urlscan.io logo urlscan.io
SecurityTrails logo

yalla-shoots.tv Open in urlscan Pro
104.21.235.80  Public Scan

Go To Rescan Add Verdict Report
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Submission: On July 18 via manual from TN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 98 IPs in 13 countries across 84 domains to perform 536 HTTP transactions. The main IP is 104.21.235.80, located in and belongs to CLOUDFLARENET, US. The main domain is yalla-shoots.tv.
TLS certificate: Issued by GTS CA 1P5 on June 21st 2023. Valid for: 3 months.
This is the only time yalla-shoots.tv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 104.21.235.80 13335 (CLOUDFLAR...)
33 2606:4700::68... 13335 (CLOUDFLAR...)
5 205.185.216.10 20446 (STACKPATH...)
2 104.21.4.192 13335 (CLOUDFLAR...)
1 188.114.97.3 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 104.21.233.171 13335 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
26 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42::485 54113 (FASTLY)
1 2600:9000:225... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13.32.110.114 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
1 104.18.35.34 13335 (CLOUDFLAR...)
11 2a00:1450:400... 15169 (GOOGLE)
4 162.19.138.117 16276 (OVH)
1 4 2a02:2638:3::c 44788 (ASN-CRITE...)
2 35.190.39.111 15169 (GOOGLE)
1 52.48.190.189 16509 (AMAZON-02)
1 178.250.1.11 44788 (ASN-CRITE...)
1 69.16.175.42 20446 (STACKPATH...)
1 69.16.175.10 20446 (STACKPATH...)
1 3.212.220.14 14618 (AMAZON-AES)
99 2a00:1450:400... 15169 (GOOGLE)
3 45.133.44.4 39572 (ADVANCEDH...)
21 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
1 50 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
8 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 2001:4860:480... 15169 (GOOGLE)
21 56 172.217.16.194 15169 (GOOGLE)
7 15 185.80.39.216 27381 (CASALE-MEDIA)
7 11 185.89.210.20 29990 (ASN-APPNEX)
1 6 2a00:1450:400... 15169 (GOOGLE)
1 141.95.4.204 16276 (OVH)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 45.133.44.3 39572 (ADVANCEDH...)
4 185.239.173.210 55081 (24SHELLS)
4 2606:4700:e2:... 13335 (CLOUDFLAR...)
2 4 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
14 142.250.186.130 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
2 6 51.38.120.206 16276 (OVH)
2 2a02:2638:3::7 44788 (ASN-CRITE...)
2 145.40.97.67 54825 (PACKET)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 216.52.2.48 32475 (SINGLEHOP...)
5 46.4.10.47 24940 (HETZNER-AS)
4 2606:4700:e2:... 13335 (CLOUDFLAR...)
4 188.114.96.3 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
8 130.211.44.5 15169 (GOOGLE)
1 4 138.201.64.38 24940 (HETZNER-AS)
1 149.56.240.130 16276 (OVH)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2400:52e0:1e0... 200325 (BUNNYCDN)
6 2a00:1450:400... 15169 (GOOGLE)
2 34.98.64.218 396982 (GOOGLE-CL...)
2 6 104.75.89.75 16625 (AKAMAI-AS)
3 145.239.193.130 16276 (OVH)
1 2a0b:4d07:101::1 44239 (PROINITY ...)
1 2 2a01:4f8:d0a:... 24940 (HETZNER-AS)
1 167.233.14.134 24940 (HETZNER-AS)
1 104.64.118.247 16625 (AKAMAI-AS)
4 142.250.181.230 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 13.41.28.186 16509 (AMAZON-02)
1 2 142.250.186.38 15169 (GOOGLE)
7 45.154.206.103 48357 (K4X)
1 2a00:1450:400... 15169 (GOOGLE)
2 4 2001:678:cb4:... 56396 (AMOBEE)
2 5 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 35.186.193.173 15169 (GOOGLE)
2 2 64.202.112.31 22075 (AS-OUTBRAIN)
3 3 13.248.245.213 16509 (AMAZON-02)
1 18.181.23.196 16509 (AMAZON-02)
1 1 20.127.253.7 8075 (MICROSOFT...)
1 108.138.36.48 16509 (AMAZON-02)
1 108.138.36.21 16509 (AMAZON-02)
1 2 178.250.7.11 44788 (ASN-CRITE...)
3 3 185.64.190.78 62713 (AS-PUBMATIC)
3 3 69.173.144.138 26667 (RUBICONPR...)
2 185.86.139.94 201081 (SMARTADSE...)
2 3 185.94.180.126 35220 (SPOTX-AMS)
1 3.71.149.231 16509 (AMAZON-02)
2 185.86.138.154 201081 (SMARTADSE...)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
4 4 37.157.3.30 198622 (ADFORM)
1 1 2600:9000:26d... 16509 (AMAZON-02)
2 2 52.49.225.165 16509 (AMAZON-02)
3 3 46.228.174.117 56396 (AMOBEE)
1 2 3.248.69.61 16509 (AMAZON-02)
2 13.40.20.169 16509 (AMAZON-02)
2 2600:9000:26d... 16509 (AMAZON-02)
1 2620:116:800d... 16509 (AMAZON-02)
2 2 52.28.142.138 16509 (AMAZON-02)
1 15.197.193.217 16509 (AMAZON-02)
1 1 35.190.0.66 15169 (GOOGLE)
3 2600:1f18:1ac... 14618 (AMAZON-AES)
1 162.19.138.119 16276 (OVH)
1 2 34.96.105.8 396982 (GOOGLE-CL...)
2 2 18.193.242.108 16509 (AMAZON-02)
2 35.227.252.103 15169 (GOOGLE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
536 98
6    104.21.235.80 (None, )

ASN13335 (CLOUDFLARENET, US)
yalla-shoots.tv
33    2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)
live.demand.supply
api.demand.supply
5    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
jscdn.greeter.me
2    104.21.4.192 (None, )

ASN13335 (CLOUDFLARENET, US)
web-api.scorarab.com
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
live.shoot-yalla.tv
4    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    104.21.233.171 (None, )

ASN13335 (CLOUDFLARENET, US)
dalbouh.xyz
1    2a02:26f0:3500:c::5c7b:680c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
tg1.modoro360.com
26    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2600:9000:225b:9c00:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    13.32.110.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-114.vie50.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    104.18.35.34 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
11    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
4    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
id5-sync.com
4    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
1    52.48.190.189 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-190-189.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
feed.avplayer.com
1    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
player.avplayer.com
1    3.212.220.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-220-14.compute-1.amazonaws.com
servt.modoro360.com
99    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.aplhb.adipolo.com
21    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
adipolo.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
18    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
50    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2606:4700:3031::ac43:dee5 (United States)

ASN13335 (CLOUDFLARENET, US)
v3.sportsonline.sx
8    2a02:26f0:1700:6::17d5:a18f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
56    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
cm.g.doubleclick.net
15    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
11    185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
6    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    141.95.4.204 (France)

ASN16276 (OVH, FR)
PTR: ip204.ip-141-95-4.eu
storage.de.cloud.ovh.net
1    2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn-adipolo.urekamedia.com
1    45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
4    185.239.173.210 (United Kingdom)

ASN55081 (24SHELLS, US)
ghb.aplhb.adipolo.com
4    2606:4700:e2::ac40:850a (United States)

ASN13335 (CLOUDFLARENET, US)
velocitycdn.com
4    2606:4700:10::6816:4bab (United States)

ASN13335 (CLOUDFLARENET, US)
whos.amung.us
widgets.amung.us
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
14    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads4.g.doubleclick.net
15    2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
6    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
2    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
2    216.52.2.48 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
5    46.4.10.47 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de
hal9000.redintelligence.net
4    2606:4700:e2::ac40:8b25 (United States)

ASN13335 (CLOUDFLARENET, US)
youradexchange.com
4    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
q9g3eq75cjvp82.dynamicrevival.net
1    2606:4700:10::6814:41d (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
8    130.211.44.5 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 5.44.211.130.bc.googleusercontent.com
rtb0.doubleverify.com
rtbc-ew1.doubleverify.com
4    138.201.64.38 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.38.64.201.138.clients.your-server.de
hal900011.redintelligence.net
1    149.56.240.130 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534298.ip-149-56-240.net
s4.histats.com
1    2606:4700:3031::ac43:9ae8 (United States)

ASN13335 (CLOUDFLARENET, US)
swarm.video
2    2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)
plausible.io
6    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
6    104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com
sync.teads.tv
3    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
1    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
2    2a01:4f8:d0a:2321::2 (Germany)

ASN24940 (HETZNER-AS, DE)
cdn.retailads.net
1    167.233.14.134 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-2.futalis.de
futalis.de
1    104.64.118.247 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-118-247.deploy.static.akamaitechnologies.com
www.awin1.com
4    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
ad.doubleclick.net
4    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
5    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    13.41.28.186 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-28-186.eu-west-2.compute.amazonaws.com
track.webgains.com
2    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
5994599.fls.doubleclick.net
7    45.154.206.103 (United Kingdom)

ASN48357 (K4X, EE)
ss7aja9crp62j2zf.cdnspectrum.net
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
5    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
2    64.202.112.31 (Chicago, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    18.181.23.196 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-181-23-196.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
1    108.138.36.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-48.muc50.r.cloudfront.net
analytics.webgains.io
1    108.138.36.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-21.muc50.r.cloudfront.net
cdn.track.production.webgains.team
2    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
3    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    185.86.138.154 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    85.114.159.93 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
4    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    2600:9000:26db:ac00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    52.49.225.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-225-165.eu-west-1.compute.amazonaws.com
match.360yield.com
3    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
2    3.248.69.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-69-61.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
2    13.40.20.169 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-40-20-169.eu-west-2.compute.amazonaws.com
api.webgains.io
2    2600:9000:26da:ee00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    52.28.142.138 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-142-138.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
3    2600:1f18:1aca:4280:d6f8:acf0:9b52:531e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
1    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    18.193.242.108 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-242-108.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
Apex Domain
Subdomains		 Transfer
160 googlesyndication.com
a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
ade.googlesyndication.com Failed
1 MB
120 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
cm.g.doubleclick.net — Cisco Umbrella Rank: 254
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 346
ad.doubleclick.net — Cisco Umbrella Rank: 184
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 258300
731 KB
33 demand.supply
live.demand.supply — Cisco Umbrella Rank: 45237
api.demand.supply — Cisco Umbrella Rank: 87050
45 KB
21 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 205
806 KB
16 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 482
rtb0.doubleverify.com — Cisco Umbrella Rank: 740
rtbc-ew1.doubleverify.com — Cisco Umbrella Rank: 15733
85 KB
15 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 325
1 MB
15 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635
11 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 257
8 KB
9 gstatic.com
www.gstatic.com
fonts.gstatic.com
113 KB
9 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 38273
hal900011.redintelligence.net — Cisco Umbrella Rank: 486439
244 KB
9 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 405
mug.criteo.com — Cisco Umbrella Rank: 2102
bidder.criteo.com — Cisco Umbrella Rank: 719
dis.criteo.com — Cisco Umbrella Rank: 608
9 KB
8 adipolo.com
player.aplhb.adipolo.com — Cisco Umbrella Rank: 82435
adipolo.com — Cisco Umbrella Rank: 74669
ghb.aplhb.adipolo.com — Cisco Umbrella Rank: 94627
128 KB
7 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 951
static.adsafeprotected.com — Cisco Umbrella Rank: 624
dt.adsafeprotected.com — Cisco Umbrella Rank: 542
100 KB
7 cdnspectrum.net
ss7aja9crp62j2zf.cdnspectrum.net
3 MB
7 google.com
www.google.com — Cisco Umbrella Rank: 10
adservice.google.com — Cisco Umbrella Rank: 113
1 KB
6 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1425
1 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
5 KB
6 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 857
1 KB
6 yalla-shoots.tv
yalla-shoots.tv
164 KB
5 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 893
s.tribalfusion.com — Cisco Umbrella Rank: 1946
3 KB
5 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 808
id5-sync.com — Cisco Umbrella Rank: 423
28 KB
5 greeter.me
jscdn.greeter.me — Cisco Umbrella Rank: 89096
19 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 633
3 KB
4 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 922
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 623
415 B
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 1067
r.turn.com — Cisco Umbrella Rank: 3947
2 KB
4 openx.net
us-u.openx.net — Cisco Umbrella Rank: 496
rtb.openx.net — Cisco Umbrella Rank: 982
766 B
4 dynamicrevival.net
q9g3eq75cjvp82.dynamicrevival.net
42 KB
4 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 32649
706 B
4 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1574
mp.4dex.io — Cisco Umbrella Rank: 2835
25 KB
4 amung.us
whos.amung.us — Cisco Umbrella Rank: 14075
widgets.amung.us — Cisco Umbrella Rank: 23211
4 KB
4 velocitycdn.com
velocitycdn.com — Cisco Umbrella Rank: 860212
132 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
272 KB
3 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 794
2 KB
3 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 374
1 KB
3 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 812
1 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 20510
api.webgains.io — Cisco Umbrella Rank: 51644
31 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 422
1 KB
3 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 49812
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
region1.google-analytics.com — Cisco Umbrella Rank: 1623
21 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 359
1 KB
2 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2276
571 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1044
2 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 613
2 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2409
808 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1777
1 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 573
1 KB
2 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 44074
1 KB
2 retailads.net
cdn.retailads.net — Cisco Umbrella Rank: 131895
6 KB
2 plausible.io
plausible.io — Cisco Umbrella Rank: 13186
2 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 12114
s4.histats.com — Cisco Umbrella Rank: 11961
5 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 782
930 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 988
214 B
2 sportsonline.sx
v3.sportsonline.sx
3 KB
2 avplayer.com
feed.avplayer.com — Cisco Umbrella Rank: 22408
player.avplayer.com — Cisco Umbrella Rank: 15192
61 KB
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 1531
360 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 568
41 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1002
bcp.crwdcntrl.net — Cisco Umbrella Rank: 959
12 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 368
143 KB
2 modoro360.com
tg1.modoro360.com — Cisco Umbrella Rank: 101240
servt.modoro360.com — Cisco Umbrella Rank: 114378
8 KB
2 dalbouh.xyz
dalbouh.xyz
551 B
2 scorarab.com
web-api.scorarab.com
10 KB
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3235
104 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1098
402 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 8041
554 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 383
265 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 862
463 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1372
573 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 822
441 B
1 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 338
125 B
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 59854
3 KB
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1419
711 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 7971
44 B
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 39920
2 KB
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16326
704 B
1 futalis.de
futalis.de — Cisco Umbrella Rank: 175361
401 B
1 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 208307
931 B
1 swarm.video
swarm.video — Cisco Umbrella Rank: 645166
134 KB
1 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 7135
5 KB
1 urekamedia.com
cdn-adipolo.urekamedia.com — Cisco Umbrella Rank: 506215
1 ovh.net
storage.de.cloud.ovh.net — Cisco Umbrella Rank: 173853
15 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1953
4 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1401
2 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1516
2 KB
1 shoot-yalla.tv
live.shoot-yalla.tv
1 KB
536 84
Domain Requested by
99 pagead2.googlesyndication.com securepubads.g.doubleclick.net
a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
yalla-shoots.tv
ad.doubleclick.net
www.googletagservices.com
56 cm.g.doubleclick.net 21 redirects googleads.g.doubleclick.net
a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
50 tpc.googlesyndication.com 1 redirects a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
yalla-shoots.tv
ad.doubleclick.net
32 live.demand.supply yalla-shoots.tv
live.demand.supply
client
26 securepubads.g.doubleclick.net live.demand.supply
securepubads.g.doubleclick.net
jscdn.greeter.me
21 www.googletagservices.com jscdn.greeter.me
a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
cdn.doubleverify.com
yalla-shoots.tv
www.googletagservices.com
18 googleads.g.doubleclick.net a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
pagead2.googlesyndication.com
yalla-shoots.tv
15 s0.2mdn.net a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
yalla-shoots.tv
s0.2mdn.net
ad.doubleclick.net
15 dsum-sec.casalemedia.com 7 redirects googleads.g.doubleclick.net
14 googleads4.g.doubleclick.net googleads.g.doubleclick.net
yalla-shoots.tv
ad.doubleclick.net
11 ib.adnxs.com 7 redirects googleads.g.doubleclick.net
11 a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com securepubads.g.doubleclick.net
8 cdn.doubleverify.com a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
cdn.doubleverify.com
yalla-shoots.tv
7 ss7aja9crp62j2zf.cdnspectrum.net swarm.video
6 sync.teads.tv 2 redirects googleads.g.doubleclick.net
a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
6 fonts.googleapis.com q9g3eq75cjvp82.dynamicrevival.net
s0.2mdn.net
a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
yalla-shoots.tv
hal900011.redintelligence.net
6 onetag-sys.com 2 redirects player.aplhb.adipolo.com
6 www.google.com 1 redirects tpc.googlesyndication.com
yalla-shoots.tv
a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
6 yalla-shoots.tv yalla-shoots.tv
5 fonts.gstatic.com fonts.googleapis.com
5 hal9000.redintelligence.net a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
hal900011.redintelligence.net
5 jscdn.greeter.me yalla-shoots.tv
4 c1.adform.net 4 redirects
4 www.gstatic.com yalla-shoots.tv
a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
4 ad.doubleclick.net www.googletagservices.com
4 rtbc-ew1.doubleverify.com cdn.doubleverify.com
4 hal900011.redintelligence.net 1 redirects a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
hal900011.redintelligence.net
4 rtb0.doubleverify.com cdn.doubleverify.com
4 q9g3eq75cjvp82.dynamicrevival.net v3.sportsonline.sx
q9g3eq75cjvp82.dynamicrevival.net
4 youradexchange.com velocitycdn.com
4 velocitycdn.com v3.sportsonline.sx
velocitycdn.com
q9g3eq75cjvp82.dynamicrevival.net
4 ghb.aplhb.adipolo.com player.aplhb.adipolo.com
4 gum.criteo.com 1 redirects static.criteo.net
player.aplhb.adipolo.com
4 id5-sync.com cdn.id5-sync.com
player.aplhb.adipolo.com
4 www.googletagmanager.com yalla-shoots.tv
www.googletagmanager.com
adv.office-partner.de
3 dt.adsafeprotected.com a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
3 sync.search.spotxchange.com 2 redirects googleads.g.doubleclick.net
3 pixel.rubiconproject.com 3 redirects
3 image6.pubmatic.com 3 redirects
3 eb2.3lift.com 3 redirects
3 a.tribalfusion.com 2 redirects a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
3 pv.medialead.de hal900011.redintelligence.net
3 player.aplhb.adipolo.com jscdn.greeter.me
player.aplhb.adipolo.com
2 rtb.openx.net a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
2 x.bidswitch.net 2 redirects
2 tr.blismedia.com 1 redirects a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
2 pm.w55c.net 2 redirects
2 static.adsafeprotected.com a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
2 api.webgains.io analytics.webgains.io
2 fw.adsafeprotected.com 1 redirects yalla-shoots.tv
2 sync.1rx.io 2 redirects
2 match.360yield.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 rtb-csync.smartadserver.com googleads.g.doubleclick.net
2 ssbsync.smartadserver.com a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
2 dis.criteo.com 1 redirects a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
2 b1sync.zemanta.com 2 redirects
2 gcm.ctnsnet.com 2 redirects
2 s.tribalfusion.com a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
2 r.turn.com a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
2 ad.turn.com 2 redirects
2 5994599.fls.doubleclick.net 1 redirects a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
2 cdn.retailads.net 1 redirects futalis.de
2 us-u.openx.net googleads.g.doubleclick.net
2 plausible.io q9g3eq75cjvp82.dynamicrevival.net
plausible.io
2 ap.lijit.com player.aplhb.adipolo.com
2 mp.4dex.io player.aplhb.adipolo.com
2 prebid.a-mo.net player.aplhb.adipolo.com
2 bidder.criteo.com player.aplhb.adipolo.com
2 script.4dex.io player.aplhb.adipolo.com
script.4dex.io
2 widgets.amung.us v3.sportsonline.sx
q9g3eq75cjvp82.dynamicrevival.net
2 whos.amung.us 2 redirects
2 v3.sportsonline.sx dalbouh.xyz
v3.sportsonline.sx
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 static.criteo.net securepubads.g.doubleclick.net
player.aplhb.adipolo.com
2 cdn.jsdelivr.net securepubads.g.doubleclick.net
q9g3eq75cjvp82.dynamicrevival.net
2 dalbouh.xyz yalla-shoots.tv
2 web-api.scorarab.com yalla-shoots.tv
1 dclk-match.dotomi.com a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
1 lb.eu-1-id5-sync.com player.aplhb.adipolo.com
1 ads.travelaudience.com 1 redirects
1 match.adsrvr.org a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
1 cms.quantserve.com a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
1 sync.targeting.unrulymedia.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 ups.analytics.yahoo.com googleads.g.doubleclick.net
1 cdn.track.production.webgains.team a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
1 analytics.webgains.io track.webgains.com
1 sync.inmobi.com 1 redirects
1 cc.adingo.jp a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
1 adservice.google.com 5994599.fls.doubleclick.net
1 track.webgains.com a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
1 www.awin1.com hal900011.redintelligence.net
1 futalis.de hal900011.redintelligence.net
1 adv.office-partner.de hal900011.redintelligence.net
1 swarm.video q9g3eq75cjvp82.dynamicrevival.net
1 s4.histats.com s10.histats.com
1 s10.histats.com v3.sportsonline.sx
1 player.adtelligent.com player.aplhb.adipolo.com
1 cdn-adipolo.urekamedia.com
1 storage.de.cloud.ovh.net
1 region1.google-analytics.com www.googletagmanager.com
1 adipolo.com
1 servt.modoro360.com
1 player.avplayer.com tg1.modoro360.com
1 feed.avplayer.com tg1.modoro360.com
1 mug.criteo.com yalla-shoots.tv
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 api.demand.supply live.demand.supply
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tg1.modoro360.com yalla-shoots.tv
1 live.shoot-yalla.tv yalla-shoots.tv
0 ade.googlesyndication.com Failed live.demand.supply
536 118
Subject Issuer Validity Valid
yalla-shoots.tv
GTS CA 1P5		 2023-06-21 -
2023-09-19		 3 months crt.sh
demand.supply
Cloudflare Inc ECC CA-3		 2023-02-19 -
2024-02-19		 a year crt.sh
greeter.me
E1		 2023-07-14 -
2023-10-12		 3 months crt.sh
scorarab.com
GTS CA 1P5		 2023-05-28 -
2023-08-26		 3 months crt.sh
shoot-yalla.tv
GTS CA 1P5		 2023-05-25 -
2023-08-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-24 -
2024-02-23		 a year crt.sh
wl1.aniview.com
R3		 2023-06-29 -
2023-09-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-05-18 -
2023-08-16		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-06-27 -
2023-09-25		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
*.id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-07-14 -
2023-10-12		 3 months crt.sh
*.avplayer.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-08-08 -
2023-09-08		 a year crt.sh
*.adservrs.com
Amazon RSA 2048 M01		 2023-05-26 -
2024-06-23		 a year crt.sh
player.aplhb.adipolo.com
R3		 2023-05-20 -
2023-08-18		 3 months crt.sh
adipolo.com
E1		 2023-07-04 -
2023-10-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
sportsonline.sx
GTS CA 1P5		 2023-06-05 -
2023-09-03		 3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-07 -
2024-05-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
storage.de.cloud.ovh.net
Sectigo RSA Domain Validation Secure Server CA		 2023-01-25 -
2024-01-25		 a year crt.sh
1372348363.rsc.contentproxy9.cz
R3		 2023-06-01 -
2023-08-30		 3 months crt.sh
player.adtelligent.com
R3		 2023-05-20 -
2023-08-18		 3 months crt.sh
ghb.aplhb.adipolo.com
ZeroSSL ECC Domain Secure Site CA		 2023-06-05 -
2023-09-03		 3 months crt.sh
velocitycdn.com
E1		 2023-07-01 -
2023-09-29		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.a-mo.net
R3		 2023-06-12 -
2023-09-10		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
redintelligence.net
R3		 2023-06-09 -
2023-09-07		 3 months crt.sh
youradexchange.com
GTS CA 1P5		 2023-06-21 -
2023-09-19		 3 months crt.sh
dynamicrevival.net
GTS CA 1P5		 2023-06-20 -
2023-09-18		 3 months crt.sh
histats.com
R3		 2023-06-06 -
2023-09-04		 3 months crt.sh
swarm.video
GTS CA 1P5		 2023-06-04 -
2023-09-02		 3 months crt.sh
plausible.io
R3		 2023-06-19 -
2023-09-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
pv.medialead.de
R3		 2023-06-14 -
2023-09-12		 3 months crt.sh
adv.office-partner.de
R3		 2023-06-30 -
2023-09-28		 3 months crt.sh
*.futalis.de
R3		 2023-06-16 -
2023-09-14		 3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
cdn.retailads.net
Encryption Everywhere DV TLS CA - G2		 2023-05-18 -
2024-05-17		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
ss7aja9crp62j2zf.cdnspectrum.net
R3		 2023-07-05 -
2023-10-03		 3 months crt.sh
*.adingo.jp
Amazon RSA 2048 M01		 2023-02-13 -
2023-11-11		 9 months crt.sh
*.webgains.io
Amazon RSA 2048 M02		 2023-03-02 -
2023-09-21		 7 months crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M01		 2023-02-28 -
2023-10-28		 8 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-07-18 -
2024-01-10		 6 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-06-09 -
2023-09-07		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh

This page contains 59 frames:

Primary Page: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Frame ID: 6C17EFB81AB278BA6D0DCA34BADE102E
Requests: 134 HTTP requests in this frame

Frame: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7401717D8747A87E1034E7572835CABB
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=yalla-shoots.tv
Frame ID: 3BE745064F439270E26AF1A8AD636E53
Requests: 2 HTTP requests in this frame

Frame: https://dalbouh.xyz/hd.php?lang=hd&ch=hd6
Frame ID: 0B4A89FD3A4F2A4BF0975DAA41E8715C
Requests: 1 HTTP requests in this frame

Frame: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EF99F5F88B786FF613853253518AD5ED
Requests: 19 HTTP requests in this frame

Frame: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 213711903BF01CA28385EA53F3359B04
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTh_a4CELX1oJkEGIrJqu8BMAE&v=APEucNX3TX5L4uv621ItueYQD57VwDg72qimRHCMeummdxBwSbbzJaV1UQ4fdpnXwVDdqKXXFMEIpI1HhRsqp_GWcUfeviWOVP32jDvoAsl1NK2vl6IJ0G_8pqaYGEHNdMs4jz51CkxQXAUb1Nzb1tTGlgKvdAk0YilfPbxVK6aw5u_gceSKe11TNE9_W_Fb_FmZQAGd2w20F8iW0mrqlvS7nNUVDQTQ1w
Frame ID: B9848CD84EB761C735709CBA365793D2
Requests: 5 HTTP requests in this frame

Frame: https://v3.sportsonline.sx/channels/hd/hd6.php
Frame ID: C75895E5F9178F0F752E1DCFE50C1AED
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNXOMrE51jdZikCEDvYUQII6IFGP10YZSfUBgLHfYBiOdK6C2clD1z3_JYWBk5mg-vNXPJLIen8uYpdYMFL93CUap3aIApendY9L0v-OBVfaXcXUNpo9PZBH6xbNBMzIqr_5A6YIzsaw9jCnSRDZc-ZmrwTCAGjqdzQOCrguTAf6JFsZyyIYfWc5-K3ek2guVOEHPNYFqwkl7_CkV0MjKp-UYYZrcA
Frame ID: 518B0D53E0C245944CF682352FA75565
Requests: 5 HTTP requests in this frame

Frame: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 37C67EE8642CFB5A2301B396F5D26876
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRDDtunGBBil54XuATAB&v=APEucNUIoFNNwjcjFW8OGDa2MpNUcWriFVzrqEu3ECJH-5ajVtNG3XT_74TaO7jILVCIvNspN6A2-BMVHBhMF_czWYARX1kjamOT9XzJ0gWdxC066DXWTwtj8y54ynl7WboaZkhZnHdqu6p0fda_1t_yFzXzCl7S248kV0g5quv23u52fn41BgjhfyItkZ0QnqY7rSK5vl6WgdJsVqf9kJ11kMFjY1ZbmQ
Frame ID: A876670C86ABB0E5FF3B1641714DABB2
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 236F3737E1876344772D1DE79C5CEFB0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8FA1B94E970ADB3FB7EFD91F5A4A26C7
Requests: 2 HTTP requests in this frame

Frame: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FB26A731AE1A9C36077516D7B07C956B
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYtOqy5wEwAQ&v=APEucNV6riCWnD3mJ37l-PK2BcaDsusEBkkaSSPCxYhgUXLZdxJmbeCyqwrmsUh6wwG-BjByjSP1E8iHjI576blfSEtkhljt0_xdd6qIrevW-hDElJ93zccOHNEJ-1nTXcbm0HeJaKr4Ji_r1mHwP6ScQp8CGyScA4DFDVCs_fPIV3b0WvgTsXWK9wOTCfy3F3JGzN4PYLJZuGjxNpF0OF1adjmHTdtcwg
Frame ID: 716CA824E1780C11A205BBF2960866E3
Requests: 5 HTTP requests in this frame

Frame: https://q9g3eq75cjvp82.dynamicrevival.net/embed/cwdjkhlh9g
Frame ID: 9C751DC2A8E53A01BCD3C12A050A1081
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FC930C77A177DEC896911EF32E869F7F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AED07D9CBE8531499AB225A806EAF5A0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 78293B47EF4F26ABFD5A30273F64A6DE
Requests: 3 HTTP requests in this frame

Frame: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 849DDF832CCCC1A0B7FB9FF8CFB7BCFA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRDDtunGBBil54XuATAB&v=APEucNVu3Ugolp-qiaCBdMT9ioWBytimQTpHWvZ5vb_9HAzMKaM1_HZtpJvNrdAlnaOZYc0wmudnTXKJmcjeGjDl9vWdOih5ik4cbnxmyx610hRwdV8CMG-evs0PCCCyphTENvEmqI7CKiHwdQE0qGKbvcyfSpo4FkK4I6RLfHdam4rlnrraQRo
Frame ID: 188228BD405B3CCB9B01D40898AF5371
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 1405234F50C0402A052B5C5A6A408577
Requests: 24 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10254353390152580160/index.html?ev=01_250
Frame ID: 7FB3BAB6885BDA4BF40292F3DB5BB2E8
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BC97DA3DEE73C114A3210A809555D318
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=26483600103410104444990012389011&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 98A9CFED08022E96C19095F55BB166E5
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: DA2836F0FDB75D5D53E7FFD8285772D2
Requests: 3 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2890142890
Frame ID: BDA5554D3785DBC291DC7AB54FF7B5DF
Requests: 2 HTTP requests in this frame

