamirXd1zi8uX9GQPiEFmWm_OC6RhDWLbeVLrZYVM89KH25-Aezuq7d81ALY6eXliDxC4SxbYV6RYLrs8M0v5OC75mi0Xy1L2kYW5BY4h1ItvZZxDes19Hdm-CqWc3Uk8VmQ7XvFQivGWteOkLwK9xv8sPacwirGWJnCplGAr-4sGB3MHajC-DPj7v7bHFlfVnGqICA-3-CQIDUqoHg26vv3anXK8BdCy2Yjp-cPqKNeIFfvY7s1q1AQiqI2uZsK02cAG0WsrGcwb-gj3ZMtS1VFqEk_Af3I0uZiJvQzbBwTkFjBdmgGPIBdtzhZSbIqUln&cid=CAQSSwBygQiD08caxsylZ15NDs8-K8TtyaxWKLQAa44zY-Y8cMibjmJNK6LMIltYhiZwrd6l_M3-FShViAlgv4yhFmn2-_9C-tx-72X9MhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=14060517603652200000&adk=2923430907&idt=128&cac=0&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e8fbba4d4ebd294ec14df086d8f1bd3608226d8a9318c1f1ba1b7a0d1f33ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35647
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame A711
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=yalla-shoots.tv&sn=ChromeSyncframe&so=0&topUrl=yalla-shoots.tv&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=Gq6kNXwyaGh6SVljYzFudjI0Um8vWmZPWkJPekZVcnRYSUpxVVpqVHRoclpjT1FoT3hlSkdLclJqNTZzQkhCMmpNRDJxeWRlRVJ6eHZJY1pUVjQxTndzQmtma0V5azlzZkZZS1lhNFNHaDdSTVlWSy94ZVE2WUczcldLZG...
428 B
669 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Gq6kNXwyaGh6SVljYzFudjI0Um8vWmZPWkJPekZVcnRYSUpxVVpqVHRoclpjT1FoT3hlSkdLclJqNTZzQkhCMmpNRDJxeWRlRVJ6eHZJY1pUVjQxTndzQmtma0V5azlzZkZZS1lhNFNHaDdSTVlWSy94ZVE2WUczcldLZG9MU3h0YllkU0s3dFk4eW1xL09SbTZIRlRNd21FUEcwc1QrNGxaY0htcHJFaU1SU1VWOGgxQ0RCcVRDZ2FhYWNqY3VhYkkzVEFZWGd4bHkrb1gzUk0zZXJXQnlLV3J2TjdwU0Jucm93UjlXTmtoM05BZVREUEFXZ1RuejFRakYyVS9UbEVjdy9PZE1USmpEREsvSGtpbVRITDJPNHRQUT09fA&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5af568992ba3ccfe515f51a2f6d151d0c8709beea37ac4feb03019c19c3c56b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:00 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1132836
expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:00 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=Gq6kNXwyaGh6SVljYzFudjI0Um8vWmZPWkJPekZVcnRYSUpxVVpqVHRoclpjT1FoT3hlSkdLclJqNTZzQkhCMmpNRDJxeWRlRVJ6eHZJY1pUVjQxTndzQmtma0V5azlzZkZZS1lhNFNHaDdSTVlWSy94ZVE2WUczcldLZG9MU3h0YllkU0s3dFk4eW1xL09SbTZIRlRNd21FUEcwc1QrNGxaY0htcHJFaU1SU1VWOGgxQ0RCcVRDZ2FhYWNqY3VhYkkzVEFZWGd4bHkrb1gzUk0zZXJXQnlLV3J2TjdwU0Jucm93UjlXTmtoM05BZVREUEFXZ1RuejFRakYyVS9UbEVjdy9PZE1USmpEREsvSGtpbVRITDJPNHRQUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
352363
content-length
0
expires
0
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame B589 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE6oLAABMrMKe4LEAAxnv7csb-Gv48xcBB-cQQ&u=%7CufNT6Q4xKtlq6lIweqN0ZgzBvWIbug3dPNi%2B%2FwOTXYA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUBLPWiYThF1J8Y-9hMT0qDtapt-UrJYVP6SwZcSJXTvC-ChTybVj31yghHg-ZlcsQfjdK4X9K7M1WLV7w1suePom-1jNOG1CVtccC6DtSFfZbbdwrmGOlwwTnfQZTTXp_0eM6rKIa9uLQbyjC57j0aekC400TsUZmgn2js72U3OM3NOwUC_c_VkQewkstFHjIheVbqKjjJOZN65W7USCc8Bgi-U1Jo3YUhEtr8kfi9QZrCjmOrLg5HaCpRZFw8VYOD2ZGJQ-Nz7zl2pJcCQCdidFtfdggw7c--K-hBzWA9OrVQzV0F0WcvGMekgFVehCs2Vzu1_RGkESw-Cyje-1fsR06enjr5PQZFeVffTAtQi_OcHV9pGJDAngbYMyYTQxHwxAepTyL10Pv6b37wH9k8K2jvTaY9lDU4GzmaqUpQL0oLEAh1uA94VCTtzKIAOyrICifr4QD3LKqDAPkmkxRxvtyQLYUJQrZuUT9_0HTi2DoN2wLPlDBlDV7pC9MSIiAS5c1WVA_nzGPdP7dfzrVcHmQtBnouhM606VdNy6rGElhnEAMxG6yI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXMruLKhOZLPlBMSF7gO_z7GQCsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC99WXD798sj7gAgCoAwGqBMoCT9B1GUORCnqZ6NWBRscUPF2Ey7N4YIZlPtR5OsKS9JBynpnlMtuDdcDONUA60XAO6IVAG4YoL3qPCvloO5pzYBpasvLqB_34I1f1unch0kGw4w1Jt4I9bEkQVriBf2qzG0BT27kFLfb5XvJV8_WPDfpjy4KW-tFbmqPfS30i82JhtsKXKxSD9ieZ1By4uEpKw1nkEQ1oQh6dLUuGe38KJal11gOLOLFVAHV6dPGNn3_XqSa457SFRqaUEiQgA2tJv8UeNNlfM5Hn1meHYwN-DAh8csq6wb8OGL6y5XKnxnfIMl1GYdWWyKgb3M78qKDQ8TkEoKWB1FlpXy5IzHRwJeIXOV5XdTGJtnPqCp8IDMvEMSoPOO0waouZD_xQ6wBvUQM0HMTSK3sYl0QRtMuHQsBqQbe1XLF49agI9l_k7xKVoBiLiE2Gb_sp4AQBgAaY_7ariIeumPUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ayXv8WccXkg1lPVhoKBzcXLG2sQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
255532
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ntCVXBJZMOt%2FXm1pBoN0X0BxtZrohnCAyOHKxgq2R4ieYo%2FD9DelW8zi0ZD1yxoQMSH8VqGmR14dfAyi58d3tXAb%2B69a2O1HQgDKquWgecMsQKJdG6%2BUgkVJLHsJP4SZwgWge8SNJh%2FqB6vG8r7CMJMt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c0192b78fbe37eb-FRA
expires
Fri, 19 Apr 2024 17:41:00 GMT
animejs.js
static.criteo.net/animejs/ Frame B589 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE6oLAABMrMKe4LEAAxnv7csb-Gv48xcBB-cQQ&u=%7CufNT6Q4xKtlq6lIweqN0ZgzBvWIbug3dPNi%2B%2FwOTXYA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUBLPWiYThF1J8Y-9hMT0qDtapt-UrJYVP6SwZcSJXTvC-ChTybVj31yghHg-ZlcsQfjdK4X9K7M1WLV7w1suePom-1jNOG1CVtccC6DtSFfZbbdwrmGOlwwTnfQZTTXp_0eM6rKIa9uLQbyjC57j0aekC400TsUZmgn2js72U3OM3NOwUC_c_VkQewkstFHjIheVbqKjjJOZN65W7USCc8Bgi-U1Jo3YUhEtr8kfi9QZrCjmOrLg5HaCpRZFw8VYOD2ZGJQ-Nz7zl2pJcCQCdidFtfdggw7c--K-hBzWA9OrVQzV0F0WcvGMekgFVehCs2Vzu1_RGkESw-Cyje-1fsR06enjr5PQZFeVffTAtQi_OcHV9pGJDAngbYMyYTQxHwxAepTyL10Pv6b37wH9k8K2jvTaY9lDU4GzmaqUpQL0oLEAh1uA94VCTtzKIAOyrICifr4QD3LKqDAPkmkxRxvtyQLYUJQrZuUT9_0HTi2DoN2wLPlDBlDV7pC9MSIiAS5c1WVA_nzGPdP7dfzrVcHmQtBnouhM606VdNy6rGElhnEAMxG6yI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXMruLKhOZLPlBMSF7gO_z7GQCsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC99WXD798sj7gAgCoAwGqBMoCT9B1GUORCnqZ6NWBRscUPF2Ey7N4YIZlPtR5OsKS9JBynpnlMtuDdcDONUA60XAO6IVAG4YoL3qPCvloO5pzYBpasvLqB_34I1f1unch0kGw4w1Jt4I9bEkQVriBf2qzG0BT27kFLfb5XvJV8_WPDfpjy4KW-tFbmqPfS30i82JhtsKXKxSD9ieZ1By4uEpKw1nkEQ1oQh6dLUuGe38KJal11gOLOLFVAHV6dPGNn3_XqSa457SFRqaUEiQgA2tJv8UeNNlfM5Hn1meHYwN-DAh8csq6wb8OGL6y5XKnxnfIMl1GYdWWyKgb3M78qKDQ8TkEoKWB1FlpXy5IzHRwJeIXOV5XdTGJtnPqCp8IDMvEMSoPOO0waouZD_xQ6wBvUQM0HMTSK3sYl0QRtMuHQsBqQbe1XLF49agI9l_k7xKVoBiLiE2Gb_sp4AQBgAaY_7ariIeumPUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ayXv8WccXkg1lPVhoKBzcXLG2sQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 24 Apr 2024 17:41:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 775C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4192923863303&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 775C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4192923863303&version=m202301230201&ct=76&x=1&cor=6215970652432958000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 775C 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BVmG5GfPDT3MhT5Z0fPXWD8wpizPj4TKXRuP9vjgAa1Smx15iLqFEsOqo2XejCnkJV_d7ktYkg30SpPSH7Xpam9EeXjke7f9bYqaBjAALZKO2WkIlo6MKYB4dSKnbGFR13Krl7QhslMqE5FOso6A4xCMK2CY3O4mFS3XUSvI4-_WhcYxI&cry=1&dbm_d=AKAmf-Bmv9KuoJ1qsyJQ6obHLRR_tBPGGSO78ABfPgYjSqrefRCOWTYuwL8VG8xe1Ubuj_rKnh3-FiEOGjv8Uf2g5rsHyyldFDQCPyI4rTqaGmvCZzO_NS2svzgjJufQj4-Bvf3TKUyoJZ7oz0UwmLEpRCuNvZSY2ks-50-pgtRLvvFqMkG9Uo33HE-IGkSO1Hrzmv39qNLqEQohcdCvdqOAqdkD41vke0157IhgmbePWp2LQja-yvCytPwbOWlyUB-NysYLO0eHn8oLcZ-iRaMptxu4P_0rJdAUf705P0jRZjaPokDHJbWy2V26dR4eW_Kv1RJFaNVnMLoa3cBI2hmXkUbsx8ak3CtPTjw-qYP5VwgGz5B9IYUZqWssC1ZX0e2aeAxhXDuRZpeJjJl-c9svLh7a4i-AO-rd6lDe5uo4InpJRcFhlOwJzWjrS96lnxB78ro9n5MVHJ8jk7vF8eW3HIdVRxhb_WTDolNeENEtc1c8CnMo1HlnXrU3CHZRgk4dmT5CpSiCXnFolVh-b3ngm-PDJRaJhbAiEYxUrtKmwcPp3X4thMy3SumoUEyWEWti8xtcvTc33f6DVi8Hl5yGeUzt4LYsc_xBVZ480p8VLjPME6LEWMnW1n47lyxy4nkvNx2fgAHGNHkDFNJiUFusp89yokKojwNbFWAiAyg1LlaSE5dMzP5CFvJtO61_mxo2tfLpZtVZ5fYISzPr4Md9E78Yje8j-9-AfFt5Ktcto1dh8LiBAhkmh4sBXe41jXRINXSFd3360tBkvx4doNvcPX9X52imDJ7-flsxiUfpFIr9Mw3JyA9HDKwrMzZpcD0_YeyDyzb9j9Moe7udD02LYkRsU5sq4yl7jNNJB3zGnN9PzIuswRkcYwApWG5MS42-wBvl2wGxghSCD_b4HYpG12AGWIpWJ1rZmlNtZnjj8RKIAZSnyoNAhN6VrHhthRgSAZMAAwQURQLd6gqAr4ufR9dHrrMY1ajebvGHilr4zwCTY84bk86EWjf3xoROqCUZ4Vc13utOFLwXebHlGUtXlI3WtQE0VyM60_TiOjopv7Ezh5JHgnFr_Ryd08ulOdm4DOo67oz9AI2-L6ODYKuRSx85JBJfNZgVLnELZNeDVSOhO-sDD91doX5g4YWr3K3j-hTqpQiyBz6U3MoIrVIZzmHjo86jvFQpJ_FhrPbMszx_ah1j-G1zVCVf-XPZYvT-bwFvm_xNnBFATdL8TpO0I3_gHncoWaE25W525rSOfgsaprqvwHvF2GurhYC6U6I9y-RUEaEdpfuhEbkjEy9URXELRCwlAPiBghq9M9x4p_zSwyamygkqRjV0k2rCPDzxrb0T0rGevTxn7FlNVTjD6FygeKeopLWnbDopYaXkOmslaW8xWPjz763AOsoJUugOEM62ICDVeOZVSeLJLjzU4VUR9eykz02LtT0Oq6qUkwk8thPKawGWAwOyJMoCcXwwkNa4Iuybx5FpCkoPMpjT6ZOThl8jqsU23yPo9vcvNexfDfTCu4NeGPA26By-rD9kmsVe2tY_KGNiFMlj0SxW1uHwgOyCUKL4FZ2H8wFDjzFHUN5wROtmU7Z-FD63zXJGo7hL6GQ9c2TPZzxebLq467_W-m7OtR0d-GyyzN6L8oajpDgJyUe6SckDGWnkmflQE5da4mMP8CX5KctFi8CJQpWeuehfevj-VRSBVrxWUMqFLIKZE2YuMopjSM5_afiMf-_tWHaciMk1n1P6CnyOrpF1aGIdyDfX_FMag_aVK1gCEj8zydF2nvbh72a6kUu8gyODhUrAKXSN9cQYqdQuADh29JRAZjHkDLIFXwvWPGm80-zKv44s4f1KMXuuYvPExQsOU9ULQT6sK68BEWBDcx38o_bhvjuJLGGLa6WI6oK3Nkxm1nnATcwvrFx7TlT0KLYBLKZ1lrnzU1GtUieoH_IUxYMo97muuJcl24Werz7lZUC-6VnL0yNxLUz1E3aSRMXyX31KFQn5RyWVO52j8Vf_0T21I0vfq5VMBhtilVTTCkQ-lAa5J3wey2awXodeyySXoUWnJG1a3vUxwUmrJkSNz9za2p_hYnbFMlyHt9UXYJJW8WKewveDfXMuDgSg1TiRMEAhL5eyFZETSZPMaVeIJz4hJEUW03JKOMOH2elNPDZHvv0--77DgQrfWpTKiaR7kxf4d61BEE6nGdqZSNP-Ntj006C2qulPHzb9p1APlvqk9uyY__LxeffmIg3N6yql511GNMxQ42Eny5h7IHr1v4gP6ke4U82yoJUlnGiXW7cdvBYIj9VU34T1cyYnoIWay-CDzW54jQ7MFw10Q2qUFsAiocC2d3MiqB5kvrIkLvykcc8FqhnlaWmlo-vLzd4stKwEBXyrTV5_pxgASF7oFlbbSiDG2xQeChhLJkH9Z3CgEt7TdiUeZv2m_D1PPUg1VyrmnOcAxJtojfoafvPS4XXvwUhc2I9SA6iWNISVLCm_wLdz0zvOGPe5zBFWAbmzQ5rhT6cl9dbSy3yI_QE9XsubpjXbouJM_DYYiVRAQz8ePt3V4qP1mklWX0ZXf5JQLgoN3gtTkIdycEIBs9XJbI3-7w4zvf317IUQuqLl6qwX4ILpni0r2bg_P2l6TO5NlwooX1dmuBO-pUfTnzovwKQaNM3wkw3qZIvqe8WBHD1DYKtgqz00TW46Eg6GblvQQxQjvjKRW9BUQfQ5lfPWYKrpHAQqXozFS0-xWUXqubMydMdBVq6RAuaj7OkSlr4CAxeoVLC1tZQlvO3jA9JHx5NAPb0w5wba18bCQh3S1xu5JAnaYRVAvQRJRaVNHw9P33lMyu237jOKwfW6eM9A2DjRVYKfmqF_Bx88wusBMRx66VKraYbRC52tAvE2jcY8VEpEqa92cOqVnpH0kIcSURr6RKsrgpqCvedutVDszpZxTU8lDXlJGAYQh5f7U-sJ2NReGEqrFvxSNXbrk3fs0zetzSss5O-Swsbu5B39Q978gcGvf7vAyjOMSd-sthH6UBhvqZOAQiLCDBJ35Y_VHjNY1Vp-KK_zaMiAPnSYulabmDo&cid=CAQSPgBygQiDCrGd3Evj_fLqetRWXEE-Ko7GRfAZ3cWBDoJSg8SIMBRcWD-L_YeYNFPFQD9B2UNHKJK_ZXwM6nhlGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=6215970652432958000&adk=1761367587&idt=125&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71640107d1acfe2e4b4071d75d86749269449d8f5d633e69bc6d5e0d3341d751
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame DEAC 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
54ab1bed35b4b8f293f6f2a40a0b3c6251baa54848152cc565e93782a554f23a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
e.js
live.demand.supply/e/ 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_interstitial_desktop&e=nai&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA3NTAvMTAwNDk5Mi9jbHViLWFmcmljYWluLXZzLWVzLXNhaGVsLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.8.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Sun, 30 Apr 2023 17:41:00 GMT
cf-cache-status
HIT
age
2465030
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7c0192b7f8a4381a-FRA
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9DB0 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYu_3j5wEwAQ&v=APEucNWonhFuR3wkdlIeNV5s6coVOiWYZ1PKp9L71kyjiDedIf4IZ0kDYZ5UmOZ1mXsKpoX_CvCVfx8ZymtfkJDnQzSO7f7d9HKvAOSOESAgqcEa65LS8beCqTouG7u5hA6tf3LBDN4zJ-96i_S8fO8WNWMnrAZ9PRNyoI-RGoejvEE6z06jkL4WIdbTGHZjvPfFcmZQJOffhM_343bH-cWJFKIT0T95Xw
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 17:41:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame CDA2 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 30 Apr 2023 17:41:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame CDA2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:52:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
78483
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 19:52:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame CDA2 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:05:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
77738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:05:22 GMT
l
www.google.com/ads/measurement/ Frame CDA2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTvSYyrRqW645Mp2qORQsZLahwfgGZ-U8wryhtXNGeMzegUAIr55qnQkY7ryMo42zJC6Msvr80oNfJ6i3-xBb8fXEBocA
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CDA2 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 17:41:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CDA2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DkomA6lIweVd6ykf49XwZVrlVbsZ4bZfTF0F36mYxqDAG094mmHwRlP4v4m9z-f5EHd66MznPz_gkdiIQF6aBa7nrhLKMC2exkES6aiN-3yAdtY1I
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CDA2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15500623169591931631&x=1&ct=76
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
imageproxy.eu.criteo.net/img/ Frame B589 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=1196&m=0&partner=28667&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F28667%2F220127%2F2528b5f7ed0e4eda8c658961638ba706_novasol.png&v=3&w=196&s=gvy7F4R4i5j5CxUt9vb54iUV
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE6oLAABMrMKe4LEAAxnv7csb-Gv48xcBB-cQQ&u=%7CufNT6Q4xKtlq6lIweqN0ZgzBvWIbug3dPNi%2B%2FwOTXYA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUBLPWiYThF1J8Y-9hMT0qDtapt-UrJYVP6SwZcSJXTvC-ChTybVj31yghHg-ZlcsQfjdK4X9K7M1WLV7w1suePom-1jNOG1CVtccC6DtSFfZbbdwrmGOlwwTnfQZTTXp_0eM6rKIa9uLQbyjC57j0aekC400TsUZmgn2js72U3OM3NOwUC_c_VkQewkstFHjIheVbqKjjJOZN65W7USCc8Bgi-U1Jo3YUhEtr8kfi9QZrCjmOrLg5HaCpRZFw8VYOD2ZGJQ-Nz7zl2pJcCQCdidFtfdggw7c--K-hBzWA9OrVQzV0F0WcvGMekgFVehCs2Vzu1_RGkESw-Cyje-1fsR06enjr5PQZFeVffTAtQi_OcHV9pGJDAngbYMyYTQxHwxAepTyL10Pv6b37wH9k8K2jvTaY9lDU4GzmaqUpQL0oLEAh1uA94VCTtzKIAOyrICifr4QD3LKqDAPkmkxRxvtyQLYUJQrZuUT9_0HTi2DoN2wLPlDBlDV7pC9MSIiAS5c1WVA_nzGPdP7dfzrVcHmQtBnouhM606VdNy6rGElhnEAMxG6yI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXMruLKhOZLPlBMSF7gO_z7GQCsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC99WXD798sj7gAgCoAwGqBMoCT9B1GUORCnqZ6NWBRscUPF2Ey7N4YIZlPtR5OsKS9JBynpnlMtuDdcDONUA60XAO6IVAG4YoL3qPCvloO5pzYBpasvLqB_34I1f1unch0kGw4w1Jt4I9bEkQVriBf2qzG0BT27kFLfb5XvJV8_WPDfpjy4KW-tFbmqPfS30i82JhtsKXKxSD9ieZ1By4uEpKw1nkEQ1oQh6dLUuGe38KJal11gOLOLFVAHV6dPGNn3_XqSa457SFRqaUEiQgA2tJv8UeNNlfM5Hn1meHYwN-DAh8csq6wb8OGL6y5XKnxnfIMl1GYdWWyKgb3M78qKDQ8TkEoKWB1FlpXy5IzHRwJeIXOV5XdTGJtnPqCp8IDMvEMSoPOO0waouZD_xQ6wBvUQM0HMTSK3sYl0QRtMuHQsBqQbe1XLF49agI9l_k7xKVoBiLiE2Gb_sp4AQBgAaY_7ariIeumPUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ayXv8WccXkg1lPVhoKBzcXLG2sQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
174e4f21e9218fa1668c362388547ef6e83ae6a03021a63e20f14ca9a440ae6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
6590
expires
Sat, 30 Mar 2024 09:06:41 GMT
img
imageproxy.eu.criteo.net/img/ Frame B589 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28667&q=80&r=2&u=https%3A%2F%2Fimage.novasol.com%2Fpic%2Fd20%2Fd20013_main_02.jpg%3F202317&v=3&w=800&s=H_L5nfW-q6Q2h972M1gpjv2b&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE6oLAABMrMKe4LEAAxnv7csb-Gv48xcBB-cQQ&u=%7CufNT6Q4xKtlq6lIweqN0ZgzBvWIbug3dPNi%2B%2FwOTXYA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUBLPWiYThF1J8Y-9hMT0qDtapt-UrJYVP6SwZcSJXTvC-ChTybVj31yghHg-ZlcsQfjdK4X9K7M1WLV7w1suePom-1jNOG1CVtccC6DtSFfZbbdwrmGOlwwTnfQZTTXp_0eM6rKIa9uLQbyjC57j0aekC400TsUZmgn2js72U3OM3NOwUC_c_VkQewkstFHjIheVbqKjjJOZN65W7USCc8Bgi-U1Jo3YUhEtr8kfi9QZrCjmOrLg5HaCpRZFw8VYOD2ZGJQ-Nz7zl2pJcCQCdidFtfdggw7c--K-hBzWA9OrVQzV0F0WcvGMekgFVehCs2Vzu1_RGkESw-Cyje-1fsR06enjr5PQZFeVffTAtQi_OcHV9pGJDAngbYMyYTQxHwxAepTyL10Pv6b37wH9k8K2jvTaY9lDU4GzmaqUpQL0oLEAh1uA94VCTtzKIAOyrICifr4QD3LKqDAPkmkxRxvtyQLYUJQrZuUT9_0HTi2DoN2wLPlDBlDV7pC9MSIiAS5c1WVA_nzGPdP7dfzrVcHmQtBnouhM606VdNy6rGElhnEAMxG6yI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXMruLKhOZLPlBMSF7gO_z7GQCsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC99WXD798sj7gAgCoAwGqBMoCT9B1GUORCnqZ6NWBRscUPF2Ey7N4YIZlPtR5OsKS9JBynpnlMtuDdcDONUA60XAO6IVAG4YoL3qPCvloO5pzYBpasvLqB_34I1f1unch0kGw4w1Jt4I9bEkQVriBf2qzG0BT27kFLfb5XvJV8_WPDfpjy4KW-tFbmqPfS30i82JhtsKXKxSD9ieZ1By4uEpKw1nkEQ1oQh6dLUuGe38KJal11gOLOLFVAHV6dPGNn3_XqSa457SFRqaUEiQgA2tJv8UeNNlfM5Hn1meHYwN-DAh8csq6wb8OGL6y5XKnxnfIMl1GYdWWyKgb3M78qKDQ8TkEoKWB1FlpXy5IzHRwJeIXOV5XdTGJtnPqCp8IDMvEMSoPOO0waouZD_xQ6wBvUQM0HMTSK3sYl0QRtMuHQsBqQbe1XLF49agI9l_k7xKVoBiLiE2Gb_sp4AQBgAaY_7ariIeumPUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ayXv8WccXkg1lPVhoKBzcXLG2sQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
485142b957d1cebdd9e8765bb3ee4c28fd7687269b909a436e3ea9520cabb56c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=43200
content-length
18096
expires
Sun, 30 Apr 2023 17:57:49 GMT
img
imageproxy.eu.criteo.net/img/ Frame B589 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28667&q=80&r=2&u=https%3A%2F%2Fimage.novasol.com%2Fpic%2Fb33%2Fb3301_main_01.jpg%3F202317&v=3&w=800&s=cHWjWscbZogy5eN_06xaw7Kw&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE6oLAABMrMKe4LEAAxnv7csb-Gv48xcBB-cQQ&u=%7CufNT6Q4xKtlq6lIweqN0ZgzBvWIbug3dPNi%2B%2FwOTXYA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUBLPWiYThF1J8Y-9hMT0qDtapt-UrJYVP6SwZcSJXTvC-ChTybVj31yghHg-ZlcsQfjdK4X9K7M1WLV7w1suePom-1jNOG1CVtccC6DtSFfZbbdwrmGOlwwTnfQZTTXp_0eM6rKIa9uLQbyjC57j0aekC400TsUZmgn2js72U3OM3NOwUC_c_VkQewkstFHjIheVbqKjjJOZN65W7USCc8Bgi-U1Jo3YUhEtr8kfi9QZrCjmOrLg5HaCpRZFw8VYOD2ZGJQ-Nz7zl2pJcCQCdidFtfdggw7c--K-hBzWA9OrVQzV0F0WcvGMekgFVehCs2Vzu1_RGkESw-Cyje-1fsR06enjr5PQZFeVffTAtQi_OcHV9pGJDAngbYMyYTQxHwxAepTyL10Pv6b37wH9k8K2jvTaY9lDU4GzmaqUpQL0oLEAh1uA94VCTtzKIAOyrICifr4QD3LKqDAPkmkxRxvtyQLYUJQrZuUT9_0HTi2DoN2wLPlDBlDV7pC9MSIiAS5c1WVA_nzGPdP7dfzrVcHmQtBnouhM606VdNy6rGElhnEAMxG6yI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXMruLKhOZLPlBMSF7gO_z7GQCsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC99WXD798sj7gAgCoAwGqBMoCT9B1GUORCnqZ6NWBRscUPF2Ey7N4YIZlPtR5OsKS9JBynpnlMtuDdcDONUA60XAO6IVAG4YoL3qPCvloO5pzYBpasvLqB_34I1f1unch0kGw4w1Jt4I9bEkQVriBf2qzG0BT27kFLfb5XvJV8_WPDfpjy4KW-tFbmqPfS30i82JhtsKXKxSD9ieZ1By4uEpKw1nkEQ1oQh6dLUuGe38KJal11gOLOLFVAHV6dPGNn3_XqSa457SFRqaUEiQgA2tJv8UeNNlfM5Hn1meHYwN-DAh8csq6wb8OGL6y5XKnxnfIMl1GYdWWyKgb3M78qKDQ8TkEoKWB1FlpXy5IzHRwJeIXOV5XdTGJtnPqCp8IDMvEMSoPOO0waouZD_xQ6wBvUQM0HMTSK3sYl0QRtMuHQsBqQbe1XLF49agI9l_k7xKVoBiLiE2Gb_sp4AQBgAaY_7ariIeumPUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ayXv8WccXkg1lPVhoKBzcXLG2sQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
12d9331926146686646f59db412117bb443acf4384e8d52f966ad8201e4db9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=900
content-length
10730
expires
Sun, 30 Apr 2023 17:46:17 GMT
img
imageproxy.eu.criteo.net/img/ Frame B589 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28667&q=80&r=2&u=https%3A%2F%2Fimage.novasol.com%2Fpic%2Fb70%2Fb70118_main_01.jpg%3F202317&v=3&w=800&s=sGeyGUCtmV8YnqFlggyzy1M4&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE6oLAABMrMKe4LEAAxnv7csb-Gv48xcBB-cQQ&u=%7CufNT6Q4xKtlq6lIweqN0ZgzBvWIbug3dPNi%2B%2FwOTXYA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUBLPWiYThF1J8Y-9hMT0qDtapt-UrJYVP6SwZcSJXTvC-ChTybVj31yghHg-ZlcsQfjdK4X9K7M1WLV7w1suePom-1jNOG1CVtccC6DtSFfZbbdwrmGOlwwTnfQZTTXp_0eM6rKIa9uLQbyjC57j0aekC400TsUZmgn2js72U3OM3NOwUC_c_VkQewkstFHjIheVbqKjjJOZN65W7USCc8Bgi-U1Jo3YUhEtr8kfi9QZrCjmOrLg5HaCpRZFw8VYOD2ZGJQ-Nz7zl2pJcCQCdidFtfdggw7c--K-hBzWA9OrVQzV0F0WcvGMekgFVehCs2Vzu1_RGkESw-Cyje-1fsR06enjr5PQZFeVffTAtQi_OcHV9pGJDAngbYMyYTQxHwxAepTyL10Pv6b37wH9k8K2jvTaY9lDU4GzmaqUpQL0oLEAh1uA94VCTtzKIAOyrICifr4QD3LKqDAPkmkxRxvtyQLYUJQrZuUT9_0HTi2DoN2wLPlDBlDV7pC9MSIiAS5c1WVA_nzGPdP7dfzrVcHmQtBnouhM606VdNy6rGElhnEAMxG6yI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXMruLKhOZLPlBMSF7gO_z7GQCsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC99WXD798sj7gAgCoAwGqBMoCT9B1GUORCnqZ6NWBRscUPF2Ey7N4YIZlPtR5OsKS9JBynpnlMtuDdcDONUA60XAO6IVAG4YoL3qPCvloO5pzYBpasvLqB_34I1f1unch0kGw4w1Jt4I9bEkQVriBf2qzG0BT27kFLfb5XvJV8_WPDfpjy4KW-tFbmqPfS30i82JhtsKXKxSD9ieZ1By4uEpKw1nkEQ1oQh6dLUuGe38KJal11gOLOLFVAHV6dPGNn3_XqSa457SFRqaUEiQgA2tJv8UeNNlfM5Hn1meHYwN-DAh8csq6wb8OGL6y5XKnxnfIMl1GYdWWyKgb3M78qKDQ8TkEoKWB1FlpXy5IzHRwJeIXOV5XdTGJtnPqCp8IDMvEMSoPOO0waouZD_xQ6wBvUQM0HMTSK3sYl0QRtMuHQsBqQbe1XLF49agI9l_k7xKVoBiLiE2Gb_sp4AQBgAaY_7ariIeumPUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ayXv8WccXkg1lPVhoKBzcXLG2sQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a9ae6b06899737faa70efaa0c5296880e19cfdb16f10b30728411793c14b42ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=42074
content-length
18672
expires
Sun, 30 Apr 2023 18:05:48 GMT
img
imageproxy.eu.criteo.net/img/ Frame B589 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28667&q=80&r=2&u=https%3A%2F%2Fimage.novasol.com%2Fpic%2Fd20%2Fd20377_main_01.jpg%3F202317&v=3&w=800&s=CrWz4YUJca1AG9rEzfSMphFC&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE6oLAABMrMKe4LEAAxnv7csb-Gv48xcBB-cQQ&u=%7CufNT6Q4xKtlq6lIweqN0ZgzBvWIbug3dPNi%2B%2FwOTXYA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUBLPWiYThF1J8Y-9hMT0qDtapt-UrJYVP6SwZcSJXTvC-ChTybVj31yghHg-ZlcsQfjdK4X9K7M1WLV7w1suePom-1jNOG1CVtccC6DtSFfZbbdwrmGOlwwTnfQZTTXp_0eM6rKIa9uLQbyjC57j0aekC400TsUZmgn2js72U3OM3NOwUC_c_VkQewkstFHjIheVbqKjjJOZN65W7USCc8Bgi-U1Jo3YUhEtr8kfi9QZrCjmOrLg5HaCpRZFw8VYOD2ZGJQ-Nz7zl2pJcCQCdidFtfdggw7c--K-hBzWA9OrVQzV0F0WcvGMekgFVehCs2Vzu1_RGkESw-Cyje-1fsR06enjr5PQZFeVffTAtQi_OcHV9pGJDAngbYMyYTQxHwxAepTyL10Pv6b37wH9k8K2jvTaY9lDU4GzmaqUpQL0oLEAh1uA94VCTtzKIAOyrICifr4QD3LKqDAPkmkxRxvtyQLYUJQrZuUT9_0HTi2DoN2wLPlDBlDV7pC9MSIiAS5c1WVA_nzGPdP7dfzrVcHmQtBnouhM606VdNy6rGElhnEAMxG6yI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXMruLKhOZLPlBMSF7gO_z7GQCsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC99WXD798sj7gAgCoAwGqBMoCT9B1GUORCnqZ6NWBRscUPF2Ey7N4YIZlPtR5OsKS9JBynpnlMtuDdcDONUA60XAO6IVAG4YoL3qPCvloO5pzYBpasvLqB_34I1f1unch0kGw4w1Jt4I9bEkQVriBf2qzG0BT27kFLfb5XvJV8_WPDfpjy4KW-tFbmqPfS30i82JhtsKXKxSD9ieZ1By4uEpKw1nkEQ1oQh6dLUuGe38KJal11gOLOLFVAHV6dPGNn3_XqSa457SFRqaUEiQgA2tJv8UeNNlfM5Hn1meHYwN-DAh8csq6wb8OGL6y5XKnxnfIMl1GYdWWyKgb3M78qKDQ8TkEoKWB1FlpXy5IzHRwJeIXOV5XdTGJtnPqCp8IDMvEMSoPOO0waouZD_xQ6wBvUQM0HMTSK3sYl0QRtMuHQsBqQbe1XLF49agI9l_k7xKVoBiLiE2Gb_sp4AQBgAaY_7ariIeumPUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ayXv8WccXkg1lPVhoKBzcXLG2sQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bdd083c4f3241d1ff5be0eea3f51859044a7b02ab4632000f6d5f26ed0079fd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=42290
content-length
23350
expires
Sun, 30 Apr 2023 20:30:09 GMT
all
csm.eu.criteo.net/ Frame B589 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=rUAjgfhOTJERbbW1tMwlsqii0krUFVHXgjLQuSn6udSBkskeyLWVPZLKhHYvML2vR-WOBxQgfWPtrFvtcv3FwVckEOn-syW8Q6VAMVUfxYtXKSrJH5gtTCDBO70JP0jolT905h-8fpKQFC5jfepecuO4d_qXjteNP09yQ5sf2BYtuiSOTwL5FTzVkL4J3wpTp92bQXm-UTucT6uBUcqRPORLSQXeu-Go-YeWILCJb47nrISGI6nhvWmFV35TfmNfLGXVEg&sds=2&rev=86118&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE6oLAABMrMKe4LEAAxnv7csb-Gv48xcBB-cQQ&u=%7CufNT6Q4xKtlq6lIweqN0ZgzBvWIbug3dPNi%2B%2FwOTXYA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUBLPWiYThF1J8Y-9hMT0qDtapt-UrJYVP6SwZcSJXTvC-ChTybVj31yghHg-ZlcsQfjdK4X9K7M1WLV7w1suePom-1jNOG1CVtccC6DtSFfZbbdwrmGOlwwTnfQZTTXp_0eM6rKIa9uLQbyjC57j0aekC400TsUZmgn2js72U3OM3NOwUC_c_VkQewkstFHjIheVbqKjjJOZN65W7USCc8Bgi-U1Jo3YUhEtr8kfi9QZrCjmOrLg5HaCpRZFw8VYOD2ZGJQ-Nz7zl2pJcCQCdidFtfdggw7c--K-hBzWA9OrVQzV0F0WcvGMekgFVehCs2Vzu1_RGkESw-Cyje-1fsR06enjr5PQZFeVffTAtQi_OcHV9pGJDAngbYMyYTQxHwxAepTyL10Pv6b37wH9k8K2jvTaY9lDU4GzmaqUpQL0oLEAh1uA94VCTtzKIAOyrICifr4QD3LKqDAPkmkxRxvtyQLYUJQrZuUT9_0HTi2DoN2wLPlDBlDV7pC9MSIiAS5c1WVA_nzGPdP7dfzrVcHmQtBnouhM606VdNy6rGElhnEAMxG6yI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXMruLKhOZLPlBMSF7gO_z7GQCsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC99WXD798sj7gAgCoAwGqBMoCT9B1GUORCnqZ6NWBRscUPF2Ey7N4YIZlPtR5OsKS9JBynpnlMtuDdcDONUA60XAO6IVAG4YoL3qPCvloO5pzYBpasvLqB_34I1f1unch0kGw4w1Jt4I9bEkQVriBf2qzG0BT27kFLfb5XvJV8_WPDfpjy4KW-tFbmqPfS30i82JhtsKXKxSD9ieZ1By4uEpKw1nkEQ1oQh6dLUuGe38KJal11gOLOLFVAHV6dPGNn3_XqSa457SFRqaUEiQgA2tJv8UeNNlfM5Hn1meHYwN-DAh8csq6wb8OGL6y5XKnxnfIMl1GYdWWyKgb3M78qKDQ8TkEoKWB1FlpXy5IzHRwJeIXOV5XdTGJtnPqCp8IDMvEMSoPOO0waouZD_xQ6wBvUQM0HMTSK3sYl0QRtMuHQsBqQbe1XLF49agI9l_k7xKVoBiLiE2Gb_sp4AQBgAaY_7ariIeumPUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ayXv8WccXkg1lPVhoKBzcXLG2sQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 30 Apr 2023 17:41:00 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame B589 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE6oLAABMrMKe4LEAAxnv7csb-Gv48xcBB-cQQ&u=%7CufNT6Q4xKtlq6lIweqN0ZgzBvWIbug3dPNi%2B%2FwOTXYA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUBLPWiYThF1J8Y-9hMT0qDtapt-UrJYVP6SwZcSJXTvC-ChTybVj31yghHg-ZlcsQfjdK4X9K7M1WLV7w1suePom-1jNOG1CVtccC6DtSFfZbbdwrmGOlwwTnfQZTTXp_0eM6rKIa9uLQbyjC57j0aekC400TsUZmgn2js72U3OM3NOwUC_c_VkQewkstFHjIheVbqKjjJOZN65W7USCc8Bgi-U1Jo3YUhEtr8kfi9QZrCjmOrLg5HaCpRZFw8VYOD2ZGJQ-Nz7zl2pJcCQCdidFtfdggw7c--K-hBzWA9OrVQzV0F0WcvGMekgFVehCs2Vzu1_RGkESw-Cyje-1fsR06enjr5PQZFeVffTAtQi_OcHV9pGJDAngbYMyYTQxHwxAepTyL10Pv6b37wH9k8K2jvTaY9lDU4GzmaqUpQL0oLEAh1uA94VCTtzKIAOyrICifr4QD3LKqDAPkmkxRxvtyQLYUJQrZuUT9_0HTi2DoN2wLPlDBlDV7pC9MSIiAS5c1WVA_nzGPdP7dfzrVcHmQtBnouhM606VdNy6rGElhnEAMxG6yI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXMruLKhOZLPlBMSF7gO_z7GQCsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC99WXD798sj7gAgCoAwGqBMoCT9B1GUORCnqZ6NWBRscUPF2Ey7N4YIZlPtR5OsKS9JBynpnlMtuDdcDONUA60XAO6IVAG4YoL3qPCvloO5pzYBpasvLqB_34I1f1unch0kGw4w1Jt4I9bEkQVriBf2qzG0BT27kFLfb5XvJV8_WPDfpjy4KW-tFbmqPfS30i82JhtsKXKxSD9ieZ1By4uEpKw1nkEQ1oQh6dLUuGe38KJal11gOLOLFVAHV6dPGNn3_XqSa457SFRqaUEiQgA2tJv8UeNNlfM5Hn1meHYwN-DAh8csq6wb8OGL6y5XKnxnfIMl1GYdWWyKgb3M78qKDQ8TkEoKWB1FlpXy5IzHRwJeIXOV5XdTGJtnPqCp8IDMvEMSoPOO0waouZD_xQ6wBvUQM0HMTSK3sYl0QRtMuHQsBqQbe1XLF49agI9l_k7xKVoBiLiE2Gb_sp4AQBgAaY_7ariIeumPUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ayXv8WccXkg1lPVhoKBzcXLG2sQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 24 Apr 2024 17:41:00 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame B589 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE6oLAABMrMKe4LEAAxnv7csb-Gv48xcBB-cQQ&u=%7CufNT6Q4xKtlq6lIweqN0ZgzBvWIbug3dPNi%2B%2FwOTXYA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANUBLPWiYThF1J8Y-9hMT0qDtapt-UrJYVP6SwZcSJXTvC-ChTybVj31yghHg-ZlcsQfjdK4X9K7M1WLV7w1suePom-1jNOG1CVtccC6DtSFfZbbdwrmGOlwwTnfQZTTXp_0eM6rKIa9uLQbyjC57j0aekC400TsUZmgn2js72U3OM3NOwUC_c_VkQewkstFHjIheVbqKjjJOZN65W7USCc8Bgi-U1Jo3YUhEtr8kfi9QZrCjmOrLg5HaCpRZFw8VYOD2ZGJQ-Nz7zl2pJcCQCdidFtfdggw7c--K-hBzWA9OrVQzV0F0WcvGMekgFVehCs2Vzu1_RGkESw-Cyje-1fsR06enjr5PQZFeVffTAtQi_OcHV9pGJDAngbYMyYTQxHwxAepTyL10Pv6b37wH9k8K2jvTaY9lDU4GzmaqUpQL0oLEAh1uA94VCTtzKIAOyrICifr4QD3LKqDAPkmkxRxvtyQLYUJQrZuUT9_0HTi2DoN2wLPlDBlDV7pC9MSIiAS5c1WVA_nzGPdP7dfzrVcHmQtBnouhM606VdNy6rGElhnEAMxG6yI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXMruLKhOZLPlBMSF7gO_z7GQCsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC99WXD798sj7gAgCoAwGqBMoCT9B1GUORCnqZ6NWBRscUPF2Ey7N4YIZlPtR5OsKS9JBynpnlMtuDdcDONUA60XAO6IVAG4YoL3qPCvloO5pzYBpasvLqB_34I1f1unch0kGw4w1Jt4I9bEkQVriBf2qzG0BT27kFLfb5XvJV8_WPDfpjy4KW-tFbmqPfS30i82JhtsKXKxSD9ieZ1By4uEpKw1nkEQ1oQh6dLUuGe38KJal11gOLOLFVAHV6dPGNn3_XqSa457SFRqaUEiQgA2tJv8UeNNlfM5Hn1meHYwN-DAh8csq6wb8OGL6y5XKnxnfIMl1GYdWWyKgb3M78qKDQ8TkEoKWB1FlpXy5IzHRwJeIXOV5XdTGJtnPqCp8IDMvEMSoPOO0waouZD_xQ6wBvUQM0HMTSK3sYl0QRtMuHQsBqQbe1XLF49agI9l_k7xKVoBiLiE2Gb_sp4AQBgAaY_7ariIeumPUBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ayXv8WccXkg1lPVhoKBzcXLG2sQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 24 Apr 2024 17:41:00 GMT
C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
pagead2.googlesyndication.com/bg/ Frame 46EA 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:12:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
336511
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14118
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:12:29 GMT
15434244260696230769
s0.2mdn.net/simgad/ Frame C4E6 		332 KB
332 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/15434244260696230769?w=400&h=209
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9bf2faf1bab92d67f7915c533124bb8f6d9ef10c39215da2c967d336684648db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 15:44:46 GMT
x-content-type-options
nosniff
age
93374
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
339666
x-xss-protection
0
last-modified
Tue, 04 Apr 2023 14:01:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 15:44:46 GMT
truncated
/ Frame C4E6 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38354e6a0119fe113356e1506a115ca148a6b9ea22cf88136baa9167d6fde794