Frame: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 27D6F2489855A2B82FB5C295C92804E6
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap
Frame ID: 568BFB343B75A941C6970B18E1B70EAF
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B1A735C2999C3AD401BFC6F905DDCEDC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A2E8595A9A278D96E763D853B3B28696
Requests: 9 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CO-09uHgmIADFdOHsgodwdQD1w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4965740761028.912
Frame ID: D1C08EEC51E49EFFBF4E4E7433C0045A
Requests: 2 HTTP requests in this frame

Frame: https://hal900011.redintelligence.net/request_content.php?s=26483600103410104444990012389011&a=3e8db58e
Frame ID: 93F532D6027E935155FE3F2ADB1EBEAF
Requests: 9 HTTP requests in this frame

Frame: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E4459676D567407FAB5BD65FF9B7C17C
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AA79F014430AECFBBCA166C6A22ED39D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2FCF379EAC92F5CCE0E9ADFFB5665CA5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
Frame ID: AE8C7DA5024C30325C30E5139DFE2F4A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F915B0E8F315A4CAB4148213941753F1
Requests: 3 HTTP requests in this frame

Frame: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 13054D7B593A9E7446736664AD81B825
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRDDtunGBBjV5YXuATAB&v=APEucNUafPQ8QPP03-dJ6q-DIGANvzQhE8jUd7udyJQIhLDUuKbCco13zczW0xtNNY3keQj8jESsD_kiyyuuw9amOwHp9cUAmFDL-5AHEKlFwS0mOl9jabpp3UIa0it4C1WkxOaeRDrtzKkHZZPy0rBaHOLhZgFEB_RxLxDYlRWTRjeB-Q20FnI
Frame ID: 805A4D61C4FA552E0F07A414144C2ECF
Requests: 4 HTTP requests in this frame

Frame: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2F3EB43325AA69DFE24235A2B3BC4391
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
Frame ID: 96C64CDA7E99641FA6C0D52C62ADD99B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNW-_AK2FK3rUUCHToHOBK8F-DCIpMrg6zPG5fH-ZpFeI5UBuELF-nECA53yRIcGYwjaPaT4cQQI-bY2th1K1mnCE-IcK9IIMeJ1xUVakX0BQ2s9NFbmcg9LnKkzGipJpFhkJ9tmFvuT1FVC37L1uW9hiXl_PbMhZ5P9f9a_sUo_sH-ZjJc
Frame ID: 06867942A0145E3697B6C8E3401092CA
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E325D1F1976EDFA249321F5AB5D89026
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 297A00134F34D0A933C5D5DEAA60CED4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6AB6D220FF974B6BC1B005B529FB6C93
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B41C53D5A9AF86A57DBCF9CE5FA82044
Requests: 9 HTTP requests in this frame

Frame: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A006D05D9A78F079D57BAD00576672A8
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRDDtunGBBjenobuATAB&v=APEucNXJ1eYy7gCkRw0pLTWuiYW_dmzifNxh8W0hr2A-0mskVMWKa3c3EmrRCcW6l-3jpQTGlkd7D7iUBYE5MDaf0okr1_znkMlUqfaPeqvvsMv8t41tKAnEQJk4tdccOw3G3FKxMBZmaZAsFG4eAGJfmKY2KW8wEqIeHo_AAoALkadpncW85oY
Frame ID: 70453D0687BA5B490C7BB4522B5873FC
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: A476F6AE69C33604195201758FE7B48C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 967C3A2FD061C84986BA0DD9561DF65C
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
Frame ID: CE2501189A5E8CBD3F51D865A1845054
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B4D92DBE82642CEE1CAA2446BABFE100
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1689700470175&gdpr=0
Frame ID: 28D48472D7C345BB88EBD3AAB584955A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1689700468128
Frame ID: 01062ECBD2CF3DF14E53670230AB79A7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 844A4669741BEACA29A0D33617C3C434
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BA8BF20A0F1A42969F0EF1B314EF9621
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C992AA1E77E0C9E5673F77235F072B49
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 853017ECD0B6FC64AC7000AFD085B186
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

بث مباشر لمباراة فالنسيا و نوتينغهام فورست - مباريات ودية - أندية - 2023-07-18

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

536
Requests

87 %
HTTPS

40 %
IPv6

84
Domains

118
Subdomains

98
IPs

13
Countries

8755 kB
Transfer

17179 kB
Size

60
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=yalla-shoots.tv&sn=ChromeSyncframe&so=0&topUrl=yalla-shoots.tv&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=pvMHJHx2ZWlZUE1ZVVZEM3Avc3VPNjY5a2ZkZGJLUkQwRFQydkpITk1xaGliOFI3WWxIWnZTZW5sN1owZjAwWmtkV3hUbzlsWmk1MVFrcDRReGpUSmI5Qmo3VjZIdEpHNi9hczJlUDllTEF0eW5BZExjSE81eEVmdTdRM0FHaGg2ZzZkR09yTlNSRnVJbFBsZWZTZENkRXcySHdMUkVsSXNzR0t4ZnFZMi9wVzQyNnNkSTF5cmduay9JMzg0bUY4MWF1Z241M3pJcjdiTUZNU1ZwMXpjbVlsamFXNk9PdEx0bHlsWGU5aVhNMGVrL3VveTBqYU9QMTVIQ25OTTVUZThjdGtrMmRpNVVQdzBMcFRQckltTWRRZFQzM1RrQUlobXBqcVV3MCt2MVQram1iQT18&cppv=2
Request Chain 111
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKBnS8IWuGTY-k9d9UKAnxU&google_cver=1
Request Chain 112
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLbIc-ae0U9MlyvHuknCMwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
Request Chain 113
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEC_dhGR-0VLdBR5N2KaFwjs&google_cver=1
Request Chain 114
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk4NTg5NjcyODMzMzA3Mjk4MA%3D%3D
Request Chain 117
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
Request Chain 118
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLbIc-ae0U9MlyvHuknCMwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
Request Chain 119
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEC_dhGR-0VLdBR5N2KaFwjs&google_cver=1
Request Chain 120
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk4NTg5NjcyODMzMzA3Mjk4MA%3D%3D
Request Chain 121
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
Request Chain 122
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLbIc-ae0U9MlyvHuknCMwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
Request Chain 123
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEC_dhGR-0VLdBR5N2KaFwjs&google_cver=1
Request Chain 124
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk4NTg5NjcyODMzMzA3Mjk4MA%3D%3D
Request Chain 152
  • https://whos.amung.us/cwidget/sevaqeifj/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=3250&c=000000ffffff&p=left
Request Chain 175
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
Request Chain 176
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLbIc-ae0U9MlyvHuknCMwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
Request Chain 177
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEC_dhGR-0VLdBR5N2KaFwjs&google_cver=1
Request Chain 178
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk4NTg5NjcyODMzMzA3Mjk4MA%3D%3D
Request Chain 206
  • https://hal900011.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=8dcf54e18a&subid=&uid=4fe0f076e03b0560&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB5IZc8i2ZO6SG4K39u8PyP6-wAum5b2gaZWTnKfJD_AuEAEglZvKIWCV6rGCvAfIAQmpAp5z0P5d17I-qAMByAObBKoE7gFP0ILLFDNJjw5pNtmiIvZ5ceOUo_4hHcymgsTftPJ2wPPZ7VQSAaOP5Ae3vUxAKFNjOlN2rq1BvJN04FLRuT8L8qM1tXcnjM47alpjoSgs30VGd8Hzazigkv1g3GwpqaBqp2pzuLr0hA8WxP7ffbggVxvy5KR-ou9CRh5jQGW_Z0xH1qJ84UQFFVux5zI-sFj3FULhnYrsb2ElQNQTACgHLD0KxqO_R1emhgUVoxHLBoLPX8YMnJ7HEu720FS5T6WreYCbnf4npoSOrVfOzBhD85275gcgqKKpVb821THx7S7qwwqn_B1huROcXkqowATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJWk6RUR4NkT_1CaSkTEal8BDUFctkIxVrxRjv1eYHtPEdm_Cqeu0ZM8IIgy9RRERRJ7o9LgAAsmiZOYG2desfZbu5kDhXPWhgB%26sig%3DAOD64_3GsBkpEPqZx4cvtCHAPXrjhBJWmQ%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-CsYrrJ2_DO6ADdAxOSFnr7v4RMIZdlulZ9reGJy7ZyjODQmqBSobMxIUEjO5OeJvPBztiY9MzVSSp7G2WbtK_1eG1Y3a01WON31Bb6L2vLH3WFRnSy8LJfP363LElqIBlUTNoLteerghLmUcJCUDpmkiJHzJv0nzoBs35IrBGhzz1CI4c%26cry%3D1%26dbm_d%3DAKAmf-Cg1jRAD_q8xAsOwiyPSYMRpc_Shi-dSHJbdnMNlidPGomfp5ehGg5pn_qV4FpgWqfrGAtcXX4PFRyU95DVDIehPl4h89_UbzUA3xW21T3YqLMgk6oVuetjh69bDxPdlEPKMc2lHoKLPfrn-467u7GS6unn2rXLlZ4hIhiTL2MiKjRGLMWm6VA4FnMdnb4MLnSuARq5DqGARoywJvrJ27IdMmSjYstfgxb0VK17oxI1XhH0Y0BOzr6bViFuWLexmjBj6tG8VzoQOjxbbIM4vhLEcmkTCP4XZL-8E1GCNH034V_nz8Yhn_Idogpkt8ppMx_FGtS4dgUEwZb4-_jiEuwpd5VWm0bspuFyRP0f8VCifBLxsF4Y5N_wg20M3VbmSQuPzU2JtFfSlja4TbWZkp7PiJfMdjbgGZrupju4zAIIVbQyjV40I77piIhjjl8PumjCfeISz1wFoLjVZSKiM7obeGeAmztDGQKAvQqn0huoIWzSzhhXNkV0o8nd5SAZegPZordIO0TT-Axqd-ZVaaNbveGFr3P-cCLL4p4UBxBUB10lar052tCvAgG1PukX-2StHq9RnI95OD7ML3P_hNVQf5Y3aokpJUWgYx4bXK-AY070yAM%26adurl%3D&documentReferer=https%3A%2F%2Fyalla-shoots.tv%2F&ancestorOrigins=https%3A%2F%2Fyalla-shoots.tv&random=3406708527405&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900011.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=8dcf54e18a&subid=&uid=4fe0f076e03b0560&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB5IZc8i2ZO6SG4K39u8PyP6-wAum5b2gaZWTnKfJD_AuEAEglZvKIWCV6rGCvAfIAQmpAp5z0P5d17I-qAMByAObBKoE7gFP0ILLFDNJjw5pNtmiIvZ5ceOUo_4hHcymgsTftPJ2wPPZ7VQSAaOP5Ae3vUxAKFNjOlN2rq1BvJN04FLRuT8L8qM1tXcnjM47alpjoSgs30VGd8Hzazigkv1g3GwpqaBqp2pzuLr0hA8WxP7ffbggVxvy5KR-ou9CRh5jQGW_Z0xH1qJ84UQFFVux5zI-sFj3FULhnYrsb2ElQNQTACgHLD0KxqO_R1emhgUVoxHLBoLPX8YMnJ7HEu720FS5T6WreYCbnf4npoSOrVfOzBhD85275gcgqKKpVb821THx7S7qwwqn_B1huROcXkqowATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJWk6RUR4NkT_1CaSkTEal8BDUFctkIxVrxRjv1eYHtPEdm_Cqeu0ZM8IIgy9RRERRJ7o9LgAAsmiZOYG2desfZbu5kDhXPWhgB%26sig%3DAOD64_3GsBkpEPqZx4cvtCHAPXrjhBJWmQ%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-CsYrrJ2_DO6ADdAxOSFnr7v4RMIZdlulZ9reGJy7ZyjODQmqBSobMxIUEjO5OeJvPBztiY9MzVSSp7G2WbtK_1eG1Y3a01WON31Bb6L2vLH3WFRnSy8LJfP363LElqIBlUTNoLteerghLmUcJCUDpmkiJHzJv0nzoBs35IrBGhzz1CI4c%26cry%3D1%26dbm_d%3DAKAmf-Cg1jRAD_q8xAsOwiyPSYMRpc_Shi-dSHJbdnMNlidPGomfp5ehGg5pn_qV4FpgWqfrGAtcXX4PFRyU95DVDIehPl4h89_UbzUA3xW21T3YqLMgk6oVuetjh69bDxPdlEPKMc2lHoKLPfrn-467u7GS6unn2rXLlZ4hIhiTL2MiKjRGLMWm6VA4FnMdnb4MLnSuARq5DqGARoywJvrJ27IdMmSjYstfgxb0VK17oxI1XhH0Y0BOzr6bViFuWLexmjBj6tG8VzoQOjxbbIM4vhLEcmkTCP4XZL-8E1GCNH034V_nz8Yhn_Idogpkt8ppMx_FGtS4dgUEwZb4-_jiEuwpd5VWm0bspuFyRP0f8VCifBLxsF4Y5N_wg20M3VbmSQuPzU2JtFfSlja4TbWZkp7PiJfMdjbgGZrupju4zAIIVbQyjV40I77piIhjjl8PumjCfeISz1wFoLjVZSKiM7obeGeAmztDGQKAvQqn0huoIWzSzhhXNkV0o8nd5SAZegPZordIO0TT-Axqd-ZVaaNbveGFr3P-cCLL4p4UBxBUB10lar052tCvAgG1PukX-2StHq9RnI95OD7ML3P_hNVQf5Y3aokpJUWgYx4bXK-AY070yAM%26adurl%3D&documentReferer=https%3A%2F%2Fyalla-shoots.tv%2F&ancestorOrigins=https%3A%2F%2Fyalla-shoots.tv&random=3406708527405&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 218
  • https://whos.amung.us/cwidget/15ky356qz4/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=4241&c=000000ffffff&p=left
Request Chain 245
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEK8sLT0AWEEbjVLIQOfkllM&google_cver=1
Request Chain 247
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEHBYlg32idohO5aXiehi1fk&google_cver=1
Request Chain 251
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=26483600103410104444990012389011&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2890142890
Request Chain 291
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4965740761028.912 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CO-09uHgmIADFdOHsgodwdQD1w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4965740761028.912
Request Chain 324
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
  • https://tpc.googlesyndication.com/simgad/4091503581208051288
Request Chain 325
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENEabyrsw8QZjupQbehFQ4g&google_cver=1&google_push=AaAOQGGd-wYitHxSdGqi23XTjb83EWhJ8WK7R2ML6qjJjewj3Ch3YWW866C9IXQafOM7IKbYy3fQuPz-VzvkLg5aJettzOp83UVM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDA5MjEzNDAyODUxODIyOTQ2OQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENEabyrsw8QZjupQbehFQ4g&google_cver=1
Request Chain 326
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIjjgoE__Uzc5d5rW3baYrw&google_cver=1&google_push=AaAOQGFr96lvVhE-XQp49wm3N5aIwtQjxtkoD5WrHPguXLzOvMvectymcUGSqqdwkrzYh7qbeYV7QYH5jrOVzU1Y-w-Wi8TMKQU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFr96lvVhE-XQp49wm3N5aIwtQjxtkoD5WrHPguXLzOvMvectymcUGSqqdwkrzYh7qbeYV7QYH5jrOVzU1Y-w-Wi8TMKQU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIjjgoE__Uzc5d5rW3baYrw&google_cver=1&google_push=AaAOQGFr96lvVhE-XQp49wm3N5aIwtQjxtkoD5WrHPguXLzOvMvectymcUGSqqdwkrzYh7qbeYV7QYH5jrOVzU1Y-w-Wi8TMKQU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFr96lvVhE-XQp49wm3N5aIwtQjxtkoD5WrHPguXLzOvMvectymcUGSqqdwkrzYh7qbeYV7QYH5jrOVzU1Y-w-Wi8TMKQU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 327
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEL6jlPpiUfW858JDRitrzG8&google_cver=1&google_push=AaAOQGE_PoYT_Z5tQ6j1x4XlHxn9aQh3O8peot4W_q7Zfyzp00ZTuvaq4mwflsSMlD0-WOaOxMdmp0u8OvDAlJUBk5xGifBVn0c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGE_PoYT_Z5tQ6j1x4XlHxn9aQh3O8peot4W_q7Zfyzp00ZTuvaq4mwflsSMlD0-WOaOxMdmp0u8OvDAlJUBk5xGifBVn0c&google_hm=5HvoZvoOQNyvpRfZNK-K0oo
Request Chain 328
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIkoyxDUcl727P1365zLkmg&google_cver=1&google_push=AaAOQGGjxJYmbikTH7ijOZZiYx1FCW-0vpG0cBb_xzSTEb-fk715cadvsIbbOo4i4-X46MP10SJ6pQaqWUNsvEYZfEt4L-Kd8fFS HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEIkoyxDUcl727P1365zLkmg&google_push=AaAOQGGjxJYmbikTH7ijOZZiYx1FCW-0vpG0cBb_xzSTEb-fk715cadvsIbbOo4i4-X46MP10SJ6pQaqWUNsvEYZfEt4L-Kd8fFS&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AaAOQGGjxJYmbikTH7ijOZZiYx1FCW-0vpG0cBb_xzSTEb-fk715cadvsIbbOo4i4-X46MP10SJ6pQaqWUNsvEYZfEt4L-Kd8fFS&google_hm=dVh5aGFnT3EtelowaWhmc3N1c2w=
Request Chain 329
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMHHRW12aM65mlnXCfVlppw&google_cver=1&google_push=AaAOQGEBuwakAy8bltLDN5pAJFSMWDS1mt3sYH3z02yjBxH5a48ZavqEFADc7mL8EbDwRxlTnq1aBVD4TXPRmxbYWj0Y8ooZzbs HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGEBuwakAy8bltLDN5pAJFSMWDS1mt3sYH3z02yjBxH5a48ZavqEFADc7mL8EbDwRxlTnq1aBVD4TXPRmxbYWj0Y8ooZzbs&google_gid=CAESEMHHRW12aM65mlnXCfVlppw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY2NjU1ODIwMTQ0OTY4ODIyNjM4Mg%3D%3D&google_push=AaAOQGEBuwakAy8bltLDN5pAJFSMWDS1mt3sYH3z02yjBxH5a48ZavqEFADc7mL8EbDwRxlTnq1aBVD4TXPRmxbYWj0Y8ooZzbs
Request Chain 331
  • https://sync.inmobi.com/gob?google_gid=CAESEHpH4H8EAh4o4ntBU2yJ-H0&google_cver=1&google_push=AaAOQGEv01LziZOMEIXmlw1Zd_8i1sahx5Hd5IOkK74cxTyJwFeIDFc6JJoE2GHTBx4HVCr1uMLvkoERY0KPcDnYSR54KrG0-E-8yw HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAaAOQGEv01LziZOMEIXmlw1Zd_8i1sahx5Hd5IOkK74cxTyJwFeIDFc6JJoE2GHTBx4HVCr1uMLvkoERY0KPcDnYSR54KrG0-E-8yw
Request Chain 345
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 355
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENEabyrsw8QZjupQbehFQ4g&google_cver=1&google_push=AaAOQGEuWWkfqyaOpivsZPx63y9B0yrtYAJNRAFLO42tHdI-zAjW61Fq479lPp_BuQ7Kiwomg9x16s675fJEFGpvEtMYw7p8Mdwdmg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDA5MjEzNDAyODUxODIyOTQ2OQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENEabyrsw8QZjupQbehFQ4g&google_cver=1
Request Chain 356
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIjjgoE__Uzc5d5rW3baYrw&google_cver=1&google_push=AaAOQGFLP_r6HbygFX7g5wIikWi24k-hmPwV4CbrHm5NbEycIGhBJkr4NkInrWM3JlzrTugx_mTXlUUCtnmwD_HxrAqgWFIFAxUP5g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFLP_r6HbygFX7g5wIikWi24k-hmPwV4CbrHm5NbEycIGhBJkr4NkInrWM3JlzrTugx_mTXlUUCtnmwD_HxrAqgWFIFAxUP5g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIjjgoE__Uzc5d5rW3baYrw&google_cver=1&google_push=AaAOQGFLP_r6HbygFX7g5wIikWi24k-hmPwV4CbrHm5NbEycIGhBJkr4NkInrWM3JlzrTugx_mTXlUUCtnmwD_HxrAqgWFIFAxUP5g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFLP_r6HbygFX7g5wIikWi24k-hmPwV4CbrHm5NbEycIGhBJkr4NkInrWM3JlzrTugx_mTXlUUCtnmwD_HxrAqgWFIFAxUP5g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 357
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEBeV-7wRFlwTlAATZHyzVe4&google_cver=1&google_push=AaAOQGF0J_MMX4qJEZo6dV-4LCIJzpy9KSMjymtqJoQkGUuB8XZSbWJ3LOk-eR5eezGjh425iyzO0j8qJjytLqXZTndM_LE1Phed HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-e7K1cGqkQ2FnfSqTwuGkRPC1J2Rb_yx40hnVGQ&google_push=PUSH_DATA HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
Request Chain 358
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHnFVteswOfuGrdBJ60bhRk&google_cver=1&google_push=AaAOQGF7u47UfgZt2PYPmh3S4TnO2GwKg5dlWSWy6QP5V8z3e9NHcWfGFSt4HKle4OIlR5QAnC2jEz1hH-5PmoS3NCOXzroPSx6tUQ HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHnFVteswOfuGrdBJ60bhRk&google_cver=1&google_push=AaAOQGF7u47UfgZt2PYPmh3S4TnO2GwKg5dlWSWy6QP5V8z3e9NHcWfGFSt4HKle4OIlR5QAnC2jEz1hH-5PmoS3NCOXzroPSx6tUQ&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ivNUxmosSQCxrTY_AP3ikA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGF7u47UfgZt2PYPmh3S4TnO2GwKg5dlWSWy6QP5V8z3e9NHcWfGFSt4HKle4OIlR5QAnC2jEz1hH-5PmoS3NCOXzroPSx6tUQ
Request Chain 359
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJZ9KSusLPLfTdn60eLhfy8&google_cver=1&google_push=AaAOQGEpeVakaiuhUoBpjp6H2qo9H9jhYB6HlfIZ2_4h-3Zjv6FHWdVju5j8ATBAixoIcmYGPvBTqgN2qLAJueduzwXInrpnvWcRbw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEs4SzE2TkMtMjQtNTI4&google_push=AaAOQGEpeVakaiuhUoBpjp6H2qo9H9jhYB6HlfIZ2_4h-3Zjv6FHWdVju5j8ATBAixoIcmYGPvBTqgN2qLAJueduzwXInrpnvWcRbw
Request Chain 361
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECEU9siTOGuy3iHMJcWADfQ&google_cver=1&google_push=AaAOQGH94jf2S39i8HBIm-qETIGXRc-0_fe3jSE79PK-XIobSMMUOSXe_dGdLaN--Lxq7aHYmXrsfprx3GfkE_5I3VGqcdB0Zd4tWw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGH94jf2S39i8HBIm-qETIGXRc-0_fe3jSE79PK-XIobSMMUOSXe_dGdLaN--Lxq7aHYmXrsfprx3GfkE_5I3VGqcdB0Zd4tWw HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 376
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEwX0OQ7nHzYmZDUR-I72Kc&google_cver=1
Request Chain 377
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=8e683956-258e-11ee-a6c2-162d46060506 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OGU2ODM4ZTEtMjU4ZS0xMWVlLWE2YzItMTYyZDQ2MDYwNTA2
Request Chain 407
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESENeNYeyDvZYFLBJZC6lnHig&google_cver=1
Request Chain 418
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKL7Hy5Zr25C_zxqX-xKDJM&google_cver=1&google_push=AaAOQGGSUJTe4ODaOeZbCnwSwx2fhN05I8ACq8HwEZsvda6dgWbc0eZ-5juWe54af71GYzLvof3HT0BNFPnVAzu4n7oZe8wMdDyt HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NzIwODI1ODcwMjYwNDQyOA%3D%3D&google_push=AaAOQGGSUJTe4ODaOeZbCnwSwx2fhN05I8ACq8HwEZsvda6dgWbc0eZ-5juWe54af71GYzLvof3HT0BNFPnVAzu4n7oZe8wMdDyt
Request Chain 419
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPC8XHUdrmj1Scl33aJubss&google_cver=1&google_push=AaAOQGFD2-XLWFS4lsznppRgqfDmh-_-t4OYy_1GzNwdHv2kEM-i9a4DSfaSxsbR6t27fk-KLU2n_H4rfvR3PoAopZyu3AgK-enr HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPC8XHUdrmj1Scl33aJubss&google_cver=1&google_push=AaAOQGFD2-XLWFS4lsznppRgqfDmh-_-t4OYy_1GzNwdHv2kEM-i9a4DSfaSxsbR6t27fk-KLU2n_H4rfvR3PoAopZyu3AgK-enr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzkyODc2MzM5MDEwODM5ODQxNg&google_push=AaAOQGFD2-XLWFS4lsznppRgqfDmh-_-t4OYy_1GzNwdHv2kEM-i9a4DSfaSxsbR6t27fk-KLU2n_H4rfvR3PoAopZyu3AgK-enr
Request Chain 420
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFe9tNZGKsez7ZKih-Hj3Vg&google_cver=1&google_push=AaAOQGHL0d36VyIjjAX2DiGt9BNsDwxvkCS0LdJjppIJC5IIB7KpE98LLQBC8STXf9Hgnb7O5htIROws8xbzcd-vhluLw11xG4o4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGHL0d36VyIjjAX2DiGt9BNsDwxvkCS0LdJjppIJC5IIB7KpE98LLQBC8STXf9Hgnb7O5htIROws8xbzcd-vhluLw11xG4o4
Request Chain 421
  • https://match.360yield.com/match/ebda?google_gid=CAESEPeadHzgrU5rtaUNyaJhhQ4&google_cver=1&google_push=AaAOQGE15m0hJRa0myluDnJ3hUFcvaMYxJhBgl5kw9Lx6DUgs-xAwXsJM902bLkoAQCdatDedXcHgDmDORvVWQ54QKw08AxyqwiS HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEPeadHzgrU5rtaUNyaJhhQ4&google_cver=1&google_push=AaAOQGE15m0hJRa0myluDnJ3hUFcvaMYxJhBgl5kw9Lx6DUgs-xAwXsJM902bLkoAQCdatDedXcHgDmDORvVWQ54QKw08AxyqwiS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cHeR7BMVS16RFt0OonKSFg&google_push=AaAOQGE15m0hJRa0myluDnJ3hUFcvaMYxJhBgl5kw9Lx6DUgs-xAwXsJM902bLkoAQCdatDedXcHgDmDORvVWQ54QKw08AxyqwiS
Request Chain 422
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESELaQ1qUOqnALrTJfg4r5U9w&google_cver=1&google_push=AaAOQGHhMXQC4YFHVUJpp1Ux4pWiOgudzWzMR3RdEi31H74N0T9hzHVQDYsGB8s7RYTHWdqPox7bzPAsQ5pw5vjHmxxg25UCg14 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AaAOQGHhMXQC4YFHVUJpp1Ux4pWiOgudzWzMR3RdEi31H74N0T9hzHVQDYsGB8s7RYTHWdqPox7bzPAsQ5pw5vjHmxxg25UCg14&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1689700470434 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-be872b05-8d70-4db7-8fd4-53b5d168069a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGHhMXQC4YFHVUJpp1Ux4pWiOgudzWzMR3RdEi31H74N0T9hzHVQDYsGB8s7RYTHWdqPox7bzPAsQ5pw5vjHmxxg25UCg14%26google_hm%3DA76HKwWNcE23j9RTtdFoBpo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGHhMXQC4YFHVUJpp1Ux4pWiOgudzWzMR3RdEi31H74N0T9hzHVQDYsGB8s7RYTHWdqPox7bzPAsQ5pw5vjHmxxg25UCg14&google_hm=A76HKwWNcE23j9RTtdFoBpo
Request Chain 453
  • https://fw.adsafeprotected.com/rfw/st/990511/61634096/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-4903453974745530&ias_chanId=1&ias_placementId=19422215925&bidurl=https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jtGBYX5TZrpYbk5ar8z6_B&adContainerId=brand_safety_dsi2ZOyuF9mY-gaDrJCQDg&cbFunctionName=goog_wrapCb_dsi2ZOyuF9mY-gaDrJCQDg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fyalla-shoots.tv&adsafe_type=y&adsafe_url=https%3A%2F%2Fyalla-shoots.tv%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fa77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fa77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:af3068e3-86e5-c3b6-94de-fd2307cf0ed7,c:iJWvGg,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-559f95d5b4-xmcpz,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tKnMYFi+11%7C12%7C1311%7C13121%7C141%7C142%7C151%7C152%7C153%7C154%7C155%7C156%7C157%7C161%7C162%7C1631%7C17%7C181%7C182%7C183%7C1911%7C1912%7C1913%7C19141%7C1a11%7C1a12%7C1a13%7C1b1%7C1b2%7C1c1%7C1c2%7C1d*.990511-61634096%7C1d1%7C1d2%7C1e1,idMap:1d*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:24,oid:8ed6cef8-258e-11ee-958b-06f92a7c0dd3,v:19.8.428,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_dsi2ZOyuF9mY-gaDrJCQDg&cbFunctionName=goog_wrapCb_dsi2ZOyuF9mY-gaDrJCQDg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Request Chain 456
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENwsnH4PO7FH69_2wiemJ_s&google_cver=1&google_push=AaAOQGH6yUJx3mIbELARJ6O2gYijI9Fb3RYFMsMZzuNlfKcMffzMZ4ap_SatXq_HoUqFSTFN59uF3fxErD7W7ON6BSp5Dk4x2Wba HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENwsnH4PO7FH69_2wiemJ_s&google_cver=1&google_push=AaAOQGH6yUJx3mIbELARJ6O2gYijI9Fb3RYFMsMZzuNlfKcMffzMZ4ap_SatXq_HoUqFSTFN59uF3fxErD7W7ON6BSp5Dk4x2Wba HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TzlqWGtzT0UxUWxPaHA1&google_gid=CAESENwsnH4PO7FH69_2wiemJ_s&google_cver=1&google_push=AaAOQGH6yUJx3mIbELARJ6O2gYijI9Fb3RYFMsMZzuNlfKcMffzMZ4ap_SatXq_HoUqFSTFN59uF3fxErD7W7ON6BSp5Dk4x2Wba
Request Chain 458
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEFdvZytvWpRfRUyNXAS9YZo&google_cver=1&google_push=AaAOQGFOV5C7eAWGvFda8edqVcccoklyen4p1_Fmk2EIhD-zhGk4FQNsHTS_SDKddrQOiM7ScVtvYKDVmxiB_xZk2gTC3_sVs9Qj HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=n7D5JzrwTtGfA6_Gs8i6_w2&google_push=AaAOQGFOV5C7eAWGvFda8edqVcccoklyen4p1_Fmk2EIhD-zhGk4FQNsHTS_SDKddrQOiM7ScVtvYKDVmxiB_xZk2gTC3_sVs9Qj
Request Chain 459
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPC8XHUdrmj1Scl33aJubss&google_cver=1&google_push=AaAOQGESWtNwej_UVEucn_zWxGgmop8tY4kDhd_0Kaiwkqg0llY91sQe86g1Oj_viVxes0c1ClaQYx7EGutK1O7aSNAcy8OAZVeX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzkyODc2MzM5MDEwODM5ODQxNg&google_push=AaAOQGESWtNwej_UVEucn_zWxGgmop8tY4kDhd_0Kaiwkqg0llY91sQe86g1Oj_viVxes0c1ClaQYx7EGutK1O7aSNAcy8OAZVeX
Request Chain 460
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJZ9KSusLPLfTdn60eLhfy8&google_cver=1&google_push=AaAOQGG2Klfy6jr7fDBabeCZ9Jn1o9o0D1qfI-GN3r73aa9_0n14KU7WonPzMSLrzcAMPGTXWsIQt7GqrCdtdkti12K5Is-Kvhg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEs4SzE3TFotMS1ERUdS&google_push=AaAOQGG2Klfy6jr7fDBabeCZ9Jn1o9o0D1qfI-GN3r73aa9_0n14KU7WonPzMSLrzcAMPGTXWsIQt7GqrCdtdkti12K5Is-Kvhg
Request Chain 461
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMHHRW12aM65mlnXCfVlppw&google_cver=1&google_push=AaAOQGF_RjbpuYJaVdmcSiyv4vLoatMlRsPs2fxFSyLk0sWshUt0t7mk8e3-NAHDLgNfEAr3FNCF9auNisYcYAmjnghJWp-Ad_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY2NjU1ODIwMTQ0OTY4ODIyNjM4Mg%3D%3D&google_push=AaAOQGF_RjbpuYJaVdmcSiyv4vLoatMlRsPs2fxFSyLk0sWshUt0t7mk8e3-NAHDLgNfEAr3FNCF9auNisYcYAmjnghJWp-Ad_g
Request Chain 498
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKL7Hy5Zr25C_zxqX-xKDJM&google_cver=1&google_push=AaAOQGGUlQjSoQwfkVG6B9UODXJR2Sve62So8WuEZV4PpKT7rApU-VIMIh-ZdwdQC8n9vFuGhBXdEVdZA3UtxROvHLHrNOaXuww HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NzIwODI1ODcwMjYwNDQyOA%3D%3D&google_push=AaAOQGGUlQjSoQwfkVG6B9UODXJR2Sve62So8WuEZV4PpKT7rApU-VIMIh-ZdwdQC8n9vFuGhBXdEVdZA3UtxROvHLHrNOaXuww
Request Chain 499
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAJrTIrHCPCv_a4H9Aj0gN4&google_cver=1&google_push=AaAOQGE2l7ZGBWXYvXdufZ4NkFY0NeZ3-O6rC3gCu9RZFZoFepIspscmxW5U_4ydehgPBZaC6F5FGNTNWnZCCj38k_A6ElmMGF0d HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAJrTIrHCPCv_a4H9Aj0gN4&google_cver=1&google_push=AaAOQGE2l7ZGBWXYvXdufZ4NkFY0NeZ3-O6rC3gCu9RZFZoFepIspscmxW5U_4ydehgPBZaC6F5FGNTNWnZCCj38k_A6ElmMGF0d HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGE2l7ZGBWXYvXdufZ4NkFY0NeZ3-O6rC3gCu9RZFZoFepIspscmxW5U_4ydehgPBZaC6F5FGNTNWnZCCj38k_A6ElmMGF0d&google_hm=2huUjC0YSs282q2Z1lroLQ==
Request Chain 501
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHnFVteswOfuGrdBJ60bhRk&google_cver=1&google_push=AaAOQGHDzGxRDxDB8ZFY5U7dnZ_39oH8SPks8duhJc4WqXT-5joFMPserAZ7FXza-KhvpH1iu2UoLY4EiOuNu52WKRaLi2lSD7q0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ivNUxmosSQCxrTY_AP3ikA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGHDzGxRDxDB8ZFY5U7dnZ_39oH8SPks8duhJc4WqXT-5joFMPserAZ7FXza-KhvpH1iu2UoLY4EiOuNu52WKRaLi2lSD7q0
Request Chain 502
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEExAi9tbsMJTU17sPfxRGvQ&google_cver=1&google_push=AaAOQGFwxjGhRBjhuAi65T1nmtBgNVkg2npj9I2YwkGYiUrjn8A2KSzSR0Aeoa825b9gedRNU9_rYNN7L4ELgVDzL2TkTiebpNm4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGFwxjGhRBjhuAi65T1nmtBgNVkg2npj9I2YwkGYiUrjn8A2KSzSR0Aeoa825b9gedRNU9_rYNN7L4ELgVDzL2TkTiebpNm4
Request Chain 503
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECEU9siTOGuy3iHMJcWADfQ&google_cver=1&google_push=AaAOQGFeZB8V_wo4Lat0MTbCNW0yrNa-5t8fJ6eiI9tlLmlrVuIkY840TIyoSh2fshShDvhiTHV2zFG2N0XUeMoTWwzCJndzA7u39Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGFeZB8V_wo4Lat0MTbCNW0yrNa-5t8fJ6eiI9tlLmlrVuIkY840TIyoSh2fshShDvhiTHV2zFG2N0XUeMoTWwzCJndzA7u39Q HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 535
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEL6jlPpiUfW858JDRitrzG8&google_cver=1&google_push=AaAOQGGaZNJw32maC5B2lSBEooHG4SezIgAG9u8v5gS82P7NjyiZamCjURNQ2c_NDYk6mUFAGUuDtdhOREWmhHLAi36MxpIunglGkA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGaZNJw32maC5B2lSBEooHG4SezIgAG9u8v5gS82P7NjyiZamCjURNQ2c_NDYk6mUFAGUuDtdhOREWmhHLAi36MxpIunglGkA&google_hm=5HvoZvoOQNyvpRfZNK-K0oo
Request Chain 536
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEO0GB5mrNXNl2NpztDq0_ME&google_cver=1&google_push=AaAOQGG_NUaWSENVXpDxyGMRT3ApHqO3kuIaW98WIfYu2R-txC6oK10c27xOt1aozEJDf5D_onu1cUXrhb5Nlksdwdabc02ZLVAbFg HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AaAOQGG_NUaWSENVXpDxyGMRT3ApHqO3kuIaW98WIfYu2R-txC6oK10c27xOt1aozEJDf5D_onu1cUXrhb5Nlksdwdabc02ZLVAbFg&google_hm=hmS2yHdMZtSbTTXyMg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D64B6C8774C66D49B4D35F232BLIS
Request Chain 537
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPC8XHUdrmj1Scl33aJubss&google_cver=1&google_push=AaAOQGGfoJKmIj26Pgyc63-ncfW4_M6SuBHy0MpTlzgt-AFSlegyj179NCwcql0c3HjM0beR9jGAhSefXEYgNCl8sfJE4yB_uWC16g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzkyODc2MzM5MDEwODM5ODQxNg&google_push=AaAOQGGfoJKmIj26Pgyc63-ncfW4_M6SuBHy0MpTlzgt-AFSlegyj179NCwcql0c3HjM0beR9jGAhSefXEYgNCl8sfJE4yB_uWC16g
Request Chain 539
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJZ9KSusLPLfTdn60eLhfy8&google_cver=1&google_push=AaAOQGHrbQYMnuzAHl2HTh_Tp59HzuFOi1Xvhj_ngjqFDamTus3fZr8geZH8TPtT7iBBqL1-35jz6VUYGNJ7UYvM0_0w4f40vM2PrQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEs4SzE4N1gtTS1KVjRI&google_push=AaAOQGHrbQYMnuzAHl2HTh_Tp59HzuFOi1Xvhj_ngjqFDamTus3fZr8geZH8TPtT7iBBqL1-35jz6VUYGNJ7UYvM0_0w4f40vM2PrQ
Request Chain 540
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEExAi9tbsMJTU17sPfxRGvQ&google_cver=1&google_push=AaAOQGEg010ymYvy46HrYU2ncYOhR3UjhO-vngsuYPYpC6tVDbza-1LdMSPQiOsR2XJrk8CaaEKBPuO0WSsFwq11Iv4BIGROM0vGvw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEg010ymYvy46HrYU2ncYOhR3UjhO-vngsuYPYpC6tVDbza-1LdMSPQiOsR2XJrk8CaaEKBPuO0WSsFwq11Iv4BIGROM0vGvw

536 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/ 		189 KB
61 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14aa7f42ac32f88b765a7e423dd0b73a6bbedf4c55459b83a1b3fc515b346149
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=60
cf-cache-status
DYNAMIC
cf-ray
7e8c5c6d1c5b3662-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 18 Jul 2023 17:14:26 GMT
expires
Tue, 18 Jul 2023 17:15:26 GMT
feature-policy
microphone none;camera none;geolocation none;
last-modified
Tue, 18 Jul 2023 17:14:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), microphone=(), geolocation=()
pragma
public
referrer-policy
strict-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qESpr8rg4fVTvxOQdSxfZbWUKYWOzULHT73fPgep2Bjp4FnC74Cjq2iij0zuTS09xdOdwu13%2BmMPv3EjrDGfZqKEQYF7Y3iuu8tXoVyNlPfg698dT2O7W10AB00t7ees8JY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
up.js
live.demand.supply/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/up.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01eabffd7cc4d7d35d547e49123d37b51e5ee7016a69dba526da15434e5d5377

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id
01H5B11Z48XA8F80NDBAC6J31J
date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
br
cf-cache-status
HIT
age
533
cf-polished
origSize=4392
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"de7ad42c8e6744aadd57ef2fe0442d7d-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
7e8c5c6decc3bb80-FRA
link
<https://live.demand.supply/impl.v17.5.2.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-10-0/eWFsbGEtc2hvb3RzLnR2Lw==>; rel=preload; as=script
timing-allow-origin
*
A-letterbigger_Savir.png
jscdn.greeter.me/ 		945 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jscdn.greeter.me/A-letterbigger_Savir.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Sun, 10 Jul 2022 13:45:06 GMT
x-amz-request-id
tx000000000000017b064d4-0064b6c5c0-ad92bddc-fra1b
etag
"f07519ec5fbc46385f386b577e6e2a1d"
x-envoy-upstream-healthchecked-cluster
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1689700466.dop237.fr8.t,1689700466.cds133.fr8.hn,1689700466.cds205.fr8.c
content-type
image/png
cache-control
max-age=2910
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
945
yalla-shoot.png
yalla-shoots.tv/uploads/logo/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yalla-shoots.tv/uploads/logo/yalla-shoot.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3790ed75687a3b6c3d71bcf4bd62c99f82a3dd738ae4b6b2639bd36e4f6bca29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
79837
alt-svc
h3=":443"; ma=86400
content-length
6352
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Sat, 23 Jul 2022 01:22:27 GMT
server
cloudflare
etag
"62db4d53-18d0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0O77DPkEfc%2B5azKGqtwApN6RO8ecO5uetDZ6O2CdNQxKHtiUp8SCs2dFmctUjJHPMfRaca%2BeHkC1%2FlWRL2DbsFf2SITGpqs0iYZ1d%2B8Qf9Vy2XJdqo7%2B7yGm29gC8Sv3ceU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
cf-ray
7e8c5c6dbd3b3662-FRA
expires
Wed, 16 Aug 2023 19:03:49 GMT
truncated
/ 		451 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		944 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		248 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		460 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		500 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
NeoSansArabic.woff
yalla-shoots.tv/assets/fonts/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/assets/fonts/NeoSansArabic.woff
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Origin
https://yalla-shoots.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
79589
alt-svc
h3=":443"; ma=86400
content-length
57364
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Sat, 23 Jul 2022 01:21:21 GMT
server
cloudflare
etag
"62db4d11-e014"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bktsyV4uHj8J2s%2Bu5brulPWal8Sber9o9JDDFE3G8N87HL9R0LilDrbas4aBj4zn6V3MbnLhaUwhJqJex%2BVRi0WGA2e0IvUfCbPiBjZecs1uj5flnKoYBaxf5FAJfCtHKAw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
cf-ray
7e8c5c6ddd6d3662-FRA
expires
Wed, 16 Aug 2023 19:07:57 GMT
1557393646.png
web-api.scorarab.com/uploads/team/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-api.scorarab.com/uploads/team/1557393646.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4151b22743cdf1156af80f7661631ba67f8d4462d0f5d2442fbcd8f6f045100b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:26 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34834
alt-svc
h3=":443"; ma=86400
content-length
5218
x-xss-protection
1; mode=block
last-modified
Wed, 08 Dec 2021 17:06:40 GMT
server
cloudflare
etag
"61b0e620-1462"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2FS26m3e8D9IyIPMdJlunLKxQ2pEr5ZVkXzXgPRI9i9KYsvtJSqsb0c894guZCvZJZVPfaBR%2BnrqR17WVCn6VJaUIoNGFGAkRItwGlkVj86GHMRcCNRbMhNJ6gVaYMD3UN7Z6xlE3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7e8c5c6e2ef739c1-FRA
expires
Thu, 17 Aug 2023 07:33:52 GMT
1641679962.png
web-api.scorarab.com/uploads/team/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-api.scorarab.com/uploads/team/1641679962.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.4.192 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7df4cb45e2a46b173647a88e91fb054cd872c67961618c893741387cd562c311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:26 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
362986
alt-svc
h3=":443"; ma=86400
content-length
3839
x-xss-protection
1; mode=block
last-modified
Sat, 08 Jan 2022 22:12:42 GMT
server
cloudflare
etag
"61da0c5a-eff"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8B7ROLiRNL2F%2F2Fhqh7XUN9ypGzRM6A%2FPpCQosvEsof6d9LunSZr2scSQbTAURaNc4Dq%2BB1ccMNLV1VYgzOLNthR4MVI34jXrpwtLAaXu44g6QZMmZ1%2F0EcA72weloPTU%2FUvrGnpDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7e8c5c6e2ef839c1-FRA
expires
Sun, 13 Aug 2023 12:24:40 GMT
rocket-loader.min.js
yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Jul 2023 16:27:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ad82fd-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ta6S%2ByyV8QvaQBzXxXwD98sZ82aexI09Ljl%2FyhCUA6pTWlDGsEV%2BvTsOtdmB5NShRe35gj0iTQF7Vxndy2RTVn4cwAyq6WEiXufXBJ7fdusG2ru4TMslw0t%2BK7eem0kxQe0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7e8c5c6dfb0a03ac-FRA
expires
Thu, 20 Jul 2023 17:14:26 GMT
telegram.svg
live.shoot-yalla.tv/uploads/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.shoot-yalla.tv/uploads/img/telegram.svg
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45dd60aee8728ca8786226233d74694db5f4c0110647c8e48710c49cdd5bdf41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
79816
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Fri, 03 Jun 2022 01:24:02 GMT
server
cloudflare
etag
W/"629962b2-424"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRdLvhRAI9%2BF874%2F%2BwJFqbOlt5tf2Yk0nNiRLKlpf%2FN8wxHiXkqLOsToyCh649hhpzejahN7CVXtnVU38kKVsvVQSWyJSldzyA%2F3WeIhEbU1VJMvH3QvBhyMP9idGKlLYBTOS5Pc"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
7e8c5c6e4bd31b93-FRA
expires
Wed, 16 Aug 2023 19:04:10 GMT
js
www.googletagmanager.com/gtag/ 		178 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-230085360-1
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
780ad223730992d713b87d10989dfc4fc5d5c7b254a8c87d4a40d1ff7379ff2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65782
x-xss-protection
0
last-modified
Tue, 18 Jul 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 18 Jul 2023 17:14:26 GMT
lazyload.js
yalla-shoots.tv/assets/themes/yalla-shoot/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/assets/themes/yalla-shoot/js/lazyload.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1b682cb1fee45d7f80c900aba4d8ddcb18ac1016dcf38ece495801ac65eb14f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
79879
cf-polished
origSize=7249
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-bgj
minify
last-modified
Sat, 23 Jul 2022 01:24:16 GMT
server
cloudflare
etag
W/"62db4dc0-1c51"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6ae7OS0UDeaGZz2b0HJqtdYogcwCOVnoqxXQQfTXaHx%2BLSl0ZeeoMrhvFeFE6cmI4A5dY1y0yvqkMaOagTuXbzj3r4aWOoZio38G4xnWMfVB4D%2BkL574C6eewImBf2DuYI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
cf-ray
7e8c5c6e3b4f03ac-FRA
expires
Wed, 16 Aug 2023 19:03:07 GMT
matche
dalbouh.xyz/api/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dalbouh.xyz/api/matche?t=1689700454
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.233.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
spt
tg1.modoro360.com/api/adserver/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=63e0c53d06b87484dc0f3a56&AV_PUBLISHERID=63e0c30829bdc76cde070e85
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c::5c7b:680c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ae1c0527eb004fcfc9e19bab44a5a088b8cf59cdd5b24f0900114f6b856b391c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Bamboo-C-SkSt
1
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
Date
Tue, 18 Jul 2023 17:14:26 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Vary
Accept-Encoding
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Content-Length
7106
Expires
Tue, 18 Jul 2023 17:19:26 GMT
yalla-shoots.tvdynamic.js
jscdn.greeter.me/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jscdn.greeter.me/yalla-shoots.tvdynamic.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
35cf75de5d617b7a8e395dc30579c7245e3001a2b8227d55f3d3ddc2e773741d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Wed, 11 Jan 2023 19:24:32 GMT
x-amz-request-id
tx000000000000017958a26-0064b6bd89-ad92bddc-fra1b
etag
"3cc898bc27a1b9035922667e9a7e891a"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1689700466.dop237.fr8.t,1689700466.cds133.fr8.hn,1689700466.cds321.fr8.c
content-type
text/javascript
cache-control
max-age=807
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
7957
yalla-shoots.tvhead.js
jscdn.greeter.me/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jscdn.greeter.me/yalla-shoots.tvhead.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
c73e7fcf76232d28a1760877bd3eccada211feb797fd25ba824df3bac45b46eb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Wed, 11 Jan 2023 19:35:56 GMT
x-amz-request-id
tx000000000000017958799-0064b6bd89-ad9364d7-fra1b
etag
"559fe7c18011a3e1db9adb6276cba3f6"
x-envoy-upstream-healthchecked-cluster
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1689700466.dop237.fr8.t,1689700466.cds133.fr8.hn,1689700466.cds149.fr8.c
content-type
text/javascript
cache-control
max-age=807
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
7559
jquery.min.js
yalla-shoots.tv/assets/js/ 		87 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/assets/js/jquery.min.js?t=1689700454
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7e05b68eb47f0167793018bfc04a5fd640d8a9f406b6b2c1892a97f084f6769
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 21 Sep 2022 18:59:19 GMT
server
cloudflare
etag
W/"632b5f07-15d3a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfhj3SmFsoE70ztJl%2FaFu7vw0kUN9JtKx%2BVN4Yn0dYQH3cTCTtGkLUIM2oPXdUuL8CG9ZgAWpmqZpWb1K6inKDwY7HlTommnvLNLoUm%2BFpaK8REmvGUNa0LN766NnM6lY6c%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
cf-ray
7e8c5c6e3b5203ac-FRA
expires
Thu, 17 Aug 2023 17:14:26 GMT
impl.v17.5.2.js
live.demand.supply/ 		81 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/impl.v17.5.2.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c122abb04ee37679f9d6bb19bd7fec29fee3d17ccc3ca507464043250a4c3edf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id
01H5AYRHFQ1HYAWVYSHM641KBJ
date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
br
cf-cache-status
HIT
age
336769
cf-polished
origSize=82893
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"9a9d8e9453c92508047c24c16559a329-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
7e8c5c6f7eeabb80-FRA
eWFsbGEtc2hvb3RzLnR2Lw==
live.demand.supply/p4/v16-10-0/ 		1003 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v16-10-0/eWFsbGEtc2hvb3RzLnR2Lw==
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6abad93ede336d0935f45fb7a66d04ab1dede7978b3a7ac072231547292c96e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
7e8c5c6f7eecbb80-FRA
alt-svc
h3=":443"; ma=86400
e.js
live.demand.supply/e/ 		0
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?e=ll&d=281&cs=c&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id
01H37XBZTS5HKQ2F1CQXNBQG5A
date
Tue, 18 Jul 2023 17:14:27 GMT
cf-cache-status
HIT
age
450580
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"081b1367cd2301d3bf23f0a40952d236-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7e8c5c6f8b261e4a-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		84 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
340979466c5de70c1d522aa159c10ade7cf79fd53101078948d65c12a69a2d2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28288
x-xss-protection
0
server
cafe
etag
725 / 19556 / m202307110101 / config-hash: 4204293080503520112
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 18 Jul 2023 17:14:27 GMT
eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
live.demand.supply/p4/v16-10-0/ 		2 KB
816 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v16-10-0/eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b31011e6517ce1439b474e7345b40023ab62ffa5c001705a6688248496024e0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
7e8c5c6f7ef1bb80-FRA
alt-svc
h3=":443"; ma=86400
ds.2.html
live.demand.supply/ 		413 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id
01H3WA237MVFAYZPRV32TG4JC5
date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
448617
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
7e8c5c6f8b281e4a-FRA
alt-svc
h3=":443"; ma=86400
yalla-shoots.tv_fluid_lb+sq
live.demand.supply/cp/ 		30 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_fluid_lb+sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.5.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7f269228159b85baef9e82aebdaf8f0ae2d5cc58dd20965be492a40b949ffad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7e8c5c6fab4a1e4a-FRA
alt-svc
h3=":443"; ma=86400
content-length
30
yalla-shoots.tv_native_multi_native1
live.demand.supply/cp/ 		29 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_native_multi_native1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.5.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
573a133dda9b8690dd3beca3179f68ea23b565f0206024c94819e670d53df5df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7e8c5c6fab4e1e4a-FRA
alt-svc
h3=":443"; ma=86400
content-length
29
yalla-shoots.tv_fluid_sky+sq
live.demand.supply/cp/ 		30 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_fluid_sky+sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.5.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07c1fee0bf7550083ff082b9b20c0ff67601d801f9f07e502f2e4897ea3ae623

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7e8c5c6fab511e4a-FRA
alt-svc
h3=":443"; ma=86400
content-length
30
yalla-shoots.tv_fluid_lb+sq
live.demand.supply/cp/ 		30 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_fluid_lb+sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.5.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7f269228159b85baef9e82aebdaf8f0ae2d5cc58dd20965be492a40b949ffad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7e8c5c6fab541e4a-FRA
alt-svc
h3=":443"; ma=86400
content-length
30
yalla-shoots.tv_auto_728x90_sticky_display_bottom
live.demand.supply/cp/ 		30 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.5.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da56063dd051e0c0124dbc365a594f04d69ff065345d75f08b3ef0feae96e7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7e8c5c703c291e4a-FRA
alt-svc
h3=":443"; ma=86400
content-length
30
e.js
live.demand.supply/e/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&pdc=0.06656976938247681&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.5.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id
01H37XBZTS5HKQ2F1CQXNBQG5A
date
Tue, 18 Jul 2023 17:14:27 GMT
cf-cache-status
HIT
age
450580
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"081b1367cd2301d3bf23f0a40952d236-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7e8c5c708cb51e4a-FRA
e.js
live.demand.supply/x/ 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=da&r=yalla-shoots.tv_fluid_lb%2Bsq&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.5.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id
01H3JKZF05SFAJXXME64R3M1YJ
date
Tue, 18 Jul 2023 17:14:27 GMT
cf-cache-status
HIT
age
1292252
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"081b1367cd2301d3bf23f0a40952d236-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7e8c5c708cb71e4a-FRA
e.js
live.demand.supply/e/ 		0
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&pdc=0.06656976938247681&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.5.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id
01H37XBZTS5HKQ2F1CQXNBQG5A
date
Tue, 18 Jul 2023 17:14:27 GMT
cf-cache-status
HIT
age
450580
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"081b1367cd2301d3bf23f0a40952d236-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7e8c5c709cbb1e4a-FRA
e.js
live.demand.supply/x/ 		0
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=da&r=yalla-shoots.tv_fluid_lb%2Bsq&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.5.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id
01H3JKZF05SFAJXXME64R3M1YJ
date
Tue, 18 Jul 2023 17:14:27 GMT
cf-cache-status
HIT
age
1292252
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"081b1367cd2301d3bf23f0a40952d236-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7e8c5c709cbe1e4a-FRA
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/ 		391 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5aa49f0af3e388fdd29408e87eba4ea66280dc6023105732c233ebc6924784b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 11:33:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
20482
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127551
x-xss-protection
0
server
cafe
etag
10618836103773446959
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 17 Jul 2024 11:33:05 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
878 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 18 Jul 2023 17:14:27 GMT
x-content-type-options
nosniff
content-encoding
br
age
21268
x-jsd-version
master
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230073-FRA
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:9c00:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
null
Date
Tue, 18 Jul 2023 02:48:38 GMT
Via
1.1 551f2461af0b3bf4faaad831ee6e5b1e.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
MUC50-P1
Age
51950
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
p-XZ1_rE25zI_ePULXDZ74iG1o1-FW_DzABWZ_WxRDZoTKgtzg7-Mw==
esp.js
cdn.id5-sync.com/api/1.0/ 		102 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Jun 2023 08:35:03 GMT
server
cloudflare
x-amz-request-id
7K31B1SBF214GTBQ
age
1303
etag
W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7e8c5c714b128ffb-FRA
x-amz-id-2
e3bzHDxJ/gGu3jgSwzlpMAnHxVi64l2r1kEpNHmt8TNQGwqCCSRzYsoGG4zoKvdKxOzYBUf19Bs=
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-114.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 02:34:21 GMT
content-encoding
gzip
via
1.1 218366faeb88f6d265d2589e37ea2dac.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:33 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
52807
x-amz-server-side-encryption
AES256
etag
W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
E5JV4-hT9D1YCaRiMvS1yJChfdnM9T98sTJDTkU1nJZ_IDqeeMAqiw==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
via
1.1 google, 1.1 google
last-modified
Wed, 05 Jul 2023 19:08:57 GMT
server
Google Frontend
etag
6c49a4094d9a446bdc7fe3d19d23b4c7
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
f2897be730c716a1df3ce16cab705baf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Jul 2023 13:25:47 GMT
server
nginx
etag
W/"64ad585b-a980"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 19 Jul 2023 17:14:27 GMT
ob.js
cdn-ima.33across.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d285ae6755d52c452904f5bdfa4a6c2082186d695304b242e9db2f12461f02e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 15 Jun 2023 16:15:13 GMT
server
cloudflare
age
76629
etag
W/"648b3911-2e4b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
7e8c5c716eab1a6b-FRA
expires
Wed, 19 Jul 2023 17:14:27 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
781 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1355555487957082&correlator=3381534771320412&eid=31072019&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C175844fe-17b4-47e6-9355-28af1ff828c4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=1711219817&didk=1133630126&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3Dc677851b-eb3a-4f42-9848-077d0b71f2d2%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D12%26bid-p%3Dgoogle%26bsc%3D83&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1689700467387&lmt=1689700454&dlt=1689700466828&idt=526&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11511%2F1042679%2Fvalencia-vs-nottingham-forest%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1232595036.1689700467&ga_sid=1689700467&ga_hid=948966620&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYtYX8z5YxSABSAghkEhkKCnB1YmNpZC5vcmcYtYX8z5YxSABSAghkEhcKCHJ0YmhvdXNlGLWF_M-WMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRi1hfzPljFIAFICCGQSGQoKdWlkYXBpLmNvbRi1hfzPljFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGLWF_M-WMUgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0dd3293e8074a0a4e9cb0485f180dfd51d05c55cfaafb698b3b99f35e695aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
750
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1355555487957082&correlator=2538483509922461&eid=31072019&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2Cfc89faaf-d2a1-46c0-b90d-6d8e04bab92a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=2&adks=4125583446&didk=1418515193&sfv=1-0-40&prev_scp=ti%3Dc677851b-eb3a-4f42-9848-077d0b71f2d2%26chrand%3Dy%26pof%3D0%26bid%3D0.05%26bid-p%3Dgoogle%26rfi%3D30%26bsc%3D83&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1689700467394&lmt=1689700454&dlt=1689700466828&idt=526&adxs=314&adys=2344&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11511%2F1042679%2Fvalencia-vs-nottingham-forest%2F&frm=20&vis=1&psz=1076x116&msz=1076x116&fws=4&ohw=1100&ga_vid=1232595036.1689700467&ga_sid=1689700467&ga_hid=948966620&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYtYX8z5YxSABSAghkEhkKCnB1YmNpZC5vcmcYtYX8z5YxSABSAghkEhcKCHJ0YmhvdXNlGLWF_M-WMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRi1hfzPljFIAFICCGQSGQoKdWlkYXBpLmNvbRi1hfzPljFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGLWF_M-WMUgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8c5ebac2aa779f57722452320f7917cbc415734814c26df80ee7f23668065f46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11279
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1355555487957082&correlator=1711398541754789&eid=31072019&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2Cfc89faaf-d2a1-46c0-b90d-6d8e04bab92a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=3&adks=2630399188&didk=1418515192&sfv=1-0-40&prev_scp=ti%3Dc677851b-eb3a-4f42-9848-077d0b71f2d2%26chrand%3Dy%26pof%3D0%26bid%3D0.05%26bid-p%3Dgoogle%26rfi%3D30%26bsc%3D83&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1689700467397&lmt=1689700454&dlt=1689700466828&idt=526&adxs=302&adys=220&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11511%2F1042679%2Fvalencia-vs-nottingham-forest%2F&frm=20&vis=1&psz=1052x116&msz=1052x116&fws=4&ohw=1100&ga_vid=1232595036.1689700467&ga_sid=1689700467&ga_hid=948966620&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYtYX8z5YxSABSAghkEhkKCnB1YmNpZC5vcmcYtYX8z5YxSABSAghkEhcKCHJ0YmhvdXNlGLWF_M-WMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRi1hfzPljFIAFICCGQSGQoKdWlkYXBpLmNvbRi1hfzPljFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGLWF_M-WMUgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce5c1af25011aeec7d020abe768f2a5ebb3e9dba23109345b36b208ea0059322
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9747
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7401 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 17:14:27 GMT
expires
Wed, 17 Jul 2024 17:14:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e4cea99569335a6cede37db3c96f7a28d5baf73969e58a77f35d170bf9088b7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 12:55:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
15559
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13159
x-xss-protection
0
server
cafe
etag
4554634950063143126
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 17 Jul 2024 12:55:08 GMT
e.js
live.demand.supply/e/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_native_multi_native1&pdc=0.4999718785285949&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.5.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id
01H37XBZTS5HKQ2F1CQXNBQG5A
date
Tue, 18 Jul 2023 17:14:27 GMT
cf-cache-status
HIT
age
450580
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"081b1367cd2301d3bf23f0a40952d236-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7e8c5c715dc61e4a-FRA
yalla-shoots.tv_native_multi_native1
api.demand.supply/v16-10-0/a/ 		2 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v16-10-0/a/yalla-shoots.tv_native_multi_native1?&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.5.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
cf-cache-status
HIT
server
cloudflare
age
18
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
accept-ranges
bytes
cf-ray
7e8c5c718db11945-FRA
alt-svc
h3=":443"; ma=86400
content-length
2
e.js
live.demand.supply/e/ 		0
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_sky%2Bsq&pdc=0.37113529443740845&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.5.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id
01H37XBZTS5HKQ2F1CQXNBQG5A
date
Tue, 18 Jul 2023 17:14:27 GMT
cf-cache-status
HIT
age
450580
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"081b1367cd2301d3bf23f0a40952d236-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7e8c5c715dc81e4a-FRA
increment
id5-sync.com/api/esp/ 		0
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://yalla-shoots.tv
date
Tue, 18 Jul 2023 17:14:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1355555487957082&correlator=108896371326964&eid=31072019&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C1e113ef7-ca18-48f5-b9a7-d1012c42bba1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x600%7C160x600%7C300x250%7C300x600%7C320x480&ifi=4&adks=1780369902&didk=412460674&sfv=1-0-40&prev_scp=ti%3Dc677851b-eb3a-4f42-9848-077d0b71f2d2%26chrand%3Dy%26pof%3D0%26bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D83&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1689700467434&lmt=1689700454&dlt=1689700466828&idt=526&adxs=302&adys=504&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11511%2F1042679%2Fvalencia-vs-nottingham-forest%2F&frm=20&vis=1&psz=1052x616&msz=1052x616&fws=4&ohw=1100&ga_vid=1232595036.1689700467&ga_sid=1689700467&ga_hid=948966620&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYtYX8z5YxSABSAghkEhkKCnB1YmNpZC5vcmcY1oX8z5YxSABSAghqEhcKCHJ0YmhvdXNlGLWF_M-WMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRi1hfzPljFIAFICCGQSGQoKdWlkYXBpLmNvbRi1hfzPljFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGLWF_M-WMUgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
62bc1d5a4b3e97b1972a193eeef479c2d021dc1ffdc7492f801df19108ddbdc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9748
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 3BE7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=yalla-shoots.tv
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 17:14:27 GMT
server
Kestrel
server-processing-duration-in-ticks
313318
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
e.js
live.demand.supply/e/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_728x90_sticky_display_bottom&pdc=0.18191214799880984&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.5.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id
01H37XBZTS5HKQ2F1CQXNBQG5A
date
Tue, 18 Jul 2023 17:14:27 GMT
cf-cache-status
HIT
age
450580
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"081b1367cd2301d3bf23f0a40952d236-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7e8c5c719e221e4a-FRA
sdb.css
live.demand.supply/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/css/sdb.css
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id
01H1Y05AGFG29ZH03J7RFS19F8
date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
1509939
etag
W/"f22f1835d396aa5be9932139c44fe2f7-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
7e8c5c719bb63734-FRA
alt-svc
h3=":443"; ma=86400
ads
securepubads.g.doubleclick.net/gampad/ 		32 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1355555487957082&correlator=2715838509055446&eid=31072019&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2Cbb510014-4c35-4178-96b7-44ce355e0c64&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=5&adks=1258472821&didk=4055989924&sfv=1-0-40&prev_scp=ti%3Dc677851b-eb3a-4f42-9848-077d0b71f2d2%26chrand%3Dy%26pof%3D0%26bid%3D0.1%26bid-p%3Dgoogle%26rfi%3D30%26stt%3Dbhs%26bsc%3D83&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1689700467464&lmt=1689700454&dlt=1689700466828&idt=526&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11511%2F1042679%2Fvalencia-vs-nottingham-forest%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1232595036.1689700467&ga_sid=1689700467&ga_hid=948966620&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYtYX8z5YxSABSAghkEhkKCnB1YmNpZC5vcmcY1oX8z5YxSABSAghqEhcKCHJ0YmhvdXNlGLWF_M-WMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRi1hfzPljFIAFICCGQSGQoKdWlkYXBpLmNvbRi1hfzPljFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGLWF_M-WMUgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff44029619fd90ec051b320192c966a2a0488616ac98a49a461b4759b2d854cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12611
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
encrypt
esp.rtbhouse.com/ 		265 B
360 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b8b7d36c42968677c6c148d2a423e330b335aa5c9cdf711bdc0c213fcfc5359d