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
11224692012555215719
s0.2mdn.net/simgad/ Frame C4E6 		580 KB
580 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11224692012555215719?w=400&h=209
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7900762038a91e506c1854ad6b8c6d8def8e7d93079a779d1e0b2de4d10f9066
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 17:12:54 GMT
x-content-type-options
nosniff
age
88086
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
593483
x-xss-protection
0
last-modified
Fri, 24 Mar 2023 08:31:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 17:12:54 GMT
img
imageproxy.eu.criteo.net/img/ Frame C4E6 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12638&q=80&r=0&u=https%3A%2F%2Fsuperzoom.onlinesuperimage.com%2Ffsicache%2Fserver%3Ftype%3Dimage%26source%3D%2FJanVanderstorm%2FSweatjackeRODERICH_gelb_283849101.png%26width%3D600%26height%3D600%26effects%3DPad%28CC%252CF1F1F1%29%252CMatte%28FFFFFF%29%26format%3Djpeg%26padding%3D3%252C3%252C3%252C3%26effects%3DMatte%28F1F1F1%29%26width%3D816&ups=1&v=3&w=800&s=w8TpT5OWAZICBhd_2RuAp6Si
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d5036657ecef68a762122c678cb86da331636c05eb165694a764458fc1ecd663
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
19434
expires
Wed, 17 May 2023 13:21:57 GMT
img
imageproxy.eu.criteo.net/img/ Frame C4E6 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=12638&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F12638%2F200722%2F2d3c404082f142d9a14b6b544d5dbd05_jv_logo_ohne_claim_pos_hoch_sq.png&v=3&w=1200&s=48VvaFovrlWLrrBmAUaxCT4U
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1e011a35ed2c4a688b3a6a0f8ca8800d090dd0a74264bb86c9d75f71a3b9d9f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
22797
expires
Sun, 21 Apr 2024 10:09:24 GMT
img
imageproxy.eu.criteo.net/img/ Frame C4E6 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=800&m=0&partner=74612&q=80&r=0&u=https%3A%2F%2Fstatic.digitecgalaxus.ch%2FFiles%2F3%2F3%2F7%2F4%2F0%2F2%2F1%2F4%2F1788512_P1.jpeg&ups=1&v=3&w=800&s=wfiABKujminuGUUCCA0XLzmy
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8acf57f1dd243521fafb06717a03922a337d701f39561b81b85cb7b5a7889211
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=1409682
content-length
15404
expires
Tue, 09 May 2023 16:58:17 GMT
img
imageproxy.eu.criteo.net/img/ Frame C4E6 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=74612&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F74612%2F201001%2Fbdf6affd9df54455bc26aca64ee0f58c_logo_n_horizontal_5.png&v=3&w=1200&s=8R9IGSbPg5j28-x5b38XLLJg
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
eddc71166d1206332ab739981beb0930d3f663dbdc308c758c412cf980e15af2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
39295
expires
Wed, 10 Apr 2024 06:43:58 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 7B6E 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
Origin
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 09:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29627
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 May 2023 09:27:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame 7B6E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BcTkGDZoa5a58zgH10FCX4m2p_B6nvPQFcKzkrCVnwCwLedsqpMmgp7LYK-nXeANxEhCH1Ay7vb7ou2HkkPEeEZY5jtg&cry=1&dbm_d=AKAmf-CuujhWABjQ0lZ-3pHxGUkh9JBTD9-I7OlqFSgDuiOViAK5WStUlhER0nVJjA7baYqKov-anu4_FYsdAtOxDw2XAyql8dU9YiRdKIcQYXKcHR4SwoLanYewi8HlJQBEIPLdaim4UxK6hOGWKxo7X3UrjPv-6cdSXEvr-IL-gz09qg4sYWgFqM4iCZIwQifpmO85C-K6NfcpusVflu8kNd3anhd07mjfn_yf1INor6XQLIIisXpG_nF40UXfDRtRt6B2fMTfJhSv_SpGBibuMJhPPIndDvAFU8wm-JtCk6eDO0VJfxyV1Jiq0Dndw3EguQc8dgnLWMg2Pl-V5Rvf59_tnYdrS-1gipQ-2h_SitbdXJgGWalpazzMpRYtMjXdoIL_mLDmoXyIm1cCU0PhUbcdQQ4D7B4JewfPE_nfIU69HmEJE-vHGL9V6CryWWtrvDl2GmMuAGhRxdwRXjLKflcFM7gsfpFyqU1FiumzsPux3keuv-QC-mOxk4fH36MtIA4lZRcSgVwRVLCfFxY4fokz8SJjHzWFkMCWwjjfxA6HjHwVpJ2BMOWvN-3wv1Pb5dy6zGxxMWwiVOcX2HR0tKEgCsl3IVtTM6n3x6MDAgq1wgV_PHHiZFTW_clDEj4f8_EHCF40JjgbjXVJb33XSxr3kaw83IIX2xII3eLXwgp29E42JhTkuRYw0FqCt1BK7n2Gdi35Hjdgq9H09-Ro1H9dj8VSopxpPdoC_agI7O7YO0o7HAbqms01JG0F7ybH6Uh1EpeMiY7KVtoyd9RQNTYneAWdsWO9C3ERKL9dTc4xc68JB15wtIKl5i8qB0cdUrM9u6uOyKlcKBesnmA-etzANymnjreG8NHJoraixKXqZyqfp5X6AWRA9ChxuvAzKmrr-l4168ZG5zgGByKFY1Q4yuYQZlx_Vu4uOvVvtroyI7ueqRhYUWGJipTamnBDV59QnoSrUZFlQCKcICt9b31UbK8VygKH9zKbGZNwkZg4m_8-NXbfI6X8bt71OcAcKwZoTSE5tEQaFu9NSAbIHSK18u_cVC-3igIOFgc9yUO8LdCJYG6qYmEP0JlVa7QJwznzrnRJv0umBSldTyEd50J-yZeZLeaNz5IJjiqR9cujKxJdSxMpQhWQ0h2mKqYtPzo9p3Y5dZ0MBcKp5hYIG5V5OdSgVZqdL84k-1s8keJoQNI3O_PTMEggJzU0xed1yvJl_Yr3npO4tSeRP2H3v_cjOW2EMAx_FU0nW8Mu5vlCEyPajgBG7QKtxgklrWsJYrglq1ym4BpBYMbPnt1IP08daU87X9kT3GUVAjJudzU6WYnVrV-Mc6BJo4--hGMo7_r3WFaig31VO92zqeVXFepOeauekdn39vpS4eoUFRGLfDaN-BgoymLAH809CrboKJqj0zFPhRlmEMOd2kBC_aOs-VBxkGCGMtgc_JHNWo4WNr_IXHPS5yEZYdeoY2O38j-RCU0gvH1x0ED_GcE_RcQ7QdMg_thLTKaKD-svV_zv4oZHEelIohJqJuP_NCPUJPH3R-2VmdCtKc64n5HxWIhIho8OBVl28AhCxAESM4M3_4U8_YuA4VEzDqzu1yVS5iftk3WKfOCc88LYk-ff8v_vsPsyOxuqexF3s3x8YC847M_jJjJqKLVKtRWOj7a4BeuHVWzNrINGSxOXj7gE4mn-ygxTzzLaRE-gNNtWAvNadvEKMe4LLkwRjnKC84c_jiXjbkSqgY_GCBvVpv3_Hj7n1mIU_IqclFaXYr6rSoDinrF2Jy-Jg_UZeeEaWcV3QO5Df4UX1DzKgELMZwxpytEEk1cSANp5MYhzIatyEhs4qzqbn0oTx9w7NqKGJgVJgNQPLF8CBHoDponzEyLIHRoYYrlOWsP0sOJ5HRp0khMAs2kg9x4lBShP9R-TS8J1RSKnGVoZsM8gmWMbfDW185HMcHBj7BIFMJzN5qoWNkNjw64wZUu2mzoY3aJEe_aZdRuWUwgxVazKRk_X2s3xOwfnz96eXcyR--wP2gw6kGkwig2sAG2RnbsJyvvLCNQ99FRhPAo3T1r1B7mc3rdyfTr8QnS4o9IulxC-Y6BOsLRDPbxW4ezhlp2Y_Zg2c6QpPOPYttT3jeBIK89a5upDq3zRIAFRsSb8OpvIyabMh-x_9VkE1123eVduMWkPwOC3FC7USwJTb29Gd2qvYmz7jfiC-TZ_eQjmPqkvKAKfwdbw0YAFKfmw9nwomm9_A_03y0OJJ-yExAtCtwtqEsjcdLgDbC-gJi7U0jcjqzG2sHzEa5GZPrJLnYvkQx8Wv3smQNvtgf-ijzedl8wq2YMYxOZ8s_HiA06djvN1DmUWaizt9G6jc65rIEFx5nvW_RCR8oZBIKaNR2P6PdrQeEXIpfx1iczgIqovqIcA5AfK9DkfzKzLBMeBRaZMe4TflTxSYg9DcjroP3WVJ6evpue24UixyLqaPUa0Koe3d1CzCEL6uKccAXH3y0rd_3iXmHOgL_DtgmvwsvqkAPi_g8iZg2abIbys3YH5neCDnt8GrganRqRKGTL0bZg-KYDQMoD-0NBhiRw4dPnuOcjQI8rkGs2SklaED3vICtlWsbpatrhCNAZDNA1h6zhCHEQ8sQkjBf48KdVGQ6QOyQOwlJf1XehsTZIsrZB7i3vJ9bfOrfOGigdjmGqWhtpUHz3Ch2cwqVL2jpA8WYWW4AqoVgovPW2SxKaNB-UWHUC3azh26Tc-fcuJ6rlsrv5xr05Krqr3ufDsGVEq5T29o346_2QfYFwlsGd6_vOdECN4aQvr5byvuszxA0UyBQdfgyiOpEbZQO1deYoqVgL6yUmchdiDsA7AhOtd-omOxFJJqFB5K15y7VE__S2AtD44ZDGX7NzKAgHg66ixkkO00y2DsZo2g9DdhzpAxUJl_TjdAD7jks7WFqBJaawGzEKLR8IT9iwROFekfCA5u9sQfURxzN8mWdCY_8lf3_fiE3qbdwDimOzfpEriSWHAEW61uO571944oXna9cI77nXmSpJblMvicQ1VMUMIF5TunsUvrEmU5JXeoBbk10tVohsWTFb2riBSC9fWntQ9Rvyh1OZ0HGnWImmnXBJSzseFSWFeLQnYC4bYA5XUZPF77CqvJjRs4bTy49BEa3NpQP1w_-NF_CNnXSpAHOrAJDC-HvkZLeAKDxm0u0aRMV8V5l_XTQsIBOnZguWZN8claj8zCfn8eEkow5B-13ceKlrYKUwSVtEsotwsiaaeYNghz60utA34Id1X6RWyM0r--I60alYEvhy0MZVthgiaMa7yvUiWS8rFC2K7nIc9CYgoP_RpiSVTCR18jzZQvFamirXd1zi8uX9GQPiEFmWm_OC6RhDWLbeVLrZYVM89KH25-Aezuq7d81ALY6eXliDxC4SxbYV6RYLrs8M0v5OC75mi0Xy1L2kYW5BY4h1ItvZZxDes19Hdm-CqWc3Uk8VmQ7XvFQivGWteOkLwK9xv8sPacwirGWJnCplGAr-4sGB3MHajC-DPj7v7bHFlfVnGqICA-3-CQIDUqoHg26vv3anXK8BdCy2Yjp-cPqKNeIFfvY7s1q1AQiqI2uZsK02cAG0WsrGcwb-gj3ZMtS1VFqEk_Af3I0uZiJvQzbBwTkFjBdmgGPIBdtzhZSbIqUln&cid=CAQSSwBygQiD08caxsylZ15NDs8-K8TtyaxWKLQAa44zY-Y8cMibjmJNK6LMIltYhiZwrd6l_M3-FShViAlgv4yhFmn2-_9C-tx-72X9MhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=14060517603652200000&adk=2923430907&idt=128&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:08:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
77571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:08:09 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 7B6E 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BcTkGDZoa5a58zgH10FCX4m2p_B6nvPQFcKzkrCVnwCwLedsqpMmgp7LYK-nXeANxEhCH1Ay7vb7ou2HkkPEeEZY5jtg&cry=1&dbm_d=AKAmf-CuujhWABjQ0lZ-3pHxGUkh9JBTD9-I7OlqFSgDuiOViAK5WStUlhER0nVJjA7baYqKov-anu4_FYsdAtOxDw2XAyql8dU9YiRdKIcQYXKcHR4SwoLanYewi8HlJQBEIPLdaim4UxK6hOGWKxo7X3UrjPv-6cdSXEvr-IL-gz09qg4sYWgFqM4iCZIwQifpmO85C-K6NfcpusVflu8kNd3anhd07mjfn_yf1INor6XQLIIisXpG_nF40UXfDRtRt6B2fMTfJhSv_SpGBibuMJhPPIndDvAFU8wm-JtCk6eDO0VJfxyV1Jiq0Dndw3EguQc8dgnLWMg2Pl-V5Rvf59_tnYdrS-1gipQ-2h_SitbdXJgGWalpazzMpRYtMjXdoIL_mLDmoXyIm1cCU0PhUbcdQQ4D7B4JewfPE_nfIU69HmEJE-vHGL9V6CryWWtrvDl2GmMuAGhRxdwRXjLKflcFM7gsfpFyqU1FiumzsPux3keuv-QC-mOxk4fH36MtIA4lZRcSgVwRVLCfFxY4fokz8SJjHzWFkMCWwjjfxA6HjHwVpJ2BMOWvN-3wv1Pb5dy6zGxxMWwiVOcX2HR0tKEgCsl3IVtTM6n3x6MDAgq1wgV_PHHiZFTW_clDEj4f8_EHCF40JjgbjXVJb33XSxr3kaw83IIX2xII3eLXwgp29E42JhTkuRYw0FqCt1BK7n2Gdi35Hjdgq9H09-Ro1H9dj8VSopxpPdoC_agI7O7YO0o7HAbqms01JG0F7ybH6Uh1EpeMiY7KVtoyd9RQNTYneAWdsWO9C3ERKL9dTc4xc68JB15wtIKl5i8qB0cdUrM9u6uOyKlcKBesnmA-etzANymnjreG8NHJoraixKXqZyqfp5X6AWRA9ChxuvAzKmrr-l4168ZG5zgGByKFY1Q4yuYQZlx_Vu4uOvVvtroyI7ueqRhYUWGJipTamnBDV59QnoSrUZFlQCKcICt9b31UbK8VygKH9zKbGZNwkZg4m_8-NXbfI6X8bt71OcAcKwZoTSE5tEQaFu9NSAbIHSK18u_cVC-3igIOFgc9yUO8LdCJYG6qYmEP0JlVa7QJwznzrnRJv0umBSldTyEd50J-yZeZLeaNz5IJjiqR9cujKxJdSxMpQhWQ0h2mKqYtPzo9p3Y5dZ0MBcKp5hYIG5V5OdSgVZqdL84k-1s8keJoQNI3O_PTMEggJzU0xed1yvJl_Yr3npO4tSeRP2H3v_cjOW2EMAx_FU0nW8Mu5vlCEyPajgBG7QKtxgklrWsJYrglq1ym4BpBYMbPnt1IP08daU87X9kT3GUVAjJudzU6WYnVrV-Mc6BJo4--hGMo7_r3WFaig31VO92zqeVXFepOeauekdn39vpS4eoUFRGLfDaN-BgoymLAH809CrboKJqj0zFPhRlmEMOd2kBC_aOs-VBxkGCGMtgc_JHNWo4WNr_IXHPS5yEZYdeoY2O38j-RCU0gvH1x0ED_GcE_RcQ7QdMg_thLTKaKD-svV_zv4oZHEelIohJqJuP_NCPUJPH3R-2VmdCtKc64n5HxWIhIho8OBVl28AhCxAESM4M3_4U8_YuA4VEzDqzu1yVS5iftk3WKfOCc88LYk-ff8v_vsPsyOxuqexF3s3x8YC847M_jJjJqKLVKtRWOj7a4BeuHVWzNrINGSxOXj7gE4mn-ygxTzzLaRE-gNNtWAvNadvEKMe4LLkwRjnKC84c_jiXjbkSqgY_GCBvVpv3_Hj7n1mIU_IqclFaXYr6rSoDinrF2Jy-Jg_UZeeEaWcV3QO5Df4UX1DzKgELMZwxpytEEk1cSANp5MYhzIatyEhs4qzqbn0oTx9w7NqKGJgVJgNQPLF8CBHoDponzEyLIHRoYYrlOWsP0sOJ5HRp0khMAs2kg9x4lBShP9R-TS8J1RSKnGVoZsM8gmWMbfDW185HMcHBj7BIFMJzN5qoWNkNjw64wZUu2mzoY3aJEe_aZdRuWUwgxVazKRk_X2s3xOwfnz96eXcyR--wP2gw6kGkwig2sAG2RnbsJyvvLCNQ99FRhPAo3T1r1B7mc3rdyfTr8QnS4o9IulxC-Y6BOsLRDPbxW4ezhlp2Y_Zg2c6QpPOPYttT3jeBIK89a5upDq3zRIAFRsSb8OpvIyabMh-x_9VkE1123eVduMWkPwOC3FC7USwJTb29Gd2qvYmz7jfiC-TZ_eQjmPqkvKAKfwdbw0YAFKfmw9nwomm9_A_03y0OJJ-yExAtCtwtqEsjcdLgDbC-gJi7U0jcjqzG2sHzEa5GZPrJLnYvkQx8Wv3smQNvtgf-ijzedl8wq2YMYxOZ8s_HiA06djvN1DmUWaizt9G6jc65rIEFx5nvW_RCR8oZBIKaNR2P6PdrQeEXIpfx1iczgIqovqIcA5AfK9DkfzKzLBMeBRaZMe4TflTxSYg9DcjroP3WVJ6evpue24UixyLqaPUa0Koe3d1CzCEL6uKccAXH3y0rd_3iXmHOgL_DtgmvwsvqkAPi_g8iZg2abIbys3YH5neCDnt8GrganRqRKGTL0bZg-KYDQMoD-0NBhiRw4dPnuOcjQI8rkGs2SklaED3vICtlWsbpatrhCNAZDNA1h6zhCHEQ8sQkjBf48KdVGQ6QOyQOwlJf1XehsTZIsrZB7i3vJ9bfOrfOGigdjmGqWhtpUHz3Ch2cwqVL2jpA8WYWW4AqoVgovPW2SxKaNB-UWHUC3azh26Tc-fcuJ6rlsrv5xr05Krqr3ufDsGVEq5T29o346_2QfYFwlsGd6_vOdECN4aQvr5byvuszxA0UyBQdfgyiOpEbZQO1deYoqVgL6yUmchdiDsA7AhOtd-omOxFJJqFB5K15y7VE__S2AtD44ZDGX7NzKAgHg66ixkkO00y2DsZo2g9DdhzpAxUJl_TjdAD7jks7WFqBJaawGzEKLR8IT9iwROFekfCA5u9sQfURxzN8mWdCY_8lf3_fiE3qbdwDimOzfpEriSWHAEW61uO571944oXna9cI77nXmSpJblMvicQ1VMUMIF5TunsUvrEmU5JXeoBbk10tVohsWTFb2riBSC9fWntQ9Rvyh1OZ0HGnWImmnXBJSzseFSWFeLQnYC4bYA5XUZPF77CqvJjRs4bTy49BEa3NpQP1w_-NF_CNnXSpAHOrAJDC-HvkZLeAKDxm0u0aRMV8V5l_XTQsIBOnZguWZN8claj8zCfn8eEkow5B-13ceKlrYKUwSVtEsotwsiaaeYNghz60utA34Id1X6RWyM0r--I60alYEvhy0MZVthgiaMa7yvUiWS8rFC2K7nIc9CYgoP_RpiSVTCR18jzZQvFamirXd1zi8uX9GQPiEFmWm_OC6RhDWLbeVLrZYVM89KH25-Aezuq7d81ALY6eXliDxC4SxbYV6RYLrs8M0v5OC75mi0Xy1L2kYW5BY4h1ItvZZxDes19Hdm-CqWc3Uk8VmQ7XvFQivGWteOkLwK9xv8sPacwirGWJnCplGAr-4sGB3MHajC-DPj7v7bHFlfVnGqICA-3-CQIDUqoHg26vv3anXK8BdCy2Yjp-cPqKNeIFfvY7s1q1AQiqI2uZsK02cAG0WsrGcwb-gj3ZMtS1VFqEk_Af3I0uZiJvQzbBwTkFjBdmgGPIBdtzhZSbIqUln&cid=CAQSSwBygQiD08caxsylZ15NDs8-K8TtyaxWKLQAa44zY-Y8cMibjmJNK6LMIltYhiZwrd6l_M3-FShViAlgv4yhFmn2-_9C-tx-72X9MhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=14060517603652200000&adk=2923430907&idt=128&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:21:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
76742
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10878
x-xss-protection
0
server
cafe
etag
6410051166583139006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:21:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7B6E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78938
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 19:45:22 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 775C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BVmG5GfPDT3MhT5Z0fPXWD8wpizPj4TKXRuP9vjgAa1Smx15iLqFEsOqo2XejCnkJV_d7ktYkg30SpPSH7Xpam9EeXjke7f9bYqaBjAALZKO2WkIlo6MKYB4dSKnbGFR13Krl7QhslMqE5FOso6A4xCMK2CY3O4mFS3XUSvI4-_WhcYxI&cry=1&dbm_d=AKAmf-Bmv9KuoJ1qsyJQ6obHLRR_tBPGGSO78ABfPgYjSqrefRCOWTYuwL8VG8xe1Ubuj_rKnh3-FiEOGjv8Uf2g5rsHyyldFDQCPyI4rTqaGmvCZzO_NS2svzgjJufQj4-Bvf3TKUyoJZ7oz0UwmLEpRCuNvZSY2ks-50-pgtRLvvFqMkG9Uo33HE-IGkSO1Hrzmv39qNLqEQohcdCvdqOAqdkD41vke0157IhgmbePWp2LQja-yvCytPwbOWlyUB-NysYLO0eHn8oLcZ-iRaMptxu4P_0rJdAUf705P0jRZjaPokDHJbWy2V26dR4eW_Kv1RJFaNVnMLoa3cBI2hmXkUbsx8ak3CtPTjw-qYP5VwgGz5B9IYUZqWssC1ZX0e2aeAxhXDuRZpeJjJl-c9svLh7a4i-AO-rd6lDe5uo4InpJRcFhlOwJzWjrS96lnxB78ro9n5MVHJ8jk7vF8eW3HIdVRxhb_WTDolNeENEtc1c8CnMo1HlnXrU3CHZRgk4dmT5CpSiCXnFolVh-b3ngm-PDJRaJhbAiEYxUrtKmwcPp3X4thMy3SumoUEyWEWti8xtcvTc33f6DVi8Hl5yGeUzt4LYsc_xBVZ480p8VLjPME6LEWMnW1n47lyxy4nkvNx2fgAHGNHkDFNJiUFusp89yokKojwNbFWAiAyg1LlaSE5dMzP5CFvJtO61_mxo2tfLpZtVZ5fYISzPr4Md9E78Yje8j-9-AfFt5Ktcto1dh8LiBAhkmh4sBXe41jXRINXSFd3360tBkvx4doNvcPX9X52imDJ7-flsxiUfpFIr9Mw3JyA9HDKwrMzZpcD0_YeyDyzb9j9Moe7udD02LYkRsU5sq4yl7jNNJB3zGnN9PzIuswRkcYwApWG5MS42-wBvl2wGxghSCD_b4HYpG12AGWIpWJ1rZmlNtZnjj8RKIAZSnyoNAhN6VrHhthRgSAZMAAwQURQLd6gqAr4ufR9dHrrMY1ajebvGHilr4zwCTY84bk86EWjf3xoROqCUZ4Vc13utOFLwXebHlGUtXlI3WtQE0VyM60_TiOjopv7Ezh5JHgnFr_Ryd08ulOdm4DOo67oz9AI2-L6ODYKuRSx85JBJfNZgVLnELZNeDVSOhO-sDD91doX5g4YWr3K3j-hTqpQiyBz6U3MoIrVIZzmHjo86jvFQpJ_FhrPbMszx_ah1j-G1zVCVf-XPZYvT-bwFvm_xNnBFATdL8TpO0I3_gHncoWaE25W525rSOfgsaprqvwHvF2GurhYC6U6I9y-RUEaEdpfuhEbkjEy9URXELRCwlAPiBghq9M9x4p_zSwyamygkqRjV0k2rCPDzxrb0T0rGevTxn7FlNVTjD6FygeKeopLWnbDopYaXkOmslaW8xWPjz763AOsoJUugOEM62ICDVeOZVSeLJLjzU4VUR9eykz02LtT0Oq6qUkwk8thPKawGWAwOyJMoCcXwwkNa4Iuybx5FpCkoPMpjT6ZOThl8jqsU23yPo9vcvNexfDfTCu4NeGPA26By-rD9kmsVe2tY_KGNiFMlj0SxW1uHwgOyCUKL4FZ2H8wFDjzFHUN5wROtmU7Z-FD63zXJGo7hL6GQ9c2TPZzxebLq467_W-m7OtR0d-GyyzN6L8oajpDgJyUe6SckDGWnkmflQE5da4mMP8CX5KctFi8CJQpWeuehfevj-VRSBVrxWUMqFLIKZE2YuMopjSM5_afiMf-_tWHaciMk1n1P6CnyOrpF1aGIdyDfX_FMag_aVK1gCEj8zydF2nvbh72a6kUu8gyODhUrAKXSN9cQYqdQuADh29JRAZjHkDLIFXwvWPGm80-zKv44s4f1KMXuuYvPExQsOU9ULQT6sK68BEWBDcx38o_bhvjuJLGGLa6WI6oK3Nkxm1nnATcwvrFx7TlT0KLYBLKZ1lrnzU1GtUieoH_IUxYMo97muuJcl24Werz7lZUC-6VnL0yNxLUz1E3aSRMXyX31KFQn5RyWVO52j8Vf_0T21I0vfq5VMBhtilVTTCkQ-lAa5J3wey2awXodeyySXoUWnJG1a3vUxwUmrJkSNz9za2p_hYnbFMlyHt9UXYJJW8WKewveDfXMuDgSg1TiRMEAhL5eyFZETSZPMaVeIJz4hJEUW03JKOMOH2elNPDZHvv0--77DgQrfWpTKiaR7kxf4d61BEE6nGdqZSNP-Ntj006C2qulPHzb9p1APlvqk9uyY__LxeffmIg3N6yql511GNMxQ42Eny5h7IHr1v4gP6ke4U82yoJUlnGiXW7cdvBYIj9VU34T1cyYnoIWay-CDzW54jQ7MFw10Q2qUFsAiocC2d3MiqB5kvrIkLvykcc8FqhnlaWmlo-vLzd4stKwEBXyrTV5_pxgASF7oFlbbSiDG2xQeChhLJkH9Z3CgEt7TdiUeZv2m_D1PPUg1VyrmnOcAxJtojfoafvPS4XXvwUhc2I9SA6iWNISVLCm_wLdz0zvOGPe5zBFWAbmzQ5rhT6cl9dbSy3yI_QE9XsubpjXbouJM_DYYiVRAQz8ePt3V4qP1mklWX0ZXf5JQLgoN3gtTkIdycEIBs9XJbI3-7w4zvf317IUQuqLl6qwX4ILpni0r2bg_P2l6TO5NlwooX1dmuBO-pUfTnzovwKQaNM3wkw3qZIvqe8WBHD1DYKtgqz00TW46Eg6GblvQQxQjvjKRW9BUQfQ5lfPWYKrpHAQqXozFS0-xWUXqubMydMdBVq6RAuaj7OkSlr4CAxeoVLC1tZQlvO3jA9JHx5NAPb0w5wba18bCQh3S1xu5JAnaYRVAvQRJRaVNHw9P33lMyu237jOKwfW6eM9A2DjRVYKfmqF_Bx88wusBMRx66VKraYbRC52tAvE2jcY8VEpEqa92cOqVnpH0kIcSURr6RKsrgpqCvedutVDszpZxTU8lDXlJGAYQh5f7U-sJ2NReGEqrFvxSNXbrk3fs0zetzSss5O-Swsbu5B39Q978gcGvf7vAyjOMSd-sthH6UBhvqZOAQiLCDBJ35Y_VHjNY1Vp-KK_zaMiAPnSYulabmDo&cid=CAQSPgBygQiDCrGd3Evj_fLqetRWXEE-Ko7GRfAZ3cWBDoJSg8SIMBRcWD-L_YeYNFPFQD9B2UNHKJK_ZXwM6nhlGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=6215970652432958000&adk=1761367587&idt=125&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78938
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 19:45:22 GMT
adj
bid.g.doubleclick.net/xbbe/creative/ Frame 775C
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/1352960/69587949/xbbe/creative/adj?p=APEucNX6J70ZwVx17QEzoj0T2nY2WMKNMlGOYV7thstlQk8nswUzs4Q&d=CokBAKAmf-B_rrkZu_qM7YbdePvTjoZVh86jhpHAZkOPPbFbAQmGTuTPFFIUxpZ...
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNX6J70ZwVx17QEzoj0T2nY2WMKNMlGOYV7thstlQk8nswUzs4Q&d=CokBAKAmf-B_rrkZu_qM7YbdePvTjoZVh86jhpHAZkOPPbFbAQmGTuTPFFIUxpZQLNOBvNiAWaPnjHqlpqnoSsoUo...
74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNX6J70ZwVx17QEzoj0T2nY2WMKNMlGOYV7thstlQk8nswUzs4Q&d=CokBAKAmf-B_rrkZu_qM7YbdePvTjoZVh86jhpHAZkOPPbFbAQmGTuTPFFIUxpZQLNOBvNiAWaPnjHqlpqnoSsoUo5Th6EcHh0uBg2VpNJ7Uhyuszlzz8PB3ZiONPi4BzBb_uckyAyJSunM7M6HAdxcZsLp5-WvyPxd-9vlgkTPDFOjKUhjLTDmDLA8S2RUAoCZ_4FryRRN8fLDrtDzcWpwmwLHHKioyzOtROpdZqO-2B0cpuPS_XKOrdHvIhHQgQ1ex5FdxL81nXfkATQjKGIlwcIteSLOyhWb8wM86IfSPowxIQDAzziJkdYL2zocEXlytR-v8MaaErqA3Ho2Puspr7DVz1su4PJ3o7MI8eo2L1d7_31gJnq-SBzPSMWh-7luRik2Uc3lMq2ezsO8780kybbMIS5wWPY58OQoqqfNNYOw-yxGq_wpnwYp6P3uEFEt2Y3j708cIX1MGtLaEKi55cy3zKSpg2FGhyorKXaFT1zKiyGdhEBeV6dRRxFdd93MJJrzSV3aU2ryEWgfozTGWbTGJ6hM3FfT3Lqp1S0yhfJr0xToQJQLqW5hgsISTPcDLIHyuKOOCzNvILj-1YevPJPInWn5KnjQCW5QywjWPtVBO-1wXDAnlZAf27RucBVnuZEwclheQvO9A53z8TJ6MYMEu-LD6mB9_5q9sgQTQtKV5_yByoWTlC0XgXjMcJFa5NpG0RSDXJP9Qgu-Bzl6tvfbaQ7mtaFPHbq5fl5tQcWW8MZBpDbO3_QBUdgLHFAeAMtI_1Hzj3WEBO92O2gD63MQ9L3crLtCN0Vxv_GGeSJxSJiSmeRU6Sn_tGq1aA63vj2Y3ybgKAndFyzl5JOyGxbKsvDpAsGgNvE2Ip-5tpBECrpO_ZQgi2mJK_NsL23CagSk-H9Z2YfC3fCOGFKdeiyOYZlBx1J5kM0cUrK_SjMrTHyxIjc95Z38ZntLgBIUnuhOTVrAfu62JT-siskWRh-EuzQ0F4vYQ4Lb3iirESFfw1LIBn1DTSeHCnmNDYvt0mcWRHAG_TS4oUKz3irI3-6PHMRRF5A1wSNP_YWXVjPDP5CX0neXzQsArJUaaZSQUbI5rnqFs41Wc-OBsNI1lGAKwsAIYV1jDqlZ36TfZAZsTito_snScq1T3mOmlm5JdpaJxDmntXptqKq9aAdH20dEuJdduwbCcL9lsErZrk7DBpsYucNd_tPoT8UgkOui3rlss4WJ2Pr6qx35lsL4TNTgW03XBVUx7U9SwWwLQyBMh9tsCZ0al9dghb1p2JBpCobHmL0SYYYKpoAWCfbJn3K88xj6zhPBInGsqi-29tdvx1954-Xi5kybRADK8r9bubCC6kI6i-OrxoplfXbpuMgcmvo6p7B3uA6QkYbc8JnuveUhe2Yil4QTKjwwkPI5OezE4RmF5rc9g1LThzG7mVv-m5H1UD3ILpVYnL_GbegN3N00TJ7uzsiS5ivTfM7bmqJ2JBTm5OjvTlc6YQwj2YEvYdVIGCszV0aI85fHkWUr29zaJrtDszPLztJWH0K3LPN6sZkTQOHMl6OiJi4ysdpTzJLMbwvkx3GQ7PxUIis5Lej9kc_v5QY5cCVX8DJQ7OA9N4LiIw7TEgsnM8tzSswh7S8RcGJJ0qc0UItJ5-Q3Mxc6stKPdvbbOJvAWPUawWZfKyeSQ0Kjc9rsN0N44iimU8O6Sg6LalfIvzC3rtvwzOemCBhub3Q0lMin-vRsp0mcgdy3Lth9tXY7rtERd4lM_1cfowKnbj0829pvWZLOUgI1wccObeqb6Iauvwabt79Q49vClPm2IYZLD36luufTYbUHfJn2MQNJenGXwY6h_PbpBX44DKQG5o9ViZwQ8GZFacPfyvEO4esMSTJHy1I7vP6Aaa1lGhEd_mdNLE8SPPo9CvqBMkmklnNfPdTEpQScaG-17ac_V-beQVZGp6emrHQj94Hn_29q7wTLWiFaMTk8jMnKI_xYqgm19fRauPkgVfGkFmx4wsvQHmRUxE1Nw9UwLUFUaq96lRwTGavxEuUBVQYeL_e_IWSeQO5PvaSh_jsr4jRgHsvZxwdzKb4vaqW5HxMV9FHV_0K9iOvSXd1iip2H_nHTZW3HSh-I6xypeh8CSiCtM1gFnAqMcreiB5kaWT8vXxsQ58Y_K7daqTgN3m1MFsbbYrMIywCUu6tdiBg15LLkwLb2zuy1HaDNoeuzic20GCLBUu-dSGwnL0du9yjkde470FOzOgtTs7zuB9EHtkxJrI0l-0Vjv_dBK4tbpFmHItjBJE47xwXqtrJ94amymgIMh82ng26bAoUFL9Ycwq6EUD8uzTsN8X7Lupdwx0jzcUt8atJlD0v0ov-FJYL-QgfKaOsBKK1B92uLcJrfUWhPuY0ZGjt3fV9wwH2pv_7e0ANqBokgAXeXqD-8FPFs95DUABaZ_kkN71W8hDvZI2RicKMiTFq8ZZPK7sKch91_UOkefahmqHXoioLijTRmd4zBmziTOL8cU-2jHjsmY6UR0tQAUDo8qQPiRn8BM31xWHyz24feI_PdLmJdilgwKm5sJFKTsUgGaVeyYGvTZ3u4qlewPU8MDs9BibEIIf6G6i8coGmJIQsCrBaToz9Y-3teB_7u2GuJIpSeqZL3g-LOF-Q6-4H_hlDiF-Nmka7qF7VFbUaMhzFaadN1Ak5C43DM0V31tu252yKwmyQPa1SNXZY4RoGcdpjTe086DjzvTPx6KM_pYuPNn1e7cL6dXKHtXZ_Z3sAiEKejoIm4GT_uGvm0QP1whwqiyOFg-byRMugK_6VkUXmOw6xlp1ximAViFO_MfDZsi-58qIKP91H-QyJ3nkL2DGr9m5VMqiMjUcB-xWhRB_CXzQALWxDjq_CzGjxzpC3A2xxE7TlPC5LJlB3RWbK2-Fqh4Zut3f6e2OQroy3xH7G_LGODV_72_6wpU_IE1KNzsKzlVVx6v0VQ5RwRnkB7fJH60CvcMErKbuGsh5sYBjCP18iqYAAhFHPmLhdcJSJmSoH6qZZwY9ktUkLaAMQSH6trRQk6HWmEdDruVX88xyb_n6l4vkCN2MWNJKTSUtH01y7z7gie35sofpT3ROav8fSRdLcW1SFODjVUTw0aWnSdnVYs0TBvdiIRJUJK2dvkI1x9QQ3AKo2p8iygbHikX_9sqi52mhjO1ze4EKta60ShsrjD6Aso3a3u9tb3llliK1HSZRvrmPwF7ndiaMkg3DrsYA6r-UnuvG9nfaI-DH8wtjmOkmy0mqwUBeoNgEiUjWxKsaAE7KgnEYm7EENLK0RN-xO8UVDUzjRE_sw7OWKy_fjmZoPt1mw5hFmKdNXyNm2PLm25rZ8PuMT0Daktqxi9IEtNqqJ8Z1XC13qtADLV_zZmuSHeFK2I7feM187z9LSQkAtgkjT7smhkbgbpkVhe7OUXey1QQD03UPwCIynuh7Hd2RG_5WbPb3WrVY-nboDvTtHva5wW7t3EwQq8ke4jPup6Rh4shTeDBgSOTFKzu_LIwcve4_LHvljMIe5HJ-dvaVJFltEQ4OVRrAzdt-RMBgiU0E03ldcaGrAYLvoEW_JvwtevUZQyEKHqwemFT5PvU3nQlYZlBAWSj3jKupb-n9E0N9qCwFuz8lrkGN2_1k_jcEQ0nUW7lEN7jeHZO3rzKVfqT7fzGIBjXwJgYX8gRDh5EDcCouckLaYK2r62IzyP4hviV96jho0j2Z6z1yJQ9UEt1mcqjsIOjSWtPet_sZT71SsIBcCwYQtrOjytlE6MMjdSHl92qre5a137X4zI4vkofE28gbJgc4D-uQLZUpVpe4K_dqGRii8Yk9zD2PMJ0_4Gs89eUMUVAaExPqZEtDRQzppIfexwctr3sjpjj1sc8uSk_jlJhyblDKI3HeVg4txpECAQSPgBygQiDCrGd3Evj_fLqetRWXEE-Ko7GRfAZ3cWBDoJSg8SIMBRcWD-L_YeYNFPFQD9B2UNHKJK_ZXwM6nhlGAFgAQ&cry=1&bundleId=
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
64.233.166.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f154.1e100.net
Software
cafe /
Resource Hash
dfff2bb9472562548a7d18cff011343784f951f230f3dda0e222857a572aa688
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24461
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:01 GMT
server
nginx
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNX6J70ZwVx17QEzoj0T2nY2WMKNMlGOYV7thstlQk8nswUzs4Q&d=CokBAKAmf-B_rrkZu_qM7YbdePvTjoZVh86jhpHAZkOPPbFbAQmGTuTPFFIUxpZQLNOBvNiAWaPnjHqlpqnoSsoUo5Th6EcHh0uBg2VpNJ7Uhyuszlzz8PB3ZiONPi4BzBb_uckyAyJSunM7M6HAdxcZsLp5-WvyPxd-9vlgkTPDFOjKUhjLTDmDLA8S2RUAoCZ_4FryRRN8fLDrtDzcWpwmwLHHKioyzOtROpdZqO-2B0cpuPS_XKOrdHvIhHQgQ1ex5FdxL81nXfkATQjKGIlwcIteSLOyhWb8wM86IfSPowxIQDAzziJkdYL2zocEXlytR-v8MaaErqA3Ho2Puspr7DVz1su4PJ3o7MI8eo2L1d7_31gJnq-SBzPSMWh-7luRik2Uc3lMq2ezsO8780kybbMIS5wWPY58OQoqqfNNYOw-yxGq_wpnwYp6P3uEFEt2Y3j708cIX1MGtLaEKi55cy3zKSpg2FGhyorKXaFT1zKiyGdhEBeV6dRRxFdd93MJJrzSV3aU2ryEWgfozTGWbTGJ6hM3FfT3Lqp1S0yhfJr0xToQJQLqW5hgsISTPcDLIHyuKOOCzNvILj-1YevPJPInWn5KnjQCW5QywjWPtVBO-1wXDAnlZAf27RucBVnuZEwclheQvO9A53z8TJ6MYMEu-LD6mB9_5q9sgQTQtKV5_yByoWTlC0XgXjMcJFa5NpG0RSDXJP9Qgu-Bzl6tvfbaQ7mtaFPHbq5fl5tQcWW8MZBpDbO3_QBUdgLHFAeAMtI_1Hzj3WEBO92O2gD63MQ9L3crLtCN0Vxv_GGeSJxSJiSmeRU6Sn_tGq1aA63vj2Y3ybgKAndFyzl5JOyGxbKsvDpAsGgNvE2Ip-5tpBECrpO_ZQgi2mJK_NsL23CagSk-H9Z2YfC3fCOGFKdeiyOYZlBx1J5kM0cUrK_SjMrTHyxIjc95Z38ZntLgBIUnuhOTVrAfu62JT-siskWRh-EuzQ0F4vYQ4Lb3iirESFfw1LIBn1DTSeHCnmNDYvt0mcWRHAG_TS4oUKz3irI3-6PHMRRF5A1wSNP_YWXVjPDP5CX0neXzQsArJUaaZSQUbI5rnqFs41Wc-OBsNI1lGAKwsAIYV1jDqlZ36TfZAZsTito_snScq1T3mOmlm5JdpaJxDmntXptqKq9aAdH20dEuJdduwbCcL9lsErZrk7DBpsYucNd_tPoT8UgkOui3rlss4WJ2Pr6qx35lsL4TNTgW03XBVUx7U9SwWwLQyBMh9tsCZ0al9dghb1p2JBpCobHmL0SYYYKpoAWCfbJn3K88xj6zhPBInGsqi-29tdvx1954-Xi5kybRADK8r9bubCC6kI6i-OrxoplfXbpuMgcmvo6p7B3uA6QkYbc8JnuveUhe2Yil4QTKjwwkPI5OezE4RmF5rc9g1LThzG7mVv-m5H1UD3ILpVYnL_GbegN3N00TJ7uzsiS5ivTfM7bmqJ2JBTm5OjvTlc6YQwj2YEvYdVIGCszV0aI85fHkWUr29zaJrtDszPLztJWH0K3LPN6sZkTQOHMl6OiJi4ysdpTzJLMbwvkx3GQ7PxUIis5Lej9kc_v5QY5cCVX8DJQ7OA9N4LiIw7TEgsnM8tzSswh7S8RcGJJ0qc0UItJ5-Q3Mxc6stKPdvbbOJvAWPUawWZfKyeSQ0Kjc9rsN0N44iimU8O6Sg6LalfIvzC3rtvwzOemCBhub3Q0lMin-vRsp0mcgdy3Lth9tXY7rtERd4lM_1cfowKnbj0829pvWZLOUgI1wccObeqb6Iauvwabt79Q49vClPm2IYZLD36luufTYbUHfJn2MQNJenGXwY6h_PbpBX44DKQG5o9ViZwQ8GZFacPfyvEO4esMSTJHy1I7vP6Aaa1lGhEd_mdNLE8SPPo9CvqBMkmklnNfPdTEpQScaG-17ac_V-beQVZGp6emrHQj94Hn_29q7wTLWiFaMTk8jMnKI_xYqgm19fRauPkgVfGkFmx4wsvQHmRUxE1Nw9UwLUFUaq96lRwTGavxEuUBVQYeL_e_IWSeQO5PvaSh_jsr4jRgHsvZxwdzKb4vaqW5HxMV9FHV_0K9iOvSXd1iip2H_nHTZW3HSh-I6xypeh8CSiCtM1gFnAqMcreiB5kaWT8vXxsQ58Y_K7daqTgN3m1MFsbbYrMIywCUu6tdiBg15LLkwLb2zuy1HaDNoeuzic20GCLBUu-dSGwnL0du9yjkde470FOzOgtTs7zuB9EHtkxJrI0l-0Vjv_dBK4tbpFmHItjBJE47xwXqtrJ94amymgIMh82ng26bAoUFL9Ycwq6EUD8uzTsN8X7Lupdwx0jzcUt8atJlD0v0ov-FJYL-QgfKaOsBKK1B92uLcJrfUWhPuY0ZGjt3fV9wwH2pv_7e0ANqBokgAXeXqD-8FPFs95DUABaZ_kkN71W8hDvZI2RicKMiTFq8ZZPK7sKch91_UOkefahmqHXoioLijTRmd4zBmziTOL8cU-2jHjsmY6UR0tQAUDo8qQPiRn8BM31xWHyz24feI_PdLmJdilgwKm5sJFKTsUgGaVeyYGvTZ3u4qlewPU8MDs9BibEIIf6G6i8coGmJIQsCrBaToz9Y-3teB_7u2GuJIpSeqZL3g-LOF-Q6-4H_hlDiF-Nmka7qF7VFbUaMhzFaadN1Ak5C43DM0V31tu252yKwmyQPa1SNXZY4RoGcdpjTe086DjzvTPx6KM_pYuPNn1e7cL6dXKHtXZ_Z3sAiEKejoIm4GT_uGvm0QP1whwqiyOFg-byRMugK_6VkUXmOw6xlp1ximAViFO_MfDZsi-58qIKP91H-QyJ3nkL2DGr9m5VMqiMjUcB-xWhRB_CXzQALWxDjq_CzGjxzpC3A2xxE7TlPC5LJlB3RWbK2-Fqh4Zut3f6e2OQroy3xH7G_LGODV_72_6wpU_IE1KNzsKzlVVx6v0VQ5RwRnkB7fJH60CvcMErKbuGsh5sYBjCP18iqYAAhFHPmLhdcJSJmSoH6qZZwY9ktUkLaAMQSH6trRQk6HWmEdDruVX88xyb_n6l4vkCN2MWNJKTSUtH01y7z7gie35sofpT3ROav8fSRdLcW1SFODjVUTw0aWnSdnVYs0TBvdiIRJUJK2dvkI1x9QQ3AKo2p8iygbHikX_9sqi52mhjO1ze4EKta60ShsrjD6Aso3a3u9tb3llliK1HSZRvrmPwF7ndiaMkg3DrsYA6r-UnuvG9nfaI-DH8wtjmOkmy0mqwUBeoNgEiUjWxKsaAE7KgnEYm7EENLK0RN-xO8UVDUzjRE_sw7OWKy_fjmZoPt1mw5hFmKdNXyNm2PLm25rZ8PuMT0Daktqxi9IEtNqqJ8Z1XC13qtADLV_zZmuSHeFK2I7feM187z9LSQkAtgkjT7smhkbgbpkVhe7OUXey1QQD03UPwCIynuh7Hd2RG_5WbPb3WrVY-nboDvTtHva5wW7t3EwQq8ke4jPup6Rh4shTeDBgSOTFKzu_LIwcve4_LHvljMIe5HJ-dvaVJFltEQ4OVRrAzdt-RMBgiU0E03ldcaGrAYLvoEW_JvwtevUZQyEKHqwemFT5PvU3nQlYZlBAWSj3jKupb-n9E0N9qCwFuz8lrkGN2_1k_jcEQ0nUW7lEN7jeHZO3rzKVfqT7fzGIBjXwJgYX8gRDh5EDcCouckLaYK2r62IzyP4hviV96jho0j2Z6z1yJQ9UEt1mcqjsIOjSWtPet_sZT71SsIBcCwYQtrOjytlE6MMjdSHl92qre5a137X4zI4vkofE28gbJgc4D-uQLZUpVpe4K_dqGRii8Yk9zD2PMJ0_4Gs89eUMUVAaExPqZEtDRQzppIfexwctr3sjpjj1sc8uSk_jlJhyblDKI3HeVg4txpECAQSPgBygQiDCrGd3Evj_fLqetRWXEE-Ko7GRfAZ3cWBDoJSg8SIMBRcWD-L_YeYNFPFQD9B2UNHKJK_ZXwM6nhlGAFgAQ&cry=1&bundleId=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame F69B 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:dc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 08:50:00 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 a9717fb92179a05f5da85fabc586e750.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P1