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
via
1.1 google, 1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
3795bfd77957a90e9bad7b5660078d0a
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
265
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://yalla-shoots.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://yalla-shoots.tv
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Tue, 18 Jul 2023 17:14:27 GMT
server
Google Frontend
vary
Origin
via
1.1 google, 1.1 google
x-cloud-trace-context
a70a2903cc1c6292f005d1c55b0bdd20
map
bcp.crwdcntrl.net/6/ 		60 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.190.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-190-189.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c86efe6298b574072b40a83e9362b60e0cd478f68f7c25407294f41bcffa897e

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache
x-server
10.45.23.143
access-control-allow-credentials
true
content-length
60
expires
0
sid
mug.criteo.com/ Frame 3BE7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=yalla-shoots.tv&sn=ChromeSyncframe&so=0&topUrl=yalla-shoots.tv&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=pvMHJHx2ZWlZUE1ZVVZEM3Avc3VPNjY5a2ZkZGJLUkQwRFQydkpITk1xaGliOFI3WWxIWnZTZW5sN1owZjAwWmtkV3hUbzlsWmk1MVFrcDRReGpUSmI5Qmo3VjZIdEpHNi9hczJlUDllTEF0eW5BZExjSE81eEVmdTdRM0...
433 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=pvMHJHx2ZWlZUE1ZVVZEM3Avc3VPNjY5a2ZkZGJLUkQwRFQydkpITk1xaGliOFI3WWxIWnZTZW5sN1owZjAwWmtkV3hUbzlsWmk1MVFrcDRReGpUSmI5Qmo3VjZIdEpHNi9hczJlUDllTEF0eW5BZExjSE81eEVmdTdRM0FHaGg2ZzZkR09yTlNSRnVJbFBsZWZTZENkRXcySHdMUkVsSXNzR0t4ZnFZMi9wVzQyNnNkSTF5cmduay9JMzg0bUY4MWF1Z241M3pJcjdiTUZNU1ZwMXpjbVlsamFXNk9PdEx0bHlsWGU5aVhNMGVrL3VveTBqYU9QMTVIQ25OTTVUZThjdGtrMmRpNVVQdzBMcFRQckltTWRRZFQzM1RrQUlobXBqcVV3MCt2MVQram1iQT18&cppv=2
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cc58bc24f61505fa4381b21b52bd972d422580ef6679af0fc97adf9f9264fdb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1178309
expires
0

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:26 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=pvMHJHx2ZWlZUE1ZVVZEM3Avc3VPNjY5a2ZkZGJLUkQwRFQydkpITk1xaGliOFI3WWxIWnZTZW5sN1owZjAwWmtkV3hUbzlsWmk1MVFrcDRReGpUSmI5Qmo3VjZIdEpHNi9hczJlUDllTEF0eW5BZExjSE81eEVmdTdRM0FHaGg2ZzZkR09yTlNSRnVJbFBsZWZTZENkRXcySHdMUkVsSXNzR0t4ZnFZMi9wVzQyNnNkSTF5cmduay9JMzg0bUY4MWF1Z241M3pJcjdiTUZNU1ZwMXpjbVlsamFXNk9PdEx0bHlsWGU5aVhNMGVrL3VveTBqYU9QMTVIQ25OTTVUZThjdGtrMmRpNVVQdzBMcFRQckltTWRRZFQzM1RrQUlobXBqcVV3MCt2MVQram1iQT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
264638
content-length
0
expires
0
e.js
live.demand.supply/e/ 		0
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=d&sc=yalla-shoots.tv_native_multi_native1&err=Cannot%20convert%20undefined%20or%20null%20to%20object&e=as&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.5.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id
01H37XBZTS5HKQ2F1CQXNBQG5A
date
Tue, 18 Jul 2023 17:14:27 GMT
cf-cache-status
HIT
age
450580
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"081b1367cd2301d3bf23f0a40952d236-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7e8c5c722ef01e4a-FRA
631a2480b3d08269680f4be2
feed.avplayer.com/backend/api/playlist/ 		5 KB
936 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://feed.avplayer.com/backend/api/playlist/631a2480b3d08269680f4be2?AV_TAGID=63e0c53d06b87484dc0f3a56&pid=63e0c30829bdc76cde070e85&cid=63e0c35e9283893b7f0c04f6&AV_TEMPID=62c2a28af9382161a05f9104&AV_PUBLISHERID=63e0c30829bdc76cde070e85
Requested by
Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=63e0c53d06b87484dc0f3a56&AV_PUBLISHERID=63e0c30829bdc76cde070e85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
b0e5ffbe1fbf32b9f80e09a1c81a35f51defe2846347e186184e3cea5a264280

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
gzip
x-hw
1689700467.dop098.fr8.t,1689700467.cds329.fr8.hn,1689700467.cds280.fr8.p
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
avcplayer.js
player.avplayer.com/script/2/v/ 		251 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/v/avcplayer.js
Requested by
Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=63e0c53d06b87484dc0f3a56&AV_PUBLISHERID=63e0c30829bdc76cde070e85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 17:18:44 GMT
etag
"1646327924"
x-hw
1689700467.dop231.fr8.t,1689700467.cds120.fr8.hn,1689700467.cds249.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
61326
track
servt.modoro360.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.modoro360.com/track?pid=63e0c30829bdc76cde070e85&cid=63e0c35e9283893b7f0c04f6&cb=1689700467619&r=yalla-shoots.tv&stagid=63e0c53d06b87484dc0f3a56&stplid=62c2a28af9382161a05f9104&d35=&d65=Test1&d66=7&d74=&e=playerLoaded&cpid=631a2480b3d08269680f4be2&str=viewable
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.220.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-220-14.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
hd.php
dalbouh.xyz/ Frame 0B4A 		273 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dalbouh.xyz/hd.php?lang=hd&ch=hd6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.233.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c8dad664444c99e0f275a40a84f325cbd3dee089a6b3bf7d87618ef5bcd7b3c

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7e8c5c72a9002c37-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 18 Jul 2023 17:14:27 GMT
last-modified
Tuesday, 18-Jul-2023 17:14:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24ZyVqgW8eePVybwmUTTcoyLMDVhWXb%2BJ4U%2FRWdknWNK6W7PUqlTCzt%2FWPWU8Qnis%2BI5cXnafXnFDNq812qJD%2FMawIlnW2Z%2FlGcver0zeosahL%2FMA%2By5bvhqHHoJOw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
container.html
a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EF99 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 17:14:27 GMT
expires
Wed, 17 Jul 2024 17:14:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.05&b=2&r=yalla-shoots.tv_fluid_lb%2Bsq&sy=64e53e73-fd4e-4117-bc08-114ae8d54619&ts=83&cd=2&pud=281&pus=c&pue=423&pid=23&pis=c&pie=446&ppd=41&pps=a&ppe=464&pcl=221&ttc=602&tti=949&ttif=0&lca=464&lcak=ppe&lct=464&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=c677851b-eb3a-4f42-9848-077d0b71f2d2&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.5.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id
01H37XBZTS5HKQ2F1CQXNBQG5A
date
Tue, 18 Jul 2023 17:14:27 GMT
cf-cache-status
HIT
age
450580
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"081b1367cd2301d3bf23f0a40952d236-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7e8c5c72cfab1e4a-FRA
e.js
live.demand.supply/x/ 		0
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=fs&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.5.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id
01H3JKZF05SFAJXXME64R3M1YJ
date
Tue, 18 Jul 2023 17:14:27 GMT
cf-cache-status
HIT
age
1292252
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"081b1367cd2301d3bf23f0a40952d236-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7e8c5c72cfbb1e4a-FRA
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307110101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80d0ebc5020bc903518de9b8211a81b85468fd92d728fd7d7a06373ccbef0092
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11863
x-xss-protection
0
A-letterbigger_Savir.png
jscdn.greeter.me/ 		945 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jscdn.greeter.me/A-letterbigger_Savir.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Sun, 10 Jul 2022 13:45:06 GMT
x-amz-request-id
tx000000000000017b064d4-0064b6c5c0-ad92bddc-fra1b
etag
"f07519ec5fbc46385f386b577e6e2a1d"
x-envoy-upstream-healthchecked-cluster
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1689700467.dop237.fr8.t,1689700467.cds133.fr8.hn,1689700467.cds205.fr8.c
content-type
image/png
cache-control
max-age=2909
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
945
container.html
a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2137 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 17:14:27 GMT
expires
Wed, 17 Jul 2024 17:14:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.05&b=2&r=yalla-shoots.tv_fluid_lb%2Bsq&sy=64e53e73-fd4e-4117-bc08-114ae8d54619&ts=83&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=c677851b-eb3a-4f42-9848-077d0b71f2d2&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.5.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id
01H37XBZTS5HKQ2F1CQXNBQG5A
date
Tue, 18 Jul 2023 17:14:27 GMT
cf-cache-status
HIT
age
450580
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"081b1367cd2301d3bf23f0a40952d236-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7e8c5c72fffd1e4a-FRA
hb_739813_17175.js
player.aplhb.adipolo.com/prebidlink/469361/ 		290 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aplhb.adipolo.com/prebidlink/469361/hb_739813_17175.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.tvhead.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
f8aa9a880d6e487e7842722fbaee7c4c914803cef2baf4f92b76167b48df3bad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2022 12:00:43 GMT
server
nginx
etag
W/"63a0526b-48644"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Tue, 18 Jul 2023 18:14:27 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		84 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.tvhead.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cdb0cb4b387f5eb0674c7326a7c587dbe8104f15e8d75e2397008c9880e006ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28292
x-xss-protection
0
server
cafe
etag
449 / 19556 / 31076055 / config-hash: 4204293080503520112
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 18 Jul 2023 17:14:27 GMT
wrapper_hb_739813_17175.js
player.aplhb.adipolo.com/prebidlink/469361/ 		2 KB
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aplhb.adipolo.com/prebidlink/469361/wrapper_hb_739813_17175.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.tvhead.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
cba78783503f962e24d09c78f38add0360021817317c6972d14e37e250b52e3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2022 12:13:01 GMT
server
nginx
etag
W/"63a0554d-685"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Tue, 18 Jul 2023 18:14:27 GMT
gpt.js
www.googletagservices.com/tag/js/ 		84 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.tvhead.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f6ab6e46a2192ed55c908924ebd8ba3fc8c299e763232040dd21f5d6b97fda6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28246
x-xss-protection
0
server
cafe
etag
260 / 19556 / 31076102 / config-hash: 4204293080503520112
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 18 Jul 2023 17:14:27 GMT
adipolo_logo.png
adipolo.com/wp-content/uploads/2020/06/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
cf-cache-status
HIT
last-modified
Tue, 02 Jun 2020 09:04:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2780431
etag
"5ed61610-1b9c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9BumRy448lWdUGDsR%2FaXH24%2FcvTMb6CFxP%2Bhne553t5DDpxuzZMEcRUlPD97%2BYZDRDeuPClRAJwMGbURWKZkp%2Fjgir2b%2FNsV1X0i5YLD9TCSZ%2B0R6TicuuTsI8O8THQot7MzMJ7wUSCkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7e8c5c733b2f2c65-FRA
alt-svc
h3=":443"; ma=86400
content-length
7068
js
www.googletagmanager.com/gtag/ 		215 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DSJ81X88Y5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-230085360-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
96c455dfd2b40b0db7ede3b5481ea3bf96db23078327e40e948d10c62eed1545
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77920
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 18 Jul 2023 17:14:27 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-230085360-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 18 Jul 2023 16:35:19 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2348
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 18 Jul 2023 18:35:19 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B984 		624 B
827 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTh_a4CELX1oJkEGIrJqu8BMAE&v=APEucNX3TX5L4uv621ItueYQD57VwDg72qimRHCMeummdxBwSbbzJaV1UQ4fdpnXwVDdqKXXFMEIpI1HhRsqp_GWcUfeviWOVP32jDvoAsl1NK2vl6IJ0G_8pqaYGEHNdMs4jz51CkxQXAUb1Nzb1tTGlgKvdAk0YilfPbxVK6aw5u_gceSKe11TNE9_W_Fb_FmZQAGd2w20F8iW0mrqlvS7nNUVDQTQ1w
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 17:14:27 GMT
expires
Tue, 18 Jul 2023 17:14:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame EF99 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29781
x-xss-protection
0
server
cafe
etag
4315658989838864570
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 18 Jul 2023 17:14:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EF99 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CrWkiMpwfK2kthKluo1nXiF-aKOQusql7Zazq8SkMXho3U4NImLKi4LOFhY8bAWnUxtsBVwCNaYWVdOPbiN95OPWq2diGCpgjXAPzbxBFwSmXifr0
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EF99 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12448798890644533379&x=1&ct=76
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame EF99 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 16:10:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
3823
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Aug 2023 16:10:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame EF99 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8291
x-xss-protection
0
server
cafe
etag
17061476539903440100
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Aug 2023 17:06:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EF99 		179 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689594152080714"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 17:14:27 GMT
A-letterbigger_Savir.png
jscdn.greeter.me/ 		945 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jscdn.greeter.me/A-letterbigger_Savir.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Sun, 10 Jul 2022 13:45:06 GMT
x-amz-request-id
tx000000000000017b064d4-0064b6c5c0-ad92bddc-fra1b
etag
"f07519ec5fbc46385f386b577e6e2a1d"
x-envoy-upstream-healthchecked-cluster
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1689700467.dop237.fr8.t,1689700467.cds133.fr8.hn,1689700467.cds205.fr8.c
content-type
image/png
cache-control
max-age=2909
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
945
hd6.php
v3.sportsonline.sx/channels/hd/ Frame C758 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://v3.sportsonline.sx/channels/hd/hd6.php
Requested by
Host: dalbouh.xyz
URL: https://dalbouh.xyz/hd.php?lang=hd&ch=hd6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dee5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
66ca5ac6821c76acf8ba71a4abac6884ae8348af1951fb768f8c7462cd7f71b1

Request headers

Referer
https://dalbouh.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e8c5c73895391ea-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 18 Jul 2023 17:14:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQufUHFvwg9wQMa65NqFpIwsVWtezKSjovSBBQJlhksp209abye9f3lxSpA%2Fc87CbzbmMmzp3SftK73uauWTpkOF5FUhVqTFQby5emgc65OC5759sUCDAe3vfZD3Vo883ej6nohYP%2FIFv8lvb%2B0mQvA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.2.34
pixel
googleads.g.doubleclick.net/xbbe/ Frame 518B 		624 B
505 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNXOMrE51jdZikCEDvYUQII6IFGP10YZSfUBgLHfYBiOdK6C2clD1z3_JYWBk5mg-vNXPJLIen8uYpdYMFL93CUap3aIApendY9L0v-OBVfaXcXUNpo9PZBH6xbNBMzIqr_5A6YIzsaw9jCnSRDZc-ZmrwTCAGjqdzQOCrguTAf6JFsZyyIYfWc5-K3ek2guVOEHPNYFqwkl7_CkV0MjKp-UYYZrcA
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 17:14:27 GMT
expires
Tue, 18 Jul 2023 17:14:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 2137 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29781
x-xss-protection
0
server
cafe
etag
4315658989838864570
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 18 Jul 2023 17:14:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2137 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A-5luOaXDL61gRQSTGxMVeH8NkBzEQGjMoVkpX24ebeg6i-aaq61XRY8PpikdodRb4G8TfYacY5dGkNZWWuixFt9UwbE2M-k8wv_RasMB-ANZTtC4
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2137 		0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10033980739377459214&x=1&ct=77
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 2137 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 16:10:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
3823
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Aug 2023 16:10:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 2137 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8291
x-xss-protection
0
server
cafe
etag
17061476539903440100
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Aug 2023 17:06:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2137 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689594152080714"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 17:14:27 GMT
container.html
a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 37C6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 17:14:27 GMT
expires
Wed, 17 Jul 2024 17:14:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		182 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		834 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
e.js
live.demand.supply/e/ 		0
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.1&b=2&r=yalla-shoots.tv_auto_728x90_sticky_display_bottom&sy=64e53e73-fd4e-4117-bc08-114ae8d54619&ts=83&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=c677851b-eb3a-4f42-9848-077d0b71f2d2&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.5.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id
01H37XBZTS5HKQ2F1CQXNBQG5A
date
Tue, 18 Jul 2023 17:14:27 GMT
cf-cache-status
HIT
age
450580
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"081b1367cd2301d3bf23f0a40952d236-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7e8c5c73386d1e4a-FRA
pixel
googleads.g.doubleclick.net/xbbe/ Frame A876 		624 B
504 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRDDtunGBBil54XuATAB&v=APEucNUIoFNNwjcjFW8OGDa2MpNUcWriFVzrqEu3ECJH-5ajVtNG3XT_74TaO7jILVCIvNspN6A2-BMVHBhMF_czWYARX1kjamOT9XzJ0gWdxC066DXWTwtj8y54ynl7WboaZkhZnHdqu6p0fda_1t_yFzXzCl7S248kV0g5quv23u52fn41BgjhfyItkZ0QnqY7rSK5vl6WgdJsVqf9kJ11kMFjY1ZbmQ
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 17:14:27 GMT
expires
Tue, 18 Jul 2023 17:14:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 37C6 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29781
x-xss-protection
0
server
cafe
etag
4315658989838864570
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 18 Jul 2023 17:14:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 37C6 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BFo0GCuXtyEixJi5sRnKcYl3oIq3seGqerUKHtoyFjPFWg--WV4NV1AZQxy37Kp7grciHFXr0PI1ZSZ6sAFHPWQWFRDc02Smb5NkEXqso0fNEUwn4
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 37C6 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14930560863192350781&x=1&ct=76
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 37C6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=29074404&cmp=30088679&plc=369086996&sid=8754143&dvregion=0&unit=728x90
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:6::17d5:a18f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
db556c877765791cfa9dc4febd9a83ab0dfdd29245b4c0ca786911f4ada39bbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 08:57:29 GMT
Server
UploadServer
ETag
"0a227e506cc4cb4f9940be0b4f6d5c1e"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=86400,no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
925
Expires
Wed, 12 Jul 2023 08:57:55 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 37C6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 16:10:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
3823
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Aug 2023 16:10:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 37C6 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8291
x-xss-protection
0
server
cafe
etag
17061476539903440100
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Aug 2023 17:06:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 37C6 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689594152080714"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 17:14:27 GMT
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DSJ81X88Y5&gtm=45je37c0&_p=948966620&cid=1232595036.1689700467&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&ngs=1&_s=1&sid=1689700467&sct=1&seg=0&dl=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11511%2F1042679%2Fvalencia-vs-nottingham-forest%2F&dt=%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9%20%D9%81%D8%A7%D9%84%D9%86%D8%B3%D9%8A%D8%A7%20%D9%88%20%D9%86%D9%88%D8%AA%D9%8A%D9%86%D8%BA%D9%87%D8%A7%D9%85%20%D9%81%D9%88%D8%B1%D8%B3%D8%AA%20-%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D9%88%D8%AF%D9%8A%D8%A9%20-%20%D8%A3%D9%86%D8%AF%D9%8A%D8%A9%20-%202023-07-18&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DSJ81X88Y5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/ 		0
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_interstitial_desktop&e=nai&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.5.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id
01H37XBZTS5HKQ2F1CQXNBQG5A
date
Tue, 18 Jul 2023 17:14:27 GMT
cf-cache-status
HIT
age
450580
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"081b1367cd2301d3bf23f0a40952d236-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7e8c5c73a9201e4a-FRA
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 18 Jul 2023 17:14:27 GMT
rum
dsum-sec.casalemedia.com/ Frame B984
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKBnS8IWuGTY-k9d9UKAnxU&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKBnS8IWuGTY-k9d9UKAnxU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTh_a4CELX1oJkEGIrJqu8BMAE&v=APEucNX3TX5L4uv621ItueYQD57VwDg72qimRHCMeummdxBwSbbzJaV1UQ4fdpnXwVDdqKXXFMEIpI1HhRsqp_GWcUfeviWOVP32jDvoAsl1NK2vl6IJ0G_8pqaYGEHNdMs4jz51CkxQXAUb1Nzb1tTGlgKvdAk0YilfPbxVK6aw5u_gceSKe11TNE9_W_Fb_FmZQAGd2w20F8iW0mrqlvS7nNUVDQTQ1w
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 17:14:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKBnS8IWuGTY-k9d9UKAnxU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B984
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLbIc-ae0U9MlyvHuknCMwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTh_a4CELX1oJkEGIrJqu8BMAE&v=APEucNX3TX5L4uv621ItueYQD57VwDg72qimRHCMeummdxBwSbbzJaV1UQ4fdpnXwVDdqKXXFMEIpI1HhRsqp_GWcUfeviWOVP32jDvoAsl1NK2vl6IJ0G_8pqaYGEHNdMs4jz51CkxQXAUb1Nzb1tTGlgKvdAk0YilfPbxVK6aw5u_gceSKe11TNE9_W_Fb_FmZQAGd2w20F8iW0mrqlvS7nNUVDQTQ1w
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 17:14:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B984
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEC_dhGR-0VLdBR5N2KaFwjs&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEC_dhGR-0VLdBR5N2KaFwjs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTh_a4CELX1oJkEGIrJqu8BMAE&v=APEucNX3TX5L4uv621ItueYQD57VwDg72qimRHCMeummdxBwSbbzJaV1UQ4fdpnXwVDdqKXXFMEIpI1HhRsqp_GWcUfeviWOVP32jDvoAsl1NK2vl6IJ0G_8pqaYGEHNdMs4jz51CkxQXAUb1Nzb1tTGlgKvdAk0YilfPbxVK6aw5u_gceSKe11TNE9_W_Fb_FmZQAGd2w20F8iW0mrqlvS7nNUVDQTQ1w
Protocol
H2
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
an-x-request-uuid
85a56aac-dec4-4722-8fe3-dd73114a81fc
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.138; 178.162.209.138; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEC_dhGR-0VLdBR5N2KaFwjs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B984
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk4NTg5NjcyODMzMzA3Mjk4MA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk4NTg5NjcyODMzMzA3Mjk4MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTh_a4CELX1oJkEGIrJqu8BMAE&v=APEucNX3TX5L4uv621ItueYQD57VwDg72qimRHCMeummdxBwSbbzJaV1UQ4fdpnXwVDdqKXXFMEIpI1HhRsqp_GWcUfeviWOVP32jDvoAsl1NK2vl6IJ0G_8pqaYGEHNdMs4jz51CkxQXAUb1Nzb1tTGlgKvdAk0YilfPbxVK6aw5u_gceSKe11TNE9_W_Fb_FmZQAGd2w20F8iW0mrqlvS7nNUVDQTQ1w
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
an-x-request-uuid
61e5d2a0-0d6f-42fc-9d60-0efe8116bee8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk4NTg5NjcyODMzMzA3Mjk4MA%3D%3D
x-proxy-origin
178.162.209.138; 178.162.209.138; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=948966620&t=pageview&_s=1&dl=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11511%2F1042679%2Fvalencia-vs-nottingham-forest%2F&ul=en-us&de=UTF-8&dt=%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9%20%D9%81%D8%A7%D9%84%D9%86%D8%B3%D9%8A%D8%A7%20%D9%88%20%D9%86%D9%88%D8%AA%D9%8A%D9%86%D8%BA%D9%87%D8%A7%D9%85%20%D9%81%D9%88%D8%B1%D8%B3%D8%AA%20-%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D9%88%D8%AF%D9%8A%D8%A9%20-%20%D8%A3%D9%86%D8%AF%D9%8A%D8%A9%20-%202023-07-18&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=175392097&gjid=661227845&cid=1232595036.1689700467&tid=UA-230085360-1&_gid=32777644.1689700468&_r=1&gtm=457e37c0&jsscut=1&z=988587550
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
hbw_master_739813_17175.js
player.aplhb.adipolo.com/prebidlink/19556/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aplhb.adipolo.com/prebidlink/19556/hbw_master_739813_17175.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/469361/wrapper_hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
a31e81b5ee962da98d89c99da3f964c57755440e8b8e0c950b6cf63f4f29b7fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2022 12:13:01 GMT
server
nginx
etag
W/"63a0554d-152fa"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Tue, 18 Jul 2023 18:14:27 GMT
rum
dsum-sec.casalemedia.com/ Frame 518B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNXOMrE51jdZikCEDvYUQII6IFGP10YZSfUBgLHfYBiOdK6C2clD1z3_JYWBk5mg-vNXPJLIen8uYpdYMFL93CUap3aIApendY9L0v-OBVfaXcXUNpo9PZBH6xbNBMzIqr_5A6YIzsaw9jCnSRDZc-ZmrwTCAGjqdzQOCrguTAf6JFsZyyIYfWc5-K3ek2guVOEHPNYFqwkl7_CkV0MjKp-UYYZrcA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 17:14:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 518B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLbIc-ae0U9MlyvHuknCMwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNXOMrE51jdZikCEDvYUQII6IFGP10YZSfUBgLHfYBiOdK6C2clD1z3_JYWBk5mg-vNXPJLIen8uYpdYMFL93CUap3aIApendY9L0v-OBVfaXcXUNpo9PZBH6xbNBMzIqr_5A6YIzsaw9jCnSRDZc-ZmrwTCAGjqdzQOCrguTAf6JFsZyyIYfWc5-K3ek2guVOEHPNYFqwkl7_CkV0MjKp-UYYZrcA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 17:14:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 518B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEC_dhGR-0VLdBR5N2KaFwjs&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEC_dhGR-0VLdBR5N2KaFwjs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNXOMrE51jdZikCEDvYUQII6IFGP10YZSfUBgLHfYBiOdK6C2clD1z3_JYWBk5mg-vNXPJLIen8uYpdYMFL93CUap3aIApendY9L0v-OBVfaXcXUNpo9PZBH6xbNBMzIqr_5A6YIzsaw9jCnSRDZc-ZmrwTCAGjqdzQOCrguTAf6JFsZyyIYfWc5-K3ek2guVOEHPNYFqwkl7_CkV0MjKp-UYYZrcA
Protocol
H2
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
an-x-request-uuid
25194ee7-082a-4e49-80f7-159102481be8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.138; 178.162.209.138; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEC_dhGR-0VLdBR5N2KaFwjs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 518B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk4NTg5NjcyODMzMzA3Mjk4MA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk4NTg5NjcyODMzMzA3Mjk4MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNXOMrE51jdZikCEDvYUQII6IFGP10YZSfUBgLHfYBiOdK6C2clD1z3_JYWBk5mg-vNXPJLIen8uYpdYMFL93CUap3aIApendY9L0v-OBVfaXcXUNpo9PZBH6xbNBMzIqr_5A6YIzsaw9jCnSRDZc-ZmrwTCAGjqdzQOCrguTAf6JFsZyyIYfWc5-K3ek2guVOEHPNYFqwkl7_CkV0MjKp-UYYZrcA
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
an-x-request-uuid
2dd1bb72-8017-4af2-b34a-a2e0869765a3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk4NTg5NjcyODMzMzA3Mjk4MA%3D%3D
x-proxy-origin
178.162.209.138; 178.162.209.138; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A876
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRDDtunGBBil54XuATAB&v=APEucNUIoFNNwjcjFW8OGDa2MpNUcWriFVzrqEu3ECJH-5ajVtNG3XT_74TaO7jILVCIvNspN6A2-BMVHBhMF_czWYARX1kjamOT9XzJ0gWdxC066DXWTwtj8y54ynl7WboaZkhZnHdqu6p0fda_1t_yFzXzCl7S248kV0g5quv23u52fn41BgjhfyItkZ0QnqY7rSK5vl6WgdJsVqf9kJ11kMFjY1ZbmQ
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 17:14:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A876
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLbIc-ae0U9MlyvHuknCMwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRDDtunGBBil54XuATAB&v=APEucNUIoFNNwjcjFW8OGDa2MpNUcWriFVzrqEu3ECJH-5ajVtNG3XT_74TaO7jILVCIvNspN6A2-BMVHBhMF_czWYARX1kjamOT9XzJ0gWdxC066DXWTwtj8y54ynl7WboaZkhZnHdqu6p0fda_1t_yFzXzCl7S248kV0g5quv23u52fn41BgjhfyItkZ0QnqY7rSK5vl6WgdJsVqf9kJ11kMFjY1ZbmQ
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 17:14:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A876
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEC_dhGR-0VLdBR5N2KaFwjs&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEC_dhGR-0VLdBR5N2KaFwjs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRDDtunGBBil54XuATAB&v=APEucNUIoFNNwjcjFW8OGDa2MpNUcWriFVzrqEu3ECJH-5ajVtNG3XT_74TaO7jILVCIvNspN6A2-BMVHBhMF_czWYARX1kjamOT9XzJ0gWdxC066DXWTwtj8y54ynl7WboaZkhZnHdqu6p0fda_1t_yFzXzCl7S248kV0g5quv23u52fn41BgjhfyItkZ0QnqY7rSK5vl6WgdJsVqf9kJ11kMFjY1ZbmQ
Protocol
H2
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
an-x-request-uuid
489e87d4-b176-4347-9c46-dff8bffaccf6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.138; 178.162.209.138; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEC_dhGR-0VLdBR5N2KaFwjs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A876
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk4NTg5NjcyODMzMzA3Mjk4MA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk4NTg5NjcyODMzMzA3Mjk4MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRDDtunGBBil54XuATAB&v=APEucNUIoFNNwjcjFW8OGDa2MpNUcWriFVzrqEu3ECJH-5ajVtNG3XT_74TaO7jILVCIvNspN6A2-BMVHBhMF_czWYARX1kjamOT9XzJ0gWdxC066DXWTwtj8y54ynl7WboaZkhZnHdqu6p0fda_1t_yFzXzCl7S248kV0g5quv23u52fn41BgjhfyItkZ0QnqY7rSK5vl6WgdJsVqf9kJ11kMFjY1ZbmQ
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
an-x-request-uuid
0171f4c5-e271-4cc4-ae31-f8d089c97615
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk4NTg5NjcyODMzMzA3Mjk4MA%3D%3D
x-proxy-origin
178.162.209.138; 178.162.209.138; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EF99 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3541104534699&version=m202306200101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EF99 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3541104534699&version=m202306200101&ct=76&x=1&cor=12448798890644533000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame EF99 		72 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5MqPFOutLeJWqxN8PYxw16scCcqBF9A04l44H3Uwe_gFOU3uR3kyfZoD-EkkiflmQJDgBFC-f8TN4i2AbDVz4_X2MoQ&cry=1&dbm_d=AKAmf-CF06BrIFV7BTazbfrC6jVha2VzDt1iLPCrsG3wx8X0vuypgErAx9db4U5L2Aw8Co8b3xhDqviWGEjpgGSIl0-Gmwa06XnW2yA3FjrTxWdRQt6BCua4wBAxsHo06a7fHA16STapdDanhue19Z14x5BJBkM0HUeH1O09DBu5ifINOmEBmxMbPtUddEY4zfsQyKWS8RnkB82LEGTaWu-RjDUgF51JoyFMqWmW-NZhLFKKNHgTVgUbEnXVBoLaD-ehBTNhhvEj9aPmYcq-c0JcWkRdvRNMhx223czSAWYwoLf20dAG6XiqbaMr0Jw-Yfg3Uwmiogt-e6vZUPPKrkwmRBcc_CHrJxHRHLrSrL4Z4iYBmE15ji-Q_y82G-rggJ0uaiN8__7hrcFBKcwMd-UergWLK6LFlO3keq0_uMjV1dl3VNMS6oMNB3LiLekFPmLzzyC1fqAjHGyOO_0J1iR1eQ4KVkO0vef3O-GGNn9hDu3zZm0qy4u9P3rs8ZtrBB0tygM6eOrr4oAmWva_BXcNXesiyOfIryRkeLZdhuFYRVwFY5rzdSXzymzstIiU6Zrd3REMwyiqGpjZIzWJa7tYnqE2m7y1J_etTFcli5AF4pd1d1ajapzUSCSU1w1u8kBSoYpRbBeBhfBMx7eag4C3AWt7l4zEA6c08ZQMCTEAwrASCoyWJ5DWflzISX_Cj6ux_0hD8zSMWI9PQ0LkNSSJWC4dMJIlI2AX_8kLwrPk7rMZ_0ja1h2LRGA9bxgy-we2gnSRUENy1SKWo4ESa46BAD8wphsbJtX0jb-ctWzmjt8H_vTcI-lXoiulHkR2W4aPJ6E4pQ8q9SAVNEZHZAXi9uuTlmMXdoWE66ZwTC6O1pLsLJgJjbpzhyt0imAYwDLXUxQpearM_yrDsJfRCqMVKUKPfmYEjuj0Ml94NBLTNJeyjN8VEvQzdPhcAlqCJa-IMGqKPMolmCNSfGwL6iHcDCD6NRWYHbScJ_G7jXrtZImPvBko1WqcFYR1W3X6S-XlvZYdcwBckPKgebBgP2KixdBqOnFxAHbKh4GsAtCf9WcnweW68TEdQi9VcojZ0SCyLEbntjab_AYrw4MrPxBLK7u1aeDTA9fTJB_ITkjW0k7stqmOjXKjbMXZaXhTDHTb1K3CbEvi9kxwejrk7CeBqy6l2TrUmHTHfTJuQ2oVAq5fLsMog1QdHSEoHtAfEpOEn29HN35XspuM6UDc2zGZsazDX7bZSy_fAP1l-wyTjhsR7lGH5QKxoPaFD4MLgM6n85Uq5zYsofvkUT2PmiGW35WwkVUqxjB5cUE9w4XSBiklf1EzsjJT3DBDfN1eerPOtBkZRi6ZbTrdtCVIcNUjDtsUu8-L34BPY6cIsTy0_-Tl8dl3od_y_LEsmOOJquiqhw81DGOYxtKIX9n8etHy_fDcf4XDLkymVDyQ9n6fatWT8KJpeb1oTK0MFy3kzMzob4-pzvxxUJbVtA1RmqBcyR0qNE0pXYqXiF2aHDNh1YhErStXzdCEJzFAvV2yHHSTNEXykhIvDogN6wx0zt4mM22kj3Agg4mt6wzAQ3eRqR1UKjCmX2bF1HF_ssChVGgkXdXPFx8DBGrHO5igH7E9Xs3nRKiHxDzEvd8ULhNGEoWS5VXRq4Wo3Acg-NA4sDz3dnay6zoGmoKhOH7l2lrcHYBHLg36sPIwANQtxfyQ3wKeWwqVACOXktLUi3KjisfsPiEzyU8kL3-y4MHvm0dmqjr0tFyCD7zb3xo0XAG16xO1Lfw4WICkoWjlvok_HHc8bPrg9RnYvCwtDQyWyVZ21Tdij140nusTTQanbAj7lDQELHZoOTEHk86GiPAONnR_16kJCobOP9SUmdAwglPS4e6y30g3z4qauEVpLvcj2bpH5NSEbkecFSMUBtQ53EMnNjU0Z-47khqrrGzWPBYJe-Zp5JnAg2SiJfGfSTxRsyKVE2paG4a5vnBlH-tem1nwGrvSk9TlK09HDtO49mxHasc2BUY-HGDnqH9R_UBQgIvnuZMPfO2N99whuQzZUvBAVz9SXAQlC4JrhpFM9B-AFZbo11xopI27wlp5SgxjTKsF1fTRqqJHWQ6IbJzpagfwTywCCyM9d19Lcl0DCzB-OiIqGCYBxRCDsUlU9oZVYB9Cavj2UMq3mwXNEhyFA7D3HcTG7TFxaA7KCeaRG0QCAmPt24BP15VeHSYrFpxAToB0Y7AyOmdkV-U59828-EhiatLfuAn0rB_tH21CQjtc9yZ9zY3fdWzfsJD7-Si84d1BGN8l3wPRmDLwous8S9FGMiw1Gbu6lzeQG_CVYcuMCmg00bAyIcpBddYBVLKOiWVjm3-wmbZiZA4gwywYya8U7Oja9xc5zoA9YzxGtbGrIRewjSb23004T1mYTt_hXPVnlP21-u8htX4efANcpJjMv4ejrnHpx909S0qeLqqN0VogT-gdaHX3R1rIUHdPK7deWER_0t3tUGYmhzu1hkrKYGAKm_XCLunDJSLZGIuL4hwH6tPKJAQ4ntBUrAwwCN5BxlDY0ahNoG_nFRUq4VNPuQgtYHEekEM7qFmaRW933AXnfTkZDuKJ8rjcm1aqONjTtod8PEUVecwsIHNmRKOFXRx7N8CIjwaUNiMn-gbRikAbT8EezXigHLyIzEc2SRUl1PZdrLkjEwAgcK0Y4M5MJb7DeHXl9Cglmq1QHtAdaSxg0yY2WRg2Zh8h48KRtXxNiyF9ov4K2NitVi1zPQiEiHmxLrKSQ26T2f1y-c9XEoel0ZC4P4WWj_IU5aEIg-3fUTskg5EKoL-fwbBXXyNWo27h7sCjkNHRW30Kpp604fp7vJBdfKCakFXrUeinyF0ZchvQKbARYk94_we6xslP1AMth232KyDm80KRjg72KTkFN6uVhpkNg9gt8rTAbpksTx209tHqV7TZLbn4AF4DtH7fa2oqpep2C_4HrOIQxcEGElkLzxkdGX6226cRmD3T_73VTzqPWv-q4Nnx2srUyK7FlLH2Fz4WQUue_UA1ifwfZ6mYXtjLK1o95wZo38ufQZSajOhNUeLX8KQX1xNIRVpSCieZfxhfLx2_JLyMVX7swZzaU4oUPxslhCzIfxn1NzwnsZ7xYHVtzXCcYbb2_ay8hmo3_R6IW_eSqXWdqI_Q0XcUQg_L8bC97XSQ2PtFUEuaOgZJOsLFy4MIGFmOmoSdVDlxcIBF-2pYVQbKsi5-6oiETTZS_oMnx3oHvjbtnB4LBTOdoBcxjtc9lRBeL-kItvSKOf1CaJowHwbUf71-uumNAsO5V-9mWUq-AWA55Nmir4V_zibL1XBKsLpK7diZk2X4uZggbrZ79Zx5Amx5NzoB6N0x3cdHgUNgTVy9Z02ZHO-OaMoueQ87LOIyhGJ-cC2yn50RpzgF_A74Y2Z_kSvC6DEa9JK4QFOzMH_Ec3xztrbuaIUQxyJCnt-_opGIcVRG8p9b3MuPggvYVGDasslLS6ayRyBpnw6dqnyGbMKVFiEnRrJxk5loa-HbckIsVA1Dl9Jt5ttXz4KQNUwUlWz_DTt_IK-GZDYew9AoTkQ2Obo&cid=CAQSSwBpAlJWNLfHo7QpLtg_29_XCMAlZvz0QNNVL9SQFnXNwRJt8Tu7P_U5M0ZraviryfHBuNJZXTr428mUif8jTJ-mAlOiM14VHin4WRgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=12448798890644533000&adk=250412560&idt=123&cac=0&dtd=27
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7aced49161163e4be2dc84d905b881dfa6665b0202ab3a748b1f0d1dadf06dee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33586
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 236F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3030
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 16:23:57 GMT
expires
Wed, 17 Jul 2024 16:23:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8FA1 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4c3b617e086c78b053fd4b9c1f641e1c9870e54f4febbbcaaebd46a866fb2c1c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-x-2JrxWUUfjHlxCe5ew9Sg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-x-2JrxWUUfjHlxCe5ew9Sg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 17:14:27 GMT
expires
Tue, 18 Jul 2023 17:14:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/ 		385 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
favicon.ico
storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.95.4.204 , France, ASN16276 (OVH, FR),
Reverse DNS
ip204.ip-141-95-4.eu
Software
/
Resource Hash
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:27 GMT
X-Openstack-Request-Id
txe59330fccf34489fa5867-0064b6c873
Last-Modified
Sun, 31 Jan 2021 12:57:34 GMT
Etag
7bf4f6782dee3b520a65ff84286e3691
Content-Type
image/x-icon
X-Timestamp
1612097853.12655
Accept-Ranges
bytes
Content-Length
15086
X-Trans-Id
txe59330fccf34489fa5867-0064b6c873
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
container.html
a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FB26 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 17:14:27 GMT
expires
Wed, 17 Jul 2024 17:14:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.2&b=2&r=yalla-shoots.tv_fluid_sky%2Bsq&sy=64e53e73-fd4e-4117-bc08-114ae8d54619&ts=83&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=1024x600&mlbw=4g&mlcs=NaN&mltp=c677851b-eb3a-4f42-9848-077d0b71f2d2&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.5.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id
01H37XBZTS5HKQ2F1CQXNBQG5A
date
Tue, 18 Jul 2023 17:14:28 GMT
cf-cache-status
HIT
age
450581
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"081b1367cd2301d3bf23f0a40952d236-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7e8c5c748a6b1e4a-FRA
Yamkarish.mp4
cdn-adipolo.urekamedia.com/test/a92a53cfdb1b435a8/ 		512 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn-adipolo.urekamedia.com/test/a92a53cfdb1b435a8/Yamkarish.mp4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash

Request headers

Referer
https://yalla-shoots.tv/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range
bytes=0-

Response headers

x-77-pop
frankfurtDE
date
Tue, 18 Jul 2023 17:14:28 GMT
x-cache
HIT
x-77-cache
HIT
Content-Range
bytes 0-900871/900872
x-age
866300
x-accel-date
1688834168
Content-Length
900872
x-77-nzt
AcO1qhEx9mP//DcNAA
x-accel-expires
@1689870968
last-modified
Tue, 06 Sep 2022 14:19:18 GMT
server
CDN77-Turbo
etag
"631756e6-dbf08"
x-77-nzt-ray
4c1562248747994274c8b664c4194d01
content-type
video/mp4
access-control-allow-origin
*
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2137 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9462214537791&version=m202306200101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2137 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9462214537791&version=m202306200101&ct=77&x=1&cor=10033980739377460000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 2137 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-hk645ivAmJH4-wmuCOYDu98SvdCsJu8qdf3TAFsv-PwKRMbdPTGoZy4CI_ZtlyXCe4oBJ07-7LwsGPlcUYbcUXASqJS54yIUlAosa79LGB-I4Qg2YVogoior3uvllEQxy8LagS4Mq9fCKu41OWfm-qEjnj1B78T48A1uxmSGZ3wFAMs&cry=1&dbm_d=AKAmf-AKBwubu-Cw70RI6DRmzPdcPlL_gQ1hH0zJhVSzQfjiL3egVXCZNNistrCdrYSzKbSCURXgUKyv-Za1fdt2QCwC2mlf9hC9AvgqcTGdTsvyv1JdOLerUjykGKUDr3kt2GY5s2_zX9NRSqx-NRt1buE8-ej0L5Ep0gEr0uBn2Vk5DUov3-8IsDfp_wPLhlisrM7yfrrb6jzpIKnkiBcA2sSUNX4lP2zmUjlHCBu_z3SJg3XBV8tXrNQbwjkaRh_hOCt45JQxCIzwVn3EIKk5sGiEh7ZIj2DoA84H1n0AiKOpqWkuxDbCDQwshP623F6_blxKn2JsAIAib2FJSUPbjb2cW8wAb1MWprDp_q2P0aAdNcs2cqNMI7yGAPD0H9oNNeJDL5xuWCWJoFPGd2m8bUsl61vGc4ytMklPTZAB1THISmIORjvC5XEm7-wMT6OOBUjXAU_02KSr3AjnTkXwn66jsjhieXGtuNv2YAAr-N3Xdq52PeYiBHVefKICNVyEfnsHflQk7O_wrpBhdpCj_8o4zVhv7KDjEx0TEAlavA-F8Tg86zvDbTXQ7I5BM1fxvWWZ0meQL9V4pWxqjW9UtxWNYGIqNr1PpT5LHQDsmg7Q8ZunNQQSbpaNqcioigE_h61TOY19SoYyNZckChCHlkuk5jDsHtACoLoD2idM3d4NIXwW__RG0-sxRsSg62Av3sQRETLnzyq2cPiq7nYw_WJW48v8xpjQn41yaa3wPdmj8Fqxh7zD-hM1M3Fs_RdZgcjX57_1s8gkS_8QRZ8w4DJeiLcrT78uEwsQj9UF5Kuv1mqz2KxCXvsbUdR8vxXzy06oke990iYjbxrXx6pEQ8MrOO8BjcRKPBuKrc5t0n0o0wnF-Lprlahl3AqTGxQAgfJ1YfaPeZSqOqBnjD6hPNsJBDrJJP4lpx5WoxvXl2-sLZ-nZ5Enebn5MLjJQ0siIbFQly5H_6TGC22wlwFpX2NSKOWAtxdJnMs0JI7xqsPm3c5EHTTAnySxEOs7pvQP8mA6gKlVqD7aE6SHuvnMuzNLTmIrCcY_qugsM129LIQAbpO4zcffwAw1pYn4IX99kbU84G8Bf1XtFSNYeMj1FOps5WbuOBc9PI_7XRywtvA0cCpzQat9su_cP-R6LaeRR4Lu13NChQN-pbMMZncYl5hMukqLe3PXzRXJtvnIh_-DKapKWYQnkCqhCUBGJl0A3bFnNQ1RuHFpoWdKQUAeh727CTvnH8Un9JHjE92OaSdPLStjXNFPOUh3gyvy6KrwLBpyQzUPB1OZrV9ABLn16ZMrSsUKo0ehGukfKVwAZ7QDhR6W1v_Ai5fw_7ztFKa_4UDbQrYCQxLdAMA8yFVdBPZl-4a2mLw6IbccthSCKC4jpIrseyxTbebe2QixIl3fl10wnQucKqOjEEyFhdOWvKlAdynX3qSA8gCz3-k3bOEsCFepwuqh7lQKXcm29m1cNHWY3BDTRq4rQ3dAdg41SAJiKn_xp_gv7LoTAbUYEsqRAMPztIdRzlfUohIX6ad6hAZq2UAW_ynCUkdmPvGTqEEwacKwCwIVFpY9lx5gza0ATNvj5rkilNjtp1dPhQb2HFlrPCUgwqXDq6DfsBkHTzY29EaA2sbVnGbqRWEVRz6vqH1wnehtTG2ZHVXR42YsudOWvhZxgYrvEYaq1Pweg_G6oaH2A0XknE_ZIwjv0LYUKTCAqDakvgNZ56d8vfZ77o6tOb0Me3I49kvimisS1IRCqJcl-kpkitMYyLcQwY6FcdRfLYzkSq8jdUcO2uZ-Ngl17W1bgnd-Cz3ni_Sp6MtXO0_WdOik1rBbAyrqYyEdI6i5NMGYhXdSW-S-kJO_LRuvQTmNa_662KJDcMqeg3bHP7ith6H_SkiFTgsk9XUIDNiUiuAOJoCUfOOJWVM6n-H3eeoJ9SaLjTO6XuAWRyz0kzeDimQGkzg7eHojbCyUS0OzBo7wbbZ3JvkWDBBfq1Fsg-3yECm7kkox2nOIKzLTvzdq293gnWZ-hvvF8t_G9CS3eSSE92DDEBK8JTkJjx82KTzuMNI4BKL9z1Duk379kUpJT0kZ7BebXpPun4E2t31ciMPEg4cLhjkslsT9ZuMGQ7yC_O9qUuQH56mpgastc8QDnIX29qM4TQRKU6y2hyy2EYYwgcqM1lPb5aBkSqzXZPqOYrFQsdeiEFfLPsgVdN0rsnF5XYL7zDsF3LTNZPNuDgACYUQvjvnYCSTuJReBjdmgkQY0dm73QYiMFiTdXEt_YvxvAhTQosMwqYpKZpGH_VeahpDiUTRtwJsCwOFBYjjRTgc8AbRpLEos2V6ALKqQ1kSG8cz5pc4ffshdzvpW5WliMWw-SKYFTWIq-O2sxbY4pu_7oSeryVBfvEcMtyvZ2lF6MZAKnlicNX0rTNXgkCWD6dsLjE0KjwZGo0iIDMxW7YYedXdM48YkUt1JVTS0X0o8xpkigfJYcCO_G2yyu3567-dV373dYUYhzKD0xj_vKhjvgQa3fBKnPXlCIKIMqNSkRw-BxsJBKFkSPz3rhqsqpNpGozQwCiO7LkEo0XdjK9CAYru2pGdVOwCH4SulKO5qXePFmi_aBcRVgsueUdnLehHKIHY8ACwHX0lJUmTLWm5AAaTpd7w-Y0ZgJZghkbibo-D9aOabt0s56gaEmBQCwuPmSMGFG78ZU3s7ynwGcHIPthPBLwEmnSfbJIGJlUK_F0nEJf9kaaW51h8qo8DxE3_BVwV2fiLRXGDSX2TxKVDiX1vmIcJ_Vs5SBRvCmkg1e3o4bk27iZv1oXKj-wsR_mC_I4eF7jPLQTjZ1bM8KoHA8k5diPSYzuQCvQFddZ3aJMZWZheO-wIG7mVoBsr2EbI0JZVJ1Rlt3RGPtG5JOFa-3xcZSMArpEDaaeC_3stNc7ig9tfZXWRjdjH3wChytRpN94hiPQAIqd5MLTFI_5NoHAmGKHkxdBUOiuRSL3eYxJ0MPSPSO_So-j0DSOFmHeo-Pe6iVJA9cFWtJBAG0VRtoZ1-XoBJzC_Dwv2VHb4l3y_82pquRF1wj_-4pm0dCBxUts2x52DNRHkg5ni9FEJ_8sT5LaGmon7ePjLHaDD60D2rgb35_bygDmGz2ESJJ2VHm-4jqvxd7PA2OborlimGnrabJ_OIQFi500lr-GWnPPyADbET5XmVFrIYyW0udw8EDI-h_bYMPuEsxdC1Xu0xrhZAtJQf9DEePEG8gKHNdQzQ60PD8cNL7rA-5PNXmhT59RR94KERzhzARTtro5wq1L9kH9jWkffdJAklG3oZ9hoRxhW5zQqMVshGwvz7w8hEMtpkl-IqspoYXgmgA29gnBjJUM0j55JcLgk0GiGJJ0SZG8h-_POOzTktotTOxpkCS_b-9fx63WnRJgHZtASUt-RjNzgGkXusI6AlFtsjCXZYfs0Or0yOBOuKCznuJ5epGI3dYlGGKPO5S-PJuNZUMqjBLBhWHSjEroJ9_b8CLc0EAAV9ktePGz0n9V4xsXuGN6QMo26cpGqA8yuZ3Cyatqn0RvXGq8ojSw9YQ3rw5utzqIm6Xu12nrXjSuTymCcvcWjJLkxrnqaFJBwf7Xu67dr2tP8lZNN-vR8CNrBzMPivjSWzqzGGDvBgQR2wOsTrICrBmtLTiilQIWmXhIANdfT1u_jbbQfH4R1-wdMGQFj8jkky5rwJ1kaZwPKTW88eM-cU0l7NjZi0HF5Y2scy1RgF9Q43IhOMipUzCUPYi8XAKSnUtc7oH2SRVlNr-axjM3fOXETtOa5zmgCBIPdzO5gD6InAMF4wsYrSCuErq5tsSKviuRGlu37-g338zxHWF_dfmYa-zSexo7peO7qec5Jl5GoPraDgcFbthvXiMYCoA0AeA6nRWrh5Jvx_HUH-CyNtvOjHV9UotqX2rRnm0bYoH1Vinv2pvtifSw-2JVOIDwSbdTTCj1pNPPQ&cid=CAQSSwBpAlJWk6RUR4NkT_1CaSkTEal8BDUFctkIxVrxRjv1eYHtPEdm_Cqeu0ZM8IIgy9RRERRJ7o9LgAAsmiZOYG2desfZbu5kDhXPWhgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=10033980739377460000&adk=1964084972&idt=158&cac=0&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f9e4079df7deefcc571adc7c56e356c9653a50907a82750bff2f5289696003d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11926
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 37C6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4705018808315&version=m202306200101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 37C6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4705018808315&version=m202306200101&ct=76&x=1&cor=14930560863192350000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 37C6 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AhF4nXpVA1-Y5LaOQ5ZtYn7qiaYMODUOiMLigdr8uAiKXrEQ1Ww-mH4TYpukPhsPC5cg2OEiGVSw6QO4g4pDIN3byx5Mirg8qjoUZQo3dnCi25ZlUPtt0TFnUz9r_dj9tzmyGwuwOA6BbyoxtAIXasnlhL2fqjmBpm4qYl4b2b9tspCwU&cry=1&dbm_d=AKAmf-DihyzlwZfkwZCejXXF6rrEUqwAcFFNfHeMdNvUna9UVPBWmdZvGJkMWXIpnL57cN74DOj1U1ZlPP73u5UrXAdPHzPeG991MDYwpxTbtFPq6JNL2FNWrQ3APSSt843kDrG4_Z4qzXOXsm_bGmnuvA_9EbKAtEEqpGMV_NrCRbYPt8POxIAwADsHvgYOWf-egUjbByTeyaQ3I9k5JEAyKg12vcDYveJxSsbBG3qjlvyW5UxbnNu5BkAzqRBulBVxuJbiRcfGiBx0_Jpz1TVmjzjjMPoXBIIl3UV04L-6Hw1jb_DnAdHlH2QOcclIc6CyJlrC2dfNjoCwssQTe_DvaizUK61njCvw4gqaCkEH6qEfQf7ioGnfQ1kZuWVBoXLYi0bbFrdC7TQwMA3Vqg0e6Fp0-zb5wIYFM3nJjHiQPs2-NgCp6Wi-wngGXi6SiC_bbzMTwxEgzZZPARpsb8J79mfPhYDuVZNEyHkcrRBw4Cj8Rpmkq-zVfOEpC-N-G9svRYutrcQaDoQTH2XIYMAg-Yak9uxSajm9cjiUII8JyroUAqCKtlw1Haq7iBWvefZGPInETZ__UCKh3oTw2TeCTYRwUv4mmKPPy9QFWQPXNUr3IF31QkHqSHLiZJsrG_xKhQ7Caas_cMs88XCYJS5qHrbLU009ExphFXBqeQOMjmjhj6hckPYQPQq2NbWkHX02b2ozUDacwdfnpr2kv9rqWVz0llxljbK31DBv7_Hu--tCJSyKem9qVlSEK-5r2f1IhRP9YQGB4pKrqgsYL_3_EsXCUFGIu7NZH7h8iUIlLV3Xvm0rQAhQhO0D-XI21V5l2_J7fGhJYI5gwkiGlV5NJQDjT2FWIpoQuASnFxUyV_k2JtfvtCvrMl79l7lYZXeKGBz3RwjNP1KDEf4RMEruYHF5R6Adlj0fXDexphHfuML1RvqOKCW_vpvy75QPcBqMujTiNYj9e82JvHPthr4RFY1TRpzrFeXJjUU3qjSDjCX0FX3ix6idFFJAGqWoQR--QKdSEtB3FINALazLK-Pdm9ZtGJ58cCPN42Zo3jMkQPhYJA5MW52_U-YQkXSySyjXjcSsnZcenRnK1Q8jSYSmlqrh7uNSQTiDK9tR8eDeeX77qISxHumOph5S1-DhG7N9exCE3PRCdHf2AR0rtf5-4x0nx5D56C3bhlX-TZ4eAA6B-LczSpnDGjOxJZJoV2iPINwt5Ep4yXfjq10vPrhZOj54Iu8iQPK14nJOc2G9zgYK3JkKJv_kESdbAZCURugmQfiXOYuIGzXTJ7tKPdUq7SpIM1G_5v1ARkaRdjZAHucP44cmi4nc5ajI90gmSgCSx5k0m-OjvbHOGGgrReR0igaq7EXCKgu-U6upqRI8OeMlQC2XlGCLcF4w1wAsi6wp4VnmD61HdftWhLRZrOAflYKNZhGj7dzZc-596VhxuEm2L2hMwNrAgb3bucxCoTMXCuFjowB5zYZPaRkVdvk-_jV8LuN3ShizSSAL9LTkjvPvkUhW3bakcOBIlOr5JzVnOn3TRyPBJ03Wfpa6_x3rRkJVMNokWNC-Ffk-Eud0TqUhiidNDJrTrRLHmhizMbmfQwzNRaEaqTkEvTzRphP7ngX13CPdh-XiaDyVqdzYyW-n3mwKHs0oobgDg1lw9GjQwA0WH6ZeGzCDoEoTsXsNnifSIXxLzPgBsOoUBdjZgffBQ2b9DaVq7hKbmvy9NeEqUOUS_BBdMhtxQFXVf46cFi8-fHUGZcXdTM2HtUysrP26TNTfW7JzrTaKj5TLo8O8pVlvwM_mQCmqbiOSPK-cyUDx7W_x2QRQQjtJFTSgorQhJ4X-HZg7Fqlk4nRufbvV_Ud1mpnFcvqT-29FEfxwx_Sll-_tOuj0OWwJYZul58fa2-MH-fMGGAkqNIWssAvbDON3L0dARwjMvharrsMfgSnF5JaAu67TQ7ENaTcnYJ1_XGtoRLbjHj2ifpNjAOT2ivA1_OGT-XxMBdAofE_xT1AcShtMnHkgedAqUcTrf6mmkujQhArtc5HafDR7Kx72OJ-29kf7UJ1waRt8W-zYAVUnypm_T5Ne3XJFBQhyvuTZUJbl51IVXiG2g5_jRsL9TfvnADtw5LkQQy7Vvr3gam9HLL7Zkrj7ZcSxPmWGz0vql0zPx2kfgzyZA8Hqtu_j1_96HXyj-3PRdeGJQRd_AinG6QYYQJ-JzGOjT-mAteMD2RwLSYFh38aEfIo9KKJGQgn9QL27S_1ODbFMDtKoXTejtrzbqi6HZj-QGlhX6ChRw2wWv9l2HIQm5UaR6UPccgTDpKlHFR4vHQiiZprSUXYdwrj7kpofn9ObhuBJ8jLxXkaznwudpkJ0QAD_uwtPX_CeHJkKPW7jnFE73-qsjFhgm6RufGKV3Ji9BE-1RL0LhjrcK28RMVLqcPYjs0CzAVnQriNkcHzNuijxHed0uZdbXWL-y_hZCGNkwQEUf_sk2I3LxooGCFfeFdYfHEIVjItWzaWOhqqidB4jjNeEDZ9wbNtkUlh3BKMslKjFx31GUPgbBzbvUTXU0qmzTKRBRSXjfErRiZQUBGx3DTS72r-KHcv2X47IweiPtiPVvc_5opfufxMUWOq6EBEGc3TOZrLWHgV0mkM-7vjLWAII94Vpq15V1rgppPqXb3sOr21cfKhJI4I23Ev77lsRB_VcZH4aGE5yDJ8bRljkYusK7IsDBVzXDXDCim_NNv6zAdXANZYOHKVBaRbft2q6NnJFci1IFcNR-336nC-ejDLq3kib2WQ8gNA0UzsHOngTWjahMpB8qlRSqRCadL7tIrWOeHaT4uFzAjZfdd3yysIYZFiga-eKlh-YIksUzlkbU3GYFzyDgO89qkBg4A6vAG-oAc1CLYVlma5jqZWJ6ENRBuZ-E-KRynv5j9pUrKg6hTJTA8sG7mqHopqG4yjHOUa96uXMR5TXg2Z5cOkhbvJOXUe3dBTclmfFkPlMdzEjEjbQbk3xIESXfjgMTeYGVZvzMcOgkqq1g5u83ZPnhSLkqqC-5U4_nQ&cid=CAQSTABpAlJWTetPZylvecduU6y_44y0LxMD5mRW-Z6LN0NeBqRD8EymElcCqhFUBwmQBG9JJm0FkEJvvB2MO8nYeFe94N8IEXSYCjDNoacYAQ&dv3_ver=m202306200101&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=14930560863192350000&adk=2228999115&idt=130&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e05f827c0088a9790aaf2ac5abe154b22ffa7ae0c50357641dbc675c6940936
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11962
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
config.json
player.adtelligent.com/exchange_rates/313490/ 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11511%2F1042679%2Fvalencia-vs-nottingham-forest%2F
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/469361/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
02e18778afdee67680c1328485dcbc52b4184b2206043dfedb687d2ff907ec4c