age
9449462
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
4aq70qeI12kQTUfHPeSWpwXyikThrskOxTnvXMSnG2gzcaX_UnwA5A==
dt
dt.adsafeprotected.com/ Frame 775C 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=84e1dd65-e7ea-43c5-5809-5f4dae9a29e8&tv=%7Bc:bi7EY0,pingTime:-8,time:24,type:l,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:24,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B18~0%5D,as:%5B18~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tCVY7X2+11%7C12%7C131%7C141%7C151*.1352960-69587949%7C1511%7C16%7C17%7C18%7C19%7C1a11,idMap:151*,rmeas:1,rend:0,renddet:IMG.us,siq:23%7D&br=c
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:27ad:6e7d:3901:7e49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:01 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 9DB0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe5MLH8kJQLSyP8LjM0Pag&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe5MLH8kJQLSyP8LjM0Pag&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYu_3j5wEwAQ&v=APEucNWonhFuR3wkdlIeNV5s6coVOiWYZ1PKp9L71kyjiDedIf4IZ0kDYZ5UmOZ1mXsKpoX_CvCVfx8ZymtfkJDnQzSO7f7d9HKvAOSOESAgqcEa65LS8beCqTouG7u5hA6tf3LBDN4zJ-96i_S8fO8WNWMnrAZ9PRNyoI-RGoejvEE6z06jkL4WIdbTGHZjvPfFcmZQJOffhM_343bH-cWJFKIT0T95Xw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 17:41:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe5MLH8kJQLSyP8LjM0Pag&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9DB0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE6oLB3RZefMcOLnDVRnGgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe5MLH8kJQLSyP8LjM0Pag&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe5MLH8kJQLSyP8LjM0Pag&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYu_3j5wEwAQ&v=APEucNWonhFuR3wkdlIeNV5s6coVOiWYZ1PKp9L71kyjiDedIf4IZ0kDYZ5UmOZ1mXsKpoX_CvCVfx8ZymtfkJDnQzSO7f7d9HKvAOSOESAgqcEa65LS8beCqTouG7u5hA6tf3LBDN4zJ-96i_S8fO8WNWMnrAZ9PRNyoI-RGoejvEE6z06jkL4WIdbTGHZjvPfFcmZQJOffhM_343bH-cWJFKIT0T95Xw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 17:41:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe5MLH8kJQLSyP8LjM0Pag&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 9DB0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOQnWezZVIqdp43jKkD-szA&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEOQnWezZVIqdp43jKkD-szA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYu_3j5wEwAQ&v=APEucNWonhFuR3wkdlIeNV5s6coVOiWYZ1PKp9L71kyjiDedIf4IZ0kDYZ5UmOZ1mXsKpoX_CvCVfx8ZymtfkJDnQzSO7f7d9HKvAOSOESAgqcEa65LS8beCqTouG7u5hA6tf3LBDN4zJ-96i_S8fO8WNWMnrAZ9PRNyoI-RGoejvEE6z06jkL4WIdbTGHZjvPfFcmZQJOffhM_343bH-cWJFKIT0T95Xw
Protocol
HTTP/1.1
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 17:41:01 GMT
AN-X-Request-Uuid
8bc5b694-9bdd-47de-a8c3-1a0e666a2e30
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.200; 80.255.10.200; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEOQnWezZVIqdp43jKkD-szA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9DB0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE3NDM5Mjk0MjgxODMyOTUzOA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE3NDM5Mjk0MjgxODMyOTUzOA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYu_3j5wEwAQ&v=APEucNWonhFuR3wkdlIeNV5s6coVOiWYZ1PKp9L71kyjiDedIf4IZ0kDYZ5UmOZ1mXsKpoX_CvCVfx8ZymtfkJDnQzSO7f7d9HKvAOSOESAgqcEa65LS8beCqTouG7u5hA6tf3LBDN4zJ-96i_S8fO8WNWMnrAZ9PRNyoI-RGoejvEE6z06jkL4WIdbTGHZjvPfFcmZQJOffhM_343bH-cWJFKIT0T95Xw
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 17:41:01 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.200; 80.255.10.200; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
50a0b9cf-9d67-48be-862e-9a759a738c9b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE3NDM5Mjk0MjgxODMyOTUzOA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C4E6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CIO78LKhOZOi4A4Xh7gPZkpf4CJ2Dz5Nvn6WqnJAR_vrMvpAsEAEglZvKIWCV2oiCmAegAaCTqocDyAEGqQL31ZcPv3yyPqgDAaoE8wFP0O3oezrvT4HzeU5VYzn09xVCgGSbjx5mdNHuNOU7jTTf-XL-oH4VqsZnBh02LYe7hfQuyzIzFDw0BIoKV80rJ3766DtZznak4QW23R4b7vAnn4gNOpf3u2d29aahmlK2oKOsxbtCLqTKcTZXjnyuQ4aP28HkhuIcUZprRTXWpagVKpML0jzQrP7lrf01YWV1H24CmgHnyvmE-KWDbdiXTdcZ4i_S0jKT_chxCR2BgzReYdW4E5TF3LrCV6gI7oxd5Xjyj1mk5W90rmIu7Naw9Px5yscXpAf3fpJ54BIKxECfxkDYNRPwdG8gvexe_w2JpT3ABOzJgeiuBOAEA4gF66TwqUiSBQYIAxACGAKSBQYIGxABGAGSBQwIIhABGAFIzcFtUAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB8js1XioB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHChDRsQ8Yk_fp5QHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAbATwv-UE8gTodj53gPYEwqIFALYFAHQFQGAFwGyFx4KHAgAEhRwdWItNzUwNzQzOTIzMzg2NTQxNRj9-RPoFwQ&sigh=mzxVrclRQ2o&uach_m=[UACH]&cid=CAQSSwBygQiDzlVvR2AL_b0yCHH66wueazMU8gV-SwzJdxlIIaGuKbP2--M-v6rl8fny_h0ld8soqt_O6IWq9qZnzT1rlNjvP9Jxzo3HZhgB&template_id=509&vt=10
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame C4E6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CHZkfLKhOZOm4A4Xh7gPZkpf4CP3vvPRvuPzys_YQuOH2wp8uEAEglZvKIWCV2oiCmAegAZK86L0DyAEGqQL31ZcPv3yyPqgDAaoE8QFP0Fl_asw9xKy49n8ACvXvi33HFbDkgoHSdyt5XzXcGhmxq2zyp89zG0qB5vlMpIkgDIKekx6dd_TSmVYyFwMPcj8RZSQu90V4lzrDIqyO_Foxnsnqq_uYMhyrO-5y4aFRr27r9LGp_RVzlWpTfHJMXrd5oUjSZYfA5ydOFla9J_pvTh0_FgYv4BwLW2OjMV6VHFy0hSMshTqZgnHbIfXFVh7SuIe0IWQ1wjWb6Vi6FuIcNROFdeA_w7jtqPm5buskM8eNjC23KnCalAVllROnIrryE0_EOyv1oIO193-ree8fguEHqybODTsdrMwdnzOswASlq56CoATgBAOIBbbvh8FJkgUGCAMQARgBkgUGCBsQARgBkgULCCIQAhgBSMLk6gGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB9bDl0KoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHChD-6gsYnMOa4gHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAbATnauOE8gTy7r64QPQEwDYEwqIFALYFAHQFQGAFwGyFx4KHAgAEhRwdWItNzUwNzQzOTIzMzg2NTQxNRj9-RPoFwE&sigh=wIjjaOOLC7U&uach_m=[UACH]&cid=CAQSSwBygQiDzlVvR2AL_b0yCHH66wueazMU8gV-SwzJdxlIIaGuKbP2--M-v6rl8fny_h0ld8soqt_O6IWq9qZnzT1rlNjvP9Jxzo3HZhgB&template_id=509&vt=10
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
lgn.php
cat.fr3.eu.criteo.com/delivery/ Frame C4E6 		43 B
347 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cat.fr3.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=mBCxSqNSpYNT0i2kX8xS9ncZM3xSZ34l1jgJRF7MwppwqF2lmWv3_T6l3Hn9OkfzBxDYgsQPLAbZwmJUfp3OqheE9OCb3APHerYmbKUYiYdkGNYG6Pz8In8vxabENwR9WFMAVOvm0lzmSDtYsJ57h1DM4T5UZel69nWj7olDUWqyKP4ov1rfv5xkcJgdrCIxU2Hi5W8DmjRSM6zj_4t8uqQ0_LWXu-aLnABO3wSIJNlSf0cJeoGyZqqEeb3GJLFr-rh4vD7P80eq1hZl5PN4qX3aDD4SAO1VzSgSRfNvZJJeUDQL36dPW3avy5sNDJLvHcoJFgSCsWSAMAmev_-ltf89Q33tNjWnFfwI2dgi1tLKi3D2YEFCbH6nTTXN2z87u3aYwveUdkY11qC3_ZYZ2I6SChb2FK8m1HNg_GeGyVQdgLNA_HGDmFUOromRkgZrPfMp7m4dkoBnjaJt44giZNY96FXiIWnpLgjtZ9NmDqKmJLaY&z=ZE6oLAAA3GoKe7CFAAXJWTxSgYAE4XbG5AUMnQ
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:00 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2948123
expires
Mon, 26 Jul 1997 05:00:00 GMT
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame C4E6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=koDRFfHZWwAAnYNiAgIAAAB6GxTuaoJ9sgcGddEQK6hOZOrpnbsQPyH0N9cAABIDAQoKQVFVQkR3RUJEdw&wp=ZE6oLAAA3GoKe7CFAAXJWTxSgYAE4XbG5AUMnQ
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:00 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
155239
server
Kestrel
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame C4E6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQHr6LKhOZOq4A4Xh7gPZkpf4CMme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC99WXD798sj7gAgCoAwGqBLcCT9D8_8961HDcFfo34fyJQ2Kevm1gP8dXYehwa-eyVzM_m8s4xY6gujB50LILJ2UsMIfe68B5lp4rycBh6mWkAJVUSQPGlmwjyNpOwc3BzpA4nQ3edEBFJ1qX4wwyprOs0GMvp_HEjTfsUHA0jroMlyNl7fqO5TqRrbNTmddt8bed0-eiOL7G7zTBRx-lDQxW-6RbyXdFsGHovkCvcVrK4JYbpxBGZBX0EnXsUH7HGK8XiZxWiHl9B7sm6CrQZC9YvbXextdl9a2L71l0i8Dfy7YCC02JNb4xSb23ubl6XtUeJq7zTvOis0bO6xlL0gK3Uy4aRjboc-dUKIsigDIULovWcLyVBFUqhRn5gwZDcrnU-IQr_KPifz2b-odNnbTz7ao0rNiX6rQ6c7y3r4BCbz0rNgVCB57gBAGABrbAoqfxuOvX-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=_A4yJlZObKE&uach_m=[UACH]&cid=CAQSSwBygQiDzlVvR2AL_b0yCHH66wueazMU8gV-SwzJdxlIIaGuKbP2--M-v6rl8fny_h0ld8soqt_O6IWq9qZnzT1rlNjvP9Jxzo3HZhgB&vt=10
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
lgn.php
cat.nl3.eu.criteo.com/delivery/ Frame C4E6 		43 B
348 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cat.nl3.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=pL_QdHEV5tfppwJoQCqe-facn3QPq2LM_Ke6XVTOTiAdpzUYnFvR0wilXihtydc7tuwIGu58LBgEIdi2edDrJF4RyqnYZREjjwFSs2IDPwzE96MQ-_Uh17y3tY4FZENqIcoZi8nllybneVRIm99RXpjt6nbZj5YRzZDXCFKWRUBgWuqaAjlL5KUE4Nom5B-3E9I9xoLY6Q6AdDlCzoJaR55vYfdT5lK0mk2jW9FK6ocS2VYO3LPxqAYbudCEYxtfHmxL10KRXU-wH7zfkiZTxIpXM8kDVKAeu0I8e4f4h4Iy81C9kMm118077qhAytmGoOVPg13cqiuRvf28SftkFAxi6n26l6tS9wiRHxyjv8QmafmtX24refYrrDTAvLPSA2T0O3ZzWzx-bUY5AYzJ-kIh0a9j1kx63QfAMDnP7Dv79Ib5X9nW1gCt-9sXXwYXsY3N-0qeXKRk-XJu2YObgJrOe_TDxZfJWInlnXoaZuMq4KL5&z=ZE6oLAAA3GsKe7CFAAXJWc-qNkJKOPGJRvwHJg
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:00 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2768379
expires
Mon, 26 Jul 1997 05:00:00 GMT
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame C4E6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=krPAFPHZWwAAnYNiAgIAAAB6GxTuaoJ9sgcGddEQK6hOZO7Sgd24CIp9OBcAABIDAQoKQVFVQkFRRUJBUQ&wp=ZE6oLAAA3GsKe7CFAAXJWc-qNkJKOPGJRvwHJg
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:01 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
160742
server
Kestrel
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame C4E6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C-KYTLKhOZOu4A4Xh7gPZkpf4CMme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC99WXD798sj7gAgCoAwGqBLcCT9C0vmz-c118zrMI5q1YgesSI851H_cZ5j0PbHG-X-8YMzQSsjQWeXSGIZsln8ThZmnsca0jvmG_suTzcwWRSgCy6z5cEtuOnPly_w-rcyQK3Vj8mGiU9BaPldeCJjAr1iKZZI9G6eBw--oZ644q_mZpg18qlE1RAyDE-uTPj0NYcx9esJsZ9Hh_7_qoSBQnWpD6VH3Vb8UMaCbXPUnANRupIxC6UxEsQ7pbZjCmk06O_bVY8he38inFCc9qvOH0Jn440lBIZagCLDEOcMcOGrIfiovuA_OTTZkkj7wVmknaIR89gfTI7GctWuBVvf2DVHVwvSeRwHn77B_NZTFlMeExkmtXUGe5qMsYF0WAwI-ABv7AdGKRYgdc9_tYQUM3SA8RDF0VGAir94JyLsHeC3Xkbc_apuPgBAGABqHDkfzl3P-13AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=TqajJlYipCA&uach_m=[UACH]&cid=CAQSSwBygQiDzlVvR2AL_b0yCHH66wueazMU8gV-SwzJdxlIIaGuKbP2--M-v6rl8fny_h0ld8soqt_O6IWq9qZnzT1rlNjvP9Jxzo3HZhgB&vt=10
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
ad
googleads.g.doubleclick.net/dbm/ Frame C4E6 		42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C0Io5DD_TPLGDHUOIN2ARplyOKNW4mFkUy-p1ggKRW_0hILZ-FodNxhXoiQeGZ_cZ65u9mXS4uj5NmwDGHesGPlH9Dx36sSyjwrmv4vFhwQM-kSMfLXuHo172lmrVS3xm_4eHTa2MjBwWN5sXSMfs85TRVZg&dbm_d=AKAmf-DNw9prO2apOzX0AO4UE_iRAR238fXT92F5o6x_0HsZUAz4mVQ7qbcWB1gJ2fdSciLcfB-v4opEQ8_2tFLY9MqAYa0RmbdlQhaypUtz_8CsOQ8c6SgnUHhtu7uNP6FDBq6E3MlBf_7uIBpW9v49BhnDTs5Al1MON6zcyzCcj5gCuODOKLK4ZNt9KTBvjkiVthTeKWBkfWZbiFVGg3dyS-1nx4Ihbyc7zzi0PIvMgDX60rO1MMVJBLp8wgA3zomtvP6DUhR2xIealy4Ndr1Hwh5m20VaGzUIbHYE8HsZP4o4Sh3WiIPuL0QljG2uwXJTvq4avyMj98dW8FO7RRqlSt584wPg_usCsedu0DZl5VPL8W1wo1lrfjsnARfLBIiiLkyWkIzzZklUYkMTRbJyYqtlTzooJ8weNo0rYIlvD89aUTFnUX1_TDrIr1zi_nxF41niTO7ExbhRbzruk0l7Bnw835O52QfWOx66pecuP0hXO-Jh9jLh9UabF-ycAsFyhzSTfhhqWX6PkJ6p5v1p486_-1Dlu37A14yimQHOJK6a0ShO5tbCcG7JGaWYTMCjwwupW4MTEcTDjSbu2Vjie0hurSPa2Hzfk-tUVRWFe1GpxgIdJNsPXhMCh9V2sUlWvyDmYdySJxhDTGT5ONtV9yyQwxy7tz2ddhFCPetaD36V2JYiFx4qtXYNuF7Vz4ItN_mzaEjGoHN5ux5wKWdRPuyG7NeuLevlrXhJTQRiDTiKz_oMYm0OvT6NN_wkAqWTTq5rUE2jQ7GNCg6ia9AIupZbG7EvlbJeGFmakwS6q7m97ELYiV_Z4rvZNPSA-WUDN4_vbkZn-klf4pnOA3VPNUFWpOxN6lyNNqL91p_KcZNLd-1JtgzNL3lSbN2lnZ-nLDPbunyWBGw3EK7IQ_yCxpQDiJq10hDdhavcg_3CH51HHtAjuyXjZ-KQodLDi0NNp6xCDsol-A-BlXc_KoUQKcgxhycY_xgaNcQ9aje4a9fYZmwGQaSKHwo9d_hF2Yr4ASUUQ-zpYNbCazV9_EIk84Oh_ay4Z8dMW_9nqPjfQnyjpUHrq179vB6S7EYIHtVzxlETTgQgKd5UQDe3mlj5bKdEVkkHJbcsdN01svoGphkJdIfiIgtMun5XdQUiBMWQJwUuJ-sobBnjkUCQzggbLX1mOqMGegr8CR2gjqbD-nf_jxUkb3EPoa-UceISTEVIcpijmx_kva6Jgu6Snf4CFc526ixk6HtJuF5dp8fDRGvHN6bANy52rUHLXoilyjZMvA4g6U6sh-WqSY8jrocWC-7QxscU6e-o1dwKLx6J2rOqo26aMF2Hh9IGZUV07G1XSJGFrUBhErw0WyeqLeMQl1OjqO0MrMgB45ebVirh4fvzmIcPNowqtuh61bj05GzVfav7QI-jMTrviymLlDukuk-Y2KRPqHx5CraXP9ro_FImLN1fh1JLL-pCHSCmLLcdBVYpuURFlei6lU-HgZ6mPlhr9rYXnv91Up_IIpS0ZtFWENzKKvn5eowgNnRSeT60GnigIrd1eKD5FdlusPeHFz6B-D9vwwj-P2rhqhQRldkjLRRqClN5tjYqpYTwXM-8Qd2I4_Xovn2ti_2x4RjUrJJIUiF4db_UoQP3K4Y4T5l_rFCyvdJ_S9gHW0rz39VCzANgI-9L1o-dlsIZT4n7WO9XpbA9N7pvs73ebLTCVfDJfJdf2rPSGbZuxz_Zb4tBDu6DPDSV_0fsaLhIjviP165ccMjfcO-q_YpR7eMC09OeEUQCAH7pkJOeAio8R5wsQJyx4qjOlobzeI4x70Buug-Qru1izS55fSEOArTtgMSKdUqfJ-bhP2gtNx26wogEwk1r8qq_wTerJlffkpkALezFJrdYjA8ILLEKGLNaQGfgvypDvW5iPkEE48r7U3cW9FWmaw412xn2C1GlsYYO92Nak_kvRiJhRGI75EWMWAnSoUcqhE3OD1mvoBdtHtmSFLDkhOtiuPgpyzf4qxVZo2g7ZLKCEn8iJxVVm8uqCNKnVZzptIihXkFr1YB8rlclpZbsgg7nCqWhQa9wOoQ7EGffIPWszmYNCf5q5kNW6NAUcrMsmoimbuSAJg7Smr88fphd1my_5U7ylW67RpBlvqPUYMsx4ysfXFXkP1l9dULHnXc7JatHYZ6jt6LPwiAcAUPCeRCdcekTl0XHHvdke1_-hOUkEDM5aAISZDXvU3SNAteNr_KEaVaPXZSD2ockv0X8Znx8tfIgFUYpeol0RFCW6uEKP23abT--kzYGApCcc4sXimTmThKMZ4_zEmOyMb0C19VSCD276VQRzBlQUFx-j-8zyqM7dhZyUdqPn_qdu1inAaPE-cGn7PQgJNk-KZaKqM7Ll57gBLzzWFZiGqysrsE55aPLLSxsktVU0D9Hd1FLmHV2alDatSvyXZloNR4zpMdIdbbCIADLaufzzf8Wyh-UNBTcWSAj-mVE3kHgnO5AjYKoodCYfSluFgvp-EroVjL9WFExjOGfJ0Vv_UbrHKWfq3e7utO6tKV1-tpBe0wiEOFA-Bxcmf1fftCsdwibrnwmY-UgA4qIcSybGG3DtebSTuugnR3FI05hHdSb79Sbgv21twTatI6hmYRcXIYsA7v7ls9GTgYD2MsHUqvG_CnFNT4lgZPi2M5JpCW6VMP0fTl1ZjTc83RJJrv_H_L7cxxNNsbFUcpwoAwrv8_1TaJsWtNYYtf8riQPMdW-YxLV9FvV6eHn5kcPfeQ6oXqJUTIC_NJD_eKcWy0pshtNxxxyeU6cl9mZ8DiOJ8dzr4XN0BzfGYPJyxa2CO-5bB6lvKdUuUWz5FXLvzVti9Oesv_zOkp-SdEAcNwdrEY3gh7542xmA8l65g7D95rbwyfdmv_Tf5Ed8qAWGBKcUkVKcHCUP6Edes4Dw3QPNDwwdceXqr35AXm42RvOdV7QizfLRaQp0iUmVAToezQxmbR2mP6-a9Z1roVLIFqDSHxJ4IxzyBT8nDoJepcMgHt7OzYOa5sy-dp4ZMV7QkjRywOveY4osKcdd_xsI9eBjUl3telkUF5ORdytmRzZaJpHeZwskfCLG1z7K_JlK67qdvfgAFCE8ifoYSUQpAOMHmMWWAcZT1Un2V-HkHn4Fsrr0ULTMCqRRgT6KHFC7Vxikmk7419eYs0ekOghZUYh3YFYiMpui1CcR0m6UfNqYV5RC5NCC4mFUC96ZywgYbrjLje05k2ZbF_W0lYg2j7CXo_94eOX4Iag5datwWkE5nhwGrPApkaJrw7XJnXuS-wpkmYU69fyagW9g9hoKSRNrCwxjaqhQ071xBFNHOJAbA8Qu8Zhg_n5-dhic1ROMJ1Ky4-9LTukGPwI-3kBW6lGLOfr5ELm8Q3Glpe-VUiOFtHIigwrNHUblyZyqsmVKcr_VNnk0tOMKrEAk9ZhkULGaNvodFte8Rg5mBmo28ehKnw1SsjOBRY-cP_QuujoqIhE74R6lPECa_oEWdOBfDFj8E4tUVfEitrOepUNBQjUuzm0ZsEkATx6nWm9F0TqnVEfAU_ti_0_ChHLvnRTVA39zXYK0Mf2HSQD95QiEc2vXzJHwzgaf3JdZKCRwbWqcSi4XCIetOrzEeqXjYSE8qrFzkcEQhFPuH-laHMx33PWmQUs09_q74D6csOou0YwvkjRrfcebeEi5IFPPwhebE8_nnT39TK_-7oBOMM9huo3F7YYKQgmnR09UwUETsZ90x9Bi6Z6YdkCO_JZEoUs_99HzpRHQ4E8GjVSgN4CdqXw36pkY6QPpZTmwtiZmSYwCLXECe_nZPWJDDKtvMeac8dAJb_tp8bmyKUJMPzPEWZQi0ZmNIjDauUSYBl8aES1GZA-dUUf77UnT9wzYIndA_2km9NsuNP7RbtwLp8SWeY7AhBocHlEq4h5reQPGTpvdowsW7RW7WANrVkwIyoG4Fm9ikM1Rm-9NdjLcdewgM0VTU1d_dEIlkGxL12UCmLFfr5LeXC51ZiID_uZ1MscZ7-Gw_u58tjFua0L_64bgeARdjKz_wXXmp5AR33qN6DVOynRgH6_-Iz0nkxYOjYroDtb-OxczkiMACpV6x1UtxQ2vi1Q0CYGZgfWvuqc7IoV15IOZlHDYe2rurcaXRMRhI3rJDfmJ89h095bUTAAZsLrTpi3_j4SUX_R0_de5-F32Z1kf2Rp8YMy_te-OImLFXkm3RoYcv0yQ69LeQ3NX1Jox_NMwnisUh4YD1vC65TBU4iCIVpo7VxJXpVmz01iZfjmSBYT0NJ_ddI3wrENprC24uVqC6TkT40ilhqW4tt7Y0u7D4sKbDvL8A4gu_Fri7TSy6i9dkvBtAqKPy1P2aAPHMDh7bX7CoFFJxVDxTOd2K0Km_D6K1YCUYhNRcMKiFPBMrB8TqgCWWteTSOAdoH4CquBIuuI8o80lYG07MdbvU8a_keylRvzek-E57lKh-Wgs4HPd1nkNhIbd2z0DOaz4_zYgVGz9bHUY7kK7MTsxe5syG_JHOX839GSH8JWYcm03JZzuVR36KnpmDEDdmBd5h1rEBzIIjp8KK4_XpsmAvWDaS_n_m9H0I2A3ayPBv4i1jYFDhCi1iow8IZWqeoEPO9P64ENb0WRAKkw2Z-etWU-EwTH-t2gPbm25KnmxoK2EDzh7tXoD2TeN6rudiyJM-_PlQeiEqX58W_fuXMarpim8YWALxgS6U5n0hdXMUJczesQvVqF7GaCN7C5VQ3lmst1PNnTOMGgPoBnQoQOwymQkI7zWTWn1uYE73k7AZXFJmeb9dZGP-TMK7xG_VsMgOdt-0hSmImEBg7_qH68-uHR49kP_5oJ41rxNUVm0Jz_WQBD7hhnLySVwiKd6fizfJd2nzhGXTOHJ4xQuEIujwgm9D0HoW51jXk4JzptBtrM19wrb95-tVvSrSxyKF4PkND-TioX2x84iwYTM8473wB9MCPckwNHtrJsnu-8857LzhRjzLVbeqGef15YXGHtO1XJPuZ7iZzy2avx-Y-q4OiEGbNzzlEjW9sZLUf_NBdizdtT4qOVckM&cid=CAQSSwBygQiDzlVvR2AL_b0yCHH66wueazMU8gV-SwzJdxlIIaGuKbP2--M-v6rl8fny_h0ld8soqt_O6IWq9qZnzT1rlNjvP9Jxzo3HZhgB&dc_exteid=31043591371085096471283887359516857&dc_pubid=4
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C4E6 		42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CkgQVfvZAcc8q-q1oI64Q4BlfW6xgbBzeGoFCp6G6Y1Okx4RaAuhF_vxXIeixkOXJCwpFhPL3WiMpxe2RFMuvI3XdamRpvMWSnu3Q8PARXvpGcDa8mbG4KYib-Cf2Au1xIZ9qllps3oK4kyviQmFIeuXMljtVZfgcbyuLKbssex2Jvarc&cry=1&dbm_d=AKAmf-Bu38tF4Kmmbh3vStB6tPzT-gd3we4MPZPeEYQI8tjtVMYwQ8x_RiEshF1LmZjzFo0-Sw59-AlF8IZs3tOjbLqowGYcQnWBcBlxLio0t3o7kQjhLB6JJzhNccCjPvekvO1bSNYIp5gXh2cHmI19o-K4uGqwNsCM5eW2NSMSQxXM1-NHYfq5nR4JBF5GZh0wjYWtRcJpaKuXbDzMcHlexefBhK4sSkIbB5Hr21mIUUKJysvdj85b6Ve5w7sNh_SgYCFlVn1bzqzwW4BEd0XGAHlgKjNROLxejxxlr1AyqgG1mPB03h75L3vZ5VLPKIiSQvyUkxiG1iarLj3vxxCYAjaub_usz8bzI5zDic-PD2TLieRYoT7aO0wSkXQ5jRqPYofIveXqPz7JGqR_e9JlEja7P3UrgFYhvzEYrwLKPimp8lDZYJv-ty9T-AXxWp-jNYdfl7dl-1egGuusc-JLsgLM3A29HwAL3yk94bQ0b7PlmQ0sLEgr6_GDvZRSwt7lDHek9fiQonCAxHvmuGOuU_E3z4EVv8Fxqd4rpsurSRhP-gOeMOq3pYlKJRmxDfVW1xEFLEFBQakY8Ph4B8f0WWghUuLmgV-QGNGXzc_ixKZ9wIfdSvtCUdEg0SoynKnqJrTMaei38m8CPLemkvapoOwdkA_KMaJ1KN6srLaHVCh9lJONrMrB0MwlCcmhxTgOIVy18-u9pYjsihjhZkbY1tqWFjG94C_VcC99qmPrErGIvwoZi4obeSpaMj0wwH3Y1GRUOMn3K_nJujuc9HAGIfbCEbqz6kNKWBzgMTsQ7YqUtnholqGZdV67jRLbra5fyJx6RGYqz_7paq95EM5jlht20s1LtkRZS_ctaAhTvgvtzf-d2DvomrbWMV1dGV9FBht4gfVt9gNd_nL6bQdD2JW-i2ieLCnJhHujNrByKeld_agG1_pj-jjMFeVpRT1C8rGhHMoZZpxv0K1JodVkrqJ6prvRssfZOTo-VaosaUZX1uvBkZNjfD2zFZ6LPinbypWK4Zl8S0ohwHq0SiZ6xr7mRJlObrlEOfs5zEDc__hYKxDQxH-q4UkcqsW78aW0i-V4_iIesmXIFUH2LgEOQIW0uKNkdtywUJ22Sgc7CCw16iE1IqWy5YChn61OjYxrHilsSygi_a0brQSHNlHwayV6w9lQT7ex2FiHOnxbwC3D2b5ldnhml9Z_Ko1aKOWVDHhaIAZ8lZvWo-q2knL_msFyxc8GI2akkf0081kaQX0vYqOhwAKUl8mRN-qXf9X99zDjbKUMhEUNe6-99LaDY2YUiGY1YROPgtC76L0ZdmqDq0oUZ8Uf28jiSXNsKIegX5MYWoSpfQakFTtKUPKqNXSWp9R2fzaDRy9ny0OHfSyRzWNe9xFf8-E87-nAcYY4zgONU7lL_izhcV5rUfV1K21lRu0El-zOk1LwReGLGMRSg9y2Y4KGAtcR2dWdRykpam4DrHfJ2UG_Z0JohpeBQZ21h2EPi4dItA3EQmbuYX2D6S46hyOcs9lLI5xTaEy4D96r2IYgQuA1Ggg-EXnRs8rbje2Fac9jGYEV6CuVE_2jPcffZc_IPXV4xNIFLTFdbU8vL4n6HEVzuUZPJZ8deD_sY7__SyFJ3io93-pFJ259aEt5YPpkyjgzMOpmtcZIWI_5ixHKvJ1nxjiOdh7w4XvOqchLon4Zk2vWDE22ArE76zRaPLBdQz4ERF3acQoaefSRgfS1P-WZ8qN4s0Obz1QDREeeXF4d0afhIBOkTuvyARk2IYk2o7daMUduJvLwnX5i9aBhDxMLmkx9eARANsNQYZuhB8CUjKBfCrQZ2UGLB7_SN4ujkJfFtMDZO-GmDKQskgkG4kXotdTPLToIF01nZGd8coGECxSVCEvu6486UpR1MIZPLqo6DyiNmsPlCYEgThXBXCJnN7KeTXW_KGoRPQbmcMShDoDb_iRxwupDKk0POVmQHXkCu0_cSyHtUVTy6lv4Cl3C7lHg9YPaW8qAQaPS7guMcFqU1RtEHn1QJF65Ug7m_Tu9hfIzmEnMItDfXOCo8dWTwlPllqA0UMkFj8x6O-el3PsdN8-kfDvCWpt8mppNblogTcDvDH1FUmT3BscuhcDrFSp0o92AAkmIatGyFrQvnlgepjpPgFA6hubd2cbb6tFierkR5yNRnjlBiAKUnTkS3WTN6Jo6dthhVSTfkf8EG1cPEAnEpDwiVIpiWu-_XZFIw6qcFNc-AweU78eJHhR0tVeOnRsZ0plTZzCeLIziqU5PHR7xRWjXy5KS7THJ90c7Fj-CL5RF_g6aLyrsEYRUiqJcSp9_0xmr3pGoRpcJMZDvtLz7r_cwVz1p5bHWJr5YVnT2lnE7N4_mrCXw6Y2PsQIv6GRIGXbVAHQhSjIaSXjMXi8kSrAOyP35WuY5ztghumcfHAfLzE5caGAJopf7CMq8IHV6t0aKj_aM91OFhsyHjClfgk5H-pSq4haIswCp8BTOYAESITtIdpZoAr6OdYKX3LAee-Lq_esNr7irp6--H-c3-bnby9gExTVSDcHaB47I2ysbzsTxnDg8NRGyfDnh1-gDPofx-0nEq79SNQblulSgWM00L3ovrPJtSc2JH7yqePeJgqDzDUMrLRFBm0g4rFLCXT0oHNFN52A1BckoTWf6JIv4i9oLvjCxlOoZzPJRiO0LNv44Gy1Hnw2ZZed5xq_FStIpndoiLcj7wBrCG6hTx9VDtCnl0pmkqpa9OdmbpGQ1XJaiP8r79O7kXRRFc0x30RPdNilvUnTQbtEILwlENfMJuFNX_HcrKVnBlVabF328681CKOFQ2sBavsKgNDuTKWEarS-5OlrSrWB4aiHOo3rsCLB5Ndx8ED8TGLQzJmYvU0kEn6LN-IM3st8n1yonTq7ccB2ss8usz8jsajlmPR9AEixhzx3V1kpEIzVZbTZit9NSP8tuBYCTtYs3JrVlHjL0BC3huKHEqI5gr9trksitlQ-Xt6k9j6MWUENygAtGlkop-ePbaKkJFglOHvoz9gXV36F1oJWOeEJ0xbbc8KHdiwmUKQIULADlOshshggL7hCyE1FHbXGX6kVHxWOScoJjzh2RNkQQIwnqE_FNzn1r7nvqL2Rmx64WbbY1XJ0j7aDZxtwraZeiKqHu_aQbsyIcld9H2lMBcnaCMbSNx4IXJFxbdkek0J1sHw0_eTblkJGr5HfcItSN0UZzLNUb2avLpyBgcOQ7w_p5grieN0EUwWuExbQgJ3ldWwyd27uZFZ0cNtUHPUBMmtt0pfFbQvmhASoXP3_gKAu77O9zn3IiYcsrexNGpSzu2BwEpNdhQJPoQxfUwOgCJoLzMNcsRzSCH-AjLN4OYzMryKPs-kH57MErNqLwPQSpqbrEHx7y534-Jc6LeLZC8oFRCHdWpoQwv00IaC07lDNzlUaQLYmXP8117E9xSo6Zgipqba73cXI3F5WDBqE3yJngNx9f05Ea8F_079B9BLJfYUVwqLY8hYI7_JUtZYqJwnUxHBepJ5tP_znM7z0J2YpE3va2UFPnsaA0z0Fc0eh63juXS_RVPfNHh31VQo9HySRtAahSPV4FVEA7683UL4_f8E8-vg8JpbI3j6CJ3vvigAOrV0qXQPsJx5xcPFBuPGEIEs7ZK4Mqn0RmPKeAg93MI10lv3NFywcT1TFFmLi5OOfCZCW3kMoDed3JWEV8UEO2goUG-tPN0jtA2EzFSfOfbyUPKSLBvVGflTqdN33m22s9HJ9DJZKV1cWteUdorcH1tPBGuOr9LBZ_nNZ8vEXK74jrMl98EduL3x6tnozmiYNovV6ZBwhEchF3nFJ_qJebBP1l735Luraqkb4ru-zz8fB_nEgAJOnywjjShvEhHsA8UdhXqHKqwbRO3_eUJju8BxfxqentXynaevppXK2OpJZPE5_WYzv4xRmmbBKKXieyrLQEHHkvu_lm-H3MOjT5RTOZUoQgQxQflAKHWxPHbWWTI1L6ZSFxm-LtV_Z_avSYqgL05rA1yheq443TsQjtvYrueXw6n76nAcina02VHogqodXLi40ZryvfoCrV-tSmJAsiDKNhao18BRqn5ped8OI82Z-bvjwf7kYBYb7PnYHHXVuutnd-FgW1lm3pvLuiczDKHUsvz5K5sw9V5G6VahdW0cogM8oGKyC7g9ZVzXtxGgA8iv_nAjJyUcYHTXqwqkTNTth090aOvQnYDx3cBE5yLk1vcpBM-G4tim3fiSmytzQYbJ4J5vrMHS7fl_3ZPAK_eROM6MyMILw1q0sVgWZMa6-eXNwye-t5ascL59TgmR40MuKsf4YE71-Lh0g9P1l0SyAxodjdKmGcB_ItQRPNtSnRaCpyxXe2NH2M8uuOOmL0SXHT7SILC7p4Y6VjV_euoLJXrTKQaaDJGQIgKueRugu-BMVC2ymuRQZu0IreM-yVkl23TWSMpoXk2bO6d2I4VK_Bp8b2Fu8DZ1i2kmf-GfsOTvIsi5M80RYclItExG_yI_hxeooH6zyam0J-r6285EtE6glCHFEVZCsb7oVkGt035CxsoFjYk5o6fM9YyXwkeunHUFlSrj9qsFmuZ5HlDnCoNQawfzErw9REZJ87cIWxPNgflZbhvZ02LuqgmGczM1y85QJGwPIdrZXmY_d4p8ZAk6nosILDKYshJBwVbGTGmR-mTa1FUboxBwUq4xg-DTClpe653uqHLvtn4_3SU0LSQd1ay3_KmVRg4xreE0qFsLvad59WV1bSARZEnsfP7BSGw8xKAeVUYh7Rt9mwFaa9vxrWMJwjJpz0LxR-nn7VtFAd&cid=CAQSSwBygQiDzlVvR2AL_b0yCHH66wueazMU8gV-SwzJdxlIIaGuKbP2--M-v6rl8fny_h0ld8soqt_O6IWq9qZnzT1rlNjvP9Jxzo3HZhgB&dc_exteid=31043591371115773406678466343854265&dc_pubid=4
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C4E6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CV40FLKhOZOq4A4Xh7gPZkpf4CMme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC99WXD798sj7gAgCoAwHIAwKqBLcCT9D8_8961HDcFfo34fyJQ2Kevm1gP8dXYehwa-eyVzM_m8s4xY6gujB50LILJ2UsMIfe68B5lp4rycBh6mWkAJVUSQPGlmwjyNpOwc3BzpA4nQ3edEBFJ1qX4wwyprOs0GMvp_HEjTfsUHA0jroMlyNl7fqO5TqRrbNTmddt8bed0-eiOL7G7zTBRx-lDQxW-6RbyXdFsGHovkCvcVrK4JYbpxBGZBX0EnXsUH7HGK8XiZxWiHl9B7sm6CrQZC9YvbXextdl9a2L71l0i8Dfy7YCC02JNb4xSb23ubl6XtUeJq7zTvOis0bO6xlL0gK3Uy4aRjboc-dUKIsigDIULovWcLyVBFUqhRn5gwZDcrnU-IQr_KPifz2b-odNnbTz7ao0rNiX6rQ6c7y3r4BCbz0rNgVCB57gBAGABrbAoqfxuOvX-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=A7oGnKDCY_E&uach_m=[UACH]&cid=CAQSSwBygQiDzlVvR2AL_b0yCHH66wueazMU8gV-SwzJdxlIIaGuKbP2--M-v6rl8fny_h0ld8soqt_O6IWq9qZnzT1rlNjvP9Jxzo3HZhgB
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame C4E6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CYdDKLKhOZOu4A4Xh7gPZkpf4CMme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC99WXD798sj7gAgCoAwHIAwKqBLcCT9C0vmz-c118zrMI5q1YgesSI851H_cZ5j0PbHG-X-8YMzQSsjQWeXSGIZsln8ThZmnsca0jvmG_suTzcwWRSgCy6z5cEtuOnPly_w-rcyQK3Vj8mGiU9BaPldeCJjAr1iKZZI9G6eBw--oZ644q_mZpg18qlE1RAyDE-uTPj0NYcx9esJsZ9Hh_7_qoSBQnWpD6VH3Vb8UMaCbXPUnANRupIxC6UxEsQ7pbZjCmk06O_bVY8he38inFCc9qvOH0Jn440lBIZagCLDEOcMcOGrIfiovuA_OTTZkkj7wVmknaIR89gfTI7GctWuBVvf2DVHVwvSeRwHn77B_NZTFlMeExkmtXUGe5qMsYF0WAwI-ABv7AdGKRYgdc9_tYQUM3SA8RDF0VGAir94JyLsHeC3Xkbc_apuPgBAGABqHDkfzl3P-13AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=HWuE_PPhdd0&uach_m=[UACH]&cid=CAQSSwBygQiDzlVvR2AL_b0yCHH66wueazMU8gV-SwzJdxlIIaGuKbP2--M-v6rl8fny_h0ld8soqt_O6IWq9qZnzT1rlNjvP9Jxzo3HZhgB
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
truncated
/ Frame 7B6E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a2dd6c4893533c794b716e942f9e1c5c8c9750140d0bc97e9d1ca8892a2361a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame B589 		2 KB
842 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13b-807"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 24 Apr 2024 17:41:01 GMT
dt
dt.adsafeprotected.com/ Frame 775C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=84e1dd65-e7ea-43c5-5809-5f4dae9a29e8&tv=%7Bc:bi7EZJ,pingTime:-3,time:131,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:132,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B126~0%5D,as:%5B126~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tCVY7X2+11%7C12%7C131%7C141%7C151*.1352960-69587949%7C1511%7C16%7C17%7C18%7C19%7C1a11,idMap:151*,rmeas:1,rend:0,renddet:IMG.us,siq:23%7D&br=c
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:27ad:6e7d:3901:7e49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:01 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 775C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=84e1dd65-e7ea-43c5-5809-5f4dae9a29e8&tv=%7Bc:bi7EZU,pingTime:-6,time:142,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:142,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B136~0%5D,as:%5B136~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tCVY7X2+11%7C12%7C131%7C141%7C151*.1352960-69587949%7C1511%7C16%7C17%7C18%7C19%7C1a11,idMap:151*,rmeas:1,rend:0,renddet:IMG.us,siq:23%7D&tpiLookup=ao:yalla-shoots.tv*%2C533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com*&br=c
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:27ad:6e7d:3901:7e49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:01 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
truncated
/ Frame C4E6 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea6d36e22ce3cc244542d9a6291827f115f42c4959723f3a1e58ae3dc0987014

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame CDA2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4333625552299&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CDA2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4333625552299&version=m202301230201&ct=76&x=1&cor=15500623169591930000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame CDA2 		82 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BulRPEIdjMh-A5Qug1uK_eUqZauJqKpgrP8mhfMyw4KIWsJJx0YOKFGDBOUYWXRsZS4ZcKdhm_aGZiyjxUy98ySqpPUg&cry=1&dbm_d=AKAmf-AZDRF0yK8l9KhKTrOjYI6K46fK1TU76gqL8K9YLpBmckATuXzL2g446QG2WTKKRiOxhm7ekWhGE9gdnx0CKvRI-m05gn6lTMd9dnNWdeW9E0DGKpxQ6wqqS7zpEZajL1w8SSdNU_HD0oTFXsWJSL7eo9Lk9CygvBxVm9pFerc0KmJcOLl8g_ZkVts7sAbuNYeSvsCABMjPmNkEQO5Xu-GA0Y8yc0jxhriIO0nsGEXAR2ofbtpTtxqj_88inePEb2VzmSRqSCagYF6v_6wmGm5nUQMxP7dPs9srAK7WlEmv4Tsx7AlRHMkA1Tqzyiwibq60_40i06KLYK-qtsqeApWQsJZUi2aCGsRAqTDkdaByoQBoOd_whN82kp8JBrUu5WHKJfE-UTSW_SM0J5U3pzTTY7WecwYctCI4Wr-MOkXf2H4OVxB52SQ03puV4DOfJt0-TfjtKTH0_bCv1syeL4sONuu287MH96DWcU_WpunidbDJD57L7Xs_oe6Mm1bCeuilDMm5FoKW1SCIXNgflh9ItcFHeQK8D4u-NfUitQ_hj1MeKq774VfO6VYTcdMjMxojWxnMz2oKs8357xSK_zDwhbkAaguNInbbapS3RommcdsMVabWssaneQa2QpVCxMTDHI2u7xHKtTXw0r2mWjaQ0oSH4OXGts3eEkrO_ZxQdMsyMoIX-oC9YrXmd6IDtRXeLyzTNM-_cs4TlTbCFq1Q-gbpl1l7TR1UtNK1VSilMkZyqDt35lA1xeHG5tgUMry5lte48vC8-PdbBKIKcKTLhE3t7Fe8BjoJK0p7HJsJk6aOEVsNhT_wc8LBCBmj8K56mDDtmvaFQx40pPLgNra4IGuGjrc_OP205PPUNKrArEfumtW7Iw_gX1dr2IKak3rMrtQgTxex9nT56FLt1_Ibdc8TCpae7vJJWYEv_YOlZ_C5H3uD1p-y7mr2gKs9BtqDqT9KzNq8h-FBrO_SIuCphUSToig_qd9nz_POlL6L2E1HRvhRom30GM2FrmsjyfytEIaMkQ_xDhyLo1mMPhxXmqmL-BJAu3lX4_Om1Cdci1adxti8kVjQJFidbUUZBy1HpozbtlsIF1HzXIjA753mXiqj-aHA3Zq_I6VQ9UL5PrCJKLEVeuMmOY4m0Qcc_zdjm3Z6M9iCyOZY27so4RGcUV65WNAwFyG4R--ZXU64bOR_ViJ3QmFMOXoItbEb0CuBErwh8j2kWJ4J2I9KAGciD5vh8s-SwUwvF6cHIP-7pQ15oTRzyJoVbpXO-daH0ihXGj0q7HY4Z6bKE6nRgfFZ1FKAlk9mXqVXJtJNBq8nF0GlUx4cvx72E6tZ5R5Ogz8D_SufFNm7swFdj28LsVJn1fgsgqJyUAb9z1d3jS_BIUKB8rgeKNUzQX7GVyUv_8TQGmhodJe64ZuTxZgQoZ3B9pASoR8dey6msmagi7jcJSUspqiiZblF5CejoZHn1BE7x46I6H0rFDUppPk7A12_224Xw-qIABTqWsBcmQ-djD9GcDqiqEoyTnp1x5kas0wsTvSBGhrdveSLt4EWsxFhx9tbZI9fCHCh3b0tDTBGURAKzAnql01_Q7XT2kHk9xcmxa_SZ9n_Tvc_FYRs1By0Qh0Ol9gr2TTdt0GCUsoZfCQMo-wy9TY4Amvo_iQHcnhhDnGBHBLtUdZPpL3FLRe5CiYupTuilgNSzGjRT_42if9DVcnqFx2P5PKopFlw0hjSHtcgyb9Kmahp35XvQqfN83VWRWF0SOO8v-yztdS52U5Cuh0R7RNxlICfDrhuVW1r8loP9X9weMREdLJeXLP6Gf9z30DNj5SJmhWk-zl1Q5FeJr_Yhcamnqn8C4qrAhvL8ms8UrayIB6pP0IQfca2qyAxs0085SpLtBvxXHSbmytEsU6hJk8Zl_6MCvqYclgbGWdv9zyJRRbmZWtKt8ZlrjuFNSkwFkfrNXSMYllbIE2xQvCZfF2_nVjpgcAnzTVJCJjegCPgPL87sOfhz2TEwT5WpwN1Z72xQhpkHJGkkmF_wEHNOieCGIWx4U3RIbznjK0WTtbu2fpOY2nrNF3bHrvnSu-l1bPQuIUK5y55If1tYB9Wp3mMemu9VhzU0clE5V2f03LxaaAol_XD-0tBJYOORyKf9nU69l4AJ5Upz6HRnypfthh9PnzYOF8_rNPIpn6uaRyqS8U4QP8Dj5kGuAAX9eZgkawtPqRnmReHezxRiil79xY_KdOsYGxBwxWFmMtWH7L6ZJ1d1JZFOkzSDMx9c1-Th22380dfSfa-DId_DJ_Ngj1LZXbY0iju2TrPkV6-Lc9vCB2PlzybjcJTtO2cN8PrgWULgRi6GG--Wh02wkdHF5gH4RByQ3qOkLgxwiZ91u-mEI3ouXVMaWeuC0IDaYxgx8M8eBXVQZ_GkgED_OCBfHwp9dx1iLdP623DHUlLJXb5djrgHRya5YEfa_40npM14ffdC6SPEhCrRM5tpqPuJ-FOp0mhFvBgNP37xFs_4_V0wYhbuqzsbQW1ozniKWtA_9KDRvMpjMfBUI0IsUB4P1qNr6pqdxhxGaUXB-LzTn2R3iMbGF3yWzJq7cLbhIzUPYM7dfDQTzqRztgsj-ZXU38DowJNrHQZxtW_2Sr1i8lpW9eVfK1sLqLn26IwZblTaUO_V-O3SvTqnZsS-uH2_bcMntFJ2_JtzMQ1bqBUnUHPn4_pIfn13ueb7yHCX81KJvUkFlfe4bnH0lFhUWATh-O8Ou3QG1Jd2WbeE-boKrLbHrSb3mgEQjoPy1EWZzhHPuQYODqCKJ5E59-lh5gmrhQu0Szu4uJosNyNlIib_ID0fWg71MqcSPPwrSS05yHDKjjlmu13cLg1p5O-ZYEW-bVqmNpCygobdpuoWuskeseuvrbvRXuwcJdQ9No42vtBqhU7VA7az5yE7ZxdUy6S_G4rYZDO_XFNR9ceBky6GFsShucBnQkSH7u56hqaqESSXNix23qJQPjS-q1T9VuuwTTUiEZUVeJZYxtCbwQPPkYKYlf4aQo88PEctlXSQRxhmPQjNhe0C1dDXCFXoJ0qa9oa3Hc2DcbU9dO87tTeoGX2sH5B6C0hewVKee8_3_WlAKaVrVixJAZSs3QXR5is8iWc81xQTsMYl0jJMldaDpxxadjgUuiTo0x1kLnGtx5h8eV-_xUARIgv3jw4CG2ar2wDaR7I91WP3Tp4EzzF5AWIPGQoyVj834ynQuClMX02YDViHauxRVKiLMORoX1AS-hdgltrEUPbo8XnP90ZBnHAkUscAh2KQ5fz8wnVQ_YNH15v9eQbAB86AbucMTwvcyU6fgGbxCNM3W0J2qbbH0pjqI_Pg5wGRpl42rFa_BDvAvj66lMyJiV9x4c_8QTfRf5OMFNyjj5DAKYSbW0absOaZrkLedP3-d36c-0SXDlmbLke1N3dP6pMnt4wbAWpQjZxbLHIx24A1wkTVxGIxkRJabUyn1Pbb9HJzkMyfspM29SDsbDVJqU9Mspm6AZE6QNYtqck0Jbzb5ojY6-XYYeI_F_2ANUxJ3aw2tBVspXiP5wK5W7mpF3YRXAeHrDFLFg0hZO4mGBxacpmu4WZ1c9sZoiMibukyTVVka62KFitti9Et19EERmbcgFmi0I&cid=CAQSPABygQiDXVBwIYpKY7RAH4c6cQv0k4sZrwIgOuoFsVuRvDIgwvQPmmTlfLkmZVwbq16oJS2a-XN5WwZ4SxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=15500623169591930000&adk=2988274607&idt=93&cac=0&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6558f3239d674aa931312afe472881265a09fa43e50624d577dbc9ed34045eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35284
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 775C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=84e1dd65-e7ea-43c5-5809-5f4dae9a29e8&tv=%7Bc:bi7F1A,pingTime:-2,time:246,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:486,beZ:487,mfA:489,cmA:490,inA:490,inZ:494,prA:494,prZ:501,si:508,poA:511,poZ:533,cmZ:533,mfZ:533,loA:628,loZ:630,ltA:731,ltZ:731%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:246,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B240~0%5D,as:%5B240~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tCVY7X2+11%7C12%7C131%7C141%7C151*.1352960-69587949%7C1511%7C16%7C17%7C18%7C19%7C1a11,idMap:151*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:23,sinceFw:220,readyFired:false%7D&br=c
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:27ad:6e7d:3901:7e49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:01 GMT
server
nginx
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
kass1_1.m3u8
a3.koora.cloud/watch/pftxnfvWZj-uwby3IMIYsg/1682879806/1682880060/1/ Frame BCC6 		570 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a3.koora.cloud/watch/pftxnfvWZj-uwby3IMIYsg/1682879806/1682880060/1/kass1_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.84.217.44 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
amazon /
Resource Hash
5c18d817e48de5086038c5d2abe8e3fc2d02185dc2748b24c52d8d03dd73f40d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 17:41:01 GMT
Last-Modified
Sun, 30 Apr 2023 17:40:57 GMT
Server
amazon
ETag
"644ea829-23a"
X-Cache-Status
HIT
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
570
Expires
Sun, 30 Apr 2023 17:41:00 GMT
roboto-400-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame B589 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13b-3d80"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 24 Apr 2024 17:41:01 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 83F0 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
87241
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 17:27:00 GMT
expires
Sun, 28 Apr 2024 17:27:00 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/2524470958173506869/ Frame D17D 		119 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2524470958173506869/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d96b79e23781d57f9a20e753f29f7cb9a92cb7035fa698c86d3607950b021ef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
13304
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
24439
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 13:59:17 GMT
expires
Mon, 29 Apr 2024 13:59:17 GMT
last-modified
Tue, 30 Aug 2022 15:15:48 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 7B6E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst7SbC-wPYMNyNL40EcfOO5mnGqH7BTuAVf3WKAEO7pezgUo7z1YPwauRxM5-91nyDO9q3ZeA6yhr_9uqiQ-XhsUL-KppYcO8haZs7q4QRzsTZhz7QQ1zPweIBYk5V68HNon3OTC4kEEStfwwv604hh9MvIh9jKPI7ZzQ2wgk8NF7FNLwC0dlqze2BUgpwPvnX3MmR1mCdN6FvJ7LuhmGH1p_mqBFeXM_ZC6EsRoi7NDHQEgg-3y0fcUKAehVwhAB7oRqHcPZgGTN9ZKAz2Rju-WYvW9rvlDkGiPWw6vaCGjgF3oimxLR0-HU66d-4nA2apckD6E7B8xaZyTh_HyMJpLWhKyqWq2GGnrbijNrTG8WQkPHE438MY9IhaNnBbmHS99Xi_RqEUimBMRDhT24U9IHpULLjlOBVfNDswMVlM8w59yLrk4UzbKKNPnGTHe294arsIoS1aNV4pceRn5Gi1s6SsQF0owMxPmZA-prDeE68KYyJBMVk-8Ot1uEgC8qQCxVTwfVQF-wMJPA7bmBBdNVwxYtC_KuTR-2gLgkOhFfutQ_JSOWlofe2VluUo9EevvD6qgU_YUFuEPpnHu8dv5muPbWOXq_r3ff3ueYGlH41oEfwYDlUlKa08uA76XBTcP0dvuaIAuZJbNO-ZmEfNzc--s8hBSnOru2Xy9l0kJ4AYRxTH4siYZKcYWBnm1KkngIzR4T0FcvrObsHCzod9KmyaEXO3PWjaExQbVVb0pzYKnfx3MSa-QdaXr-DmbxExvVcCfJs0g5pR4xtW9DYJ0hfwssrILre8pWxlSxuicmRgtiPzwkmLmGE1bYbW3-m3zCe2cDAZ4JmUmmuPW9ktwWmzY3xlW2C6FF--DTOOn21gPiDxBv2Xki149GFh38RbcIee_yTpbYvcysxqvkvKezAl7qViShDkvZuGSol6qTqkqzQVOZIKbK5GucodTGSmRd5S1wEtdqsW8kHEjyA9Q6Huky_UIxLOeQH8YFBjnv8dtyTtjRkkZl8R-Z1lOIfUdHBUHtddMtLX3jVHy6hH6bngZ5FZmpRbeWcE6t3mQblIt3E0_eGTKYuqTZydmyBxTlwRrnEvWU51_mTTyEUtmnUs9pSh6kNWcOQ_PParvsTjKzxHUyiegqsBMiNOEmqAE04zzUA5eH5tCdYYChca2Rp7iVPU_4GjaLn2wEVDryi9CpH1smjqNK1yanFBmgO2CF_tUd0gCmoHuolNRQDP3dVgQA1Ains9ubkSSSEm&sai=AMfl-YRKIo6_LnTnghrK0TDwBBgPjEXzyyx41BgvLaJBJQYO54hDTYpsWzK9iNTYZBjMc1b44_78UuR5XG_ZkA2JsGmC4RWwhtXEdmwfce11vkY5DVwubJToSGjYzkMXn9eSWJWr1xAhnU1knz70hw8ZQxHwaTGroaFsUBV0mEvNM76yYBOzB5eCQImwc-M2d2Iggh_jua8zNeH7g90qmzFd0EH9VUiEZwuMns0SHiEIxJhF2hDDMk68ABHm2DInTS25soalPRwu8Mz-YLbuWf96xg8GZdoDK6ei&sig=Cg0ArKJSzP43KLZS9AThEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=309&cbvp=1&cstd=307&cisv=r20230426.42314&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 30 Apr 2023 17:41:01 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 30 Apr 2023 17:41:01 GMT
/
track.adform.net/adfserve/ Frame 7B6E
Redirect Chain
  • https://track.adform.net/adfserve/?bn=56654489;1x1inv=1;srctype=3;ord=3156575333
  • https://track.adform.net/adfserve/?CC=1&bn=56654489;1x1inv=1;srctype=3;ord=3156575333
35 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/adfserve/?CC=1&bn=56654489;1x1inv=1;srctype=3;ord=3156575333
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
image/gif
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
text/html; charset=utf-8
location
https://track.adform.net/adfserve/?CC=1&bn=56654489;1x1inv=1;srctype=3;ord=3156575333
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C4E6 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 18:58:23 GMT
x-content-type-options
nosniff
age
81758
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 18:58:23 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame CDA2 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
Origin
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 09:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29628
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 May 2023 09:27:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame CDA2 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BulRPEIdjMh-A5Qug1uK_eUqZauJqKpgrP8mhfMyw4KIWsJJx0YOKFGDBOUYWXRsZS4ZcKdhm_aGZiyjxUy98ySqpPUg&cry=1&dbm_d=AKAmf-AZDRF0yK8l9KhKTrOjYI6K46fK1TU76gqL8K9YLpBmckATuXzL2g446QG2WTKKRiOxhm7ekWhGE9gdnx0CKvRI-m05gn6lTMd9dnNWdeW9E0DGKpxQ6wqqS7zpEZajL1w8SSdNU_HD0oTFXsWJSL7eo9Lk9CygvBxVm9pFerc0KmJcOLl8g_ZkVts7sAbuNYeSvsCABMjPmNkEQO5Xu-GA0Y8yc0jxhriIO0nsGEXAR2ofbtpTtxqj_88inePEb2VzmSRqSCagYF6v_6wmGm5nUQMxP7dPs9srAK7WlEmv4Tsx7AlRHMkA1Tqzyiwibq60_40i06KLYK-qtsqeApWQsJZUi2aCGsRAqTDkdaByoQBoOd_whN82kp8JBrUu5WHKJfE-UTSW_SM0J5U3pzTTY7WecwYctCI4Wr-MOkXf2H4OVxB52SQ03puV4DOfJt0-TfjtKTH0_bCv1syeL4sONuu287MH96DWcU_WpunidbDJD57L7Xs_oe6Mm1bCeuilDMm5FoKW1SCIXNgflh9ItcFHeQK8D4u-NfUitQ_hj1MeKq774VfO6VYTcdMjMxojWxnMz2oKs8357xSK_zDwhbkAaguNInbbapS3RommcdsMVabWssaneQa2QpVCxMTDHI2u7xHKtTXw0r2mWjaQ0oSH4OXGts3eEkrO_ZxQdMsyMoIX-oC9YrXmd6IDtRXeLyzTNM-_cs4TlTbCFq1Q-gbpl1l7TR1UtNK1VSilMkZyqDt35lA1xeHG5tgUMry5lte48vC8-PdbBKIKcKTLhE3t7Fe8BjoJK0p7HJsJk6aOEVsNhT_wc8LBCBmj8K56mDDtmvaFQx40pPLgNra4IGuGjrc_OP205PPUNKrArEfumtW7Iw_gX1dr2IKak3rMrtQgTxex9nT56FLt1_Ibdc8TCpae7vJJWYEv_YOlZ_C5H3uD1p-y7mr2gKs9BtqDqT9KzNq8h-FBrO_SIuCphUSToig_qd9nz_POlL6L2E1HRvhRom30GM2FrmsjyfytEIaMkQ_xDhyLo1mMPhxXmqmL-BJAu3lX4_Om1Cdci1adxti8kVjQJFidbUUZBy1HpozbtlsIF1HzXIjA753mXiqj-aHA3Zq_I6VQ9UL5PrCJKLEVeuMmOY4m0Qcc_zdjm3Z6M9iCyOZY27so4RGcUV65WNAwFyG4R--ZXU64bOR_ViJ3QmFMOXoItbEb0CuBErwh8j2kWJ4J2I9KAGciD5vh8s-SwUwvF6cHIP-7pQ15oTRzyJoVbpXO-daH0ihXGj0q7HY4Z6bKE6nRgfFZ1FKAlk9mXqVXJtJNBq8nF0GlUx4cvx72E6tZ5R5Ogz8D_SufFNm7swFdj28LsVJn1fgsgqJyUAb9z1d3jS_BIUKB8rgeKNUzQX7GVyUv_8TQGmhodJe64ZuTxZgQoZ3B9pASoR8dey6msmagi7jcJSUspqiiZblF5CejoZHn1BE7x46I6H0rFDUppPk7A12_224Xw-qIABTqWsBcmQ-djD9GcDqiqEoyTnp1x5kas0wsTvSBGhrdveSLt4EWsxFhx9tbZI9fCHCh3b0tDTBGURAKzAnql01_Q7XT2kHk9xcmxa_SZ9n_Tvc_FYRs1By0Qh0Ol9gr2TTdt0GCUsoZfCQMo-wy9TY4Amvo_iQHcnhhDnGBHBLtUdZPpL3FLRe5CiYupTuilgNSzGjRT_42if9DVcnqFx2P5PKopFlw0hjSHtcgyb9Kmahp35XvQqfN83VWRWF0SOO8v-yztdS52U5Cuh0R7RNxlICfDrhuVW1r8loP9X9weMREdLJeXLP6Gf9z30DNj5SJmhWk-zl1Q5FeJr_Yhcamnqn8C4qrAhvL8ms8UrayIB6pP0IQfca2qyAxs0085SpLtBvxXHSbmytEsU6hJk8Zl_6MCvqYclgbGWdv9zyJRRbmZWtKt8ZlrjuFNSkwFkfrNXSMYllbIE2xQvCZfF2_nVjpgcAnzTVJCJjegCPgPL87sOfhz2TEwT5WpwN1Z72xQhpkHJGkkmF_wEHNOieCGIWx4U3RIbznjK0WTtbu2fpOY2nrNF3bHrvnSu-l1bPQuIUK5y55If1tYB9Wp3mMemu9VhzU0clE5V2f03LxaaAol_XD-0tBJYOORyKf9nU69l4AJ5Upz6HRnypfthh9PnzYOF8_rNPIpn6uaRyqS8U4QP8Dj5kGuAAX9eZgkawtPqRnmReHezxRiil79xY_KdOsYGxBwxWFmMtWH7L6ZJ1d1JZFOkzSDMx9c1-Th22380dfSfa-DId_DJ_Ngj1LZXbY0iju2TrPkV6-Lc9vCB2PlzybjcJTtO2cN8PrgWULgRi6GG--Wh02wkdHF5gH4RByQ3qOkLgxwiZ91u-mEI3ouXVMaWeuC0IDaYxgx8M8eBXVQZ_GkgED_OCBfHwp9dx1iLdP623DHUlLJXb5djrgHRya5YEfa_40npM14ffdC6SPEhCrRM5tpqPuJ-FOp0mhFvBgNP37xFs_4_V0wYhbuqzsbQW1ozniKWtA_9KDRvMpjMfBUI0IsUB4P1qNr6pqdxhxGaUXB-LzTn2R3iMbGF3yWzJq7cLbhIzUPYM7dfDQTzqRztgsj-ZXU38DowJNrHQZxtW_2Sr1i8lpW9eVfK1sLqLn26IwZblTaUO_V-O3SvTqnZsS-uH2_bcMntFJ2_JtzMQ1bqBUnUHPn4_pIfn13ueb7yHCX81KJvUkFlfe4bnH0lFhUWATh-O8Ou3QG1Jd2WbeE-boKrLbHrSb3mgEQjoPy1EWZzhHPuQYODqCKJ5E59-lh5gmrhQu0Szu4uJosNyNlIib_ID0fWg71MqcSPPwrSS05yHDKjjlmu13cLg1p5O-ZYEW-bVqmNpCygobdpuoWuskeseuvrbvRXuwcJdQ9No42vtBqhU7VA7az5yE7ZxdUy6S_G4rYZDO_XFNR9ceBky6GFsShucBnQkSH7u56hqaqESSXNix23qJQPjS-q1T9VuuwTTUiEZUVeJZYxtCbwQPPkYKYlf4aQo88PEctlXSQRxhmPQjNhe0C1dDXCFXoJ0qa9oa3Hc2DcbU9dO87tTeoGX2sH5B6C0hewVKee8_3_WlAKaVrVixJAZSs3QXR5is8iWc81xQTsMYl0jJMldaDpxxadjgUuiTo0x1kLnGtx5h8eV-_xUARIgv3jw4CG2ar2wDaR7I91WP3Tp4EzzF5AWIPGQoyVj834ynQuClMX02YDViHauxRVKiLMORoX1AS-hdgltrEUPbo8XnP90ZBnHAkUscAh2KQ5fz8wnVQ_YNH15v9eQbAB86AbucMTwvcyU6fgGbxCNM3W0J2qbbH0pjqI_Pg5wGRpl42rFa_BDvAvj66lMyJiV9x4c_8QTfRf5OMFNyjj5DAKYSbW0absOaZrkLedP3-d36c-0SXDlmbLke1N3dP6pMnt4wbAWpQjZxbLHIx24A1wkTVxGIxkRJabUyn1Pbb9HJzkMyfspM29SDsbDVJqU9Mspm6AZE6QNYtqck0Jbzb5ojY6-XYYeI_F_2ANUxJ3aw2tBVspXiP5wK5W7mpF3YRXAeHrDFLFg0hZO4mGBxacpmu4WZ1c9sZoiMibukyTVVka62KFitti9Et19EERmbcgFmi0I&cid=CAQSPABygQiDXVBwIYpKY7RAH4c6cQv0k4sZrwIgOuoFsVuRvDIgwvQPmmTlfLkmZVwbq16oJS2a-XN5WwZ4SxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=15500623169591930000&adk=2988274607&idt=93&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:08:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
77572
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:08:09 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame CDA2 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BulRPEIdjMh-A5Qug1uK_eUqZauJqKpgrP8mhfMyw4KIWsJJx0YOKFGDBOUYWXRsZS4ZcKdhm_aGZiyjxUy98ySqpPUg&cry=1&dbm_d=AKAmf-AZDRF0yK8l9KhKTrOjYI6K46fK1TU76gqL8K9YLpBmckATuXzL2g446QG2WTKKRiOxhm7ekWhGE9gdnx0CKvRI-m05gn6lTMd9dnNWdeW9E0DGKpxQ6wqqS7zpEZajL1w8SSdNU_HD0oTFXsWJSL7eo9Lk9CygvBxVm9pFerc0KmJcOLl8g_ZkVts7sAbuNYeSvsCABMjPmNkEQO5Xu-GA0Y8yc0jxhriIO0nsGEXAR2ofbtpTtxqj_88inePEb2VzmSRqSCagYF6v_6wmGm5nUQMxP7dPs9srAK7WlEmv4Tsx7AlRHMkA1Tqzyiwibq60_40i06KLYK-qtsqeApWQsJZUi2aCGsRAqTDkdaByoQBoOd_whN82kp8JBrUu5WHKJfE-UTSW_SM0J5U3pzTTY7WecwYctCI4Wr-MOkXf2H4OVxB52SQ03puV4DOfJt0-TfjtKTH0_bCv1syeL4sONuu287MH96DWcU_WpunidbDJD57L7Xs_oe6Mm1bCeuilDMm5FoKW1SCIXNgflh9ItcFHeQK8D4u-NfUitQ_hj1MeKq774VfO6VYTcdMjMxojWxnMz2oKs8357xSK_zDwhbkAaguNInbbapS3RommcdsMVabWssaneQa2QpVCxMTDHI2u7xHKtTXw0r2mWjaQ0oSH4OXGts3eEkrO_ZxQdMsyMoIX-oC9YrXmd6IDtRXeLyzTNM-_cs4TlTbCFq1Q-gbpl1l7TR1UtNK1VSilMkZyqDt35lA1xeHG5tgUMry5lte48vC8-PdbBKIKcKTLhE3t7Fe8BjoJK0p7HJsJk6aOEVsNhT_wc8LBCBmj8K56mDDtmvaFQx40pPLgNra4IGuGjrc_OP205PPUNKrArEfumtW7Iw_gX1dr2IKak3rMrtQgTxex9nT56FLt1_Ibdc8TCpae7vJJWYEv_YOlZ_C5H3uD1p-y7mr2gKs9BtqDqT9KzNq8h-FBrO_SIuCphUSToig_qd9nz_POlL6L2E1HRvhRom30GM2FrmsjyfytEIaMkQ_xDhyLo1mMPhxXmqmL-BJAu3lX4_Om1Cdci1adxti8kVjQJFidbUUZBy1HpozbtlsIF1HzXIjA753mXiqj-aHA3Zq_I6VQ9UL5PrCJKLEVeuMmOY4m0Qcc_zdjm3Z6M9iCyOZY27so4RGcUV65WNAwFyG4R--ZXU64bOR_ViJ3QmFMOXoItbEb0CuBErwh8j2kWJ4J2I9KAGciD5vh8s-SwUwvF6cHIP-7pQ15oTRzyJoVbpXO-daH0ihXGj0q7HY4Z6bKE6nRgfFZ1FKAlk9mXqVXJtJNBq8nF0GlUx4cvx72E6tZ5R5Ogz8D_SufFNm7swFdj28LsVJn1fgsgqJyUAb9z1d3jS_BIUKB8rgeKNUzQX7GVyUv_8TQGmhodJe64ZuTxZgQoZ3B9pASoR8dey6msmagi7jcJSUspqiiZblF5CejoZHn1BE7x46I6H0rFDUppPk7A12_224Xw-qIABTqWsBcmQ-djD9GcDqiqEoyTnp1x5kas0wsTvSBGhrdveSLt4EWsxFhx9tbZI9fCHCh3b0tDTBGURAKzAnql01_Q7XT2kHk9xcmxa_SZ9n_Tvc_FYRs1By0Qh0Ol9gr2TTdt0GCUsoZfCQMo-wy9TY4Amvo_iQHcnhhDnGBHBLtUdZPpL3FLRe5CiYupTuilgNSzGjRT_42if9DVcnqFx2P5PKopFlw0hjSHtcgyb9Kmahp35XvQqfN83VWRWF0SOO8v-yztdS52U5Cuh0R7RNxlICfDrhuVW1r8loP9X9weMREdLJeXLP6Gf9z30DNj5SJmhWk-zl1Q5FeJr_Yhcamnqn8C4qrAhvL8ms8UrayIB6pP0IQfca2qyAxs0085SpLtBvxXHSbmytEsU6hJk8Zl_6MCvqYclgbGWdv9zyJRRbmZWtKt8ZlrjuFNSkwFkfrNXSMYllbIE2xQvCZfF2_nVjpgcAnzTVJCJjegCPgPL87sOfhz2TEwT5WpwN1Z72xQhpkHJGkkmF_wEHNOieCGIWx4U3RIbznjK0WTtbu2fpOY2nrNF3bHrvnSu-l1bPQuIUK5y55If1tYB9Wp3mMemu9VhzU0clE5V2f03LxaaAol_XD-0tBJYOORyKf9nU69l4AJ5Upz6HRnypfthh9PnzYOF8_rNPIpn6uaRyqS8U4QP8Dj5kGuAAX9eZgkawtPqRnmReHezxRiil79xY_KdOsYGxBwxWFmMtWH7L6ZJ1d1JZFOkzSDMx9c1-Th22380dfSfa-DId_DJ_Ngj1LZXbY0iju2TrPkV6-Lc9vCB2PlzybjcJTtO2cN8PrgWULgRi6GG--Wh02wkdHF5gH4RByQ3qOkLgxwiZ91u-mEI3ouXVMaWeuC0IDaYxgx8M8eBXVQZ_GkgED_OCBfHwp9dx1iLdP623DHUlLJXb5djrgHRya5YEfa_40npM14ffdC6SPEhCrRM5tpqPuJ-FOp0mhFvBgNP37xFs_4_V0wYhbuqzsbQW1ozniKWtA_9KDRvMpjMfBUI0IsUB4P1qNr6pqdxhxGaUXB-LzTn2R3iMbGF3yWzJq7cLbhIzUPYM7dfDQTzqRztgsj-ZXU38DowJNrHQZxtW_2Sr1i8lpW9eVfK1sLqLn26IwZblTaUO_V-O3SvTqnZsS-uH2_bcMntFJ2_JtzMQ1bqBUnUHPn4_pIfn13ueb7yHCX81KJvUkFlfe4bnH0lFhUWATh-O8Ou3QG1Jd2WbeE-boKrLbHrSb3mgEQjoPy1EWZzhHPuQYODqCKJ5E59-lh5gmrhQu0Szu4uJosNyNlIib_ID0fWg71MqcSPPwrSS05yHDKjjlmu13cLg1p5O-ZYEW-bVqmNpCygobdpuoWuskeseuvrbvRXuwcJdQ9No42vtBqhU7VA7az5yE7ZxdUy6S_G4rYZDO_XFNR9ceBky6GFsShucBnQkSH7u56hqaqESSXNix23qJQPjS-q1T9VuuwTTUiEZUVeJZYxtCbwQPPkYKYlf4aQo88PEctlXSQRxhmPQjNhe0C1dDXCFXoJ0qa9oa3Hc2DcbU9dO87tTeoGX2sH5B6C0hewVKee8_3_WlAKaVrVixJAZSs3QXR5is8iWc81xQTsMYl0jJMldaDpxxadjgUuiTo0x1kLnGtx5h8eV-_xUARIgv3jw4CG2ar2wDaR7I91WP3Tp4EzzF5AWIPGQoyVj834ynQuClMX02YDViHauxRVKiLMORoX1AS-hdgltrEUPbo8XnP90ZBnHAkUscAh2KQ5fz8wnVQ_YNH15v9eQbAB86AbucMTwvcyU6fgGbxCNM3W0J2qbbH0pjqI_Pg5wGRpl42rFa_BDvAvj66lMyJiV9x4c_8QTfRf5OMFNyjj5DAKYSbW0absOaZrkLedP3-d36c-0SXDlmbLke1N3dP6pMnt4wbAWpQjZxbLHIx24A1wkTVxGIxkRJabUyn1Pbb9HJzkMyfspM29SDsbDVJqU9Mspm6AZE6QNYtqck0Jbzb5ojY6-XYYeI_F_2ANUxJ3aw2tBVspXiP5wK5W7mpF3YRXAeHrDFLFg0hZO4mGBxacpmu4WZ1c9sZoiMibukyTVVka62KFitti9Et19EERmbcgFmi0I&cid=CAQSPABygQiDXVBwIYpKY7RAH4c6cQv0k4sZrwIgOuoFsVuRvDIgwvQPmmTlfLkmZVwbq16oJS2a-XN5WwZ4SxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=15500623169591930000&adk=2988274607&idt=93&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:21:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
76743
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10878
x-xss-protection
0
server
cafe
etag
6410051166583139006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:21:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CDA2 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78939
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 19:45:22 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F0A5 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39191
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 06:47:50 GMT
etag
48472445140208031
expires
Mon, 01 May 2023 06:47:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame CDA2 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad05d61df36af8ea09511d13f1808ae595ec7cc8ce1189ec426157fd0fd98b99