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

expires
Thu, 20 Jul 2023 17:14:28 GMT
date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
gzip
last-modified
Sun, 16 Jul 2023 12:02:26 GMT
server
nginx
etag
W/"64b3dc52-2ad4"
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=172800
x-proxy-cache
HIT
e.js
live.demand.supply/x/ 		0
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=nsi&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id
01H3JKZF05SFAJXXME64R3M1YJ
date
Tue, 18 Jul 2023 17:14:27 GMT
cf-cache-status
HIT
age
1292252
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"081b1367cd2301d3bf23f0a40952d236-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7e8c5c74dad11e4a-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		378 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1355555487957082&correlator=3421224893430986&eid=31072019&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Cnativefeedapl&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=6&adks=1483024627&didk=3551856684&sfv=1-0-40&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D8238e40493fbd91b%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_Malw_5R-3LX6FK69-8-Txt8IbExYA&gpic=UID%3D00000c3fe02dedc8%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_MahRX1CYAsRGeOFxbuXoH1RIBm9KA&abxe=1&dt=1689700467983&lmt=1689700454&dlt=1689700466828&idt=526&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11511%2F1042679%2Fvalencia-vs-nottingham-forest%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1232595036.1689700467&ga_sid=1689700467&ga_hid=948966620&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8201673ccec504939654b775f62e84110a4395f983a07f5e3171bdcd19866af4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		54 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1355555487957082&correlator=816105362007047&eid=31072019&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Canchor%2Canchortop&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=7&adks=1163496608&didk=3847343502&sfv=1-0-40&ists=1&fas=2&eri=1&sc=1&cookie=ID%3D8238e40493fbd91b%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_Malw_5R-3LX6FK69-8-Txt8IbExYA&gpic=UID%3D00000c3fe02dedc8%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_MahRX1CYAsRGeOFxbuXoH1RIBm9KA&abxe=1&dt=1689700467985&lmt=1689700454&dlt=1689700466828&idt=526&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11511%2F1042679%2Fvalencia-vs-nottingham-forest%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1232595036.1689700467&ga_sid=1689700467&ga_hid=948966620&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff2d82f8bd39fb66e0d36dd87daa091fe525efe798c056fbd2efe1faa6c58e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18689
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		972 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1355555487957082&correlator=2370158061687626&eid=31072019&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2Cb17090f6-08a6-4b68-a0ee-9e4e6b306a62&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=8&adks=4082428376&didk=3642258492&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3Dc677851b-eb3a-4f42-9848-077d0b71f2d2%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D4%26bid-p%3Dgoogle%26bsc%3D83&eri=1&sc=1&cookie=ID%3D8238e40493fbd91b%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_Malw_5R-3LX6FK69-8-Txt8IbExYA&gpic=UID%3D00000c3fe02dedc8%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_MahRX1CYAsRGeOFxbuXoH1RIBm9KA&abxe=1&dt=1689700467987&lmt=1689700454&dlt=1689700466828&idt=526&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11511%2F1042679%2Fvalencia-vs-nottingham-forest%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1232595036.1689700467&ga_sid=1689700467&ga_hid=948966620&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYtYX8z5YxSABSAghkEhkKCnB1YmNpZC5vcmcY1oX8z5YxSABSAghqEu4BCghydGJob3VzZRLYAXorUDUrWkRxeWJsUXpOdURDVmNkRXpwL3p0NnJGanpRT1B6Y3JxS21XVU9iaCtEb1F2MVJ1ZGtGdEc5QkxKNVYxVVlZK2tQYitpdzBRUjdWTndjeHd1aVNQRllUUlhkNE9PZnR2R25iaDdTdXFsYmVFb0xvS0pLT1FtU1Z1dGRweWpteGFpcSsvdFdFMDVVZXd0RElPd09USzVWUmJOV2crL2xSSG5LZDhlQUZCaWhiZ1d0L2IzTjhOd2UrUVNaSDNVbnZUYUFURzVvMi9iQlZ2RTRZZUE9PRi8h_zPljFIABIdCg5lc3AuY3JpdGVvLmNvbRi1hfzPljFIAFICCGQSGQoKdWlkYXBpLmNvbRi1hfzPljFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGLCG_M-WMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8328dfb00241d323a4e8b62f8b398a2b5d7b0a10c5a43a43d6bea15e38608914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
477
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ghb.aplhb.adipolo.com/geo/ 		149 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/geo/
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19556/hbw_master_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.210 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
904f6f04cf7f2f04087372e931ac9af2e32d9f01b6599e9a9f7740aa5b5eb7c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:27 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
149
tracking
ghb.aplhb.adipolo.com/adunit/ 		43 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=739813&site_id=17175&pbjsv=v6.25.4&full_page_url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11511%2F1042679%2Fvalencia-vs-nottingham-forest%2F&adid=8k159z.f8&features=81952&vpbv=N108&tte=336&lifecycle_tte=1316
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19556/hbw_master_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.210 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:27 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
q91a.js
velocitycdn.com/script/ Frame C758 		108 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://velocitycdn.com/script/q91a.js
Requested by
Host: v3.sportsonline.sx
URL: https://v3.sportsonline.sx/channels/hd/hd6.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:850a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3c1ec939f76af85129668e50fde8c400dd132f6d692aa4fdac67707f2a5c7d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.sportsonline.sx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
820
x-guploader-uploadid
ADPycdtfkeQj-Nta60p3_19r2iANgRrsNaW3PpPQ8xjkIJUAKbuQW76Z7mq0xeW4CYxShIbmitNjZqB56l3gK5grJBQ81A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 17 Jul 2023 07:44:53 GMT
server
cloudflare
etag
W/"a726dc538eb317d5d0385c010024e554"
vary
Accept-Encoding
x-goog-hash
crc32c=bFiWhQ==, md5=pybcU46zF9XQOFwBACTlVA==
x-goog-generation
1689579893146065
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPCLXTOJGBxzJoJo9tTmgchJMjEv18mtmDFy7E8TE29pWAZH0NasMj5LwWZP9LOH%2BiSdIzpjad4k4sYBr7WlX0lFjR3xgWSPmhcQY4CSgv1wlEu%2FhV7CI1jLdkSoxXLvtcj0LscnP14MoMnr9MA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
110796
cf-ray
7e8c5c756aad368a-FRA
expires
Tue, 18 Jul 2023 17:01:01 GMT
SCCfwxq.png
v3.sportsonline.sx/channels/hd/ Frame C758 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.sportsonline.sx/channels/hd/SCCfwxq.png
Requested by
Host: v3.sportsonline.sx
URL: https://v3.sportsonline.sx/channels/hd/hd6.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dee5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae0433ac5d000ac03daf9059492d0390e427b7461332f0f488bbc6f44b5107a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.sportsonline.sx/channels/hd/hd6.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Dec 2021 14:48:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
283
etag
"61af7432-4c4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZh%2FeEDdPYtefB7fspAyIYuHv11eNGfseMvTvDwoKldaMPZG4iFlcM51pvWB6aB6gT3Mi1B0wVxKqawHnlNvS9ISCDFO12Np3bbZprm6kpjSqhoetI07rvDefdVpl1H7kgesyRACSLgOd10pL77EJQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7e8c5c751b7291ea-FRA
alt-svc
h3=":443"; ma=86400
content-length
1220
/
widgets.amung.us/draw/ Frame C758
Redirect Chain
  • https://whos.amung.us/cwidget/sevaqeifj/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=3250&c=000000ffffff&p=left
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=3250&c=000000ffffff&p=left
Requested by
Host: v3.sportsonline.sx
URL: https://v3.sportsonline.sx/channels/hd/hd6.php
Protocol
H2
Server
2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ef4b1bda1084ef5b8deb40916edc18255e54902e6a49e583c8af677e53bb05c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.sportsonline.sx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
cf-cache-status
HIT
last-modified
Fri, 30 Jun 2023 18:21:01 GMT
server
cloudflare
age
1551207
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
content-disposition
filename=wau-widget.png
cf-ray
7e8c5c775d4c911f-FRA
expires
Sat, 01 Jul 2023 18:21:01 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=3250&c=000000ffffff&p=left
date
Tue, 18 Jul 2023 17:14:28 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7e8c5c756aef911f-FRA
content-type
text/html; charset=UTF-8
pixel
googleads.g.doubleclick.net/xbbe/ Frame 716C 		624 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYtOqy5wEwAQ&v=APEucNV6riCWnD3mJ37l-PK2BcaDsusEBkkaSSPCxYhgUXLZdxJmbeCyqwrmsUh6wwG-BjByjSP1E8iHjI576blfSEtkhljt0_xdd6qIrevW-hDElJ93zccOHNEJ-1nTXcbm0HeJaKr4Ji_r1mHwP6ScQp8CGyScA4DFDVCs_fPIV3b0WvgTsXWK9wOTCfy3F3JGzN4PYLJZuGjxNpF0OF1adjmHTdtcwg
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 17:14:28 GMT
expires
Tue, 18 Jul 2023 17:14:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame FB26 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29781
x-xss-protection
0
server
cafe
etag
4315658989838864570
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 18 Jul 2023 17:14:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FB26 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BZ6QRugVVHpvxnD9MrwD6yjRAhsVt1gTlrxIgnIkQqSX81iSeUz_6-Dc0WvksAGeyJBAkrpjdad5M37T1yWOQrAOjD4xOZqtV_OWiN1aUorDRN9sk
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FB26 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10807340616832588346&x=1&ct=76
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame FB26 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 16:10:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
3824
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Aug 2023 16:10:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame FB26 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
486
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8291
x-xss-protection
0
server
cafe
etag
17061476539903440100
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Aug 2023 17:06:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FB26 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689594152080714"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 17:14:28 GMT
localstore.js
script.4dex.io/ 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/469361/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:28 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Tue, 06 Jun 2023 12:52:55 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
964209
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9bx6w1ob%2FCZzInWhmRp7TpZyTf1Hg2GjY58Z%2BIM3UYjtnKdtRF3%2FAE4kGthnsczoKWAjeA2bwQNyQ%2BIfWSr6jssjyn2qki0%2FhGFwR4zQvkuQgH5IWCspaANGIR%2BZgbKcnTLOiqMmu52xPHP"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7e8c5c7569a418cd-FRA
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame EF99 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5MqPFOutLeJWqxN8PYxw16scCcqBF9A04l44H3Uwe_gFOU3uR3kyfZoD-EkkiflmQJDgBFC-f8TN4i2AbDVz4_X2MoQ&cry=1&dbm_d=AKAmf-CF06BrIFV7BTazbfrC6jVha2VzDt1iLPCrsG3wx8X0vuypgErAx9db4U5L2Aw8Co8b3xhDqviWGEjpgGSIl0-Gmwa06XnW2yA3FjrTxWdRQt6BCua4wBAxsHo06a7fHA16STapdDanhue19Z14x5BJBkM0HUeH1O09DBu5ifINOmEBmxMbPtUddEY4zfsQyKWS8RnkB82LEGTaWu-RjDUgF51JoyFMqWmW-NZhLFKKNHgTVgUbEnXVBoLaD-ehBTNhhvEj9aPmYcq-c0JcWkRdvRNMhx223czSAWYwoLf20dAG6XiqbaMr0Jw-Yfg3Uwmiogt-e6vZUPPKrkwmRBcc_CHrJxHRHLrSrL4Z4iYBmE15ji-Q_y82G-rggJ0uaiN8__7hrcFBKcwMd-UergWLK6LFlO3keq0_uMjV1dl3VNMS6oMNB3LiLekFPmLzzyC1fqAjHGyOO_0J1iR1eQ4KVkO0vef3O-GGNn9hDu3zZm0qy4u9P3rs8ZtrBB0tygM6eOrr4oAmWva_BXcNXesiyOfIryRkeLZdhuFYRVwFY5rzdSXzymzstIiU6Zrd3REMwyiqGpjZIzWJa7tYnqE2m7y1J_etTFcli5AF4pd1d1ajapzUSCSU1w1u8kBSoYpRbBeBhfBMx7eag4C3AWt7l4zEA6c08ZQMCTEAwrASCoyWJ5DWflzISX_Cj6ux_0hD8zSMWI9PQ0LkNSSJWC4dMJIlI2AX_8kLwrPk7rMZ_0ja1h2LRGA9bxgy-we2gnSRUENy1SKWo4ESa46BAD8wphsbJtX0jb-ctWzmjt8H_vTcI-lXoiulHkR2W4aPJ6E4pQ8q9SAVNEZHZAXi9uuTlmMXdoWE66ZwTC6O1pLsLJgJjbpzhyt0imAYwDLXUxQpearM_yrDsJfRCqMVKUKPfmYEjuj0Ml94NBLTNJeyjN8VEvQzdPhcAlqCJa-IMGqKPMolmCNSfGwL6iHcDCD6NRWYHbScJ_G7jXrtZImPvBko1WqcFYR1W3X6S-XlvZYdcwBckPKgebBgP2KixdBqOnFxAHbKh4GsAtCf9WcnweW68TEdQi9VcojZ0SCyLEbntjab_AYrw4MrPxBLK7u1aeDTA9fTJB_ITkjW0k7stqmOjXKjbMXZaXhTDHTb1K3CbEvi9kxwejrk7CeBqy6l2TrUmHTHfTJuQ2oVAq5fLsMog1QdHSEoHtAfEpOEn29HN35XspuM6UDc2zGZsazDX7bZSy_fAP1l-wyTjhsR7lGH5QKxoPaFD4MLgM6n85Uq5zYsofvkUT2PmiGW35WwkVUqxjB5cUE9w4XSBiklf1EzsjJT3DBDfN1eerPOtBkZRi6ZbTrdtCVIcNUjDtsUu8-L34BPY6cIsTy0_-Tl8dl3od_y_LEsmOOJquiqhw81DGOYxtKIX9n8etHy_fDcf4XDLkymVDyQ9n6fatWT8KJpeb1oTK0MFy3kzMzob4-pzvxxUJbVtA1RmqBcyR0qNE0pXYqXiF2aHDNh1YhErStXzdCEJzFAvV2yHHSTNEXykhIvDogN6wx0zt4mM22kj3Agg4mt6wzAQ3eRqR1UKjCmX2bF1HF_ssChVGgkXdXPFx8DBGrHO5igH7E9Xs3nRKiHxDzEvd8ULhNGEoWS5VXRq4Wo3Acg-NA4sDz3dnay6zoGmoKhOH7l2lrcHYBHLg36sPIwANQtxfyQ3wKeWwqVACOXktLUi3KjisfsPiEzyU8kL3-y4MHvm0dmqjr0tFyCD7zb3xo0XAG16xO1Lfw4WICkoWjlvok_HHc8bPrg9RnYvCwtDQyWyVZ21Tdij140nusTTQanbAj7lDQELHZoOTEHk86GiPAONnR_16kJCobOP9SUmdAwglPS4e6y30g3z4qauEVpLvcj2bpH5NSEbkecFSMUBtQ53EMnNjU0Z-47khqrrGzWPBYJe-Zp5JnAg2SiJfGfSTxRsyKVE2paG4a5vnBlH-tem1nwGrvSk9TlK09HDtO49mxHasc2BUY-HGDnqH9R_UBQgIvnuZMPfO2N99whuQzZUvBAVz9SXAQlC4JrhpFM9B-AFZbo11xopI27wlp5SgxjTKsF1fTRqqJHWQ6IbJzpagfwTywCCyM9d19Lcl0DCzB-OiIqGCYBxRCDsUlU9oZVYB9Cavj2UMq3mwXNEhyFA7D3HcTG7TFxaA7KCeaRG0QCAmPt24BP15VeHSYrFpxAToB0Y7AyOmdkV-U59828-EhiatLfuAn0rB_tH21CQjtc9yZ9zY3fdWzfsJD7-Si84d1BGN8l3wPRmDLwous8S9FGMiw1Gbu6lzeQG_CVYcuMCmg00bAyIcpBddYBVLKOiWVjm3-wmbZiZA4gwywYya8U7Oja9xc5zoA9YzxGtbGrIRewjSb23004T1mYTt_hXPVnlP21-u8htX4efANcpJjMv4ejrnHpx909S0qeLqqN0VogT-gdaHX3R1rIUHdPK7deWER_0t3tUGYmhzu1hkrKYGAKm_XCLunDJSLZGIuL4hwH6tPKJAQ4ntBUrAwwCN5BxlDY0ahNoG_nFRUq4VNPuQgtYHEekEM7qFmaRW933AXnfTkZDuKJ8rjcm1aqONjTtod8PEUVecwsIHNmRKOFXRx7N8CIjwaUNiMn-gbRikAbT8EezXigHLyIzEc2SRUl1PZdrLkjEwAgcK0Y4M5MJb7DeHXl9Cglmq1QHtAdaSxg0yY2WRg2Zh8h48KRtXxNiyF9ov4K2NitVi1zPQiEiHmxLrKSQ26T2f1y-c9XEoel0ZC4P4WWj_IU5aEIg-3fUTskg5EKoL-fwbBXXyNWo27h7sCjkNHRW30Kpp604fp7vJBdfKCakFXrUeinyF0ZchvQKbARYk94_we6xslP1AMth232KyDm80KRjg72KTkFN6uVhpkNg9gt8rTAbpksTx209tHqV7TZLbn4AF4DtH7fa2oqpep2C_4HrOIQxcEGElkLzxkdGX6226cRmD3T_73VTzqPWv-q4Nnx2srUyK7FlLH2Fz4WQUue_UA1ifwfZ6mYXtjLK1o95wZo38ufQZSajOhNUeLX8KQX1xNIRVpSCieZfxhfLx2_JLyMVX7swZzaU4oUPxslhCzIfxn1NzwnsZ7xYHVtzXCcYbb2_ay8hmo3_R6IW_eSqXWdqI_Q0XcUQg_L8bC97XSQ2PtFUEuaOgZJOsLFy4MIGFmOmoSdVDlxcIBF-2pYVQbKsi5-6oiETTZS_oMnx3oHvjbtnB4LBTOdoBcxjtc9lRBeL-kItvSKOf1CaJowHwbUf71-uumNAsO5V-9mWUq-AWA55Nmir4V_zibL1XBKsLpK7diZk2X4uZggbrZ79Zx5Amx5NzoB6N0x3cdHgUNgTVy9Z02ZHO-OaMoueQ87LOIyhGJ-cC2yn50RpzgF_A74Y2Z_kSvC6DEa9JK4QFOzMH_Ec3xztrbuaIUQxyJCnt-_opGIcVRG8p9b3MuPggvYVGDasslLS6ayRyBpnw6dqnyGbMKVFiEnRrJxk5loa-HbckIsVA1Dl9Jt5ttXz4KQNUwUlWz_DTt_IK-GZDYew9AoTkQ2Obo&cid=CAQSSwBpAlJWNLfHo7QpLtg_29_XCMAlZvz0QNNVL9SQFnXNwRJt8Tu7P_U5M0ZraviryfHBuNJZXTr428mUif8jTJ-mAlOiM14VHin4WRgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=12448798890644533000&adk=250412560&idt=123&cac=0&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49d743921311f4dca350ba007b50229debbcbd4b03441c515c567f48fc98cdda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
85980
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11526
x-xss-protection
0
server
cafe
etag
9288292274712301977
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 17:21:28 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/ Frame EF99 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5MqPFOutLeJWqxN8PYxw16scCcqBF9A04l44H3Uwe_gFOU3uR3kyfZoD-EkkiflmQJDgBFC-f8TN4i2AbDVz4_X2MoQ&cry=1&dbm_d=AKAmf-CF06BrIFV7BTazbfrC6jVha2VzDt1iLPCrsG3wx8X0vuypgErAx9db4U5L2Aw8Co8b3xhDqviWGEjpgGSIl0-Gmwa06XnW2yA3FjrTxWdRQt6BCua4wBAxsHo06a7fHA16STapdDanhue19Z14x5BJBkM0HUeH1O09DBu5ifINOmEBmxMbPtUddEY4zfsQyKWS8RnkB82LEGTaWu-RjDUgF51JoyFMqWmW-NZhLFKKNHgTVgUbEnXVBoLaD-ehBTNhhvEj9aPmYcq-c0JcWkRdvRNMhx223czSAWYwoLf20dAG6XiqbaMr0Jw-Yfg3Uwmiogt-e6vZUPPKrkwmRBcc_CHrJxHRHLrSrL4Z4iYBmE15ji-Q_y82G-rggJ0uaiN8__7hrcFBKcwMd-UergWLK6LFlO3keq0_uMjV1dl3VNMS6oMNB3LiLekFPmLzzyC1fqAjHGyOO_0J1iR1eQ4KVkO0vef3O-GGNn9hDu3zZm0qy4u9P3rs8ZtrBB0tygM6eOrr4oAmWva_BXcNXesiyOfIryRkeLZdhuFYRVwFY5rzdSXzymzstIiU6Zrd3REMwyiqGpjZIzWJa7tYnqE2m7y1J_etTFcli5AF4pd1d1ajapzUSCSU1w1u8kBSoYpRbBeBhfBMx7eag4C3AWt7l4zEA6c08ZQMCTEAwrASCoyWJ5DWflzISX_Cj6ux_0hD8zSMWI9PQ0LkNSSJWC4dMJIlI2AX_8kLwrPk7rMZ_0ja1h2LRGA9bxgy-we2gnSRUENy1SKWo4ESa46BAD8wphsbJtX0jb-ctWzmjt8H_vTcI-lXoiulHkR2W4aPJ6E4pQ8q9SAVNEZHZAXi9uuTlmMXdoWE66ZwTC6O1pLsLJgJjbpzhyt0imAYwDLXUxQpearM_yrDsJfRCqMVKUKPfmYEjuj0Ml94NBLTNJeyjN8VEvQzdPhcAlqCJa-IMGqKPMolmCNSfGwL6iHcDCD6NRWYHbScJ_G7jXrtZImPvBko1WqcFYR1W3X6S-XlvZYdcwBckPKgebBgP2KixdBqOnFxAHbKh4GsAtCf9WcnweW68TEdQi9VcojZ0SCyLEbntjab_AYrw4MrPxBLK7u1aeDTA9fTJB_ITkjW0k7stqmOjXKjbMXZaXhTDHTb1K3CbEvi9kxwejrk7CeBqy6l2TrUmHTHfTJuQ2oVAq5fLsMog1QdHSEoHtAfEpOEn29HN35XspuM6UDc2zGZsazDX7bZSy_fAP1l-wyTjhsR7lGH5QKxoPaFD4MLgM6n85Uq5zYsofvkUT2PmiGW35WwkVUqxjB5cUE9w4XSBiklf1EzsjJT3DBDfN1eerPOtBkZRi6ZbTrdtCVIcNUjDtsUu8-L34BPY6cIsTy0_-Tl8dl3od_y_LEsmOOJquiqhw81DGOYxtKIX9n8etHy_fDcf4XDLkymVDyQ9n6fatWT8KJpeb1oTK0MFy3kzMzob4-pzvxxUJbVtA1RmqBcyR0qNE0pXYqXiF2aHDNh1YhErStXzdCEJzFAvV2yHHSTNEXykhIvDogN6wx0zt4mM22kj3Agg4mt6wzAQ3eRqR1UKjCmX2bF1HF_ssChVGgkXdXPFx8DBGrHO5igH7E9Xs3nRKiHxDzEvd8ULhNGEoWS5VXRq4Wo3Acg-NA4sDz3dnay6zoGmoKhOH7l2lrcHYBHLg36sPIwANQtxfyQ3wKeWwqVACOXktLUi3KjisfsPiEzyU8kL3-y4MHvm0dmqjr0tFyCD7zb3xo0XAG16xO1Lfw4WICkoWjlvok_HHc8bPrg9RnYvCwtDQyWyVZ21Tdij140nusTTQanbAj7lDQELHZoOTEHk86GiPAONnR_16kJCobOP9SUmdAwglPS4e6y30g3z4qauEVpLvcj2bpH5NSEbkecFSMUBtQ53EMnNjU0Z-47khqrrGzWPBYJe-Zp5JnAg2SiJfGfSTxRsyKVE2paG4a5vnBlH-tem1nwGrvSk9TlK09HDtO49mxHasc2BUY-HGDnqH9R_UBQgIvnuZMPfO2N99whuQzZUvBAVz9SXAQlC4JrhpFM9B-AFZbo11xopI27wlp5SgxjTKsF1fTRqqJHWQ6IbJzpagfwTywCCyM9d19Lcl0DCzB-OiIqGCYBxRCDsUlU9oZVYB9Cavj2UMq3mwXNEhyFA7D3HcTG7TFxaA7KCeaRG0QCAmPt24BP15VeHSYrFpxAToB0Y7AyOmdkV-U59828-EhiatLfuAn0rB_tH21CQjtc9yZ9zY3fdWzfsJD7-Si84d1BGN8l3wPRmDLwous8S9FGMiw1Gbu6lzeQG_CVYcuMCmg00bAyIcpBddYBVLKOiWVjm3-wmbZiZA4gwywYya8U7Oja9xc5zoA9YzxGtbGrIRewjSb23004T1mYTt_hXPVnlP21-u8htX4efANcpJjMv4ejrnHpx909S0qeLqqN0VogT-gdaHX3R1rIUHdPK7deWER_0t3tUGYmhzu1hkrKYGAKm_XCLunDJSLZGIuL4hwH6tPKJAQ4ntBUrAwwCN5BxlDY0ahNoG_nFRUq4VNPuQgtYHEekEM7qFmaRW933AXnfTkZDuKJ8rjcm1aqONjTtod8PEUVecwsIHNmRKOFXRx7N8CIjwaUNiMn-gbRikAbT8EezXigHLyIzEc2SRUl1PZdrLkjEwAgcK0Y4M5MJb7DeHXl9Cglmq1QHtAdaSxg0yY2WRg2Zh8h48KRtXxNiyF9ov4K2NitVi1zPQiEiHmxLrKSQ26T2f1y-c9XEoel0ZC4P4WWj_IU5aEIg-3fUTskg5EKoL-fwbBXXyNWo27h7sCjkNHRW30Kpp604fp7vJBdfKCakFXrUeinyF0ZchvQKbARYk94_we6xslP1AMth232KyDm80KRjg72KTkFN6uVhpkNg9gt8rTAbpksTx209tHqV7TZLbn4AF4DtH7fa2oqpep2C_4HrOIQxcEGElkLzxkdGX6226cRmD3T_73VTzqPWv-q4Nnx2srUyK7FlLH2Fz4WQUue_UA1ifwfZ6mYXtjLK1o95wZo38ufQZSajOhNUeLX8KQX1xNIRVpSCieZfxhfLx2_JLyMVX7swZzaU4oUPxslhCzIfxn1NzwnsZ7xYHVtzXCcYbb2_ay8hmo3_R6IW_eSqXWdqI_Q0XcUQg_L8bC97XSQ2PtFUEuaOgZJOsLFy4MIGFmOmoSdVDlxcIBF-2pYVQbKsi5-6oiETTZS_oMnx3oHvjbtnB4LBTOdoBcxjtc9lRBeL-kItvSKOf1CaJowHwbUf71-uumNAsO5V-9mWUq-AWA55Nmir4V_zibL1XBKsLpK7diZk2X4uZggbrZ79Zx5Amx5NzoB6N0x3cdHgUNgTVy9Z02ZHO-OaMoueQ87LOIyhGJ-cC2yn50RpzgF_A74Y2Z_kSvC6DEa9JK4QFOzMH_Ec3xztrbuaIUQxyJCnt-_opGIcVRG8p9b3MuPggvYVGDasslLS6ayRyBpnw6dqnyGbMKVFiEnRrJxk5loa-HbckIsVA1Dl9Jt5ttXz4KQNUwUlWz_DTt_IK-GZDYew9AoTkQ2Obo&cid=CAQSSwBpAlJWNLfHo7QpLtg_29_XCMAlZvz0QNNVL9SQFnXNwRJt8Tu7P_U5M0ZraviryfHBuNJZXTr428mUif8jTJ-mAlOiM14VHin4WRgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=12448798890644533000&adk=250412560&idt=123&cac=0&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
85980
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 17:21:28 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame EF99 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvgwHiSV0VHezPdHqAavnrDQvK1pHMfbH7uFWD73UFJRvygMckZRgTaYZhq8r5QQHifU5X7zAn6Qu6qh9m437nnRRLouDqsAQLsFTP9bRVKwYcnmfoguQV9ZVsLc7b9xMZmoPy-r8nQo7mcBt-R9-5frDxwn033VV0_JKkNepQAareHU0ILDkLmBo77j5RK6h2dueq2Xnq6qA2tCPThsbLeUv4cmLMNh8gvn5bPFGdkHpSlOyb5NmREkItyzgnXQFDArCD2ClJFaoctUcg5rn1Mist9pawY-p3nlY6QL3JmflHI6NPaCq0lUdR2tR43J7ioET1EkVHOkEWEqNlTn8IQnks5OAYZWEmKD6d8dxyIZAWFve_kX3wK6zyvPzYtxRkzuCw9Vjx2NK3iO2YZ6jbJdu4vfVnA89JOGZM4DqRl2EBY-e6p36eyGgfQ0MEnNeiBRVJhohQaD7byqmuIpXlAFH8HjG_aGLKhudFRdxNoquaF_TCVERKBjN44tArN6F4ROXSLO1vjQ7J0SZMF34SbrXqI2g0hL0XRCBtnba3SWW17GwvptGKATL8b2C0NGfyeEeS7IMFZHkGiuRGMm41E228Hcn6KvvE_z47zJ33VeifSMKt-EvPrc50kZjLdIpaLuzCfNLTGaEd6Bz42wAOuVHTtSyakGpmfA7NVfYXE6Dj1ysEIQNnqaSiLwfqV4epco287-UKFNViCb6yX9c0QTddiH3sgxkGEncXXOHjq3wgEa_-w-Sscad8kQeuHjg_uXVBUoeGIuzRB4uAnGtxl2C9TjulCyk5nNuW842YwbT7_lx8p0jMnjidid-rVvqzyAdsv2qIzRcMmEgkpsW86AQXBcRQbkKdquA-tOHZUkTQnyLWJ-Jhhdk4oDSO4gZRnzAveTYd7PK7X02F-qHCMz9r9egHYJ8LtCnD42R2SaTmp9Ql7sUFpCuywQIjG1bYv_noloMN30hk3yWePVuqP4E70sbui3dYb7U7ZyMUeMjq3dzN9tipOfn11jEh8AGN3vLH4GmBmEuQ-Kn65etO7Z4_HftTx-XRjoQQtGHeKAysl1l4FB5CEdRB0djLafjwkEEpAeJFezIC3Rimhek_Y6BahUl2mmh4GxR0wEhiHy0Idf-NFLw-us1XEevLunKstiFz6HOibRyeQJeaqMcCZLHdO3Pwz8irflknDOg3Zmm9TGhrJpB24OcgsPkkO3CAz95Xf07EIVN7G2fTGenN9dPn1p6JBOkG6u2sWSRdU7aptDWD-Qz8&sai=AMfl-YT7Ln-If9aa4-iLYmyWEs34Y-qFgm15pJbFClZrJ5xmwYnNIXLI3mOsm2pdRHucMMwQ8PeAVqouRrm5ZfR48LT2m_CRsJIxtiUI9tJwlBQfhbTzzaqu5YJ65babap7H83jrbPSCj_mFU7OpXgODr797sZ32INq12FUE_TCxND42AEDkq2HcylDPX66szC3fimE27x4o-0dVoFnxLs_-5L1z315zym0ddIJ-QOcXo31kDmm8mA8V-uipK5tO6W2DgQCw5yW-PICvB0mkkEItj7L5ztoprROD&sig=Cg0ArKJSzL8uZ09wlwpsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230717.00703&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5MqPFOutLeJWqxN8PYxw16scCcqBF9A04l44H3Uwe_gFOU3uR3kyfZoD-EkkiflmQJDgBFC-f8TN4i2AbDVz4_X2MoQ&cry=1&dbm_d=AKAmf-CF06BrIFV7BTazbfrC6jVha2VzDt1iLPCrsG3wx8X0vuypgErAx9db4U5L2Aw8Co8b3xhDqviWGEjpgGSIl0-Gmwa06XnW2yA3FjrTxWdRQt6BCua4wBAxsHo06a7fHA16STapdDanhue19Z14x5BJBkM0HUeH1O09DBu5ifINOmEBmxMbPtUddEY4zfsQyKWS8RnkB82LEGTaWu-RjDUgF51JoyFMqWmW-NZhLFKKNHgTVgUbEnXVBoLaD-ehBTNhhvEj9aPmYcq-c0JcWkRdvRNMhx223czSAWYwoLf20dAG6XiqbaMr0Jw-Yfg3Uwmiogt-e6vZUPPKrkwmRBcc_CHrJxHRHLrSrL4Z4iYBmE15ji-Q_y82G-rggJ0uaiN8__7hrcFBKcwMd-UergWLK6LFlO3keq0_uMjV1dl3VNMS6oMNB3LiLekFPmLzzyC1fqAjHGyOO_0J1iR1eQ4KVkO0vef3O-GGNn9hDu3zZm0qy4u9P3rs8ZtrBB0tygM6eOrr4oAmWva_BXcNXesiyOfIryRkeLZdhuFYRVwFY5rzdSXzymzstIiU6Zrd3REMwyiqGpjZIzWJa7tYnqE2m7y1J_etTFcli5AF4pd1d1ajapzUSCSU1w1u8kBSoYpRbBeBhfBMx7eag4C3AWt7l4zEA6c08ZQMCTEAwrASCoyWJ5DWflzISX_Cj6ux_0hD8zSMWI9PQ0LkNSSJWC4dMJIlI2AX_8kLwrPk7rMZ_0ja1h2LRGA9bxgy-we2gnSRUENy1SKWo4ESa46BAD8wphsbJtX0jb-ctWzmjt8H_vTcI-lXoiulHkR2W4aPJ6E4pQ8q9SAVNEZHZAXi9uuTlmMXdoWE66ZwTC6O1pLsLJgJjbpzhyt0imAYwDLXUxQpearM_yrDsJfRCqMVKUKPfmYEjuj0Ml94NBLTNJeyjN8VEvQzdPhcAlqCJa-IMGqKPMolmCNSfGwL6iHcDCD6NRWYHbScJ_G7jXrtZImPvBko1WqcFYR1W3X6S-XlvZYdcwBckPKgebBgP2KixdBqOnFxAHbKh4GsAtCf9WcnweW68TEdQi9VcojZ0SCyLEbntjab_AYrw4MrPxBLK7u1aeDTA9fTJB_ITkjW0k7stqmOjXKjbMXZaXhTDHTb1K3CbEvi9kxwejrk7CeBqy6l2TrUmHTHfTJuQ2oVAq5fLsMog1QdHSEoHtAfEpOEn29HN35XspuM6UDc2zGZsazDX7bZSy_fAP1l-wyTjhsR7lGH5QKxoPaFD4MLgM6n85Uq5zYsofvkUT2PmiGW35WwkVUqxjB5cUE9w4XSBiklf1EzsjJT3DBDfN1eerPOtBkZRi6ZbTrdtCVIcNUjDtsUu8-L34BPY6cIsTy0_-Tl8dl3od_y_LEsmOOJquiqhw81DGOYxtKIX9n8etHy_fDcf4XDLkymVDyQ9n6fatWT8KJpeb1oTK0MFy3kzMzob4-pzvxxUJbVtA1RmqBcyR0qNE0pXYqXiF2aHDNh1YhErStXzdCEJzFAvV2yHHSTNEXykhIvDogN6wx0zt4mM22kj3Agg4mt6wzAQ3eRqR1UKjCmX2bF1HF_ssChVGgkXdXPFx8DBGrHO5igH7E9Xs3nRKiHxDzEvd8ULhNGEoWS5VXRq4Wo3Acg-NA4sDz3dnay6zoGmoKhOH7l2lrcHYBHLg36sPIwANQtxfyQ3wKeWwqVACOXktLUi3KjisfsPiEzyU8kL3-y4MHvm0dmqjr0tFyCD7zb3xo0XAG16xO1Lfw4WICkoWjlvok_HHc8bPrg9RnYvCwtDQyWyVZ21Tdij140nusTTQanbAj7lDQELHZoOTEHk86GiPAONnR_16kJCobOP9SUmdAwglPS4e6y30g3z4qauEVpLvcj2bpH5NSEbkecFSMUBtQ53EMnNjU0Z-47khqrrGzWPBYJe-Zp5JnAg2SiJfGfSTxRsyKVE2paG4a5vnBlH-tem1nwGrvSk9TlK09HDtO49mxHasc2BUY-HGDnqH9R_UBQgIvnuZMPfO2N99whuQzZUvBAVz9SXAQlC4JrhpFM9B-AFZbo11xopI27wlp5SgxjTKsF1fTRqqJHWQ6IbJzpagfwTywCCyM9d19Lcl0DCzB-OiIqGCYBxRCDsUlU9oZVYB9Cavj2UMq3mwXNEhyFA7D3HcTG7TFxaA7KCeaRG0QCAmPt24BP15VeHSYrFpxAToB0Y7AyOmdkV-U59828-EhiatLfuAn0rB_tH21CQjtc9yZ9zY3fdWzfsJD7-Si84d1BGN8l3wPRmDLwous8S9FGMiw1Gbu6lzeQG_CVYcuMCmg00bAyIcpBddYBVLKOiWVjm3-wmbZiZA4gwywYya8U7Oja9xc5zoA9YzxGtbGrIRewjSb23004T1mYTt_hXPVnlP21-u8htX4efANcpJjMv4ejrnHpx909S0qeLqqN0VogT-gdaHX3R1rIUHdPK7deWER_0t3tUGYmhzu1hkrKYGAKm_XCLunDJSLZGIuL4hwH6tPKJAQ4ntBUrAwwCN5BxlDY0ahNoG_nFRUq4VNPuQgtYHEekEM7qFmaRW933AXnfTkZDuKJ8rjcm1aqONjTtod8PEUVecwsIHNmRKOFXRx7N8CIjwaUNiMn-gbRikAbT8EezXigHLyIzEc2SRUl1PZdrLkjEwAgcK0Y4M5MJb7DeHXl9Cglmq1QHtAdaSxg0yY2WRg2Zh8h48KRtXxNiyF9ov4K2NitVi1zPQiEiHmxLrKSQ26T2f1y-c9XEoel0ZC4P4WWj_IU5aEIg-3fUTskg5EKoL-fwbBXXyNWo27h7sCjkNHRW30Kpp604fp7vJBdfKCakFXrUeinyF0ZchvQKbARYk94_we6xslP1AMth232KyDm80KRjg72KTkFN6uVhpkNg9gt8rTAbpksTx209tHqV7TZLbn4AF4DtH7fa2oqpep2C_4HrOIQxcEGElkLzxkdGX6226cRmD3T_73VTzqPWv-q4Nnx2srUyK7FlLH2Fz4WQUue_UA1ifwfZ6mYXtjLK1o95wZo38ufQZSajOhNUeLX8KQX1xNIRVpSCieZfxhfLx2_JLyMVX7swZzaU4oUPxslhCzIfxn1NzwnsZ7xYHVtzXCcYbb2_ay8hmo3_R6IW_eSqXWdqI_Q0XcUQg_L8bC97XSQ2PtFUEuaOgZJOsLFy4MIGFmOmoSdVDlxcIBF-2pYVQbKsi5-6oiETTZS_oMnx3oHvjbtnB4LBTOdoBcxjtc9lRBeL-kItvSKOf1CaJowHwbUf71-uumNAsO5V-9mWUq-AWA55Nmir4V_zibL1XBKsLpK7diZk2X4uZggbrZ79Zx5Amx5NzoB6N0x3cdHgUNgTVy9Z02ZHO-OaMoueQ87LOIyhGJ-cC2yn50RpzgF_A74Y2Z_kSvC6DEa9JK4QFOzMH_Ec3xztrbuaIUQxyJCnt-_opGIcVRG8p9b3MuPggvYVGDasslLS6ayRyBpnw6dqnyGbMKVFiEnRrJxk5loa-HbckIsVA1Dl9Jt5ttXz4KQNUwUlWz_DTt_IK-GZDYew9AoTkQ2Obo&cid=CAQSSwBpAlJWNLfHo7QpLtg_29_XCMAlZvz0QNNVL9SQFnXNwRJt8Tu7P_U5M0ZraviryfHBuNJZXTr428mUif8jTJ-mAlOiM14VHin4WRgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=12448798890644533000&adk=250412560&idt=123&cac=0&dtd=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 18 Jul 2023 17:14:28 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 18 Jul 2023 17:14:28 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame EF99 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5MqPFOutLeJWqxN8PYxw16scCcqBF9A04l44H3Uwe_gFOU3uR3kyfZoD-EkkiflmQJDgBFC-f8TN4i2AbDVz4_X2MoQ&cry=1&dbm_d=AKAmf-CF06BrIFV7BTazbfrC6jVha2VzDt1iLPCrsG3wx8X0vuypgErAx9db4U5L2Aw8Co8b3xhDqviWGEjpgGSIl0-Gmwa06XnW2yA3FjrTxWdRQt6BCua4wBAxsHo06a7fHA16STapdDanhue19Z14x5BJBkM0HUeH1O09DBu5ifINOmEBmxMbPtUddEY4zfsQyKWS8RnkB82LEGTaWu-RjDUgF51JoyFMqWmW-NZhLFKKNHgTVgUbEnXVBoLaD-ehBTNhhvEj9aPmYcq-c0JcWkRdvRNMhx223czSAWYwoLf20dAG6XiqbaMr0Jw-Yfg3Uwmiogt-e6vZUPPKrkwmRBcc_CHrJxHRHLrSrL4Z4iYBmE15ji-Q_y82G-rggJ0uaiN8__7hrcFBKcwMd-UergWLK6LFlO3keq0_uMjV1dl3VNMS6oMNB3LiLekFPmLzzyC1fqAjHGyOO_0J1iR1eQ4KVkO0vef3O-GGNn9hDu3zZm0qy4u9P3rs8ZtrBB0tygM6eOrr4oAmWva_BXcNXesiyOfIryRkeLZdhuFYRVwFY5rzdSXzymzstIiU6Zrd3REMwyiqGpjZIzWJa7tYnqE2m7y1J_etTFcli5AF4pd1d1ajapzUSCSU1w1u8kBSoYpRbBeBhfBMx7eag4C3AWt7l4zEA6c08ZQMCTEAwrASCoyWJ5DWflzISX_Cj6ux_0hD8zSMWI9PQ0LkNSSJWC4dMJIlI2AX_8kLwrPk7rMZ_0ja1h2LRGA9bxgy-we2gnSRUENy1SKWo4ESa46BAD8wphsbJtX0jb-ctWzmjt8H_vTcI-lXoiulHkR2W4aPJ6E4pQ8q9SAVNEZHZAXi9uuTlmMXdoWE66ZwTC6O1pLsLJgJjbpzhyt0imAYwDLXUxQpearM_yrDsJfRCqMVKUKPfmYEjuj0Ml94NBLTNJeyjN8VEvQzdPhcAlqCJa-IMGqKPMolmCNSfGwL6iHcDCD6NRWYHbScJ_G7jXrtZImPvBko1WqcFYR1W3X6S-XlvZYdcwBckPKgebBgP2KixdBqOnFxAHbKh4GsAtCf9WcnweW68TEdQi9VcojZ0SCyLEbntjab_AYrw4MrPxBLK7u1aeDTA9fTJB_ITkjW0k7stqmOjXKjbMXZaXhTDHTb1K3CbEvi9kxwejrk7CeBqy6l2TrUmHTHfTJuQ2oVAq5fLsMog1QdHSEoHtAfEpOEn29HN35XspuM6UDc2zGZsazDX7bZSy_fAP1l-wyTjhsR7lGH5QKxoPaFD4MLgM6n85Uq5zYsofvkUT2PmiGW35WwkVUqxjB5cUE9w4XSBiklf1EzsjJT3DBDfN1eerPOtBkZRi6ZbTrdtCVIcNUjDtsUu8-L34BPY6cIsTy0_-Tl8dl3od_y_LEsmOOJquiqhw81DGOYxtKIX9n8etHy_fDcf4XDLkymVDyQ9n6fatWT8KJpeb1oTK0MFy3kzMzob4-pzvxxUJbVtA1RmqBcyR0qNE0pXYqXiF2aHDNh1YhErStXzdCEJzFAvV2yHHSTNEXykhIvDogN6wx0zt4mM22kj3Agg4mt6wzAQ3eRqR1UKjCmX2bF1HF_ssChVGgkXdXPFx8DBGrHO5igH7E9Xs3nRKiHxDzEvd8ULhNGEoWS5VXRq4Wo3Acg-NA4sDz3dnay6zoGmoKhOH7l2lrcHYBHLg36sPIwANQtxfyQ3wKeWwqVACOXktLUi3KjisfsPiEzyU8kL3-y4MHvm0dmqjr0tFyCD7zb3xo0XAG16xO1Lfw4WICkoWjlvok_HHc8bPrg9RnYvCwtDQyWyVZ21Tdij140nusTTQanbAj7lDQELHZoOTEHk86GiPAONnR_16kJCobOP9SUmdAwglPS4e6y30g3z4qauEVpLvcj2bpH5NSEbkecFSMUBtQ53EMnNjU0Z-47khqrrGzWPBYJe-Zp5JnAg2SiJfGfSTxRsyKVE2paG4a5vnBlH-tem1nwGrvSk9TlK09HDtO49mxHasc2BUY-HGDnqH9R_UBQgIvnuZMPfO2N99whuQzZUvBAVz9SXAQlC4JrhpFM9B-AFZbo11xopI27wlp5SgxjTKsF1fTRqqJHWQ6IbJzpagfwTywCCyM9d19Lcl0DCzB-OiIqGCYBxRCDsUlU9oZVYB9Cavj2UMq3mwXNEhyFA7D3HcTG7TFxaA7KCeaRG0QCAmPt24BP15VeHSYrFpxAToB0Y7AyOmdkV-U59828-EhiatLfuAn0rB_tH21CQjtc9yZ9zY3fdWzfsJD7-Si84d1BGN8l3wPRmDLwous8S9FGMiw1Gbu6lzeQG_CVYcuMCmg00bAyIcpBddYBVLKOiWVjm3-wmbZiZA4gwywYya8U7Oja9xc5zoA9YzxGtbGrIRewjSb23004T1mYTt_hXPVnlP21-u8htX4efANcpJjMv4ejrnHpx909S0qeLqqN0VogT-gdaHX3R1rIUHdPK7deWER_0t3tUGYmhzu1hkrKYGAKm_XCLunDJSLZGIuL4hwH6tPKJAQ4ntBUrAwwCN5BxlDY0ahNoG_nFRUq4VNPuQgtYHEekEM7qFmaRW933AXnfTkZDuKJ8rjcm1aqONjTtod8PEUVecwsIHNmRKOFXRx7N8CIjwaUNiMn-gbRikAbT8EezXigHLyIzEc2SRUl1PZdrLkjEwAgcK0Y4M5MJb7DeHXl9Cglmq1QHtAdaSxg0yY2WRg2Zh8h48KRtXxNiyF9ov4K2NitVi1zPQiEiHmxLrKSQ26T2f1y-c9XEoel0ZC4P4WWj_IU5aEIg-3fUTskg5EKoL-fwbBXXyNWo27h7sCjkNHRW30Kpp604fp7vJBdfKCakFXrUeinyF0ZchvQKbARYk94_we6xslP1AMth232KyDm80KRjg72KTkFN6uVhpkNg9gt8rTAbpksTx209tHqV7TZLbn4AF4DtH7fa2oqpep2C_4HrOIQxcEGElkLzxkdGX6226cRmD3T_73VTzqPWv-q4Nnx2srUyK7FlLH2Fz4WQUue_UA1ifwfZ6mYXtjLK1o95wZo38ufQZSajOhNUeLX8KQX1xNIRVpSCieZfxhfLx2_JLyMVX7swZzaU4oUPxslhCzIfxn1NzwnsZ7xYHVtzXCcYbb2_ay8hmo3_R6IW_eSqXWdqI_Q0XcUQg_L8bC97XSQ2PtFUEuaOgZJOsLFy4MIGFmOmoSdVDlxcIBF-2pYVQbKsi5-6oiETTZS_oMnx3oHvjbtnB4LBTOdoBcxjtc9lRBeL-kItvSKOf1CaJowHwbUf71-uumNAsO5V-9mWUq-AWA55Nmir4V_zibL1XBKsLpK7diZk2X4uZggbrZ79Zx5Amx5NzoB6N0x3cdHgUNgTVy9Z02ZHO-OaMoueQ87LOIyhGJ-cC2yn50RpzgF_A74Y2Z_kSvC6DEa9JK4QFOzMH_Ec3xztrbuaIUQxyJCnt-_opGIcVRG8p9b3MuPggvYVGDasslLS6ayRyBpnw6dqnyGbMKVFiEnRrJxk5loa-HbckIsVA1Dl9Jt5ttXz4KQNUwUlWz_DTt_IK-GZDYew9AoTkQ2Obo&cid=CAQSSwBpAlJWNLfHo7QpLtg_29_XCMAlZvz0QNNVL9SQFnXNwRJt8Tu7P_U5M0ZraviryfHBuNJZXTr428mUif8jTJ-mAlOiM14VHin4WRgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=12448798890644533000&adk=250412560&idt=123&cac=0&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 13:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
12113
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jul 2024 13:52:35 GMT
15924005835501702418
s0.2mdn.net/simgad/ Frame EF99 		130 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/15924005835501702418
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05f7bf6bbabb9f9c1e68af18aad6f118d06883dbd9b075072bf79319bced328e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 06:17:35 GMT
x-content-type-options
nosniff
age
471413
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133563
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 10:02:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jul 2024 06:17:35 GMT
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/469361/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=5538347305
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/469361/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://yalla-shoots.tv
date
Tue, 18 Jul 2023 17:14:27 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
c
prebid.a-mo.net/a/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/469361/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 18 Jul 2023 17:14:27 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
prebid
mp.4dex.io/ 		0
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/469361/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
x-err
Parsing the Prebid Request. org/site not found
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7e8c5c75aa7f18e9-FRA
expires
0
bid
ap.lijit.com/rtb/ 		25 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.4
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/469361/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
6dfc298db75be4dd318f66a12977532a0b1667e5834d217d8f661787a9f70f0e

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 18 Jul 2023 17:14:28 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 37C6 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AhF4nXpVA1-Y5LaOQ5ZtYn7qiaYMODUOiMLigdr8uAiKXrEQ1Ww-mH4TYpukPhsPC5cg2OEiGVSw6QO4g4pDIN3byx5Mirg8qjoUZQo3dnCi25ZlUPtt0TFnUz9r_dj9tzmyGwuwOA6BbyoxtAIXasnlhL2fqjmBpm4qYl4b2b9tspCwU&cry=1&dbm_d=AKAmf-DihyzlwZfkwZCejXXF6rrEUqwAcFFNfHeMdNvUna9UVPBWmdZvGJkMWXIpnL57cN74DOj1U1ZlPP73u5UrXAdPHzPeG991MDYwpxTbtFPq6JNL2FNWrQ3APSSt843kDrG4_Z4qzXOXsm_bGmnuvA_9EbKAtEEqpGMV_NrCRbYPt8POxIAwADsHvgYOWf-egUjbByTeyaQ3I9k5JEAyKg12vcDYveJxSsbBG3qjlvyW5UxbnNu5BkAzqRBulBVxuJbiRcfGiBx0_Jpz1TVmjzjjMPoXBIIl3UV04L-6Hw1jb_DnAdHlH2QOcclIc6CyJlrC2dfNjoCwssQTe_DvaizUK61njCvw4gqaCkEH6qEfQf7ioGnfQ1kZuWVBoXLYi0bbFrdC7TQwMA3Vqg0e6Fp0-zb5wIYFM3nJjHiQPs2-NgCp6Wi-wngGXi6SiC_bbzMTwxEgzZZPARpsb8J79mfPhYDuVZNEyHkcrRBw4Cj8Rpmkq-zVfOEpC-N-G9svRYutrcQaDoQTH2XIYMAg-Yak9uxSajm9cjiUII8JyroUAqCKtlw1Haq7iBWvefZGPInETZ__UCKh3oTw2TeCTYRwUv4mmKPPy9QFWQPXNUr3IF31QkHqSHLiZJsrG_xKhQ7Caas_cMs88XCYJS5qHrbLU009ExphFXBqeQOMjmjhj6hckPYQPQq2NbWkHX02b2ozUDacwdfnpr2kv9rqWVz0llxljbK31DBv7_Hu--tCJSyKem9qVlSEK-5r2f1IhRP9YQGB4pKrqgsYL_3_EsXCUFGIu7NZH7h8iUIlLV3Xvm0rQAhQhO0D-XI21V5l2_J7fGhJYI5gwkiGlV5NJQDjT2FWIpoQuASnFxUyV_k2JtfvtCvrMl79l7lYZXeKGBz3RwjNP1KDEf4RMEruYHF5R6Adlj0fXDexphHfuML1RvqOKCW_vpvy75QPcBqMujTiNYj9e82JvHPthr4RFY1TRpzrFeXJjUU3qjSDjCX0FX3ix6idFFJAGqWoQR--QKdSEtB3FINALazLK-Pdm9ZtGJ58cCPN42Zo3jMkQPhYJA5MW52_U-YQkXSySyjXjcSsnZcenRnK1Q8jSYSmlqrh7uNSQTiDK9tR8eDeeX77qISxHumOph5S1-DhG7N9exCE3PRCdHf2AR0rtf5-4x0nx5D56C3bhlX-TZ4eAA6B-LczSpnDGjOxJZJoV2iPINwt5Ep4yXfjq10vPrhZOj54Iu8iQPK14nJOc2G9zgYK3JkKJv_kESdbAZCURugmQfiXOYuIGzXTJ7tKPdUq7SpIM1G_5v1ARkaRdjZAHucP44cmi4nc5ajI90gmSgCSx5k0m-OjvbHOGGgrReR0igaq7EXCKgu-U6upqRI8OeMlQC2XlGCLcF4w1wAsi6wp4VnmD61HdftWhLRZrOAflYKNZhGj7dzZc-596VhxuEm2L2hMwNrAgb3bucxCoTMXCuFjowB5zYZPaRkVdvk-_jV8LuN3ShizSSAL9LTkjvPvkUhW3bakcOBIlOr5JzVnOn3TRyPBJ03Wfpa6_x3rRkJVMNokWNC-Ffk-Eud0TqUhiidNDJrTrRLHmhizMbmfQwzNRaEaqTkEvTzRphP7ngX13CPdh-XiaDyVqdzYyW-n3mwKHs0oobgDg1lw9GjQwA0WH6ZeGzCDoEoTsXsNnifSIXxLzPgBsOoUBdjZgffBQ2b9DaVq7hKbmvy9NeEqUOUS_BBdMhtxQFXVf46cFi8-fHUGZcXdTM2HtUysrP26TNTfW7JzrTaKj5TLo8O8pVlvwM_mQCmqbiOSPK-cyUDx7W_x2QRQQjtJFTSgorQhJ4X-HZg7Fqlk4nRufbvV_Ud1mpnFcvqT-29FEfxwx_Sll-_tOuj0OWwJYZul58fa2-MH-fMGGAkqNIWssAvbDON3L0dARwjMvharrsMfgSnF5JaAu67TQ7ENaTcnYJ1_XGtoRLbjHj2ifpNjAOT2ivA1_OGT-XxMBdAofE_xT1AcShtMnHkgedAqUcTrf6mmkujQhArtc5HafDR7Kx72OJ-29kf7UJ1waRt8W-zYAVUnypm_T5Ne3XJFBQhyvuTZUJbl51IVXiG2g5_jRsL9TfvnADtw5LkQQy7Vvr3gam9HLL7Zkrj7ZcSxPmWGz0vql0zPx2kfgzyZA8Hqtu_j1_96HXyj-3PRdeGJQRd_AinG6QYYQJ-JzGOjT-mAteMD2RwLSYFh38aEfIo9KKJGQgn9QL27S_1ODbFMDtKoXTejtrzbqi6HZj-QGlhX6ChRw2wWv9l2HIQm5UaR6UPccgTDpKlHFR4vHQiiZprSUXYdwrj7kpofn9ObhuBJ8jLxXkaznwudpkJ0QAD_uwtPX_CeHJkKPW7jnFE73-qsjFhgm6RufGKV3Ji9BE-1RL0LhjrcK28RMVLqcPYjs0CzAVnQriNkcHzNuijxHed0uZdbXWL-y_hZCGNkwQEUf_sk2I3LxooGCFfeFdYfHEIVjItWzaWOhqqidB4jjNeEDZ9wbNtkUlh3BKMslKjFx31GUPgbBzbvUTXU0qmzTKRBRSXjfErRiZQUBGx3DTS72r-KHcv2X47IweiPtiPVvc_5opfufxMUWOq6EBEGc3TOZrLWHgV0mkM-7vjLWAII94Vpq15V1rgppPqXb3sOr21cfKhJI4I23Ev77lsRB_VcZH4aGE5yDJ8bRljkYusK7IsDBVzXDXDCim_NNv6zAdXANZYOHKVBaRbft2q6NnJFci1IFcNR-336nC-ejDLq3kib2WQ8gNA0UzsHOngTWjahMpB8qlRSqRCadL7tIrWOeHaT4uFzAjZfdd3yysIYZFiga-eKlh-YIksUzlkbU3GYFzyDgO89qkBg4A6vAG-oAc1CLYVlma5jqZWJ6ENRBuZ-E-KRynv5j9pUrKg6hTJTA8sG7mqHopqG4yjHOUa96uXMR5TXg2Z5cOkhbvJOXUe3dBTclmfFkPlMdzEjEjbQbk3xIESXfjgMTeYGVZvzMcOgkqq1g5u83ZPnhSLkqqC-5U4_nQ&cid=CAQSTABpAlJWTetPZylvecduU6y_44y0LxMD5mRW-Z6LN0NeBqRD8EymElcCqhFUBwmQBG9JJm0FkEJvvB2MO8nYeFe94N8IEXSYCjDNoacYAQ&dv3_ver=m202306200101&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=14930560863192350000&adk=2228999115&idt=130&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 13:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
12113
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jul 2024 13:52:35 GMT
truncated
/ Frame EF99 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f2b7bb8521c4d5375f60eaf6232ebeb47c81b65e38120bafd0ba027ca3c3d7af