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F599 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
87241
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 17:27:00 GMT
expires
Sun, 28 Apr 2024 17:27:00 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame D17D 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2524470958173506869/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2524470958173506869/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:57:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49417
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 May 2023 03:57:24 GMT
C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
pagead2.googlesyndication.com/bg/ Frame 83F0 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:12:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
336512
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14118
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:12:29 GMT
index.html
s0.2mdn.net/sadbundle/6339305023804019934/ Frame 07BC 		104 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6339305023804019934/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a36ea9943712a2b2aa84b9149e7147cb21e3385a538febead16887adb3648fcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
135198
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22163
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 04:07:43 GMT
expires
Sun, 28 Apr 2024 04:07:43 GMT
last-modified
Fri, 21 Apr 2023 11:25:17 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame CDA2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstlaCCQFvNrbdEmylDtIlrS7FfK_gzpRG4CFWng2N-Nzu-ZGnRWlgp6Z9NlKbG_lo3_0Ui9Mq-_GRjGGiT-p2--0RmRKILOEvIRiWNxvstAKa7_u8L9HiobxY7CtZNnQv3I7XM41AB83OsTLOXqyRhusdV7SEornji_AuVZEuGaBw5g93qGHkS-MCSLuGkdVSo1e0x-snzLL8Of73iFEzru4w_Bj5PMUpwX4qMQS8nhw21k0tqpUzICQUGzzS_zzfeaRz2L-NQ8IQFkmIuJR9FZksFUbLwZcBEqlIhsLkI-IGsOEc_tKPA6pbVCIn5F9ZW-cJhltf_eMf2KCIUDu6iv-N20pZf9ZWwLR6mMwnJbmDPTjPJcHOUOMCpb47AZlZLxTA-E4xKZJA_pA7ugrSaw2_CzuC54-87rlujr3nKVaQ0wAql50COdJ7snj-pKZ3Y3ggMypN6LpdKN9mKcIZ34Z1gdq41uQQujqmcec5EN15yBZ8sHv_y-1M1r0e0snl2MUSAvi0xqbvI4AaXfLI2TzT3XPSR5THRLsz3c4wSWYLQjnRQh0e7EYJrmWvMncjIVGd4H_NIRoeyMI0h3_aF-O1dJRgo0Rfx3t04erxoCVJiXkzv8jETa-iGGEQLTjQ-kbZVER58Kif3GJfMLWu4NAxwHPrCqhluwBFtOZKv3Cp-XgXZnPHwrC5KUUjeQYPQx020QQMYR2N5I9-8ls3m2Aj2H8EREeZyjJ_aBKLe90QywNY79imRvXaH_uRxuSE5V78fpYL-JeAEfL5dWrDrwcoH-Ybb3gDqnqltvIvE84FCU1K6xfPOOwrygS_GiRL6FaTNDTARWYJj54ZysxMU973MK1XwkWldX83Zm4GD8MlteJNTztVKN6jbu3UFZvZRDsV4YPOQvvTdb_wljETHzD-mUfcdmAHMniyDkoyrCNfSVtrGJFmRVxOdn_S2h3SAACh2KK-NavyaAuK2eXumH4F9WKETtTeZcoMNs__EOPElJSco4-mKeljsESr53FLcdusJE_A1MFmVo5gi1Zp2mepmesifGo6GzFQ5rZF7BfI69b6jGsxkXK26P5LrWwpF21qfG_O2lHARLKEevwuhPQz4thsDxkcJ8M_fBnl82f_6Ww3cWlr5pxcfwfEDPQcci-PU3Vntp7JGzwGMBwC_I_vEvZER9VT0X6KhG6h1UnOu6Famm_SiUKa4RdImTTkII8rOAIPYmB-Mv5HNZdxmZT2ARYhcWEVgtTEDa5MkvM1h4GZZ1VnQCa8r8cQ&sai=AMfl-YSqCnQ20bg9C3Whq4Og6-xFV3_7pAq7ptYypuy0HfdXv4qk0vO6gnKTB3M2sRIfVZZ5WsY8Y7m5pWCp9_XztVdQgmcIp1swrR-Dr406MQ9Bv52sOg0W7o4qN4B6YD7mnYUUp3D_tCaYOzE5LHrLkTcElVfo7JKhdvN-wMtvpJ6NA3dFpXCYOkI1tuf_TnidnVIzVenWSGaFm0nH1GtUIG_Z1UqjT8o1UVqwhmfmrCH8joDI9BPAPNXXsioUciGglBblRPA&sig=Cg0ArKJSzBFGXGmT5bo2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=141&cbvp=1&cstd=140&cisv=r20230426.19766&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 30 Apr 2023 17:41:01 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 30 Apr 2023 17:41:01 GMT
generate_204
tpc.googlesyndication.com/ Frame 46EA 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Ppqxqw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:01 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame F0A5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEc4aSrx2lXxS8Vg3XikRTw&google_cver=1&google_push=ATf1kGPMPlejmjnmWQXACvx1BQkezHYIpchSMf0pWcsg9hKD8ZaHi5rABXjIv7trkpXFGbNSI02Roy2zdwf9JDxN...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPMPlejmjnmWQXACvx1BQkezHYIpchSMf0pWcsg9hKD8ZaHi5rABXjIv7trkpXFGbNSI02Roy2zdwf9JDxNEBidF6QKCABZ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPMPlejmjnmWQXACvx1BQkezHYIpchSMf0pWcsg9hKD8ZaHi5rABXjIv7trkpXFGbNSI02Roy2zdwf9JDxNEBidF6QKCABZ
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 17:41:01 GMT
Server
MT3 830 785530e master cdg-pixel-x13 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPMPlejmjnmWQXACvx1BQkezHYIpchSMf0pWcsg9hKD8ZaHi5rABXjIv7trkpXFGbNSI02Roy2zdwf9JDxNEBidF6QKCABZ
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 30 Apr 2023 17:41:00 GMT
pixel
cm.g.doubleclick.net/ Frame F0A5
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEFjUPx-YCLHlA3XUSxharzQ&google_cver=1&google_push=ATf1kGMYDG_NzGapcNWtwAnOavlFRMjFLbwwjLlGpYADlXrPq11ZYUaZAKk-eOcvERb93_t6b2eZwFhi67P5vdZCa2u2nfjBV2D3
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QTkyMjA1MzJGOEI4Qjg2MA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QTkyMjA1MzJGOEI4Qjg2MA==
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QTkyMjA1MzJGOEI4Qjg2MA==
date
Sun, 30 Apr 2023 17:41:01 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame F0A5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECmsdYZu0BuaP9xyC7tvoN0&google_cver=1&google_push=ATf1kGPONaiqD0NY1CTH4qzLMe5hj9pnkKPHQTMseQyCO5M9a9A0jW-pTdeEvtpggDAsw4x_Qeiu0a_6...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECmsdYZu0BuaP9xyC7tvoN0&google_cver=1&google_push=ATf1kGPONaiqD0NY1CTH4qzLMe5hj9pnkKPHQTMseQyCO5M9a9A0jW-pTdeEvtpggDAsw4x_Qei...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEwMDE2OTQ1NTcxMzYyNzIz&google_push=ATf1kGPONaiqD0NY1CTH4qzLMe5hj9pnkKPHQTMseQyCO5M9a9A0jW-pTdeEvtpggDAsw4x_Qeiu0a_6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEwMDE2OTQ1NTcxMzYyNzIz&google_push=ATf1kGPONaiqD0NY1CTH4qzLMe5hj9pnkKPHQTMseQyCO5M9a9A0jW-pTdeEvtpggDAsw4x_Qeiu0a_63vWanllnz1wANhcIvd8
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEwMDE2OTQ1NTcxMzYyNzIz&google_push=ATf1kGPONaiqD0NY1CTH4qzLMe5hj9pnkKPHQTMseQyCO5M9a9A0jW-pTdeEvtpggDAsw4x_Qeiu0a_63vWanllnz1wANhcIvd8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame F0A5
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEMXxhXRfHtGL6BXaDK8XLCs&google_cver=1&google_push=ATf1kGNIyBttJEb0OdKzL79qWCT4GJbbwylbwuys3VqZkNJsbLKlRov3wJpKG8LNtdml28YE5D-Jp4winZEl5Ul-jDxd6QY...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMXxhXRfHtGL6BXaDK8XLCs&google_cver=1&google_push=ATf1kGNIyBttJEb0OdKzL79qWCT4GJbbwylbwuys3VqZkNJsbLKlRov3wJpKG8LNtdml28YE5D-Jp4winZEl5Ul-jDxd6...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNIyBttJEb0OdKzL79qWCT4GJbbwylbwuys3VqZkNJsbLKlRov3wJpKG8LNtdml28YE5D-Jp4winZEl5Ul-jDxd6QYgTNOa
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNIyBttJEb0OdKzL79qWCT4GJbbwylbwuys3VqZkNJsbLKlRov3wJpKG8LNtdml28YE5D-Jp4winZEl5Ul-jDxd6QYgTNOa
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNIyBttJEb0OdKzL79qWCT4GJbbwylbwuys3VqZkNJsbLKlRov3wJpKG8LNtdml28YE5D-Jp4winZEl5Ul-jDxd6QYgTNOa
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame F0A5
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qSoxq7ezSF-XkMxHTe5s_A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qSoxq7ezSF-XkMxHTe5s_A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMaUaYUTa09HHV6fN0Jokzkpco5El_TCSqCAS5YSisL_nfJZw71S8nYwnR3oYKnBzCos01rmhFwBr4OBgEsrRLuIT2QasEp
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qSoxq7ezSF-XkMxHTe5s_A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMaUaYUTa09HHV6fN0Jokzkpco5El_TCSqCAS5YSisL_nfJZw71S8nYwnR3oYKnBzCos01rmhFwBr4OBgEsrRLuIT2QasEp
date
Sun, 30 Apr 2023 17:41:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
sync
dsp.adkernel.com/ Frame F0A5 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEPhrAyNDblsTEuBabfpe2X8&google_cver=1&google_push=ATf1kGMf8oRfOsknEFWeNaecg4KEuuUhEE_UYrp1lhJXnDWxijHkqG6HRjJGLoXYFBMk6YDB23wfrgXTtuw78aENpCnQdue8WJER
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 17:41:01 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame F0A5
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEGRHwS954gL_vubomCwBOJM&google_cver=1&google_push=ATf1kGPWgR1xTFrMuLt4UMCHmkFQ4DQMloDFWVmORs-93VZZ0Rm4exsQb0Ev8MWCeLxtjyNfXN-Hp...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGPWgR1xTFrMuLt4UMCHmkFQ4DQMloDFWVmORs-93VZZ0Rm4exsQb0Ev8MWCeLxtjyNfXN-HppgG642ZPvDINkAZa7YWYAI&google_hm=WkU2b0xzQ284...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGPWgR1xTFrMuLt4UMCHmkFQ4DQMloDFWVmORs-93VZZ0Rm4exsQb0Ev8MWCeLxtjyNfXN-HppgG642ZPvDINkAZa7YWYAI&google_hm=WkU2b0xzQ284WHdBQUE0Mk9yNEFBQUFB
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Sun, 30 Apr 2023 17:41:02 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEGRHwS954gL_vubomCwBOJM&google_push=ATf1kGPWgR1xTFrMuLt4UMCHmkFQ4DQMloDFWVmORs-93VZZ0Rm4exsQb0Ev8MWCeLxtjyNfXN-HppgG642ZPvDINkAZa7YWYAI&proto=google_ebda","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZE6oLsCo8XwAAA42Or4AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad341"}
X-SO-Key
ZE6oLsCo8XwAAA42Or4AAAAA
Server
nginx
X-SO-Upstream-ID
m-ad341
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGPWgR1xTFrMuLt4UMCHmkFQ4DQMloDFWVmORs-93VZZ0Rm4exsQb0Ev8MWCeLxtjyNfXN-HppgG642ZPvDINkAZa7YWYAI&google_hm=WkU2b0xzQ284WHdBQUE0Mk9yNEFBQUFB
Cache-Control
private
X-SO-HostName
m-ad341.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
34
Content-Length
0
X-SO-LB-Hostname
m-tgng24.dc4p.scaleout.jp
X-SO-IP
80.255.10.200
attr
cm.g.doubleclick.net/pixel/ Frame F0A5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LYmTFeu5ehUqhkf1h5uR6O-V8WeoinJaxCoVttzFolGXJsc3KDoZG5F7z5j6745uGnr5rn
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:01 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5605 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
87241
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 17:27:00 GMT
expires
Sun, 28 Apr 2024 17:27:00 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 07BC 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6339305023804019934/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6339305023804019934/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 03:57:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49417
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 May 2023 03:57:24 GMT
C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
pagead2.googlesyndication.com/bg/ Frame F599 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:12:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
336512
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14118
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:12:29 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7B6E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst7SbC-wPYMNyNL40EcfOO5mnGqH7BTuAVf3WKAEO7pezgUo7z1YPwauRxM5-91nyDO9q3ZeA6yhr_9uqiQ-XhsUL-KppYcO8haZs7q4QRzsTZhz7QQ1zPweIBYk5V68HNon3OTC4kEEStfwwv604hh9MvIh9jKPI7ZzQ2wgk8NF7FNLwC0dlqze2BUgpwPvnX3MmR1mCdN6FvJ7LuhmGH1p_mqBFeXM_ZC6EsRoi7NDHQEgg-3y0fcUKAehVwhAB7oRqHcPZgGTN9ZKAz2Rju-WYvW9rvlDkGiPWw6vaCGjgF3oimxLR0-HU66d-4nA2apckD6E7B8xaZyTh_HyMJpLWhKyqWq2GGnrbijNrTG8WQkPHE438MY9IhaNnBbmHS99Xi_RqEUimBMRDhT24U9IHpULLjlOBVfNDswMVlM8w59yLrk4UzbKKNPnGTHe294arsIoS1aNV4pceRn5Gi1s6SsQF0owMxPmZA-prDeE68KYyJBMVk-8Ot1uEgC8qQCxVTwfVQF-wMJPA7bmBBdNVwxYtC_KuTR-2gLgkOhFfutQ_JSOWlofe2VluUo9EevvD6qgU_YUFuEPpnHu8dv5muPbWOXq_r3ff3ueYGlH41oEfwYDlUlKa08uA76XBTcP0dvuaIAuZJbNO-ZmEfNzc--s8hBSnOru2Xy9l0kJ4AYRxTH4siYZKcYWBnm1KkngIzR4T0FcvrObsHCzod9KmyaEXO3PWjaExQbVVb0pzYKnfx3MSa-QdaXr-DmbxExvVcCfJs0g5pR4xtW9DYJ0hfwssrILre8pWxlSxuicmRgtiPzwkmLmGE1bYbW3-m3zCe2cDAZ4JmUmmuPW9ktwWmzY3xlW2C6FF--DTOOn21gPiDxBv2Xki149GFh38RbcIee_yTpbYvcysxqvkvKezAl7qViShDkvZuGSol6qTqkqzQVOZIKbK5GucodTGSmRd5S1wEtdqsW8kHEjyA9Q6Huky_UIxLOeQH8YFBjnv8dtyTtjRkkZl8R-Z1lOIfUdHBUHtddMtLX3jVHy6hH6bngZ5FZmpRbeWcE6t3mQblIt3E0_eGTKYuqTZydmyBxTlwRrnEvWU51_mTTyEUtmnUs9pSh6kNWcOQ_PParvsTjKzxHUyiegqsBMiNOEmqAE04zzUA5eH5tCdYYChca2Rp7iVPU_4GjaLn2wEVDryi9CpH1smjqNK1yanFBmgO2CF_tUd0gCmoHuolNRQDP3dVgQA1Ains9ubkSSSEm&sai=AMfl-YRKIo6_LnTnghrK0TDwBBgPjEXzyyx41BgvLaJBJQYO54hDTYpsWzK9iNTYZBjMc1b44_78UuR5XG_ZkA2JsGmC4RWwhtXEdmwfce11vkY5DVwubJToSGjYzkMXn9eSWJWr1xAhnU1knz70hw8ZQxHwaTGroaFsUBV0mEvNM76yYBOzB5eCQImwc-M2d2Iggh_jua8zNeH7g90qmzFd0EH9VUiEZwuMns0SHiEIxJhF2hDDMk68ABHm2DInTS25soalPRwu8Mz-YLbuWf96xg8GZdoDK6ei&sig=Cg0ArKJSzP43KLZS9AThEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=534&vt=11&dtpt=225&dett=3&cstd=307&cisv=r20230426.42314&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 17:41:01 GMT
kass1_1.m3u8
a3.koora.cloud/watch/pftxnfvWZj-uwby3IMIYsg/1682879806/1682880060/1/ Frame BCC6 		570 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a3.koora.cloud/watch/pftxnfvWZj-uwby3IMIYsg/1682879806/1682880060/1/kass1_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.84.217.44 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
amazon /
Resource Hash
5c18d817e48de5086038c5d2abe8e3fc2d02185dc2748b24c52d8d03dd73f40d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 17:41:01 GMT
Last-Modified
Sun, 30 Apr 2023 17:40:57 GMT
Server
amazon
ETag
"644ea829-23a"
X-Cache-Status
HIT
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
570
Expires
Sun, 30 Apr 2023 17:41:00 GMT
kass1_1-2130.key
a3.koora.cloud/watch/pftxnfvWZj-uwby3IMIYsg/1682879806/1682880060/1/keys/ Frame BCC6 		16 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a3.koora.cloud/watch/pftxnfvWZj-uwby3IMIYsg/1682879806/1682880060/1/keys/kass1_1-2130.key
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.84.217.44 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
amazon /
Resource Hash
36bb55835a3a4ea7928f253ed310b3d301074f3f1d01cd1a8aca0dd0cce44cb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 17:41:01 GMT
Last-Modified
Sun, 30 Apr 2023 17:40:20 GMT
Server
amazon
ETag
"644ea804-10"
X-Cache-Status
HIT
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16
json
pro.ip-api.com/ Frame BCC6 		165 B
321 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json?fields=2181826&key=XOpiansRgYxGTho
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
206a897d4335ab4e2688975d97034a3e4f2709326beccac21a91fbdc48880e72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 30 Apr 2023 17:41:01 GMT
Content-Length
165
Content-Type
application/json; charset=utf-8
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 775C 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
Origin
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21882
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 May 2023 11:36:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame 775C 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1352960/69587949/xbbe/creative/adj?p=APEucNX6J70ZwVx17QEzoj0T2nY2WMKNMlGOYV7thstlQk8nswUzs4Q&d=CokBAKAmf-B_rrkZu_qM7YbdePvTjoZVh86jhpHAZkOPPbFbAQmGTuTPFFIUxpZQLNOBvNiAWaPnjHqlpqnoSsoUo5Th6EcHh0uBg2VpNJ7Uhyuszlzz8PB3ZiONPi4BzBb_uckyAyJSunM7M6HAdxcZsLp5-WvyPxd-9vlgkTPDFOjKUhjLTDmDLA8S2RUAoCZ_4FryRRN8fLDrtDzcWpwmwLHHKioyzOtROpdZqO-2B0cpuPS_XKOrdHvIhHQgQ1ex5FdxL81nXfkATQjKGIlwcIteSLOyhWb8wM86IfSPowxIQDAzziJkdYL2zocEXlytR-v8MaaErqA3Ho2Puspr7DVz1su4PJ3o7MI8eo2L1d7_31gJnq-SBzPSMWh-7luRik2Uc3lMq2ezsO8780kybbMIS5wWPY58OQoqqfNNYOw-yxGq_wpnwYp6P3uEFEt2Y3j708cIX1MGtLaEKi55cy3zKSpg2FGhyorKXaFT1zKiyGdhEBeV6dRRxFdd93MJJrzSV3aU2ryEWgfozTGWbTGJ6hM3FfT3Lqp1S0yhfJr0xToQJQLqW5hgsISTPcDLIHyuKOOCzNvILj-1YevPJPInWn5KnjQCW5QywjWPtVBO-1wXDAnlZAf27RucBVnuZEwclheQvO9A53z8TJ6MYMEu-LD6mB9_5q9sgQTQtKV5_yByoWTlC0XgXjMcJFa5NpG0RSDXJP9Qgu-Bzl6tvfbaQ7mtaFPHbq5fl5tQcWW8MZBpDbO3_QBUdgLHFAeAMtI_1Hzj3WEBO92O2gD63MQ9L3crLtCN0Vxv_GGeSJxSJiSmeRU6Sn_tGq1aA63vj2Y3ybgKAndFyzl5JOyGxbKsvDpAsGgNvE2Ip-5tpBECrpO_ZQgi2mJK_NsL23CagSk-H9Z2YfC3fCOGFKdeiyOYZlBx1J5kM0cUrK_SjMrTHyxIjc95Z38ZntLgBIUnuhOTVrAfu62JT-siskWRh-EuzQ0F4vYQ4Lb3iirESFfw1LIBn1DTSeHCnmNDYvt0mcWRHAG_TS4oUKz3irI3-6PHMRRF5A1wSNP_YWXVjPDP5CX0neXzQsArJUaaZSQUbI5rnqFs41Wc-OBsNI1lGAKwsAIYV1jDqlZ36TfZAZsTito_snScq1T3mOmlm5JdpaJxDmntXptqKq9aAdH20dEuJdduwbCcL9lsErZrk7DBpsYucNd_tPoT8UgkOui3rlss4WJ2Pr6qx35lsL4TNTgW03XBVUx7U9SwWwLQyBMh9tsCZ0al9dghb1p2JBpCobHmL0SYYYKpoAWCfbJn3K88xj6zhPBInGsqi-29tdvx1954-Xi5kybRADK8r9bubCC6kI6i-OrxoplfXbpuMgcmvo6p7B3uA6QkYbc8JnuveUhe2Yil4QTKjwwkPI5OezE4RmF5rc9g1LThzG7mVv-m5H1UD3ILpVYnL_GbegN3N00TJ7uzsiS5ivTfM7bmqJ2JBTm5OjvTlc6YQwj2YEvYdVIGCszV0aI85fHkWUr29zaJrtDszPLztJWH0K3LPN6sZkTQOHMl6OiJi4ysdpTzJLMbwvkx3GQ7PxUIis5Lej9kc_v5QY5cCVX8DJQ7OA9N4LiIw7TEgsnM8tzSswh7S8RcGJJ0qc0UItJ5-Q3Mxc6stKPdvbbOJvAWPUawWZfKyeSQ0Kjc9rsN0N44iimU8O6Sg6LalfIvzC3rtvwzOemCBhub3Q0lMin-vRsp0mcgdy3Lth9tXY7rtERd4lM_1cfowKnbj0829pvWZLOUgI1wccObeqb6Iauvwabt79Q49vClPm2IYZLD36luufTYbUHfJn2MQNJenGXwY6h_PbpBX44DKQG5o9ViZwQ8GZFacPfyvEO4esMSTJHy1I7vP6Aaa1lGhEd_mdNLE8SPPo9CvqBMkmklnNfPdTEpQScaG-17ac_V-beQVZGp6emrHQj94Hn_29q7wTLWiFaMTk8jMnKI_xYqgm19fRauPkgVfGkFmx4wsvQHmRUxE1Nw9UwLUFUaq96lRwTGavxEuUBVQYeL_e_IWSeQO5PvaSh_jsr4jRgHsvZxwdzKb4vaqW5HxMV9FHV_0K9iOvSXd1iip2H_nHTZW3HSh-I6xypeh8CSiCtM1gFnAqMcreiB5kaWT8vXxsQ58Y_K7daqTgN3m1MFsbbYrMIywCUu6tdiBg15LLkwLb2zuy1HaDNoeuzic20GCLBUu-dSGwnL0du9yjkde470FOzOgtTs7zuB9EHtkxJrI0l-0Vjv_dBK4tbpFmHItjBJE47xwXqtrJ94amymgIMh82ng26bAoUFL9Ycwq6EUD8uzTsN8X7Lupdwx0jzcUt8atJlD0v0ov-FJYL-QgfKaOsBKK1B92uLcJrfUWhPuY0ZGjt3fV9wwH2pv_7e0ANqBokgAXeXqD-8FPFs95DUABaZ_kkN71W8hDvZI2RicKMiTFq8ZZPK7sKch91_UOkefahmqHXoioLijTRmd4zBmziTOL8cU-2jHjsmY6UR0tQAUDo8qQPiRn8BM31xWHyz24feI_PdLmJdilgwKm5sJFKTsUgGaVeyYGvTZ3u4qlewPU8MDs9BibEIIf6G6i8coGmJIQsCrBaToz9Y-3teB_7u2GuJIpSeqZL3g-LOF-Q6-4H_hlDiF-Nmka7qF7VFbUaMhzFaadN1Ak5C43DM0V31tu252yKwmyQPa1SNXZY4RoGcdpjTe086DjzvTPx6KM_pYuPNn1e7cL6dXKHtXZ_Z3sAiEKejoIm4GT_uGvm0QP1whwqiyOFg-byRMugK_6VkUXmOw6xlp1ximAViFO_MfDZsi-58qIKP91H-QyJ3nkL2DGr9m5VMqiMjUcB-xWhRB_CXzQALWxDjq_CzGjxzpC3A2xxE7TlPC5LJlB3RWbK2-Fqh4Zut3f6e2OQroy3xH7G_LGODV_72_6wpU_IE1KNzsKzlVVx6v0VQ5RwRnkB7fJH60CvcMErKbuGsh5sYBjCP18iqYAAhFHPmLhdcJSJmSoH6qZZwY9ktUkLaAMQSH6trRQk6HWmEdDruVX88xyb_n6l4vkCN2MWNJKTSUtH01y7z7gie35sofpT3ROav8fSRdLcW1SFODjVUTw0aWnSdnVYs0TBvdiIRJUJK2dvkI1x9QQ3AKo2p8iygbHikX_9sqi52mhjO1ze4EKta60ShsrjD6Aso3a3u9tb3llliK1HSZRvrmPwF7ndiaMkg3DrsYA6r-UnuvG9nfaI-DH8wtjmOkmy0mqwUBeoNgEiUjWxKsaAE7KgnEYm7EENLK0RN-xO8UVDUzjRE_sw7OWKy_fjmZoPt1mw5hFmKdNXyNm2PLm25rZ8PuMT0Daktqxi9IEtNqqJ8Z1XC13qtADLV_zZmuSHeFK2I7feM187z9LSQkAtgkjT7smhkbgbpkVhe7OUXey1QQD03UPwCIynuh7Hd2RG_5WbPb3WrVY-nboDvTtHva5wW7t3EwQq8ke4jPup6Rh4shTeDBgSOTFKzu_LIwcve4_LHvljMIe5HJ-dvaVJFltEQ4OVRrAzdt-RMBgiU0E03ldcaGrAYLvoEW_JvwtevUZQyEKHqwemFT5PvU3nQlYZlBAWSj3jKupb-n9E0N9qCwFuz8lrkGN2_1k_jcEQ0nUW7lEN7jeHZO3rzKVfqT7fzGIBjXwJgYX8gRDh5EDcCouckLaYK2r62IzyP4hviV96jho0j2Z6z1yJQ9UEt1mcqjsIOjSWtPet_sZT71SsIBcCwYQtrOjytlE6MMjdSHl92qre5a137X4zI4vkofE28gbJgc4D-uQLZUpVpe4K_dqGRii8Yk9zD2PMJ0_4Gs89eUMUVAaExPqZEtDRQzppIfexwctr3sjpjj1sc8uSk_jlJhyblDKI3HeVg4txpECAQSPgBygQiDCrGd3Evj_fLqetRWXEE-Ko7GRfAZ3cWBDoJSg8SIMBRcWD-L_YeYNFPFQD9B2UNHKJK_ZXwM6nhlGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1010578566&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=19682531407&bidurl=https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0js16QDM96bh7h8ir81OLlh&adsafe_url=https%3A%2F%2Fyalla-shoots.tv&adsafe_type=g&adsafe_url=https%3A%2F%2Fyalla-shoots.tv%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:84e1dd65-e7ea-43c5-5809-5f4dae9a29e8,c:bi7EXY,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-67fb65999c-jh4vh,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tCVY7X2+11%7C12%7C131%7C141%7C151*.1352960-69587949%7C1511%7C16%7C17%7C18%7C19%7C1a11,idMap:151*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:22,oid:2bd6665a-e77e-11ed-902a-0ea89586c999,v:19.8.400,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:08:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
77572
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:08:09 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 775C 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1352960/69587949/xbbe/creative/adj?p=APEucNX6J70ZwVx17QEzoj0T2nY2WMKNMlGOYV7thstlQk8nswUzs4Q&d=CokBAKAmf-B_rrkZu_qM7YbdePvTjoZVh86jhpHAZkOPPbFbAQmGTuTPFFIUxpZQLNOBvNiAWaPnjHqlpqnoSsoUo5Th6EcHh0uBg2VpNJ7Uhyuszlzz8PB3ZiONPi4BzBb_uckyAyJSunM7M6HAdxcZsLp5-WvyPxd-9vlgkTPDFOjKUhjLTDmDLA8S2RUAoCZ_4FryRRN8fLDrtDzcWpwmwLHHKioyzOtROpdZqO-2B0cpuPS_XKOrdHvIhHQgQ1ex5FdxL81nXfkATQjKGIlwcIteSLOyhWb8wM86IfSPowxIQDAzziJkdYL2zocEXlytR-v8MaaErqA3Ho2Puspr7DVz1su4PJ3o7MI8eo2L1d7_31gJnq-SBzPSMWh-7luRik2Uc3lMq2ezsO8780kybbMIS5wWPY58OQoqqfNNYOw-yxGq_wpnwYp6P3uEFEt2Y3j708cIX1MGtLaEKi55cy3zKSpg2FGhyorKXaFT1zKiyGdhEBeV6dRRxFdd93MJJrzSV3aU2ryEWgfozTGWbTGJ6hM3FfT3Lqp1S0yhfJr0xToQJQLqW5hgsISTPcDLIHyuKOOCzNvILj-1YevPJPInWn5KnjQCW5QywjWPtVBO-1wXDAnlZAf27RucBVnuZEwclheQvO9A53z8TJ6MYMEu-LD6mB9_5q9sgQTQtKV5_yByoWTlC0XgXjMcJFa5NpG0RSDXJP9Qgu-Bzl6tvfbaQ7mtaFPHbq5fl5tQcWW8MZBpDbO3_QBUdgLHFAeAMtI_1Hzj3WEBO92O2gD63MQ9L3crLtCN0Vxv_GGeSJxSJiSmeRU6Sn_tGq1aA63vj2Y3ybgKAndFyzl5JOyGxbKsvDpAsGgNvE2Ip-5tpBECrpO_ZQgi2mJK_NsL23CagSk-H9Z2YfC3fCOGFKdeiyOYZlBx1J5kM0cUrK_SjMrTHyxIjc95Z38ZntLgBIUnuhOTVrAfu62JT-siskWRh-EuzQ0F4vYQ4Lb3iirESFfw1LIBn1DTSeHCnmNDYvt0mcWRHAG_TS4oUKz3irI3-6PHMRRF5A1wSNP_YWXVjPDP5CX0neXzQsArJUaaZSQUbI5rnqFs41Wc-OBsNI1lGAKwsAIYV1jDqlZ36TfZAZsTito_snScq1T3mOmlm5JdpaJxDmntXptqKq9aAdH20dEuJdduwbCcL9lsErZrk7DBpsYucNd_tPoT8UgkOui3rlss4WJ2Pr6qx35lsL4TNTgW03XBVUx7U9SwWwLQyBMh9tsCZ0al9dghb1p2JBpCobHmL0SYYYKpoAWCfbJn3K88xj6zhPBInGsqi-29tdvx1954-Xi5kybRADK8r9bubCC6kI6i-OrxoplfXbpuMgcmvo6p7B3uA6QkYbc8JnuveUhe2Yil4QTKjwwkPI5OezE4RmF5rc9g1LThzG7mVv-m5H1UD3ILpVYnL_GbegN3N00TJ7uzsiS5ivTfM7bmqJ2JBTm5OjvTlc6YQwj2YEvYdVIGCszV0aI85fHkWUr29zaJrtDszPLztJWH0K3LPN6sZkTQOHMl6OiJi4ysdpTzJLMbwvkx3GQ7PxUIis5Lej9kc_v5QY5cCVX8DJQ7OA9N4LiIw7TEgsnM8tzSswh7S8RcGJJ0qc0UItJ5-Q3Mxc6stKPdvbbOJvAWPUawWZfKyeSQ0Kjc9rsN0N44iimU8O6Sg6LalfIvzC3rtvwzOemCBhub3Q0lMin-vRsp0mcgdy3Lth9tXY7rtERd4lM_1cfowKnbj0829pvWZLOUgI1wccObeqb6Iauvwabt79Q49vClPm2IYZLD36luufTYbUHfJn2MQNJenGXwY6h_PbpBX44DKQG5o9ViZwQ8GZFacPfyvEO4esMSTJHy1I7vP6Aaa1lGhEd_mdNLE8SPPo9CvqBMkmklnNfPdTEpQScaG-17ac_V-beQVZGp6emrHQj94Hn_29q7wTLWiFaMTk8jMnKI_xYqgm19fRauPkgVfGkFmx4wsvQHmRUxE1Nw9UwLUFUaq96lRwTGavxEuUBVQYeL_e_IWSeQO5PvaSh_jsr4jRgHsvZxwdzKb4vaqW5HxMV9FHV_0K9iOvSXd1iip2H_nHTZW3HSh-I6xypeh8CSiCtM1gFnAqMcreiB5kaWT8vXxsQ58Y_K7daqTgN3m1MFsbbYrMIywCUu6tdiBg15LLkwLb2zuy1HaDNoeuzic20GCLBUu-dSGwnL0du9yjkde470FOzOgtTs7zuB9EHtkxJrI0l-0Vjv_dBK4tbpFmHItjBJE47xwXqtrJ94amymgIMh82ng26bAoUFL9Ycwq6EUD8uzTsN8X7Lupdwx0jzcUt8atJlD0v0ov-FJYL-QgfKaOsBKK1B92uLcJrfUWhPuY0ZGjt3fV9wwH2pv_7e0ANqBokgAXeXqD-8FPFs95DUABaZ_kkN71W8hDvZI2RicKMiTFq8ZZPK7sKch91_UOkefahmqHXoioLijTRmd4zBmziTOL8cU-2jHjsmY6UR0tQAUDo8qQPiRn8BM31xWHyz24feI_PdLmJdilgwKm5sJFKTsUgGaVeyYGvTZ3u4qlewPU8MDs9BibEIIf6G6i8coGmJIQsCrBaToz9Y-3teB_7u2GuJIpSeqZL3g-LOF-Q6-4H_hlDiF-Nmka7qF7VFbUaMhzFaadN1Ak5C43DM0V31tu252yKwmyQPa1SNXZY4RoGcdpjTe086DjzvTPx6KM_pYuPNn1e7cL6dXKHtXZ_Z3sAiEKejoIm4GT_uGvm0QP1whwqiyOFg-byRMugK_6VkUXmOw6xlp1ximAViFO_MfDZsi-58qIKP91H-QyJ3nkL2DGr9m5VMqiMjUcB-xWhRB_CXzQALWxDjq_CzGjxzpC3A2xxE7TlPC5LJlB3RWbK2-Fqh4Zut3f6e2OQroy3xH7G_LGODV_72_6wpU_IE1KNzsKzlVVx6v0VQ5RwRnkB7fJH60CvcMErKbuGsh5sYBjCP18iqYAAhFHPmLhdcJSJmSoH6qZZwY9ktUkLaAMQSH6trRQk6HWmEdDruVX88xyb_n6l4vkCN2MWNJKTSUtH01y7z7gie35sofpT3ROav8fSRdLcW1SFODjVUTw0aWnSdnVYs0TBvdiIRJUJK2dvkI1x9QQ3AKo2p8iygbHikX_9sqi52mhjO1ze4EKta60ShsrjD6Aso3a3u9tb3llliK1HSZRvrmPwF7ndiaMkg3DrsYA6r-UnuvG9nfaI-DH8wtjmOkmy0mqwUBeoNgEiUjWxKsaAE7KgnEYm7EENLK0RN-xO8UVDUzjRE_sw7OWKy_fjmZoPt1mw5hFmKdNXyNm2PLm25rZ8PuMT0Daktqxi9IEtNqqJ8Z1XC13qtADLV_zZmuSHeFK2I7feM187z9LSQkAtgkjT7smhkbgbpkVhe7OUXey1QQD03UPwCIynuh7Hd2RG_5WbPb3WrVY-nboDvTtHva5wW7t3EwQq8ke4jPup6Rh4shTeDBgSOTFKzu_LIwcve4_LHvljMIe5HJ-dvaVJFltEQ4OVRrAzdt-RMBgiU0E03ldcaGrAYLvoEW_JvwtevUZQyEKHqwemFT5PvU3nQlYZlBAWSj3jKupb-n9E0N9qCwFuz8lrkGN2_1k_jcEQ0nUW7lEN7jeHZO3rzKVfqT7fzGIBjXwJgYX8gRDh5EDcCouckLaYK2r62IzyP4hviV96jho0j2Z6z1yJQ9UEt1mcqjsIOjSWtPet_sZT71SsIBcCwYQtrOjytlE6MMjdSHl92qre5a137X4zI4vkofE28gbJgc4D-uQLZUpVpe4K_dqGRii8Yk9zD2PMJ0_4Gs89eUMUVAaExPqZEtDRQzppIfexwctr3sjpjj1sc8uSk_jlJhyblDKI3HeVg4txpECAQSPgBygQiDCrGd3Evj_fLqetRWXEE-Ko7GRfAZ3cWBDoJSg8SIMBRcWD-L_YeYNFPFQD9B2UNHKJK_ZXwM6nhlGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1010578566&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=19682531407&bidurl=https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0js16QDM96bh7h8ir81OLlh&adsafe_url=https%3A%2F%2Fyalla-shoots.tv&adsafe_type=g&adsafe_url=https%3A%2F%2Fyalla-shoots.tv%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:84e1dd65-e7ea-43c5-5809-5f4dae9a29e8,c:bi7EXY,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-67fb65999c-jh4vh,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tCVY7X2+11%7C12%7C131%7C141%7C151*.1352960-69587949%7C1511%7C16%7C17%7C18%7C19%7C1a11,idMap:151*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:22,oid:2bd6665a-e77e-11ed-902a-0ea89586c999,v:19.8.400,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:21:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
76743
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10878
x-xss-protection
0
server
cafe
etag
6410051166583139006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:21:58 GMT
multitracking
ghb.aplhb.adipolo.com/adunit/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19477/hbw_master_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://yalla-shoots.tv
Date
Sun, 30 Apr 2023 17:41:01 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
kass1_1-2138.ts
a3.koora.cloud/watch/pftxnfvWZj-uwby3IMIYsg/1682879806/1682880060/1/ Frame BCC6 		604 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a3.koora.cloud/watch/pftxnfvWZj-uwby3IMIYsg/1682879806/1682880060/1/kass1_1-2138.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.84.217.44 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
amazon /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 17:41:01 GMT
Last-Modified
Sun, 30 Apr 2023 17:40:20 GMT
Server
amazon
ETag
"644ea804-97020"
X-Cache-Status
HIT
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
618528
CTA-Hover.svg
s0.2mdn.net/sadbundle/2524470958173506869/ Frame D17D 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2524470958173506869/CTA-Hover.svg
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8fca6d3caaa4ae70391f5d1dec1ceaf063f9cf9efd1880943712b0d6c47a958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2524470958173506869/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2347
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 15:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 29 Apr 2024 17:41:01 GMT
CTA.svg
s0.2mdn.net/sadbundle/2524470958173506869/ Frame D17D 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2524470958173506869/CTA.svg
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b34dbb47abf2322f0effea6a78dc90554ed15b8e41859d76da70e95dee91cdae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2524470958173506869/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 06:00:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42021
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2349
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 15:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 29 Apr 2024 06:00:40 GMT
sub2.svg
s0.2mdn.net/sadbundle/2524470958173506869/ Frame D17D 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2524470958173506869/sub2.svg
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
550041438dac0137e2d1f4450c795624c15ff9cfc0037734034e09862c6eff40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2524470958173506869/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 17:21:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
87554
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2708
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 15:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 17:21:47 GMT
H2.svg
s0.2mdn.net/sadbundle/2524470958173506869/ Frame D17D 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2524470958173506869/H2.svg
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5df84c623fae372f10712a60ab468168b1439cf1094df476390f66950ce73129
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2524470958173506869/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2655
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 15:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 29 Apr 2024 17:41:01 GMT
H1-2.svg
s0.2mdn.net/sadbundle/2524470958173506869/ Frame D17D 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2524470958173506869/H1-2.svg
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
210556c60ecacbed2834a3e11abe500de76b2dacfd2eb46be0c7d8a8ee8bcc2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2524470958173506869/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 06:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41862
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1584
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 15:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 29 Apr 2024 06:03:19 GMT
H1-1.svg
s0.2mdn.net/sadbundle/2524470958173506869/ Frame D17D 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2524470958173506869/H1-1.svg
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e484a4da463f286cea7d5966fb3ed2027abf325e19ae97cdf70a54fcf4123a69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2524470958173506869/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 06:03:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
128239
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1443
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 15:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 06:03:42 GMT
BG.jpg
s0.2mdn.net/sadbundle/2524470958173506869/ Frame D17D 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2524470958173506869/BG.jpg
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a08c1201903d335934f6bd133e725bf8d6a66f62dc4dca07afd58343c612dc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2524470958173506869/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 15:56:36 GMT
x-content-type-options
nosniff
age
92665
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43764
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 15:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 15:56:36 GMT
dt
dt.adsafeprotected.com/ Frame 775C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=84e1dd65-e7ea-43c5-5809-5f4dae9a29e8&tv=%7Bc:bi7F9i,pingTime:-10,time:724,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEyLjAuNTYxNS4xMjEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1682876461676%7C%7C915e6180ada7cb685f3dbf097b9948a9%7C%7Cd7e4f3761ec4d518bf16fea4156937e7%7C%7C6ed36aef69b2c8cfb5bce0327d90e8b9%7C%7Cf265800b07ea74d4bf217fe22253bda3%7C%7C436442ba820f681959eb13390220692b%7C%7Cb723485d4681b72e053c4d3d70750ae7%7C%7C581c1d1f5cd065ff702984c29f525966%7C%7C1663701684%7D
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:27ad:6e7d:3901:7e49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:01 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
7f5cb1f7-6967-4cf6-8b76-19a4898a4017
https://yalla-shoots.tv/ Frame BCC6 		62 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://yalla-shoots.tv/7f5cb1f7-6967-4cf6-8b76-19a4898a4017
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2e2ee124a92ca6673a9ce2508260ac228832de36594217daffcbce988758fc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
63763
Content-Type
text/javascript
C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
pagead2.googlesyndication.com/bg/ Frame 5605 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:12:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
336512
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14118
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:12:29 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame CDA2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstlaCCQFvNrbdEmylDtIlrS7FfK_gzpRG4CFWng2N-Nzu-ZGnRWlgp6Z9NlKbG_lo3_0Ui9Mq-_GRjGGiT-p2--0RmRKILOEvIRiWNxvstAKa7_u8L9HiobxY7CtZNnQv3I7XM41AB83OsTLOXqyRhusdV7SEornji_AuVZEuGaBw5g93qGHkS-MCSLuGkdVSo1e0x-snzLL8Of73iFEzru4w_Bj5PMUpwX4qMQS8nhw21k0tqpUzICQUGzzS_zzfeaRz2L-NQ8IQFkmIuJR9FZksFUbLwZcBEqlIhsLkI-IGsOEc_tKPA6pbVCIn5F9ZW-cJhltf_eMf2KCIUDu6iv-N20pZf9ZWwLR6mMwnJbmDPTjPJcHOUOMCpb47AZlZLxTA-E4xKZJA_pA7ugrSaw2_CzuC54-87rlujr3nKVaQ0wAql50COdJ7snj-pKZ3Y3ggMypN6LpdKN9mKcIZ34Z1gdq41uQQujqmcec5EN15yBZ8sHv_y-1M1r0e0snl2MUSAvi0xqbvI4AaXfLI2TzT3XPSR5THRLsz3c4wSWYLQjnRQh0e7EYJrmWvMncjIVGd4H_NIRoeyMI0h3_aF-O1dJRgo0Rfx3t04erxoCVJiXkzv8jETa-iGGEQLTjQ-kbZVER58Kif3GJfMLWu4NAxwHPrCqhluwBFtOZKv3Cp-XgXZnPHwrC5KUUjeQYPQx020QQMYR2N5I9-8ls3m2Aj2H8EREeZyjJ_aBKLe90QywNY79imRvXaH_uRxuSE5V78fpYL-JeAEfL5dWrDrwcoH-Ybb3gDqnqltvIvE84FCU1K6xfPOOwrygS_GiRL6FaTNDTARWYJj54ZysxMU973MK1XwkWldX83Zm4GD8MlteJNTztVKN6jbu3UFZvZRDsV4YPOQvvTdb_wljETHzD-mUfcdmAHMniyDkoyrCNfSVtrGJFmRVxOdn_S2h3SAACh2KK-NavyaAuK2eXumH4F9WKETtTeZcoMNs__EOPElJSco4-mKeljsESr53FLcdusJE_A1MFmVo5gi1Zp2mepmesifGo6GzFQ5rZF7BfI69b6jGsxkXK26P5LrWwpF21qfG_O2lHARLKEevwuhPQz4thsDxkcJ8M_fBnl82f_6Ww3cWlr5pxcfwfEDPQcci-PU3Vntp7JGzwGMBwC_I_vEvZER9VT0X6KhG6h1UnOu6Famm_SiUKa4RdImTTkII8rOAIPYmB-Mv5HNZdxmZT2ARYhcWEVgtTEDa5MkvM1h4GZZ1VnQCa8r8cQ&sai=AMfl-YSqCnQ20bg9C3Whq4Og6-xFV3_7pAq7ptYypuy0HfdXv4qk0vO6gnKTB3M2sRIfVZZ5WsY8Y7m5pWCp9_XztVdQgmcIp1swrR-Dr406MQ9Bv52sOg0W7o4qN4B6YD7mnYUUp3D_tCaYOzE5LHrLkTcElVfo7JKhdvN-wMtvpJ6NA3dFpXCYOkI1tuf_TnidnVIzVenWSGaFm0nH1GtUIG_Z1UqjT8o1UVqwhmfmrCH8joDI9BPAPNXXsioUciGglBblRPA&sig=Cg0ArKJSzBFGXGmT5bo2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=404&vt=11&dtpt=263&dett=3&cstd=140&cisv=r20230426.19766&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 17:41:01 GMT
channel
us.web3-lab.com/v1/ Frame BCC6 		463 B
724 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us.web3-lab.com:8443/v1/channel
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.106.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29f947fa99799d18a0a6b95d2f71c4638139a3eca549a2661c05b9791d32db9e

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 30 Apr 2023 17:41:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TA4OTaGAEgxyWQSbFN%2BPmCZnm00IxLSEttlZ5eKHxjQRAA%2FmqQIibcwQ0qiszDnK8Ku48KMahCo9WTG%2FKy3XhuesJQ7fGCyj%2FxoBt1T%2Bk6Mrr9JgFI5rWfX8ZtwgzggNfZDIpNVsaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
7c0192bfda801c05-FRA
alt-svc
h3=":8443"; ma=86400, h3-29=":8443"; ma=86400
index.html
s0.2mdn.net/sadbundle/1981817875426158119/ Frame 20DD 		1 KB
768 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1981817875426158119/index.html?e=69&leftOffset=0&topOffset=0&c=GfasX4CYsA&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8098ea2e15ff5ac3877144a5b1e8d1249f71e58ee274842f80eece862d16c571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
740
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 17:41:01 GMT
expires
Mon, 29 Apr 2024 17:41:01 GMT
last-modified
Thu, 27 Apr 2023 13:52:42 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 775C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvjWkUgE2_LOIOBQK2ttvXfQ4KeeHA0g8uaMDTmBWkFENt5QGbfId1iS0fcH5ryOwuE7vCfFMamgnFMeS_knagJ3ZshC1222yiECjciZR1qt84wfZnWTw_0eBpJ0tecmyEL6rc5Dd1pxgAVZg&sai=AMfl-YRxtkHPsMpmiShE8ZesOKRnqNS2df0zlIOWeW1InxblGY6FfnfIWMHHWhxWxP0Dj_IKUPMCTXYRNCr5wTx1LKcKSDjbtjgc6WqC2GUMXPjdVj3rbo9X8oDpJgwNOmVk1A&sig=Cg0ArKJSzDBmjLr-DE3kEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=148&cbvp=1&cstd=143&cisv=r20230426.02013&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 17:41:01 GMT
ai.aspx
m.exactag.com/ Frame 775C 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26966436&extCr=180661601&extPm=357115774&gdpr_consent=&gdpr=
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
85.14.248.71 Kamp-Lintfort, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 17:41:00 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
So, 30 Apr 2023 05:41:01 GMT
X-ET-Code
0
Content-Type
image/gif
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp
1119
Expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 775C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee0a321cf76666528425cd251229ae61c3371ff406c57fda359646844f67969e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 20DD 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1981817875426158119/index.html?e=69&leftOffset=0&topOffset=0&c=GfasX4CYsA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1981817875426158119/index.html?e=69&leftOffset=0&topOffset=0&c=GfasX4CYsA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 30 Apr 2023 17:41:01 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 20DD 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1981817875426158119/index.html?e=69&leftOffset=0&topOffset=0&c=GfasX4CYsA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1981817875426158119/index.html?e=69&leftOffset=0&topOffset=0&c=GfasX4CYsA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 08:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32924
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 May 2023 08:32:17 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DEAC 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_06hFN3hPBpE8a06l71Wb0PyJ16BdTqpkFK6GWvv5q4cDy0Iodwq9v7dnMjkFHAiEDPZN8VvjUrCzJdWXzyhCcOM&sig=Cg0ArKJSzKdPLaJV5wadEAE&id=lidar2&mcvt=1024&p=940,288,1540,1312&mtos=0,0,0,1024,1024&tos=0,0,0,1024,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=0.43&if=1&vu=1&app=0&itpl=20&adk=1131662217&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682876460349&rpt=409&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 775C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvjWkUgE2_LOIOBQK2ttvXfQ4KeeHA0g8uaMDTmBWkFENt5QGbfId1iS0fcH5ryOwuE7vCfFMamgnFMeS_knagJ3ZshC1222yiECjciZR1qt84wfZnWTw_0eBpJ0tecmyEL6rc5Dd1pxgAVZg&sai=AMfl-YRxtkHPsMpmiShE8ZesOKRnqNS2df0zlIOWeW1InxblGY6FfnfIWMHHWhxWxP0Dj_IKUPMCTXYRNCr5wTx1LKcKSDjbtjgc6WqC2GUMXPjdVj3rbo9X8oDpJgwNOmVk1A&sig=Cg0ArKJSzDBmjLr-DE3kEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=342&vt=11&dtpt=194&dett=3&cstd=143&cisv=r20230426.02013&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 17:41:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 83F0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3JqFLKhOZICILdDq3wPviJOYBwAAAAA4AeAEAg&bg=!HR6lHkrNAAb9Sbh13Uk7ADkAdvg8WotYCePzai3Wx6-lCYPD6wh1WCnsiyqGQXkgKYTY5yNBNj92jTV241e83VLPYiGXsxGP_K4CAAABfFIAAAADaAEHmQNrNebjyAJGPXge2DhNHMW_N50aTeKN2bztbDGBdbdAHNVg4rbiN7mofVAh9AZ8ldkPVdE0_7x19p0u_WXEQmU25uyNVIWLx6NlxLN_D3g_kIni7saZ95DVScqcC_KficBEu24rFy6govJNYqbgyQnexCzsMd7ZaWdIdDBKkVjQoGGWLQcLu7JrBgZEy7-GHEy72jIEVYALrVpFHeicuY7ffE_-mCvyH81hznsg4A-AuOZpLx8ZroL84Z9sBfbKtZbmA2EMrzCtav9h47olmJW6auqHr30BHjJ9giY5WbOOeAkgga5Cw1m--5d_rnqK8iYNDehpXNUY0351lr_ON9_vwCYLSOwcurFLcGBNp65eVajP9Z1kd0fzLb37sGjalgMEYNpfN_wr334yx55ekAmv11sdLddrRssvuHsFzheckixfnaQUPQPopkFAJeOwtfjqjDjGciieFZT8hGZCSnYnWIm59NSmrrnH2496kq5YREyim3jzEsnz78o_3UaZzH1zWGiu5NzobqsRfgXrUxCXYZ95jLn08df1tcH2jlEYfhIvCjMErS8xvqTco7nxwgWFjAhGFTtOwYtP6tLx8TNfZf0l5Mk2f6W6qSSZxznbTwUwvYtGmTTgYdowLUhx0fNlcfv51E8bmmcu9FGlZ4psDPXSUySENujpzpadO9VYsmEc6YXZgXl01MI9M-9CMslGZL2jsff9l2YpMwIqWc4A3WAlHVZRz2FJO5EXdtqyTtw2oIyMLwdtWcctPAMY4fDhUXwAxXOxIZ1FT4BcgPm2zfltdxU1CLFZT6viazcPGD4WAAXbK3GxNaXXfO1si-XIyydSdJRF89kS5OmPAcf0_GCnD0Wzdpbzk6dRQg9SEm4bfqreSPDVgmO767HD7NBlHGox2-mDfsWamTKv4AnCoXsL3IOYtmn6lsl8-P9Sxx31p4kkQjdD3-88ftSePucOCDSdeic6luCRwts1lUL0x6CMkmZdVYq6zvJ49la2WUDcEPSQQ7-lL1oElKFPxO7ynh49CuzwetlO3FhSeBaE93zI2kdGLBGvuB3iqj8x-nxQ4r8O60zFER2r-D137vI8s2fToLBKSHhGwSwIpyWMydt8uHn2ZW-AS-BawmCdIg5DTAFIPtcqfPouiezetC8g1XoaKqm35Px9ss4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0F44 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 17:41:00 GMT
expires
Mon, 29 Apr 2024 17:41:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame F599 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7Yy8LKhOZM2WK_Wm9u8Pk5aHmAYAAAAAOAHgBAI&bg=!oKOlo_fNAAb9Sbh13Uk7ADkAdvg8Wl3vMgdhN0hUA4RR2L8lQrv8PMxQeRRs-_l9daFc37Lvu4MQUMMaIgKemhyMYNzvN84lvMACAAABJlIAAAADaAEHmQM5RNXPt5Zk3JkyRUbh8V55g7961WX_-WCEEIcN7tTGjTx8u12Tg-VW_XCq_OBE4L_C1_7LSRBdrbb8V8KXNcnNd8KyHbWaRd1uroDSPWj4mL7fcP5GVAL07Z-AmhiluO62DBEeBQWCGYKy8bGH4hLtjkhtagCPAndfCn4Br-ZsIEODMqFgnoE0fhLiK8cIQlbTLSW5OeKaAjQlgq-LgMiiELq-6hWeCMz_wUIbdI6xWA-iGfGyPS2v3ve3kr4LjpuiGB_v6i96IbdRreXEIfSLjVltxpOoi5U6Qc5EtGMx2j8weH6MU9IWsh5qWqFcZHrr1TSVtTK0-8stsd42eK0uqu08xolvU0VJl-5C45anDRbCjpVlVQIdQzG1FCXBxwY4NYnF3XDQJCd6iW0BbUUNWo_k5f4ltTLxIiitxMuNMqBH1IW4XALGSpjtjU2FME2QGzSoKdG53EhWiyKV0TnniKZ6FgVyvoRK8MaxjSRXYUsX1-E5pudhkSlfL3yMDdzA-3U5V3Vc0pRwct3Xj-gluXj80Wu92XqAQDr9v8OnWT2jm7FLv9ZFb_KB0XQpg71rIJiR5CNHDro6KLERHyVv1nYgX22TMLuT1gucGCPIw2RcefVFKlu2xB_7vtYbjD8dV8a4YrXHuveuMGcP_NnEhabEX0wvyjD_2jskNG2wn5_bGZyTP6EZi0wwQw1olEQ1zweckBXFhBGD_zDSn-KgfOEla95WVdYj7ygpSESq7lwr6KWXCPTiHTOHGKDmlxslMBV9xisBRjfliTvS6cExpGY7P7BxAMxjseL4wQJSLZ2tLV0A5sU1lDPw30jqZ6s8vG7y42yTIC_5kFNLxkglIp1jHc_H3fLm5nG5se7dI2jADoHsTp9Un__ERR4nRH5I0l7YB-ja7W8aaCgrhnbxT2H7T5i5vVaa26lRCLWxZFokIDVDOQpV9keYXgYuYTUbY7j0BgV2mfLu5fvBlcVX157_kSoLM_fTB4chPXAU_822qv8iNA5meUbHHEMSZfH6OhhzI_Q4qu_AizQUfFEj8ygDAfMQRE8OqHBqc5ICNizm0CxBHTGqA_Qtz9A-zVGFkSO76Q3GMkjO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 0F44 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa7889a593298971ce988a1b6b8c084bcc4e4c12226261416bc89e8f8a661a5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:09:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
77497
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13560
x-xss-protection
0
server
cafe
etag
1543082015515965664
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:09:25 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0F44 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:36:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
79495
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 28 Apr 2024 19:36:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0F44 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 17:41:02 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 0F44 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:05:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
77740
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8751
x-xss-protection
0
server
cafe
etag
8024400250147624166
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:05:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 0F44 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:52:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
78485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 19:52:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 0F44 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:05:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
77740
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:05:22 GMT
l
www.google.com/ads/measurement/ Frame 0F44 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXM0CXwBJiBoQM3WjOzTwoG2bNpPJXf5j6XHlNQTA4L_xEarpDJZ8KzaZeQJ_a7MsbdzFzWJQnuk6uDUfha6JCSWUrOg
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
main.js
s0.2mdn.net/creatives/assets/4703545/ Frame 20DD 		2 KB
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1981817875426158119/index.html?e=69&leftOffset=0&topOffset=0&c=GfasX4CYsA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22105c51ef3cefac91beed7a89642951165c0e2f293c1c672572433e54cbf7b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1981817875426158119/index.html?e=69&leftOffset=0&topOffset=0&c=GfasX4CYsA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:35:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
336
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
788
x-xss-protection
0
last-modified
Tue, 04 Apr 2023 12:33:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 30 Apr 2023 17:50:26 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 20DD 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5752eb88353f6636c8b029f453f068efe075b9648f1280c330171c75d4f9fcae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5689
x-xss-protection
0
11839883195115088681
s0.2mdn.net/simgad/ Frame 0F44 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11839883195115088681
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
753aa7c9fe666be2b6ee9c116805218c55394a8a3f3e34d12ec167044928f2d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 16:06:16 GMT
x-content-type-options
nosniff
age
92086
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105546
x-xss-protection
0
last-modified
Tue, 08 Nov 2022 16:33:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 16:06:16 GMT
11230982618119081952
s0.2mdn.net/simgad/ Frame 0F44 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11230982618119081952
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b84495e0e00851129198a3d9676758e12767ab5315e82635cb900ddb46c41fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 18:58:50 GMT
x-content-type-options
nosniff
age
81732
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81586
x-xss-protection
0
last-modified
Tue, 08 Nov 2022 16:33:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 18:58:50 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0F44 		42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CDp9ovaUOoZaBqvJvaYYbeNrUDgwt5XGmhweA4QFVszqcQZvA85b98Dd24eTMZhY6s4xnT8FshgTmRFcLPZb0OUiG9Cit4w_Icy97XJFEX8MuIyTDzr42TFekpFPwMScIg_nJnG0U6r2Ot4IauG7BS0rnv4ziovT-HlHhrBbtp7zKvuVw&cry=1&dbm_d=AKAmf-DTDHL2AWv3E6Di_A39u0bb-Zq1T8-gDv1CEenlllQgsSvowcQU_YUfaonVsqDz9ebH2CCxHijNo74BRJ940qKZf5a4WO2oC18oOwb8MU4ap97LbzktnZuggjVOoI6vHxsquIOy3zSQHzm1VBD5lhquEWBDbPOK-_D84tNdGS6xKI-9d96yUWSIpeSKjILD7ysjnpwZZayb3_mVlGNAXNftoN1_OdmeqJvp90JUnWIyZWVZFevDcm7UqS1CRwgaKNpu32kfgYxgygCPCPJ24BL_PHoQn0RxzUC3pavkK3CoU__lQTiSTXLf7cPmUR4EPqLzS1acC3HI0M_RGLh7BUeaFvRVpm3t_tUry8zvH69DrQrCuVpEML2kZEC_-T3Epi9ISQa8hiDQpjZSw8P9zLvC_8YWGPzi7EDBcuXzxOuuWJaN7LuqAjign-lVx3-izdtPLyrt5J_S1hHLsPlW3hDKe3bR1USk-QkhWVNQgOXbswMqZreKkNfMsIO3rCM4CWFoYiIsa0AeW_6DRGTsPcvdI1JtyUqzfSDbhNdjAeqV3WvjKxjF9RViN04LuP-AJS8kgYBfV7YLdfFW5-aro7elkcbswegvnsI4nQUAbMJjGBbrWUJbAx6yohSKaiYuP_qeFugLbZT1ue5OTJNtTBvKwK2HVxwp-bV7zpZnKjf9dBthNNVpze-21KI2YqucxUCA5lxP9IF-mYH7Wb7IS5ASq86zkY6_iLqWA1OE4yHkbOTKLr32I0R1U8uRFC5thDFKgZ3c-RbwwEKPIUiK98EC_xkjVKuwLJtKB1UZDm8ao3v4hDocTF-hoOq1f5gFIsY1rcRQAE_PEKrXZFgGGFXstByUq_k300zCIp6OXzm9Iw0WdfukLDsLDPRWsXvnYFiXKHmAGb8tgFugLctYzpFHv3bGJgF_Om7JnYL0EeIlb3gh0H8JLxZ9C3BLrqPDk2S2sgXyu5Lj0rTCRfvqP_yPnnFMVWGi2ctqQh9GnHW-nCH5nlHeam-7Ad2-J1tRiHXEeXxwyJGXU98bdU7cTtl4W0RwWP6HxtaDWFz-V4ZJnYKU7gwkFVJZtNA5C7MwVqPIeHmQdgaR3nPEzrD_fK8kDyn0PRs-2FfQyYIZxYoXw220O_Z6XO9tWhTYJLNjuVVN2tbnq-YzLEFcDxfjzoPlk2HCPMfH4EqaCbKh9acfKEgqj7i5ID1HsbO7GNyP8xrkUpG1HDvK67rpRNqN8DtSV4GAKy90IA9Flqb3PKLSRi88gd9R9oyJ07adBD_vfcNZ_oSz3jy5OaYoFRurUFk9Ad9ecljl1-M3Iw-pOElOPf9JN4r7qXn67cHXEy1FI4inaKrpiVyztbV7lCtsOfBxjyUvVKvVb0y7SULPluIcO4n9GT1pcBEQE_-WGoQKsmCwh7wg5OhRZMjLXKrvyj3wVRyyv4qpp1eVKRdIONwROufDXO4xyarQjp5sc73o2FDNOeEUlj9IZzH--IWeqEdkxyv6mtU8A4lASCc_TFNTm4XTRSBY72tur24N58V8DmycVNTDHjiA7GJ6vlcLZ65USYYqrdXgE9EWX7qYaKVwIiTENqTRssjUCz-mGF0uPaTlMJBre66k7iys39VVMv7XluiI8yJdLRam2I_o0OGFU5yVkYS1UknREHGgiGS_lsJEMMWemEWbMKnTfBDcxamAJvKFeJIFN4i_yjOiYiq-4hi_GvMQfRwATC1oY1z2XiiQhDTTJfhG8udoRwHg5v4F_LiBvV8Df6JuQkzX80KzOQJ9LI0wYT32mmcfoTqhGuE0nMRt_7oEMNxKAIC2E7rJmo0H772Q3oYU5yLGlTKmIky8mNqHz16b52fYhPVK66LbUhVwz_XpIe6XC_2fEq6pMto-YeARNdkKeaIeuJjtZ2pK_Th9c0uXZlA3eLNuLWfcZSUm7ZUzF4Zm8idelMiJhc42wkPTx3Z6K5sGjCHFeekq8L-792spLq6UQDF-NXh0ShbNa9cMdoG_Muz9UAYry54vXNuK_O-HtP5HmgII42CnvdFe5PbpEYq1Y1FuSC_8gx8idPQKlCUOhm4YMkPwuuSoOKvUxo-TvzmruKkg9sZVXDA04m71Ym2gqdkyEA1EFFMbis_WrkI0NoZDxbDNbPd8LtnQiaVaAAd8inZTNYLXBOPnljE8ZBwEAdHb-B0QTVxyDxAzOhimHJMHYtiLCC3QCHrTkQ9l3-RBMa-0RMlRD7geRGcthTqTcjdT5fP7pQIVfGnixRFOincJRIKEnFSqp6HmLrU4ccosbujQaH1LbzvejycvVPFbVgZBQ3PTgXKOS1PRKX892l9MyPcRcjeUJQmq8ze5p58WZQpE7xZt72_WiSTneioyxN00wZs8FSravr3b133p-1uqN9Slna0TqwgHWicITfxEOl_Sosv-5tdfqPy5cxk13IT9Z3gUmZivpzL2PjkAxSb_Qz1mm4YOZqH0Gi9e395ymEWde7gcaOXLzCPlc0glqevCQQpJvmDngiOjEumAgjWg3O70uJcT-yHERnfVkY5j6A5EOwdOJX3bVYeLUL8qmQ8xKE8c2512Neptdun89KbYtYQqzGWExbBQXKOow54n690PV3SYF-09EGo_vrC_aXWts5g5oMoinBD8Ys5A8eXPrFyQ7eblKlJjO1z8WyQ8ZDmAdkcl4MrmiRW4GLrQp5kXDJUHotXpUCSEl6bgRqkjIIGXst9pYGUYuu7mVnCY3l5-4rKo-lqsgQW4-vcYtq2D7YdNkL9NeQJqk9mbqLaPQRcHtPv5R-LWfeMDawwhhd2G-2_1VIGNp5ja-pX1Wo6r-SVac87XTvCKalXFEng97JjHuz34QwI4TwQ6cFgxMNwlc6OfilSOolmpwyHpWlZaTCqxXFRT9IBaLDPaRp-zZ4krzqqVDWOGHEKvRkF9-rye_SPtFsRUKNiW9wI50nUa9zS68I6spMkL9t_wSZ9pBZR6MJeNwDkJB2UyInL2oNGO46Ya5wMLvmI4uwqRa-QNw2PXL6i7KtZ6rKWQ838m-fy02MwDGSVS6asv66N4QYiibdHJmAt1-Ol1WrQ9YPv2p8dUI9W10Y3fLrLd55JYLsHkdSIKaE_5o2MnSYjzrsyrqwOOdIK1Rt_0-DmgBLTHJfCw-fKV7q_8ySDPekAXgRIRft43lYvWwr1mWQ95baIEHVYUeQRoOSryr_HdyWDhVoLdhwef8EKB6Rl_UrDqhm5uDdvrKiCBYvBANQgr6b2zF9y1CeuBgDfzYtr_0HYQtmxfesvLjl3doSnGZXBexZkv76V6cNOxI0PfqROxvgej5WZcpvMqJ3knvgwUryevrkz1iTulZ08tnZvYQpU_3iNfYCmBkz5iNXA1dZVuPEOlhF95xZNUUimkkF-CQi14une-2PIMhcUdOd-DgXc3KR0FjqJK6uCcA90FEyPeUCTQppRIuT7Hj2-95x1XrGx2A_f2_qLdF-aawaZbWb3RNl-X30-M3fC1PaKL0ag5ZhhghRAP3N-vUALHKkkHhYTFamRqPVh1tEzxFx4ZjKWNAYjqB7aHksdSh_D3TF6819Or-1hmWDeKhC_TiBoKSKwKniVRyVG57Ll9SYy26IMzjPCddV7p69tsgQqoeRJn18VtPyIUCsNg3PFg43vOY12uSqNM07O8evUeDRlBDuaZhBwlmaTvMHqR_OYnawW7bXKsbM1Zm3EG4n5bkh8ahj6yT3z1VLNaJYdjZIxOuERT8a00q-jFbv9gM5hdpAkze90Pn3ELzpRXWmNPooz2kDXTb2esfRGjRJGnm71AV8OGsuJLlQitDQ&cid=CAQSOwBygQiDXjWiZ8iiqdbCouYswfsLc89_KFyk8CaybvMDHip_lHvuXkWMEG21OBPfF0qENG136cOxZu9UGAE&dc_exteid=31043591400731135545457919679948403&dc_pubid=4
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 0F44 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CjZ4cLahOZPTqIZGfgQegg6LwBKjS75xvh4LmsfwQnriItoMDEAEgudvzJmCVgoCAmAegAbyDtvwoyAEGqQL31ZcPv3yyPqgDAaoE8gFP0CiDe5nfuMgq6PAouxFbSFhGnAy_OYXaKnJJ07fLYrWAbPvxDsdcUluE2vdwYJH74p59yNvQId8_frtoaXe_0k2H94gSWeIqSVJupPYTH-0urbpjv8igHCjh8xFDajjIX7NbAf1T0tibW0CZS_xig0bIylRbeIM6N2a2EwxyiUV39Oxp6C8iWwVOKx0WCYoysjGP3WmB_paDHchc1_fG3TUnGz5DkFYQvu9sFrhxU9ezsk659l4PKrsTu4snQ2MVrSN68quwW3PM1YtIcyHLXLzuFB_MmxptKwRCNTg62lcqUPWCyfi7HRBFQ8od8apWTsAElp2L0ZYE4AQDiAWbm8WtSJIFBggDEAEYAZIFBggbEAIYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AHvLuG3AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHChDL9RYYxIa82AHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAbATlKX8EsgTtaSt4QPYEw2IFAHYFAHQFQGAFwGyFx4KHAgAEhRwdWItNjczNjI1NjQ3MzIwMjczMxjkww4&sigh=hiTChORDR5k&uach_m=[UACH]&cid=CAQSOwBygQiDXjWiZ8iiqdbCouYswfsLc89_KFyk8CaybvMDHip_lHvuXkWMEG21OBPfF0qENG136cOxZu9UGAE&template_id=509&vt=10
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame BE16 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1804
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 17:10:58 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 75B6 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39192
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 06:47:50 GMT
etag
48472445140208031
expires
Mon, 01 May 2023 06:47:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0F44 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10bcfda41715a7611f2aa453a834af166133cee38ee6bbbec4fd0a9e81b14bcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5605 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxVYYLahOZMatC4rl7_UPkLq5yAYAAAAAOAHgBAI&bg=!s7ClsOTNAAb9Sbh13Uk7ADkAdvg8WrKyQtOoL3VIZpKeeJouWEnoVNgU0Md34WB4o37ZabYSQrs0YXmG5P2dPTVpGN-XOX0L1uACAAAA41IAAAACaAEHCgAOQ9cPFvv85XKQI3ZqFUOZA227sxXCOQrTnrUM8gLpKEQQYBz6UogZv5uFOhUWyueGY4BxtPSXSUNBj-WuCDfRUeq160IfuPa_QKIww6TCAk_dRlPpC9ul5happl_Y7qsjcLaWr_DhtuQ4T4vSyzj9j0sy1SN13lPW6QMcD_ZJ0Jnci8HV5cAKub0-htcV0jmXoE8xb1gcs7DeSnokceK3omA-bebmoUnimOvwAKCbo_BF4tM1Yco3LMhLmgP-MfdSnQ5Si2e7LX9BY21_Qu1UQwxZa9sBlZDZFs1MvnTXVJ3MuQZaXwWOG76-xSm_U4DTO3YXb1RCl0Tp1jWLrfeqKoPofSZBf7x-dXEWOPPHNYjFsybNNydtwdjjYTBq76jk5YnJ7OURChQyVNIiQbqs1cbu0o4perotkMCK9rNwPxFS3qQwmNdAdIolRqRmtnRq93q6Mr4OSJUk8HL4BOzyI_kVQgdpXKqH0a5niI17IjzJGm08hfkVhCx7Fgw4c-jX28C5jLyKkAnYICaxn1z-tIO4Ujvk2sMrBhZWgewIPDz6ziBQV-xT9Enl66tdKSil9c3R5qrmW5zfzTMnhL72JXeKuhqWTUt3dGmu6gx98yXBEIZJJHn2z5snJk2NTaJrrP6-guqstyN5oD8Ff-v3qFo8VF2meMF_imxrpe_FGqAWBmUTDigpBUalRaZ1VIQoqk-eaRJpBcnNUub-SmBx9exQ8oHGNlu1u2lpolDJ17dIfIbLEGzlJBW_q6TiCvXZCm4ws2NTHbr1gh6178cqfmoc78lVnQg4nDh9HJAUvEediiNvDvJtE1vSRsoPTCjjQL1-vtHvcoDqlKPL1KaQ65xxLd-l_naqv-uzL1qogwdhD3pJBUrxTpySdLFkxTkYPnj-WYFItsSGQqvVhXW7FLwarZ-Hock5g7vS1-3soBNgpKjdYHGx4Dstn8DIHDdH5mQrY8Ptyt-NEj3E1gtSNFLJPmRgWVsgivX_MgvbxSxbCWaY3H11vdOPyiResdUD3nk0IRHzsb4fz0Rhvq2igwrIJA-_WBS15xi_Icm6qCxVM3QDY_2Jy0qoaY5aLLOnBead9vQwV-TXlhTtfAfqyZVapBNVtwPRr4D32joFcsC5Kbodsq8BRMF6S97TY66jdBJN901shyWGfWbI_H9IcZhJeCbpnMmyNzPnDqQQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
970x250_de-de_performance.js
s0.2mdn.net/creatives/assets/4703545/ Frame 20DD 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/970x250_de-de_performance.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9240be12f50384f56277981bc5fd6f446b7f4651c231e2461e7de7fd131f8b41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1981817875426158119/index.html?e=69&leftOffset=0&topOffset=0&c=GfasX4CYsA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:35:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
351
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17867
x-xss-protection
0
last-modified
Tue, 28 Mar 2023 08:48:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 30 Apr 2023 17:50:11 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 20DD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Apr 2023 17:41:02 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 75B6 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFLvkEIVddwrSg2sMssuXnk&google_cver=1&google_push=ATf1kGN982OnVTxeOVuPdgIYOhdA5zM99HHs_hWdT9VoJHNsc1VsgDj2z1s2RdkEEq0sw0_ixHJEiqHAIKoa1b3bZ48AADY5JV23tg
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:02 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 75B6
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESECkM2Vc1XUp5LyRNwMFVELU&google_cver=1&google_push=ATf1kGOvSxCbrPFFM2N23lQLFcKAsqC3RdaDrXq69bXf8Ax8oRBAurMCsFshD6YLPfJ9baaVBBNZGIEhQ_RoTD4rMqISnestPgffjw
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0BE73B331CA948419325BC40E8E86E43&google_push=ATf1kGOvSxCbrPFFM2N23lQLFcKAsqC3RdaDrXq69bXf8Ax8oRBAurMCsFshD6YLPfJ9baaVBBNZGIEhQ_RoTD4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0BE73B331CA948419325BC40E8E86E43&google_push=ATf1kGOvSxCbrPFFM2N23lQLFcKAsqC3RdaDrXq69bXf8Ax8oRBAurMCsFshD6YLPfJ9baaVBBNZGIEhQ_RoTD4rMqISnestPgffjw
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 17:41:02 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0BE73B331CA948419325BC40E8E86E43&google_push=ATf1kGOvSxCbrPFFM2N23lQLFcKAsqC3RdaDrXq69bXf8Ax8oRBAurMCsFshD6YLPfJ9baaVBBNZGIEhQ_RoTD4rMqISnestPgffjw
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 29 Apr 2023 17:41:02 GMT
pixel
cm.g.doubleclick.net/ Frame 75B6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECmsdYZu0BuaP9xyC7tvoN0&google_cver=1&google_push=ATf1kGONmf8bQYFgEYuFtzThC9Y45hGQM9OBHG3NmWCC5LjEVlNd2_VcO4z3Fz0pm_zyETsOPLtIpcU2...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEwMDE2OTQ1NTcxMzYyNzIz&google_push=ATf1kGONmf8bQYFgEYuFtzThC9Y45hGQM9OBHG3NmWCC5LjEVlNd2_VcO4z3Fz0pm_zyETsOPLtIpcU2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEwMDE2OTQ1NTcxMzYyNzIz&google_push=ATf1kGONmf8bQYFgEYuFtzThC9Y45hGQM9OBHG3NmWCC5LjEVlNd2_VcO4z3Fz0pm_zyETsOPLtIpcU2resx4yk3nbjqjf18dlcSIQ
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEwMDE2OTQ1NTcxMzYyNzIz&google_push=ATf1kGONmf8bQYFgEYuFtzThC9Y45hGQM9OBHG3NmWCC5LjEVlNd2_VcO4z3Fz0pm_zyETsOPLtIpcU2resx4yk3nbjqjf18dlcSIQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 75B6
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENkzw-3d_KnqMYYn7jNpRVc&google_cver=1&google_push=ATf1kGNOdjKjoWSl-zZekshN5x8lU_CEUMQM3EFZRKg4e6u8QsYeBX_SiZvNh8xxHp-MBLnPL7HgFqLFk6EXTdo23...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENkzw-3d_KnqMYYn7jNpRVc&google_cver=1&google_push=ATf1kGNOdjKjoWSl-zZekshN5x8lU_CEUMQM3EFZRKg4e6u8QsYeBX_SiZvNh8xxHp-MBLnPL7HgFqLFk6EXTdo23...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNOdjKjoWSl-zZekshN5x8lU_CEUMQM3EFZRKg4e6u8QsYeBX_SiZvNh8xxHp-MBLnPL7HgFqLFk6EXTdo23WioVMZGw8OW9A&google_hm=GkYFqGZHh_9O8W8_Qw6N...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNOdjKjoWSl-zZekshN5x8lU_CEUMQM3EFZRKg4e6u8QsYeBX_SiZvNh8xxHp-MBLnPL7HgFqLFk6EXTdo23WioVMZGw8OW9A&google_hm=GkYFqGZHh_9O8W8_Qw6N85gv
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 17:41:02 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNOdjKjoWSl-zZekshN5x8lU_CEUMQM3EFZRKg4e6u8QsYeBX_SiZvNh8xxHp-MBLnPL7HgFqLFk6EXTdo23WioVMZGw8OW9A&google_hm=GkYFqGZHh_9O8W8_Qw6N85gv
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
/
onetag-sys.com/match/ Frame 75B6
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESED8Eo_kT8ZeORvOzTkoXfXc&google_cver=1&google_push=ATf1kGOhribDUQRPTwyHmBqgYMLEOCmZKC5zwA_GsyQVeLq03TpNIpTMxxbIFT-8t37FQHogq6uaC-JRuFo...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOhribDUQRPTwyHmBqgYMLEOCmZKC5zwA_GsyQVeLq03TpNIpTMxxbIFT-8t37FQHogq6uaC-JRuFo8aRTCbTDk-2mhGw8Q3TA
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 75B6 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ILHTpjUEdq63RNhGrAxEHhwubsBxCLkiBTS0Pg8PL6HH7ms6k7u9GkbUo5
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
activeview
pagead2.googlesyndication.com/pcs/ Frame 7B6E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvatyrehZReMvlIVRy2AXW96d9iOu0p10AIn1eT9XDRGgncRp_Fkz_eeS7461UHFOhDYeSzyz1MxwP4RUhFTO1U_KF0BjG_dxq1VAfkgs9erZdDovV4uE91plFD&sai=AMfl-YQpabAJNWlpcQ10rSAb9ZEYqvVOHL0ONOu4ZU0Dc5TsSQ75wF56SFsMNKlOwtEUbHa-VUoIBVwPYpU_ro3d9YvgN5K7te6nWuLIMv3RRhhMQ8HY6SXH5PVNd4xC3hZmE-dyuoEL2e6dktJq&sig=Cg0ArKJSzB-LK5IifjinEAE&cid=CAQSSwBygQiD08caxsylZ15NDs8-K8TtyaxWKLQAa44zY-Y8cMibjmJNK6LMIltYhiZwrd6l_M3-FShViAlgv4yhFmn2-_9C-tx-72X9MhgB&id=lidar2&mcvt=1013&p=1110,436,1200,1164&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3202367356&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682876460326&rpt=749&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame BE16
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 17:41:02 GMT
expires
Sun, 30 Apr 2023 17:41:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 17:41:02 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304250101&jk=177432777658012&bg=!2Nul24_NAAb9Sbh13Uk7ADkAdvg8Wnoet-iVCubiGPaLGn4QKL8rlvBzjv3bgBXUcCdlA47ISDjxFguXdqK-gzZcb3x6hckR5aICAAABaFIAAAADaAEHmQLdbqfHH0Dx-RrQLd82xsWMqzFVABaD69Yw-STNGvJWlFM6mUTQqxS9WDkiAfXgjgdLGmtd94ltrNO3OQmRbY_EoIrNlzdFbmgS3_nLA46aiBUxzas6gU9JzIOzgxt2vqCpXO8yn7NA5G-AJWU3QjUPoUrm-xYLmMOJhqm1n6sBiFArHAuTUiGk52SBNLR-cYFzoLCJE6V28SEYk4PjbXRMnbP0lqfJuA05qlCBKr57T0o1y0kIQBh4hV1XEXA6hywrsOT7WUdQJuKrF6X_0vuS4zkDJ4DBRV3ctqNkYSChL2O4tCnZxqzhGtuYgicK2Su0Hu7NchKsolxLdSkSF7LUz2gcSGcf5tbKzvJH6aGVnUhj0eoVxu6ZIhiCKDoIAiIgskLYKEjldKSGZwsG9wUctbc-dccW1gOLMWhi2t_siYY1a2Jhbjpl3bXvJXWiHdmMzWUcknYJcVqrKB7oqTbgch4MjrcCMExeIizRwRpkKEkCzRmjoIULeCocc_GDCjXeJxY_GkR50ZTbFtHVEk6txvybYsRKqxHIBnSotTlI-djvxlhThk3Y9NuFt-9FaZo4xGspOEE96H0QhfpwDSEWokJgK8rMVM6c9qH5ZrWlqnBE3_Ka2gx9wM4gQwPxCFA0Hjx2uqczI-imReGHdhaCbreElDc2h4c8HAWWjmUOjGh0JdLGcXW8z_YnQVTdyHPBp8DfsI5IyjJ1slUY_cu1j0a6BAncUr-r7WDos2Fzt0N0uGbr5C6jjWFh7IOjk5feHiQ7Pd4E86HolN1ldQEQTCPZxMyUFqIZ3cuWdkWA7NqICjJpgNczBq1Zl0JbyOi9m2TbTUoYGd62QIUDUKbTK9zTMpNe_2dx-rdqU_Rz3t0cUNt-DQgRM-f0qkbUGLg_2YMBiWp8c1nUHmh2XgCZTVWhmqfbmnc1bKqc4tgDxVpy6jhaTQZlY7M1EHLvFhl9gDwBE9bjChZlscbRyA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
pagead2.googlesyndication.com/bg/ Frame 9316 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:12:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
336513
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14118
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:12:29 GMT
star_alliance.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 20DD 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/970x250_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3052cb4159c6c3da4cee05fc67f879dfc7c5cf59628a6fd37485cf4c685f60d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1981817875426158119/index.html?e=69&leftOffset=0&topOffset=0&c=GfasX4CYsA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:38:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1840
x-xss-protection
0
last-modified
Tue, 04 Oct 2022 11:00:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 30 Apr 2023 17:53:53 GMT
lh_logotype_single.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 20DD 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/970x250_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1981817875426158119/index.html?e=69&leftOffset=0&topOffset=0&c=GfasX4CYsA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:40:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2151
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 30 Apr 2023 17:55:17 GMT
lh_crane.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 20DD 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/970x250_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1981817875426158119/index.html?e=69&leftOffset=0&topOffset=0&c=GfasX4CYsA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:27:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 30 Apr 2023 17:42:16 GMT
NH_D_WD_Affinity-Outdoor-Hiking_970x250.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame 20DD 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4703548/NH_D_WD_Affinity-Outdoor-Hiking_970x250.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e70babf40a7be07229714b97870532d5dbaf18953809653d376768b756a4dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1981817875426158119/index.html?e=69&leftOffset=0&topOffset=0&c=GfasX4CYsA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:02 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165544
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:51:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 30 Apr 2023 17:56:02 GMT
LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame 20DD 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1981817875426158119/index.html?e=69&leftOffset=0&topOffset=0&c=GfasX4CYsA&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:27:51 GMT
x-content-type-options
nosniff
age
791
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51548
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 11:46:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 30 Apr 2023 17:42:51 GMT
dt
dt.adsafeprotected.com/ Frame 775C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=84e1dd65-e7ea-43c5-5809-5f4dae9a29e8&tv=%7Bc:bi7Fib,time:1275,type:e,im:%7Bpci:%7Btdr:1023%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1275,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1269~0%5D,as:%5B1269~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:171,fm:tCVY7X2+11%7C12%7C131%7C141%7C151*.1352960-69587949%7C1511%7C16%7C17%7C18%7C19%7C1a11,idMap:151*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:23,sis:645%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:27ad:6e7d:3901:7e49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:02 GMT
server
nginx
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
cdb
bidder.criteo.com/ 		18 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=29161667243
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 17:41:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yalla-shoots.tv
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
bid
ap.lijit.com/rtb/ 		25 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.4
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
9bd796f943b79f836428c5f05f4857e7cbf1df9e8fc3a568a44598726925b5e3

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 Apr 2023 17:41:02 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
c
prebid.a-mo.net/a/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Sun, 30 Apr 2023 17:41:01 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
prebid
mp.4dex.io/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:02 GMT
x-err
Parsing the Prebid Request. org/site not found
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7c0192c0fdc43642-FRA
expires
0
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		384 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177432777658012&correlator=1021442054200826&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=160x600&ifi=23&adks=1201197171&didk=381210741&sfv=1-0-40&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D42a4877d5e8abf72%3AT%3D1682876460%3AS%3DALNI_MYTEubU7026_sbxLOiLCSOB6xEH0Q&gpic=UID%3D00000bf38db9a062%3AT%3D1682876460%3ART%3D1682876460%3AS%3DALNI_MYN1HFRwq3P_-L8BNVBU3E1wyxr6Q&abxe=1&dt=1682876462344&lmt=1682876457&dlt=1682876459554&idt=333&adxs=-160&adys=310&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=n&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=160&psts=ABHeCvg586E4AmBaTdzYT1J7wQ62P14a7aZrWnGvKPiNtpujB-8e4SV0-Hmt1SUzTJ3i_E4t4y2hlhfiwSybopNt6Hwx2SU%2CABHeCviZTumbI2CbYizuvUHQ9IfZRs5EbJN42_mSuNdTgQQxDIxd8jWN2jwKUn6IQJ5z_dDJ3BlCtfWfYjU8_EbvcfQkchc%2CABHeCvgFoHI4hHSVw2Hfo6-BU6TKv7K1OJp4coqvzC84nEkyx5zxm-WWWC8fLRlIpQHF-G8PYS7R0pT02QAWi0KT6zth4jA%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhfRVGauD97_0LyRpMEB5IYWvdhTIf6OZbdJaO3o3FWHaXHi7NHvX5Qq3syYB6X-pUuNH3CEUd7oeNMV6fD1DN_Voc%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhNaWIIPjyywnWFeH6oiGbdxt1fK9uZfKOdwqBtyNhbIygcehssiCOKbt2hC3FfphmHPXCBkopmEzZftUg7vwjFe6k%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCviRmDFSbKbH4fuvJtjNDTnNod8JjTrzY49V9Yxr_4NN&ga_vid=1078497215.1682876460&ga_sid=1682876460&ga_hid=1112211741&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYoNqDmv0wSABSAghkEhkKCnB1YmNpZC5vcmcY4tuDmv0wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKDag5r9MEgAUgIIZBLuAQoIcnRiaG91c2US2AFWMTJacTZTTFlQcUhsRkxmUG12V0ZWTUp4M0l1TGNSS1RzOGswYVR5N3NWZ29QL1RVUjRnKzRUcVBSN1JtVzFodmwyaVBUejlmYjlHZTVieVBMdjhIc2FTU0RZWVlXTWZWb2xGYUhrSGJOaENOUFNjNjFPaWw2YnE5emkvZVAvTmJiSjlmb1VsZkI2UDNNektRaTduTFE5RlZZZ0lhc2xpNFJrdnluRzRxbzZ5UWhjcUQxYWR3Z2Q1RkFOQjBKK0RsTVczNHRiNUNZcmY3SzBYK1B0Znh3PT0Ypt6Dmv0wSAASGQoKdWlkYXBpLmNvbRif2oOa_TBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGObcg5r9MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9295bb9d041a97b0a7b82bd6e0b06b781718b6b9d838fff8c773292c88bcf99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C4E6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstl3aTg5kMuOgFW7BE2utNDYSKRyIh-EUBh7074PoO6uNBU2p6laOS_TWMYhn2KHPdMugXGNV8jc-_HsaYuyyogpI0&sig=Cg0ArKJSzCvIcZ4JceW3EAE&cid=CAQSSwBygQiDzlVvR2AL_b0yCHH66wueazMU8gV-SwzJdxlIIaGuKbP2--M-v6rl8fny_h0ld8soqt_O6IWq9qZnzT1rlNjvP9Jxzo3HZhgB&id=lidar2&mcvt=1000&p=30,813,248,1074.5&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3933977197&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682876460444&rpt=902&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C4E6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWgZVZ4gvZqAHVD-Gos9hdBOgYApNAd0kP2zDI2ZSpWmn2UMddOVsN1JwkK05r3p55Whw_6v8RAcv2RemdltpQcx-u_JnjEeLnWPrWcYjiV9Gwt29EWRM80YhR7GexN6tYHElRcQ&sai=AMfl-YTUqjH93SFeXjTc5uocAfuyivrAbPMbaRHynFsiiOFC2qc7vLn1O-VhmjOHPTDD7AF60E2RhysE5wkXur-RVxYMlRaGAuBkh1WO5QzbtqY_FKvT62oPoWaztm923qtqb88y3laDAOaEfRRu&sig=Cg0ArKJSzB9AduEYkzuqEAE&cid=CAQSSwBygQiDzlVvR2AL_b0yCHH66wueazMU8gV-SwzJdxlIIaGuKbP2--M-v6rl8fny_h0ld8soqt_O6IWq9qZnzT1rlNjvP9Jxzo3HZhgB&id=lidar2&mcvt=1001&p=710,263,928,524.5&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3933977197&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682876460444&rpt=896&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C4E6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskv98Y4ViZ-mEy3D6uxhn8Lc0_Xv_STg-uUyQqx2uY_Bz3ZuW_M_a2Xm13T29M0z2syS0mGuPWoqMTAU7hSFCLZ78&sig=Cg0ArKJSzETXaNs0iaQrEAE&cid=CAQSSwBygQiDzlVvR2AL_b0yCHH66wueazMU8gV-SwzJdxlIIaGuKbP2--M-v6rl8fny_h0ld8soqt_O6IWq9qZnzT1rlNjvP9Jxzo3HZhgB&id=lidar2&mcvt=1002&p=30,543,248,804.5&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3933977197&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682876460444&rpt=901&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C4E6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstyaSALsrj-ktyMpTj4ycN8RTsa2ryXZNhq_PlJMbWcCdPb6QKJ5gL5Myg2votdhpYfjRj9JAcLtHjHuCSQnOn1nsbrXL6DfjodbHlKZ1LEnno4v8Rk_-Jb4aL7S13Y57qZgApv_g&sai=AMfl-YS1cidmFZhXlTN9fCXDAjbRCLv4dlPTvm0DJm1k9qsOzZD0z0whEGdgaIhsfCkycpGV6c3Y9SNky8ukBY1raRko-TIHMev2qIHVHqXfQBOl7wLqzMZpFTZsVnTjQSICJwJYC2i86IEfsN6U&sig=Cg0ArKJSzC7ptHI_LPKhEAE&cid=CAQSSwBygQiDzlVvR2AL_b0yCHH66wueazMU8gV-SwzJdxlIIaGuKbP2--M-v6rl8fny_h0ld8soqt_O6IWq9qZnzT1rlNjvP9Jxzo3HZhgB&id=lidar2&mcvt=1003&p=30,272,248,533.5&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3933977197&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682876460444&rpt=899&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:13:32 GMT
server
nginx
etag
W/"642e8d3c-15c1d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 01 May 2023 17:41:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CDA2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4333625552299&version=m202301230201&ct=76&x=1&cor=15500623169591930000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 775C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDBVgu_UcI26mTH0C4t0JrNIiiRwAhX0TOXM6xagnyDiLVbfko93yGcC6-Obk5OgyLG65gEBP5_RczpxSP2yxqVV_MpYbFW72idRbK5V1Ma9JeBKj_fbysjpy3MGunqIodAQBd6GM&sai=AMfl-YQxmFlDfnz150ZFkM5OpqeaJCtLCeY6e18Udd1jdotNgZafZzIABNt2l76nQQQuPoZuRN-znORyC8_213FomAo_8nieR2nGs40vR8HmXvFYfL6Tjz80kXf5dtNnxPE&sig=Cg0ArKJSzLgq6a5MvvxaEAE&cid=CAQSPgBygQiDCrGd3Evj_fLqetRWXEE-Ko7GRfAZ3cWBDoJSg8SIMBRcWD-L_YeYNFPFQD9B2UNHKJK_ZXwM6nhlGAE&id=lidar2&mcvt=1005&p=0,0,250,970&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3366209244&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682876460467&rpt=1297&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B6E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=141598162232&version=m202301230201&ct=76&x=1&cor=14060517603652200000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 775C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=84e1dd65-e7ea-43c5-5809-5f4dae9a29e8&tv=%7Bc:bi7FsY,pingTime:0,time:1944,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:21%7D,%7Bpiv:100,vs:i,r:,t:1943%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:1,o:1943,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1937~0,1~100%5D,as:%5B1938~970.250%5D%7D%7D,%7Bsl:i,t:1943,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1937~0,1~100%5D,as:%5B1938~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:103,fm:tCVY7X2+11%7C12%7C131%7C141%7C151*.1352960-69587949%7C1511%7C16%7C17%7C18%7C19%7C1a11,idMap:151*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:23,sis:645%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:27ad:6e7d:3901:7e49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:02 GMT
server
nginx
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 775C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4192923863303&version=m202301230201&ct=76&x=1&cor=6215970652432958000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
multitracking
ghb.aplhb.adipolo.com/adunit/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19477/hbw_master_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://yalla-shoots.tv
Date
Sun, 30 Apr 2023 17:41:03 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
json
gum.criteo.com/sid/ 		2 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fyalla-shoots.tv%2F&domain=yalla-shoots.tv&cw=1&pbt=1&lsw=1
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:02 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
277912
expires
0
prebid
id5-sync.com/api/config/ 		135 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://yalla-shoots.tv
date
Sun, 30 Apr 2023 17:41:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
/
onetag-sys.com/usync/ Frame 97CB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1682876462257&gdpr=0
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame 8A11 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1682876460465
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
kass1_1.m3u8
a3.koora.cloud/watch/pftxnfvWZj-uwby3IMIYsg/1682879806/1682880060/1/ Frame BCC6 		570 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a3.koora.cloud/watch/pftxnfvWZj-uwby3IMIYsg/1682879806/1682880060/1/kass1_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.84.217.44 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
amazon /
Resource Hash
5c18d817e48de5086038c5d2abe8e3fc2d02185dc2748b24c52d8d03dd73f40d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 17:41:03 GMT
Last-Modified
Sun, 30 Apr 2023 17:40:57 GMT
Server
amazon
ETag
"644ea829-23a"
X-Cache-Status
HIT
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
570
Expires
Sun, 30 Apr 2023 17:41:02 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fyalla-shoots.tv%2F&domain=yalla-shoots.tv&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://yalla-shoots.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 30 Apr 2023 17:41:03 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
284199
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
7f460f1ff20737c9169f1788f04bbf8ec3c82a54aa752e28b24dc831a0482b74
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://yalla-shoots.tv
date
Sun, 30 Apr 2023 17:41:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
692.json
id5-sync.com/g/v2/ 		216 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
b083bdc473e676707bd36b0643d358aebad899abadbee90389d97d6f72520a55
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://yalla-shoots.tv
date
Sun, 30 Apr 2023 17:41:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
dt
dt.adsafeprotected.com/ Frame 775C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=84e1dd65-e7ea-43c5-5809-5f4dae9a29e8&tv=%7Bc:bi7FJ7,pingTime:1,time:2945,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:21%7D,%7Bpiv:100,vs:i,r:,t:1943%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:1943,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1937~0,1~100%5D,as:%5B1938~970.250%5D%7D%7D,%7Bsl:i,t:1943,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:115,fm:tCVY7X2+11%7C12%7C131%7C141%7C151*.1352960-69587949%7C1511%7C16%7C17%7C18%7C19%7C1a11,idMap:151*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:23,sis:645%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:27ad:6e7d:3901:7e49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:03 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 775C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=84e1dd65-e7ea-43c5-5809-5f4dae9a29e8&tv=%7Bc:bi7FJ7,pingTime:1,time:2945,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:21%7D,%7Bpiv:100,vs:i,r:,t:1943%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:1943,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1937~0,1~100%5D,as:%5B1938~970.250%5D%7D%7D,%7Bsl:i,t:1943,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:115,fm:tCVY7X2+11%7C12%7C131%7C141%7C151*.1352960-69587949%7C1511%7C16%7C17%7C18%7C19%7C1a11,idMap:151*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:23,sis:645,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:27ad:6e7d:3901:7e49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:03 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
kass1_1-2138.ts
a3.koora.cloud/watch/pftxnfvWZj-uwby3IMIYsg/1682879806/1682880060/1/ Frame BCC6 		1 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a3.koora.cloud/watch/pftxnfvWZj-uwby3IMIYsg/1682879806/1682880060/1/kass1_1-2138.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.84.217.44 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
amazon /
Resource Hash
6922e93e3827642ce4b883c756b31abf80036649d3614bf5fcb3adda43b8ea32

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-0

Response headers

Date
Sun, 30 Apr 2023 17:41:03 GMT
Last-Modified
Sun, 30 Apr 2023 17:40:20 GMT
Server
amazon
ETag
"644ea804-97020"
X-Cache-Status
HIT
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Content-Range
bytes 0-0/618528
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=60
Connection
keep-alive
Content-Length
1
kass1_1-2139.ts
a3.koora.cloud/watch/pftxnfvWZj-uwby3IMIYsg/1682879806/1682880060/1/ Frame BCC6 		604 KB
604 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a3.koora.cloud/watch/pftxnfvWZj-uwby3IMIYsg/1682879806/1682880060/1/kass1_1-2139.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.84.217.44 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
amazon /
Resource Hash
7a8753f482c440c8a7244e778f1fc4e9e65a2adf21b0ed7ed4b86220dd43b130

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 17:41:03 GMT
Last-Modified
Sun, 30 Apr 2023 17:40:24 GMT
Server
amazon
ETag
"644ea808-96f60"
X-Cache-Status
HIT
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
618336
bid
ap.lijit.com/rtb/ 		25 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.4
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
0b77a22130a6d06ba059cdefeea868c3bcb322d8c8a1e3dd97fb44c2729e91c0

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 Apr 2023 17:41:04 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
prebid
mp.4dex.io/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:04 GMT
x-err
Parsing the Prebid Request. org/site not found
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7c0192cd0e973642-FRA
expires
0
c
prebid.a-mo.net/a/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Sun, 30 Apr 2023 17:41:04 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ 		18 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=33635747443
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 17:41:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yalla-shoots.tv
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		384 B
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177432777658012&correlator=416629119056207&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=160x600&ifi=24&adks=3069877103&didk=462790166&sfv=1-0-40&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D42a4877d5e8abf72%3AT%3D1682876460%3AS%3DALNI_MYTEubU7026_sbxLOiLCSOB6xEH0Q&gpic=UID%3D00000bf38db9a062%3AT%3D1682876460%3ART%3D1682876460%3AS%3DALNI_MYN1HFRwq3P_-L8BNVBU3E1wyxr6Q&abxe=1&dt=1682876464201&lmt=1682876457&dlt=1682876459554&idt=333&adxs=-160&adys=910&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=o&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=640&ohw=0&psts=ABHeCvg586E4AmBaTdzYT1J7wQ62P14a7aZrWnGvKPiNtpujB-8e4SV0-Hmt1SUzTJ3i_E4t4y2hlhfiwSybopNt6Hwx2SU%2CABHeCviZTumbI2CbYizuvUHQ9IfZRs5EbJN42_mSuNdTgQQxDIxd8jWN2jwKUn6IQJ5z_dDJ3BlCtfWfYjU8_EbvcfQkchc%2CABHeCvgFoHI4hHSVw2Hfo6-BU6TKv7K1OJp4coqvzC84nEkyx5zxm-WWWC8fLRlIpQHF-G8PYS7R0pT02QAWi0KT6zth4jA%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhfRVGauD97_0LyRpMEB5IYWvdhTIf6OZbdJaO3o3FWHaXHi7NHvX5Qq3syYB6X-pUuNH3CEUd7oeNMV6fD1DN_Voc%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhNaWIIPjyywnWFeH6oiGbdxt1fK9uZfKOdwqBtyNhbIygcehssiCOKbt2hC3FfphmHPXCBkopmEzZftUg7vwjFe6k%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCviRmDFSbKbH4fuvJtjNDTnNod8JjTrzY49V9Yxr_4NN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1078497215.1682876460&ga_sid=1682876460&ga_hid=1112211741&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYoNqDmv0wSABSAghkEhkKCnB1YmNpZC5vcmcY4tuDmv0wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKDag5r9MEgAUgIIZBLuAQoIcnRiaG91c2US2AFWMTJacTZTTFlQcUhsRkxmUG12V0ZWTUp4M0l1TGNSS1RzOGswYVR5N3NWZ29QL1RVUjRnKzRUcVBSN1JtVzFodmwyaVBUejlmYjlHZTVieVBMdjhIc2FTU0RZWVlXTWZWb2xGYUhrSGJOaENOUFNjNjFPaWw2YnE5emkvZVAvTmJiSjlmb1VsZkI2UDNNektRaTduTFE5RlZZZ0lhc2xpNFJrdnluRzRxbzZ5UWhjcUQxYWR3Z2Q1RkFOQjBKK0RsTVczNHRiNUNZcmY3SzBYK1B0Znh3PT0Ypt6Dmv0wSAASGQoKdWlkYXBpLmNvbRif2oOa_TBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGObcg5r9MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
719fa86f5dcb2739968e22ee22c7579a5e2e945910287cb1ae7b96e43aa1905f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
kass1_1-2140.key
a3.koora.cloud/watch/pftxnfvWZj-uwby3IMIYsg/1682879806/1682880060/1/keys/ Frame BCC6 		16 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a3.koora.cloud/watch/pftxnfvWZj-uwby3IMIYsg/1682879806/1682880060/1/keys/kass1_1-2140.key
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.84.217.44 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
amazon /
Resource Hash
203ab0f0792b7ba08196cda321c72db8acf12cdf7f523113e2607704acc360cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 17:41:04 GMT
Last-Modified
Sun, 30 Apr 2023 17:41:01 GMT
Server
amazon
ETag
"644ea82d-10"
X-Cache-Status
HIT
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16
kass1_1-2140.ts
a3.koora.cloud/watch/pftxnfvWZj-uwby3IMIYsg/1682879806/1682880060/1/ Frame BCC6 		600 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a3.koora.cloud/watch/pftxnfvWZj-uwby3IMIYsg/1682879806/1682880060/1/kass1_1-2140.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.84.217.44 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
amazon /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 17:41:04 GMT
Last-Modified
Sun, 30 Apr 2023 17:40:28 GMT
Server
amazon
ETag
"644ea80c-96170"
X-Cache-Status
HIT
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
614768
multitracking
ghb.aplhb.adipolo.com/adunit/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19477/hbw_master_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://yalla-shoots.tv
Date
Sun, 30 Apr 2023 17:41:05 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
kass1_1.m3u8
a3.koora.cloud/watch/pftxnfvWZj-uwby3IMIYsg/1682879806/1682880060/1/ Frame BCC6 		570 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a3.koora.cloud/watch/pftxnfvWZj-uwby3IMIYsg/1682879806/1682880060/1/kass1_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.84.217.44 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
amazon /
Resource Hash
19f3bfa9c6f13efe2d7b5517d6dae01e1f98fe717edda4f09ab11225fc213507

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 17:41:05 GMT
Last-Modified
Sun, 30 Apr 2023 17:41:01 GMT
Server
amazon
ETag
"644ea82d-23a"
X-Cache-Status
HIT
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
570
Expires
Sun, 30 Apr 2023 17:41:04 GMT
kass1_1.m3u8
a3.koora.cloud/watch/pftxnfvWZj-uwby3IMIYsg/1682879806/1682880060/1/ Frame BCC6 		570 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a3.koora.cloud/watch/pftxnfvWZj-uwby3IMIYsg/1682879806/1682880060/1/kass1_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.84.217.44 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
amazon /
Resource Hash
19f3bfa9c6f13efe2d7b5517d6dae01e1f98fe717edda4f09ab11225fc213507

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 17:41:05 GMT
Last-Modified
Sun, 30 Apr 2023 17:41:01 GMT
Server
amazon
ETag
"644ea82d-23a"
X-Cache-Status
HIT
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
570
Expires
Sun, 30 Apr 2023 17:41:04 GMT
kass1_1-2141.ts
a3.koora.cloud/watch/pftxnfvWZj-uwby3IMIYsg/1682879806/1682880060/1/ Frame BCC6 		576 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a3.koora.cloud/watch/pftxnfvWZj-uwby3IMIYsg/1682879806/1682880060/1/kass1_1-2141.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.84.217.44 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
amazon /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 17:41:06 GMT
Last-Modified
Sun, 30 Apr 2023 17:40:32 GMT
Server
amazon
ETag
"644ea810-96df0"
X-Cache-Status
HIT
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
617968
prebid
mp.4dex.io/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:06 GMT
x-err
Parsing the Prebid Request. org/site not found
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7c0192dd3f003642-FRA
expires
0
c
prebid.a-mo.net/a/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Sun, 30 Apr 2023 17:41:06 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ 		18 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=89219925000
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 17:41:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yalla-shoots.tv
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
bid
ap.lijit.com/rtb/ 		25 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.4
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467465/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
f7745b5b5d76252ce8cd699a343ec74fffb526a002f312a045ccfb3905b1fc42

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 Apr 2023 17:41:06 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		384 B
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177432777658012&correlator=2047300824529679&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=160x600&ifi=25&adks=1841566472&didk=511952123&sfv=1-0-40&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D42a4877d5e8abf72%3AT%3D1682876460%3AS%3DALNI_MYTEubU7026_sbxLOiLCSOB6xEH0Q&gpic=UID%3D00000bf38db9a062%3AT%3D1682876460%3ART%3D1682876460%3AS%3DALNI_MYN1HFRwq3P_-L8BNVBU3E1wyxr6Q&abxe=1&dt=1682876466842&lmt=1682876457&dlt=1682876459554&idt=333&adxs=-160&adys=1510&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=p&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10750%2F1004992%2Fclub-africain-vs-es-sahel%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=640&ohw=0&psts=ABHeCvg586E4AmBaTdzYT1J7wQ62P14a7aZrWnGvKPiNtpujB-8e4SV0-Hmt1SUzTJ3i_E4t4y2hlhfiwSybopNt6Hwx2SU%2CABHeCviZTumbI2CbYizuvUHQ9IfZRs5EbJN42_mSuNdTgQQxDIxd8jWN2jwKUn6IQJ5z_dDJ3BlCtfWfYjU8_EbvcfQkchc%2CABHeCvgFoHI4hHSVw2Hfo6-BU6TKv7K1OJp4coqvzC84nEkyx5zxm-WWWC8fLRlIpQHF-G8PYS7R0pT02QAWi0KT6zth4jA%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhfRVGauD97_0LyRpMEB5IYWvdhTIf6OZbdJaO3o3FWHaXHi7NHvX5Qq3syYB6X-pUuNH3CEUd7oeNMV6fD1DN_Voc%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhNaWIIPjyywnWFeH6oiGbdxt1fK9uZfKOdwqBtyNhbIygcehssiCOKbt2hC3FfphmHPXCBkopmEzZftUg7vwjFe6k%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCviRmDFSbKbH4fuvJtjNDTnNod8JjTrzY49V9Yxr_4NN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1078497215.1682876460&ga_sid=1682876460&ga_hid=1112211741&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYoNqDmv0wSABSAghkEhkKCnB1YmNpZC5vcmcY4tuDmv0wSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGKDag5r9MEgAUgIIZBLuAQoIcnRiaG91c2US2AFWMTJacTZTTFlQcUhsRkxmUG12V0ZWTUp4M0l1TGNSS1RzOGswYVR5N3NWZ29QL1RVUjRnKzRUcVBSN1JtVzFodmwyaVBUejlmYjlHZTVieVBMdjhIc2FTU0RZWVlXTWZWb2xGYUhrSGJOaENOUFNjNjFPaWw2YnE5emkvZVAvTmJiSjlmb1VsZkI2UDNNektRaTduTFE5RlZZZ0lhc2xpNFJrdnluRzRxbzZ5UWhjcUQxYWR3Z2Q1RkFOQjBKK0RsTVczNHRiNUNZcmY3SzBYK1B0Znh3PT0Ypt6Dmv0wSAASGQoKdWlkYXBpLmNvbRif2oOa_TBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGObcg5r9MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad2db7d3182714863e69166a5876004af4bd9d0a3c965abcd882a7c4402344f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 17:41:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
kass1_1.m3u8
a3.koora.cloud/watch/pftxnfvWZj-uwby3IMIYsg/1682879806/1682880060/1/ Frame BCC6 		478 B
976 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a3.koora.cloud/watch/pftxnfvWZj-uwby3IMIYsg/1682879806/1682880060/1/kass1_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.84.217.44 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
amazon /
Resource Hash
7123e469ce9516a42fb79137ee31ab2d65df3606ac7005c56b3e7c7062f361ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 17:41:07 GMT
Last-Modified
Sun, 30 Apr 2023 17:41:05 GMT
Server
amazon
ETag
"644ea831-1de"
X-Cache-Status
HIT
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
478
Expires
Sun, 30 Apr 2023 17:41:06 GMT
multitracking
ghb.aplhb.adipolo.com/adunit/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19477/hbw_master_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://yalla-shoots.tv
Date
Sun, 30 Apr 2023 17:41:07 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
dt
dt.adsafeprotected.com/ Frame 775C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=84e1dd65-e7ea-43c5-5809-5f4dae9a29e8&tv=%7Bc:bi7GLC,pingTime:5,time:6944,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:21%7D,%7Bpiv:100,vs:i,r:,t:1943%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:5001,o:1943,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1937~0,1~100%5D,as:%5B1938~970.250%5D%7D%7D,%7Bsl:i,t:1943,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:97,fm:tCVY7X2+11%7C12%7C131%7C141%7C151*.1352960-69587949%7C1511%7C16%7C17%7C18%7C19%7C1a11,idMap:151*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:23,sis:645%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:27ad:6e7d:3901:7e49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 17:41:07 GMT
server
nginx
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 boolean| credentialless object| __cfQR string| demandSupplySc string| demandSupplyCr number| demandSupplySr object| houseAdCampaigns string| demandSupplyTi object| demandSupplyTc object| demandSupplyTcI number| demandSupplyPDI number| demandSupplyDFSS object| demandSupply object| googletag object| wg object| dspbjs string| demandSupplyFS object| _app object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| google_reactive_ads_global_state string| currentUrl string| mainURL function| _0x480a function| _0x47df function| decrypt function| $ function| jQuery function| removeCustomBanner undefined| customBannerCountdownInterval number| p object| matche string| u_key string| k_url function| update_frame function| _0x17035d function| _0x1bbb function| _0x144026 function| _0x516788 object| divChannels object| rowChannel function| _0xef9dd0 function| _0x12aaab object| channels function| _0x599d function| _0x19cc99 object| channel0 object| aniplayerPos object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| rdmode function| HqyLazyload function| gtag object| dataLayer boolean| __cfRLUnblockHandlers object| google_tag_manager object| gptAdSlots undefined| interstitialSlot undefined| staticSlot object| anchorSlot object| vmpbjs object| vpb object| adipolo string| GoogleAnalyticsObject function| ga object| com function| _avcp object| GoogleGcLKhOms object| gaplugins object| gaData object| vmpbjsChunk object| ADAGIO object| Criteo object| pbjs function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| signal_decrypted object| __uid2SecureSignalProvider object| __uid2 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_135 object| Criteo_identitytag_135 function| setImmediate function| clearImmediate object| sas object| apntag object| _ADAGIO object| ONFOCUS object| google_image_requests

33 Cookies

Domain/Path Name / Value
live.demand.supply/ Name: demandSupplyTi
Value: 8123a0e5-1a1b-4b2a-8d0f-e93e30ecd216
.demand.supply/ Name: __cf_bm
Value: xAg1.u1eb1ZKVtyOiTx8YmZ5Vjs6YF2oMPnP2xDNA3c-1682876459-0-AXlVOewFtwjm3mAgevnGG0TmlBwwLVAr1F14jevl2tvigNS6eTWfBqQhpqirZcILMD0NH7n6+n5a+xJzcAhEans=
.yalla-shoots.tv/ Name: _ga
Value: GA1.2.1078497215.1682876460
.yalla-shoots.tv/ Name: _gid
Value: GA1.2.130744006.1682876460
.yalla-shoots.tv/ Name: _gat_gtag_UA_230085360_1
Value: 1
yalla-shoots.tv/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.yalla-shoots.tv/ Name: _pubcid
Value: fa4b7f2c-1d5e-4193-80c6-5820c8a12ae1
.yalla-shoots.tv/ Name: __gads
Value: ID=42a4877d5e8abf72:T=1682876460:S=ALNI_MYTEubU7026_sbxLOiLCSOB6xEH0Q
.yalla-shoots.tv/ Name: __gpi
Value: UID=00000bf38db9a062:T=1682876460:RT=1682876460:S=ALNI_MYN1HFRwq3P_-L8BNVBU3E1wyxr6Q
.criteo.com/ Name: uid
Value: c64a1879-a26b-4100-a237-3c3ae7818041
.casalemedia.com/ Name: CMID
Value: ZE6oLB3RZefMcOLnDVRnGgAA
.casalemedia.com/ Name: CMPS
Value: 5133
.casalemedia.com/ Name: CMPRO
Value: 5133
.doubleclick.net/ Name: IDE
Value: AHWqTUlfoiyPmNrz5zZoFcDuIOPK389iZwHfSzi3dQFPHYhqEmXakMGLLj5d_gy7_vA
.adnxs.com/ Name: uuid2
Value: 7174392942818329538
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>3d>Ost!]tcR8i_iqf!oN/@E'zz<*Z0Qx4q?>jBkL%hggsN)F>^7Gdyuj1W$(y*RvFBTD._*PlZ[C[-kX-F*LkD
.yalla-shoots.tv/ Name: cto_bundle
Value: CBDzhl9KM0xMMld5ZVZzNiUyRnR5TG9wZXBBa3lhNmdTT09LMTNObW41dEhPem1ZeGFZS1pVQlZpaFlNZUxQdWNHNzdsJTJGTFZmJTJCWHY1Nzd1cWdaeUVaZjh4ZFRiYWhXSm9ydDdtZldMb05nWElJYiUyQkNIeGp2a2prcVh4OGloTmUzSk9WTzVzUnJZU3Fhd3k0YmluY1dvQW9ieFRnQSUzRCUzRA
.mathtag.com/ Name: uuid
Value: 5840644e-a82d-4300-a9cd-0c14e71331fc
.mathtag.com/ Name: mt_mop
Value: 4:1682876461
.adform.net/ Name: C
Value: 1
.de17a.com/ Name: guid
Value: 1.8063625678581730412
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.adform.net/ Name: uid
Value: 510016945571362723
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A92A31AB-B7B3-485F-9790-CC474DEE6CFC
fksnk.com/ Name: AWSALBCORS
Value: RkjphbWS+475a/AhERzmzZYE9/er/5zZkMPRGJ3yK8jEfu4X3N3OxWBmbzl40Ixl64YVWACWQUPtM05ZP0L3fHK6h6eYc04Zi7Kb1tpwy49C7bFcdjvKHWmUQX4Z
.fksnk.com/ Name: f_001
Value: A9220532F8B8B860
.fksnk.com/ Name: g_001
Value: 1
m.exactag.com/ Name: exactag_new_gk
Value: afdc15950c7a4bfcaac3e0786e9876f7%7C29.06.2023%2017%3A41%3A01
m.exactag.com/ Name: exactag_new_uk
Value: 22b4082f66b94af3b7c7cdb632a21f2f%7C
m.exactag.com/ Name: session_session
Value: 7b47315293e641ef9dedc13d
.lijit.com/ Name: ljt_reader
Value: GkYFqGZHh_9O8W8_Qw6N85gv
.doubleclick.net/ Name: DSID
Value: NO_DATA
.simpli.fi/ Name: suid
Value: 0BE73B331CA948419325BC40E8E86E43

11 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: microphone, camera, geolocation. Values defined in Permissions-Policy header will be used.
other warning URL: https://yalla-shoots.tv/live/10750/1004992/club-africain-vs-es-sahel/(Line 412)
Message:
<link rel=preload> must have a valid `as` value
network error URL: https://dalbouh.xyz/api/matche?t=1682876457
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: microphone, camera, geolocation. Values defined in Permissions-Policy header will be used.
other warning URL: https://533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

533b272f341580f97956a96007d0867a.safeframe.googlesyndication.com
a3.koora.cloud
adipolo.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
ap.lijit.com
bcp.crwdcntrl.net
bid.g.doubleclick.net
bidder.criteo.com
c1.adform.net
cat.fr3.eu.criteo.com
cat.nl3.eu.criteo.com
cdn-adipolo.urekamedia.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
csm.eu.criteo.net
d5p.de17a.com
dalbouh.xyz
dclk-match.dotomi.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
esp.rtbhouse.com
feed.avplayer.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
ghb.aplhb.adipolo.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
imageproxy.eu.criteo.net
invstatic101.creativecdn.com
jscdn.greeter.me
lb.eu-1-id5-sync.com
live.demand.supply
live.shoot-yalla.tv
m.exactag.com
mp.4dex.io
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
player.adtelligent.com
player.aplhb.adipolo.com
player.avplayer.com
prebid.a-mo.net
pro.ip-api.com
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
s0.2mdn.net
script.4dex.io
securepubads.g.doubleclick.net
servt.modoro360.com
static.adsafeprotected.com
static.criteo.net
storage.de.cloud.ovh.net
sync.mathtag.com
tags.crwdcntrl.net
tg.socdm.com
tg1.modoro360.com
tpc.googlesyndication.com
track.adform.net
um.simpli.fi
us.web3-lab.com
web-api.scorarab.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
yalla-shoots.tv
104.21.233.171
104.21.235.79
124.146.215.52
142.250.185.66
145.239.139.16
147.75.84.158
162.19.138.117
162.19.138.82
172.217.16.130
172.64.106.16
172.67.141.250
174.137.133.49
178.250.1.6
178.250.7.13
178.250.7.9
18.203.208.238
18.213.43.223
185.29.134.244
185.64.190.78
185.80.39.216
185.89.210.244
188.114.96.3
205.185.216.10
213.155.156.165
216.52.2.6
2600:1f18:1aca:4280:27ad:6e7d:3901:7e49
2600:9000:25a2:2c00:a:e047:752:b361
2600:9000:25a2:dc00:8:48e:53c0:93a1
2606:4700:10::6816:3556
2606:4700:20::ac43:4bf1
2606:4700::6810:5514
2606:4700::6810:8516
2606:4700::6811:180e
2606:4700::6812:372
2a00:1450:4001:800::2002
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:829::2006
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2004
2a02:2638:3::10
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::9
2a02:2638:3::c
2a02:2638:d::4
2a02:2638:d::c
2a02:26f0:480:25::1726:6216
2a02:6ea0:c700::11
2a02:fa8:8806:16::1370
2a06:98c1:3120::3
2a0c:5c81:5142::2
3.215.149.208
34.96.70.87
35.190.39.111
35.204.74.118
37.157.4.24
37.157.5.133
45.133.44.3
45.133.44.4
45.84.217.44
51.77.64.70
51.89.9.254
63.32.201.247
64.233.166.154
65.9.66.68
69.16.175.42
85.14.248.71
0023c156980232908bdefc88742c06cd255c2ad7de18a82dbed38906c8b85fb2
005e16839d2855c6fe98710d6f4c33846c93a146218990028c580e6d549a1f8e
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
080d4ed4201df9b0003442bfc962f04b2851f681b797584edb5708f14670a5a5
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a08c1201903d335934f6bd133e725bf8d6a66f62dc4dca07afd58343c612dc2
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
0b77a22130a6d06ba059cdefeea868c3bcb322d8c8a1e3dd97fb44c2729e91c0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
10bcfda41715a7611f2aa453a834af166133cee38ee6bbbec4fd0a9e81b14bcb
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12d9331926146686646f59db412117bb443acf4384e8d52f966ad8201e4db9d6
134561314f3ecc4dddb1c4e1093682ee6cf05fc301ed180814f1e4d3924512af
15b87fc7047ffb7e232be92c746ca06c5868933d562a0cc56d67a14a3627968b
174e4f21e9218fa1668c362388547ef6e83ae6a03021a63e20f14ca9a440ae6b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
19f3bfa9c6f13efe2d7b5517d6dae01e1f98fe717edda4f09ab11225fc213507
19ffb43622838ef5f0c49f5fe46a964f41f4cf6acf4be27e47db75ca1f9ae6c7
1afd18a2e2170735db3f48a902daabe424794978e10826988cb2d6ddce29dfe2
1d12945e8815260a4d2b2dd486a2902bd40318192c64627ca4b49848aa939c39
1e011a35ed2c4a688b3a6a0f8ca8800d090dd0a74264bb86c9d75f71a3b9d9f4
1e023fb3bd7b0d1ce5f6e7b8ff408cd1c7078ba7f53c77ce88e26b10a5f85b3d
203ab0f0792b7ba08196cda321c72db8acf12cdf7f523113e2607704acc360cc
206a897d4335ab4e2688975d97034a3e4f2709326beccac21a91fbdc48880e72
210556c60ecacbed2834a3e11abe500de76b2dacfd2eb46be0c7d8a8ee8bcc2b
22105c51ef3cefac91beed7a89642951165c0e2f293c1c672572433e54cbf7b6
25aa40ba4064e8b308f28a7d4be03efcaa64378aca5617df4f1260be550fd6ee
272976e47a2b186641def1054de0d584af41c25eda9295804560b6f638473ab4
29f947fa99799d18a0a6b95d2f71c4638139a3eca549a2661c05b9791d32db9e
2a47ca36bec8c3beead01bf8294ef0d2dfb66db557e9e20eda8e613899b75992
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c
2d553d39008b5c09e3a218c698fbe369c0eaf25b86eb2f9184fdb97664c7fd5d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
3018c5284222e82380ec1570f914f544c35e062c4ff9c64e46fdc01695b2b274
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35cf75de5d617b7a8e395dc30579c7245e3001a2b8227d55f3d3ddc2e773741d
36bb55835a3a4ea7928f253ed310b3d301074f3f1d01cd1a8aca0dd0cce44cb6
3790ed75687a3b6c3d71bcf4bd62c99f82a3dd738ae4b6b2639bd36e4f6bca29
37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8
38354e6a0119fe113356e1506a115ca148a6b9ea22cf88136baa9167d6fde794
38e8bd830531a70e4765017275e56988c609e7a82d939f331395f7eb1ae9c45c
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3bfbff70409a0d8f2705c617b6f8353d3729e5d3e6e949e88c03b2e5875f4de9
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
3d8d05bdd4bf95f89deb48619ed9b545017df60baea61c2fc868dc736022adb9
3d94d22087df59281d402ce90aac94a521602f6429ce32bf987a3dd5d46692ed
401a764412c203335e4ac21ef20dbb015bb496ba83befcd62aa745ea50cae24c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
44d8c591187b9ddd122768fcf7a030da9fe5c8b4dae6948f065a9661229b2b32
45dd60aee8728ca8786226233d74694db5f4c0110647c8e48710c49cdd5bdf41
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
485142b957d1cebdd9e8765bb3ee4c28fd7687269b909a436e3ea9520cabb56c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
54ab1bed35b4b8f293f6f2a40a0b3c6251baa54848152cc565e93782a554f23a
550041438dac0137e2d1f4450c795624c15ff9cfc0037734034e09862c6eff40
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56d5b654f06e43c53f4bd56b0262658b77aa7859432820eb5e099c1255f7b9ff
5752eb88353f6636c8b029f453f068efe075b9648f1280c330171c75d4f9fcae
5af568992ba3ccfe515f51a2f6d151d0c8709beea37ac4feb03019c19c3c56b7
5c18d817e48de5086038c5d2abe8e3fc2d02185dc2748b24c52d8d03dd73f40d
5df84c623fae372f10712a60ab468168b1439cf1094df476390f66950ce73129
5e8fbba4d4ebd294ec14df086d8f1bd3608226d8a9318c1f1ba1b7a0d1f33ab6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62abe9feec4e55a93300f54aac989d4b9e4fc725f99e20f0596e17cb6b09c269
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
6558f3239d674aa931312afe472881265a09fa43e50624d577dbc9ed34045eb7
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
671485b0714fdbb8c1c7fd0d2e632f0b183e62577af1fc2dc38933cb8bfb46a2
6922e93e3827642ce4b883c756b31abf80036649d3614bf5fcb3adda43b8ea32
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ea5642bd5efb384bd3ba27f0fea62821334f379482c68053b81d04ef2924a20
6fa9d241855652a642addb35f3f4d8d4a37a4739489c3134acd1f8e303dc4477
7123e469ce9516a42fb79137ee31ab2d65df3606ac7005c56b3e7c7062f361ff
71640107d1acfe2e4b4071d75d86749269449d8f5d633e69bc6d5e0d3341d751
719fa86f5dcb2739968e22ee22c7579a5e2e945910287cb1ae7b96e43aa1905f
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
71ff5ce265f59e219e67016c10261e8862fa01370b942cee40343a67b468414f
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
753aa7c9fe666be2b6ee9c116805218c55394a8a3f3e34d12ec167044928f2d3
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
7900762038a91e506c1854ad6b8c6d8def8e7d93079a779d1e0b2de4d10f9066
7a8753f482c440c8a7244e778f1fc4e9e65a2adf21b0ed7ed4b86220dd43b130
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
7e70babf40a7be07229714b97870532d5dbaf18953809653d376768b756a4dfb
7f460f1ff20737c9169f1788f04bbf8ec3c82a54aa752e28b24dc831a0482b74
80384cdd093fee3bb30043daf08c7f62465b5a14dd284917d11e91cda91563dc
8098ea2e15ff5ac3877144a5b1e8d1249f71e58ee274842f80eece862d16c571
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89f91bf61e1980f946c200539b5ce6fc47c4f0cb3229d8cfdb1c7ab4f0d12c04
8acf57f1dd243521fafb06717a03922a337d701f39561b81b85cb7b5a7889211
8b84495e0e00851129198a3d9676758e12767ab5315e82635cb900ddb46c41fe
8be7504aaf244a233b5a55d43f5669ff976678201c1e786181a48ea03911cb31
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9240be12f50384f56277981bc5fd6f446b7f4651c231e2461e7de7fd131f8b41
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a2dd6c4893533c794b716e942f9e1c5c8c9750140d0bc97e9d1ca8892a2361a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bd796f943b79f836428c5f05f4857e7cbf1df9e8fc3a568a44598726925b5e3
9bf2faf1bab92d67f7915c533124bb8f6d9ef10c39215da2c967d336684648db
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5
9f4dafae397e31fb29c1bd1c567704713a1a975686ab62e65cdca165e378edc5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0c9afa9d586cc887871a2ffd516cb785c0449879b5aa13a35a0c6bd9b843ef1
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a31e81b5ee962da98d89c99da3f964c57755440e8b8e0c950b6cf63f4f29b7fa
a36ea9943712a2b2aa84b9149e7147cb21e3385a538febead16887adb3648fcf
a4213bd525e29a17244aaf42cac12b991e347b837c7399fb9447418d2d76a16c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a612911e1c39f5eb7a9c32c54151e14ee35b977a504780bfef8ec2b0fe27bf6b
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8eb7e24873bb65c9b7193534bda15761d8853b24ca4a41d7749360972504141
a9815f3aeab5f84828e7ad175a4b475fa5bf9c378a6a811de219d1ade88ad327
a9ae6b06899737faa70efaa0c5296880e19cfdb16f10b30728411793c14b42ad
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
ad05d61df36af8ea09511d13f1808ae595ec7cc8ce1189ec426157fd0fd98b99
ad2db7d3182714863e69166a5876004af4bd9d0a3c965abcd882a7c4402344f2
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b083bdc473e676707bd36b0643d358aebad899abadbee90389d97d6f72520a55
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b682cb1fee45d7f80c900aba4d8ddcb18ac1016dcf38ece495801ac65eb14f
b3052cb4159c6c3da4cee05fc67f879dfc7c5cf59628a6fd37485cf4c685f60d
b34dbb47abf2322f0effea6a78dc90554ed15b8e41859d76da70e95dee91cdae
b5ec8fd0ece1a01f7408aec97064efeea62ba1005623dc8a922d550929c130a9
bac5ead1a01ae0c58b566ac4c3530da84f3430464ab0f3bd0477ea86ca446867
bdd083c4f3241d1ff5be0eea3f51859044a7b02ab4632000f6d5f26ed0079fd1
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c22c74423d664391a535ec46e10e51dbe1d41ccba87724dac54ae18afa125006
c33c81ab1001e25595c85981fea8d7d4198c6da123115cdf6c59f589983801eb
c403c003a67f1c4918a85017445d2924dd939b9a81a15b6c956b05c9531b316f
c4e0d213ccc8ca5ac52dd6ca7b951c10fa969e629cc5bc1d5a89c0bbc93066f4
c618d0210f46e9b9c6decff2ab712bf2f64546b3ac7d25e59996d3106d7adc32
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
c73e7fcf76232d28a1760877bd3eccada211feb797fd25ba824df3bac45b46eb
c7e05b68eb47f0167793018bfc04a5fd640d8a9f406b6b2c1892a97f084f6769
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
cba78783503f962e24d09c78f38add0360021817317c6972d14e37e250b52e3b
cce1aee65b9f2093ba86119d6ef979fd5183c77b513a1f6c735e0cd56f951070
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdec027516a116ad003aa28ed52dcb0be0ffd7e0b66774c10eb29d59c03ead62
ce00e20b1de71ae06025269109fb0cb9482ba6af1dbc262ba4eda319aaef9229
cf261de0ec7d17c3770e7c6db3a78117d7557e6ce5314862196bb6da3481f420
cfab72944cc1e9ad9991d37aec7c1d588c99cd820aa8c80010da1f86ae2a04f6
d5036657ecef68a762122c678cb86da331636c05eb165694a764458fc1ecd663
d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9
d6bc9fb769612e75707d922870265c431de9c30a6ca25302e8e8e74c169bcab3
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
d8fca6d3caaa4ae70391f5d1dec1ceaf063f9cf9efd1880943712b0d6c47a958
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
d96b79e23781d57f9a20e753f29f7cb9a92cb7035fa698c86d3607950b021ef2
dcea0d440e9d5b82b6192657e1d90b7e718f9e77c1279a000d8c9411e9d991df
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
df2817e58d3b91b195eafff2022734129d5b36610cf986efce8bd43446d5d48c
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
dfff2bb9472562548a7d18cff011343784f951f230f3dda0e222857a572aa688
e0cc21ecaf4824d23d265034a6f81e73983d5e8e2b20d8f99c442ea91deb905e
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2e2ee124a92ca6673a9ce2508260ac228832de36594217daffcbce988758fc5
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ec8596d2b6392ea14fa88d3f63197de592266ccdd6ccbd15148a771518c0f6
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e484a4da463f286cea7d5966fb3ed2027abf325e19ae97cdf70a54fcf4123a69
e70ee364886165008206efced3124ed63360600857931298a8b7536a6da5bb93
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9295bb9d041a97b0a7b82bd6e0b06b781718b6b9d838fff8c773292c88bcf99
ea6d36e22ce3cc244542d9a6291827f115f42c4959723f3a1e58ae3dc0987014
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
ec3cd9b7a8d079c4990ebbc5ddae6a6294d87b0a68da43dee6872328a24d0f92
ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
eddc71166d1206332ab739981beb0930d3f663dbdc308c758c412cf980e15af2
ee0a321cf76666528425cd251229ae61c3371ff406c57fda359646844f67969e
ee0da5140d8c395da1befebd9cc39629786a9f924ecc3486467e75ad6c89c2e3
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f252f109c7c1cd7bf4114ee4a974075e0ec37e442031326b058a09e8a51357c0
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
f2f981cd0c42bb4a1b60734d0d38d3e0cbbc63252b92a7b93427c85d9fbbbfb9
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7745b5b5d76252ce8cd699a343ec74fffb526a002f312a045ccfb3905b1fc42
f8aa9a880d6e487e7842722fbaee7c4c914803cef2baf4f92b76167b48df3bad
fa7889a593298971ce988a1b6b8c084bcc4e4c12226261416bc89e8f8a661a5b
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8
fb6f13fbb295d8abb0586cb0260b284f8a9561de5dd149b13fd76a7a58b54cbf