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2137 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-hk645ivAmJH4-wmuCOYDu98SvdCsJu8qdf3TAFsv-PwKRMbdPTGoZy4CI_ZtlyXCe4oBJ07-7LwsGPlcUYbcUXASqJS54yIUlAosa79LGB-I4Qg2YVogoior3uvllEQxy8LagS4Mq9fCKu41OWfm-qEjnj1B78T48A1uxmSGZ3wFAMs&cry=1&dbm_d=AKAmf-AKBwubu-Cw70RI6DRmzPdcPlL_gQ1hH0zJhVSzQfjiL3egVXCZNNistrCdrYSzKbSCURXgUKyv-Za1fdt2QCwC2mlf9hC9AvgqcTGdTsvyv1JdOLerUjykGKUDr3kt2GY5s2_zX9NRSqx-NRt1buE8-ej0L5Ep0gEr0uBn2Vk5DUov3-8IsDfp_wPLhlisrM7yfrrb6jzpIKnkiBcA2sSUNX4lP2zmUjlHCBu_z3SJg3XBV8tXrNQbwjkaRh_hOCt45JQxCIzwVn3EIKk5sGiEh7ZIj2DoA84H1n0AiKOpqWkuxDbCDQwshP623F6_blxKn2JsAIAib2FJSUPbjb2cW8wAb1MWprDp_q2P0aAdNcs2cqNMI7yGAPD0H9oNNeJDL5xuWCWJoFPGd2m8bUsl61vGc4ytMklPTZAB1THISmIORjvC5XEm7-wMT6OOBUjXAU_02KSr3AjnTkXwn66jsjhieXGtuNv2YAAr-N3Xdq52PeYiBHVefKICNVyEfnsHflQk7O_wrpBhdpCj_8o4zVhv7KDjEx0TEAlavA-F8Tg86zvDbTXQ7I5BM1fxvWWZ0meQL9V4pWxqjW9UtxWNYGIqNr1PpT5LHQDsmg7Q8ZunNQQSbpaNqcioigE_h61TOY19SoYyNZckChCHlkuk5jDsHtACoLoD2idM3d4NIXwW__RG0-sxRsSg62Av3sQRETLnzyq2cPiq7nYw_WJW48v8xpjQn41yaa3wPdmj8Fqxh7zD-hM1M3Fs_RdZgcjX57_1s8gkS_8QRZ8w4DJeiLcrT78uEwsQj9UF5Kuv1mqz2KxCXvsbUdR8vxXzy06oke990iYjbxrXx6pEQ8MrOO8BjcRKPBuKrc5t0n0o0wnF-Lprlahl3AqTGxQAgfJ1YfaPeZSqOqBnjD6hPNsJBDrJJP4lpx5WoxvXl2-sLZ-nZ5Enebn5MLjJQ0siIbFQly5H_6TGC22wlwFpX2NSKOWAtxdJnMs0JI7xqsPm3c5EHTTAnySxEOs7pvQP8mA6gKlVqD7aE6SHuvnMuzNLTmIrCcY_qugsM129LIQAbpO4zcffwAw1pYn4IX99kbU84G8Bf1XtFSNYeMj1FOps5WbuOBc9PI_7XRywtvA0cCpzQat9su_cP-R6LaeRR4Lu13NChQN-pbMMZncYl5hMukqLe3PXzRXJtvnIh_-DKapKWYQnkCqhCUBGJl0A3bFnNQ1RuHFpoWdKQUAeh727CTvnH8Un9JHjE92OaSdPLStjXNFPOUh3gyvy6KrwLBpyQzUPB1OZrV9ABLn16ZMrSsUKo0ehGukfKVwAZ7QDhR6W1v_Ai5fw_7ztFKa_4UDbQrYCQxLdAMA8yFVdBPZl-4a2mLw6IbccthSCKC4jpIrseyxTbebe2QixIl3fl10wnQucKqOjEEyFhdOWvKlAdynX3qSA8gCz3-k3bOEsCFepwuqh7lQKXcm29m1cNHWY3BDTRq4rQ3dAdg41SAJiKn_xp_gv7LoTAbUYEsqRAMPztIdRzlfUohIX6ad6hAZq2UAW_ynCUkdmPvGTqEEwacKwCwIVFpY9lx5gza0ATNvj5rkilNjtp1dPhQb2HFlrPCUgwqXDq6DfsBkHTzY29EaA2sbVnGbqRWEVRz6vqH1wnehtTG2ZHVXR42YsudOWvhZxgYrvEYaq1Pweg_G6oaH2A0XknE_ZIwjv0LYUKTCAqDakvgNZ56d8vfZ77o6tOb0Me3I49kvimisS1IRCqJcl-kpkitMYyLcQwY6FcdRfLYzkSq8jdUcO2uZ-Ngl17W1bgnd-Cz3ni_Sp6MtXO0_WdOik1rBbAyrqYyEdI6i5NMGYhXdSW-S-kJO_LRuvQTmNa_662KJDcMqeg3bHP7ith6H_SkiFTgsk9XUIDNiUiuAOJoCUfOOJWVM6n-H3eeoJ9SaLjTO6XuAWRyz0kzeDimQGkzg7eHojbCyUS0OzBo7wbbZ3JvkWDBBfq1Fsg-3yECm7kkox2nOIKzLTvzdq293gnWZ-hvvF8t_G9CS3eSSE92DDEBK8JTkJjx82KTzuMNI4BKL9z1Duk379kUpJT0kZ7BebXpPun4E2t31ciMPEg4cLhjkslsT9ZuMGQ7yC_O9qUuQH56mpgastc8QDnIX29qM4TQRKU6y2hyy2EYYwgcqM1lPb5aBkSqzXZPqOYrFQsdeiEFfLPsgVdN0rsnF5XYL7zDsF3LTNZPNuDgACYUQvjvnYCSTuJReBjdmgkQY0dm73QYiMFiTdXEt_YvxvAhTQosMwqYpKZpGH_VeahpDiUTRtwJsCwOFBYjjRTgc8AbRpLEos2V6ALKqQ1kSG8cz5pc4ffshdzvpW5WliMWw-SKYFTWIq-O2sxbY4pu_7oSeryVBfvEcMtyvZ2lF6MZAKnlicNX0rTNXgkCWD6dsLjE0KjwZGo0iIDMxW7YYedXdM48YkUt1JVTS0X0o8xpkigfJYcCO_G2yyu3567-dV373dYUYhzKD0xj_vKhjvgQa3fBKnPXlCIKIMqNSkRw-BxsJBKFkSPz3rhqsqpNpGozQwCiO7LkEo0XdjK9CAYru2pGdVOwCH4SulKO5qXePFmi_aBcRVgsueUdnLehHKIHY8ACwHX0lJUmTLWm5AAaTpd7w-Y0ZgJZghkbibo-D9aOabt0s56gaEmBQCwuPmSMGFG78ZU3s7ynwGcHIPthPBLwEmnSfbJIGJlUK_F0nEJf9kaaW51h8qo8DxE3_BVwV2fiLRXGDSX2TxKVDiX1vmIcJ_Vs5SBRvCmkg1e3o4bk27iZv1oXKj-wsR_mC_I4eF7jPLQTjZ1bM8KoHA8k5diPSYzuQCvQFddZ3aJMZWZheO-wIG7mVoBsr2EbI0JZVJ1Rlt3RGPtG5JOFa-3xcZSMArpEDaaeC_3stNc7ig9tfZXWRjdjH3wChytRpN94hiPQAIqd5MLTFI_5NoHAmGKHkxdBUOiuRSL3eYxJ0MPSPSO_So-j0DSOFmHeo-Pe6iVJA9cFWtJBAG0VRtoZ1-XoBJzC_Dwv2VHb4l3y_82pquRF1wj_-4pm0dCBxUts2x52DNRHkg5ni9FEJ_8sT5LaGmon7ePjLHaDD60D2rgb35_bygDmGz2ESJJ2VHm-4jqvxd7PA2OborlimGnrabJ_OIQFi500lr-GWnPPyADbET5XmVFrIYyW0udw8EDI-h_bYMPuEsxdC1Xu0xrhZAtJQf9DEePEG8gKHNdQzQ60PD8cNL7rA-5PNXmhT59RR94KERzhzARTtro5wq1L9kH9jWkffdJAklG3oZ9hoRxhW5zQqMVshGwvz7w8hEMtpkl-IqspoYXgmgA29gnBjJUM0j55JcLgk0GiGJJ0SZG8h-_POOzTktotTOxpkCS_b-9fx63WnRJgHZtASUt-RjNzgGkXusI6AlFtsjCXZYfs0Or0yOBOuKCznuJ5epGI3dYlGGKPO5S-PJuNZUMqjBLBhWHSjEroJ9_b8CLc0EAAV9ktePGz0n9V4xsXuGN6QMo26cpGqA8yuZ3Cyatqn0RvXGq8ojSw9YQ3rw5utzqIm6Xu12nrXjSuTymCcvcWjJLkxrnqaFJBwf7Xu67dr2tP8lZNN-vR8CNrBzMPivjSWzqzGGDvBgQR2wOsTrICrBmtLTiilQIWmXhIANdfT1u_jbbQfH4R1-wdMGQFj8jkky5rwJ1kaZwPKTW88eM-cU0l7NjZi0HF5Y2scy1RgF9Q43IhOMipUzCUPYi8XAKSnUtc7oH2SRVlNr-axjM3fOXETtOa5zmgCBIPdzO5gD6InAMF4wsYrSCuErq5tsSKviuRGlu37-g338zxHWF_dfmYa-zSexo7peO7qec5Jl5GoPraDgcFbthvXiMYCoA0AeA6nRWrh5Jvx_HUH-CyNtvOjHV9UotqX2rRnm0bYoH1Vinv2pvtifSw-2JVOIDwSbdTTCj1pNPPQ&cid=CAQSSwBpAlJWk6RUR4NkT_1CaSkTEal8BDUFctkIxVrxRjv1eYHtPEdm_Cqeu0ZM8IIgy9RRERRJ7o9LgAAsmiZOYG2desfZbu5kDhXPWhgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=10033980739377460000&adk=1964084972&idt=158&cac=0&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 13:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
12113
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jul 2024 13:52:35 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8FA1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307110101&jk=1355555487957082&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 716C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYtOqy5wEwAQ&v=APEucNV6riCWnD3mJ37l-PK2BcaDsusEBkkaSSPCxYhgUXLZdxJmbeCyqwrmsUh6wwG-BjByjSP1E8iHjI576blfSEtkhljt0_xdd6qIrevW-hDElJ93zccOHNEJ-1nTXcbm0HeJaKr4Ji_r1mHwP6ScQp8CGyScA4DFDVCs_fPIV3b0WvgTsXWK9wOTCfy3F3JGzN4PYLJZuGjxNpF0OF1adjmHTdtcwg
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 17:14:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 716C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLbIc-ae0U9MlyvHuknCMwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYtOqy5wEwAQ&v=APEucNV6riCWnD3mJ37l-PK2BcaDsusEBkkaSSPCxYhgUXLZdxJmbeCyqwrmsUh6wwG-BjByjSP1E8iHjI576blfSEtkhljt0_xdd6qIrevW-hDElJ93zccOHNEJ-1nTXcbm0HeJaKr4Ji_r1mHwP6ScQp8CGyScA4DFDVCs_fPIV3b0WvgTsXWK9wOTCfy3F3JGzN4PYLJZuGjxNpF0OF1adjmHTdtcwg
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 17:14:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEM4korcOzVHUcV4EMxEBTw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 716C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEC_dhGR-0VLdBR5N2KaFwjs&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEC_dhGR-0VLdBR5N2KaFwjs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYtOqy5wEwAQ&v=APEucNV6riCWnD3mJ37l-PK2BcaDsusEBkkaSSPCxYhgUXLZdxJmbeCyqwrmsUh6wwG-BjByjSP1E8iHjI576blfSEtkhljt0_xdd6qIrevW-hDElJ93zccOHNEJ-1nTXcbm0HeJaKr4Ji_r1mHwP6ScQp8CGyScA4DFDVCs_fPIV3b0WvgTsXWK9wOTCfy3F3JGzN4PYLJZuGjxNpF0OF1adjmHTdtcwg
Protocol
H2
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
an-x-request-uuid
44621aac-e98d-4777-b5fc-907b012823ee
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.138; 178.162.209.138; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEC_dhGR-0VLdBR5N2KaFwjs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 716C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk4NTg5NjcyODMzMzA3Mjk4MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk4NTg5NjcyODMzMzA3Mjk4MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYtOqy5wEwAQ&v=APEucNV6riCWnD3mJ37l-PK2BcaDsusEBkkaSSPCxYhgUXLZdxJmbeCyqwrmsUh6wwG-BjByjSP1E8iHjI576blfSEtkhljt0_xdd6qIrevW-hDElJ93zccOHNEJ-1nTXcbm0HeJaKr4Ji_r1mHwP6ScQp8CGyScA4DFDVCs_fPIV3b0WvgTsXWK9wOTCfy3F3JGzN4PYLJZuGjxNpF0OF1adjmHTdtcwg
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
an-x-request-uuid
e272814b-73db-49a9-ada5-80c1828c1db3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk4NTg5NjcyODMzMzA3Mjk4MA%3D%3D
x-proxy-origin
178.162.209.138; 178.162.209.138; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
dvbs_src_internal119.js
cdn.doubleverify.com/ Frame 37C6 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal119.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=29074404&cmp=30088679&plc=369086996&sid=8754143&dvregion=0&unit=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:6::17d5:a18f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
97570defe15fe0a83b49642f0ecf2dcc9c7400d21272372d3b140beb372bd08e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 08:57:31 GMT
Server
UploadServer
ETag
"4455786dc20506b8e54048c7119b5c5f"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=946080000,no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18798
Expires
Thu, 11 Jul 2024 05:45:16 GMT
79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
pagead2.googlesyndication.com/bg/ Frame 236F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efd1f2d633a46174e9297aa571dd85617c750b8f87d16a52778d5bc4109b7017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 14:04:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
11400
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14507
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Jul 2024 14:04:28 GMT
vjdy8w6hewcq
hal9000.redintelligence.net/zone/ Frame 2137 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/vjdy8w6hewcq?subid=&gdpr=&gdpr_consent=&rnd=1689700467444782&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB5IZc8i2ZO6SG4K39u8PyP6-wAum5b2gaZWTnKfJD_AuEAEglZvKIWCV6rGCvAfIAQmpAp5z0P5d17I-qAMByAObBKoE7gFP0ILLFDNJjw5pNtmiIvZ5ceOUo_4hHcymgsTftPJ2wPPZ7VQSAaOP5Ae3vUxAKFNjOlN2rq1BvJN04FLRuT8L8qM1tXcnjM47alpjoSgs30VGd8Hzazigkv1g3GwpqaBqp2pzuLr0hA8WxP7ffbggVxvy5KR-ou9CRh5jQGW_Z0xH1qJ84UQFFVux5zI-sFj3FULhnYrsb2ElQNQTACgHLD0KxqO_R1emhgUVoxHLBoLPX8YMnJ7HEu720FS5T6WreYCbnf4npoSOrVfOzBhD85275gcgqKKpVb821THx7S7qwwqn_B1huROcXkqowATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJWk6RUR4NkT_1CaSkTEal8BDUFctkIxVrxRjv1eYHtPEdm_Cqeu0ZM8IIgy9RRERRJ7o9LgAAsmiZOYG2desfZbu5kDhXPWhgB%26sig%3DAOD64_3GsBkpEPqZx4cvtCHAPXrjhBJWmQ%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-CsYrrJ2_DO6ADdAxOSFnr7v4RMIZdlulZ9reGJy7ZyjODQmqBSobMxIUEjO5OeJvPBztiY9MzVSSp7G2WbtK_1eG1Y3a01WON31Bb6L2vLH3WFRnSy8LJfP363LElqIBlUTNoLteerghLmUcJCUDpmkiJHzJv0nzoBs35IrBGhzz1CI4c%26cry%3D1%26dbm_d%3DAKAmf-Cg1jRAD_q8xAsOwiyPSYMRpc_Shi-dSHJbdnMNlidPGomfp5ehGg5pn_qV4FpgWqfrGAtcXX4PFRyU95DVDIehPl4h89_UbzUA3xW21T3YqLMgk6oVuetjh69bDxPdlEPKMc2lHoKLPfrn-467u7GS6unn2rXLlZ4hIhiTL2MiKjRGLMWm6VA4FnMdnb4MLnSuARq5DqGARoywJvrJ27IdMmSjYstfgxb0VK17oxI1XhH0Y0BOzr6bViFuWLexmjBj6tG8VzoQOjxbbIM4vhLEcmkTCP4XZL-8E1GCNH034V_nz8Yhn_Idogpkt8ppMx_FGtS4dgUEwZb4-_jiEuwpd5VWm0bspuFyRP0f8VCifBLxsF4Y5N_wg20M3VbmSQuPzU2JtFfSlja4TbWZkp7PiJfMdjbgGZrupju4zAIIVbQyjV40I77piIhjjl8PumjCfeISz1wFoLjVZSKiM7obeGeAmztDGQKAvQqn0huoIWzSzhhXNkV0o8nd5SAZegPZordIO0TT-Axqd-ZVaaNbveGFr3P-cCLL4p4UBxBUB10lar052tCvAgG1PukX-2StHq9RnI95OD7ML3P_hNVQf5Y3aokpJUWgYx4bXK-AY070yAM%26adurl%3D
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
a31eb5571ebae0fbc5c77d842c96b6334d207164f16fc7f4c38dd3ed936abe9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:28 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4178
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ut.js
velocitycdn.com/script/ Frame C758 		80 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://velocitycdn.com/script/ut.js?cb=1689700468143
Requested by
Host: velocitycdn.com
URL: https://velocitycdn.com/script/q91a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:850a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
091b4aff1bd881f734aabd98a69780bc5efee1e418dcf2a1e130d56342536456

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.sportsonline.sx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdur4w3h6g2-0h3a10hol5zpZAcks6G5zKSdthJdcGlBj_JhfUWe92G18OGynyZ07ssvkFzxkavg217Hjel-BmkxbP2CRYVd
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 13 Jul 2023 09:50:18 GMT
server
cloudflare
etag
W/"72e22fae715e00acd76c3e9e8b86099d"
vary
Accept-Encoding
x-goog-hash
crc32c=cuIxCA==, md5=cuIvrnFeAKzXbD6ei4YJnQ==
x-goog-generation
1689241818079753
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Pmso9Mv5%2BrZGtjWtZr2pkKmGqmFWGmwVcV6Z6s7SpTmDpFKblDcMo7XUu%2FDVs5e3IUQcuzQFGHVNgkTW9e0ZTNc1dJtOlMAvOTM%2FNklTgHTZxeHjUxLvvqQSw%2FvQsFXzgTa5bhvOn5HF8zMGyg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
82250
cf-ray
7e8c5c75eb73368a-FRA
expires
Tue, 18 Jul 2023 18:03:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FB26 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=425938563903&version=m202306200101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FB26 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=425938563903&version=m202306200101&ct=76&x=1&cor=10807340616832588000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame FB26 		88 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A0Q3C9-3o01dOiBnDvi3Z89i9twevIsvTeIDaNSSudLoPlW9ZtWSPwrSC1MfPoOH2gCoLr8HAjHhfOzqQ_PtE7uMtP7g&cry=1&dbm_d=AKAmf-DVxDICyqhwMGm1aZwCilf6dIzNmIpOQJuoX2iUovtfSSf34Y66vNIbZuJvUmucNXWf2E3p9CdtlOsZYpd1BVOxg79zJpGYc3rpVOhlO9LewoyzNX0xYrbzR5FgfpCzgITsbFlTVtqYFIhsX8YFW1o4cTE7ZujkprqWKXigtzze4NrjX1OQd_s9ESrAa9bzzyxBUZRWPZ7ym5IqMYhUQlrWiGAppF7Fy6dGERpQm-EWJb9xrNJAvNnrjYbQ1L9ntBRLgS_l7FpZ-nKosXg7B6k2DJB46Db9HFib01NoDTr6ttCj0bj4M5BZ4ltgT-ysZ9AsD26211g1WNtxSyqTGrQRoMyh47lM2ADjOSGO0gMQBW1OnO_ZcgdJ-IdR3KXHsW3PTX9qk3T5qSjChs6i_VS-cxAwSmRzroBUONclcVWQVR1gL3gstYHtS9ChzJKrQg4ODJOOENfmZWn4-b-84yX9j4hIsglIPtu8AJdkNBEFjDPOPI3VpSE_Z-Zb9BFkXBm33yL8i4Bn0MCPlINw5eEw0KgvzdB2r2QtW-s6lXKWRUc47D59V1_iAStRkTV2vE3bgubZRiJ1bGm21ccbPq-N_MdAQz63pq4AvEfLYPmT0rcgHea8a1MPLPVhzlL4FOcffTBtmNgN0Owsjw1cgJxdEBLzI29qGby791SYBKJZTxla7jWGvU_rUBB11pKe432kBKD-ORgN2NRFXeZbyzhO1voLiY-yM_7PqDxZQMAfvu2a9yH0sqI18jyEJRk8tmKesF0c_BKpgrgYo5sP1zudbyH7ahVBXEihJZYuQkGZ-PCXmHfPRc39atRwSAdMmSPJ15vwaojMlG1gSs3nD9rVQyZjeA4ONX4ShRivP7mZIt_LclpgFKnQlgfltKjOLvnAPSlwOE0hBj_Cqjyld4dttnzUuXHRyoKuOGi_RvKSyhp8TeoPsRNGxnerfUPIuDSbcdVBaljpB0c_3T9nIYmiJ8X0mcUkP_Bg_1OHMMruJkUP9j9l8ITQEi-DWF1Gd4bMaqy3dO1HabCj5I6CSAw2zMvA7-SdLYmRZe-zZbaXOXQLniXRbCY16pQ2BcJLVdpv9Ga3UUuXji-_0FroZNrXEka1Fky_wpI1YDE_DCrCkJCMhgl5217gsWDFKLCYBKuAlNF75r3lxmWBmNj1KIICgIVUoolPlNZqtsKFheCdT-R-oeJs3QBH54ZJHzDV-2l_ER593pOy8u8khdAY8rbfU_NxzN7KjWsXMFUoBwHQ4R_MX1uDZxLSN4IVHSIFtb02CuOLLcmNNXtZ7jksNyKps0ZUOMchFPfMaiz3uAWc-A7kSsOwv7mLhM8Z8jV_0zGeEa14rq6pLNFs8KBbFMsLwgBEwkNLryksaWWjSgNkWX59dQAP7mCA-0Unek_mWalw6pTNMBo6h3c5u1qfOck7N85J2vpJB8VAX3ntL-FfYTq9GIiuoZ2zzjDb7qbdtOwpLjqqpjGfqWP65oIxtGggiMniJFJTi_J7ebolT6-j8d6ozqbubrBhLGDKvLk8jlg46imssPX6RAfPY_xM3JcVIO6zENFrhkWdsMMShjWhnYU5bmiWwoydKuTonNVd4IEzYZe9Q-C8AKjcSRFRXAcvIMwL_qbdJfhuiXO1OI6rQkBiRZI5oOexXEilSuQMfYW4oWiIcSi7a3gQ-_8A-iMysLG45r-XJsmoU1ZLcGbmE9vFoPaxPkbjPfaQeMX3JpbVo0M9wG726ZLXLZ3rfme_u1MJY0WzbdhNhxpM-qMBGkJWw8vWtdTF3HSFaRqErS6WJMezMcVeRaZKufyaGUmIwv4zN-Dh98V0XQiea_IHhtBa2HQCgxa_i6jNfKgaUdoFajlcCqlbw2XXFZ_Z8B_YmUZxJFmlv-qpgArzVotPyDlgoIuRGat2gRcdep0mOhRRItJGVLE9XP9Uq5kOshkJtM-zIlKtQPHk5q81MmrhAi77MG8Yz-_N-oup_lzm4TiseVx2uOaQ9z5JozDAnwOrK0yjbREZ-4n0h5wdhfFSjBgKTDToHbxYjPhB96nQxsIuo29g1_2K7EitucKXGXIaVe1HDcIUw_v5qKq9Pwu4KVqpJ1sGUlgajigzvfICLx5opPHRC5Z6lN-THv98F7B_WbY7G3urlCJ4QWhN2ER8GeK724F17ro95zLKSehFzvbeXcqeKHD46CWeSTZE3rkGDxMw6iDUtv6bT0zpuzayZFP20q3jGx9XNWd1ZrzyITlHD8Bhq2-T1LWhBqoRAZeuPtbn60z0U-AHXfdUhN-gk_IeX5ZbGNE15zW1k0-QKmdrNeFvY3B_jjsV0H5uMdXACl7nNTO-mGBk1Isz8Rp6M2ItcL6joa7Dl30vc3OKkT9F3riZ-RHw47O8HW0CfH5pOqZQ3zqL72ng5SDEM1X24k44ttvqfPMhSiJCCmBzJcTWG-IOp7M3M5TnQTArh_2RZZippRwU_qFwNPFIpjxTpP8RBgvn3EPOrksTuObl8_uKpCeliWDH8V05Wj5bJHpZRbfKwraQ0mNjoK5ZKxeBzElxQmLqjsELoULM3ZQyGWnkXItO0gcvnygo0wAiSW2NtwYIeLSrEfy7I2XTJfCUPx-SNtbzvZKVL1TBkuKSXm9zbchfNMy48pQmQSO4YWyHJ1waGj4Qk-D_Q4gpgzcrpgOtkS0y_bMK5okjpvBAEPvxmkARLUWpLl2jK-hTS9Erd8R_BrKVxdp1jNly1KqelHNOaO1FkKb7GBsz7HbJ6iX5EORtScoIYQjzikrY_OmnVw6lVCqi2H2BCaYRyGpgThplqFfrKyrByzDpCb_a1-IbnBfZhhwbkIIZDvJD1AozoVAzQ8MY58zeWV4bTwbSaLYaKjoVsZcCXFDWBQ2LMnVIYxdI-emGXXUqNKSBms3Pm_VFGSShNfHqR3rls8At0ubQGqX8A83T96vERb6OXukZixtKqDrUJPfPFNpgvKQYssQ1847cTljvZaMyeE3V9wKjmQjMdfII2TEw6hsyId_ZXa_53JqT2n4RODkNL4MfB1k4sJkj1MMZ7qLdzg_LSm7oCeZx_gzJc96vDYnzN-gI9KFbwqZnNH8BV9d0NrUUYJx477ZezQO7MiiRPAld-K02xjdQ_jwKW2hCFksHunIDmozmCHpgVfW69OOaTRVjYW22Y86Gsq-qMAjzfogmUmfGMX53NECjl_FwsxKZWJ3Nbz3WwMqqecv3Z6wiEPFx19D-DeNJuO84vGyz4DkkE2ApItx7wHPs6XHf_Q0y_pUO0pcXP7EDqxIIw_O7px_fdWaA0ylf8hDrf--rjua9E9X3jqLe0LO7oGje62kTVQAVepBxO1QsUh5XO2CsqiyqP9SeERcjV29PlPAbldfHSsYKgPiDJV28WVQ2ThZlHVu1Gg0-B7pP0DiMCZK6Da5sHs_tqGoC3i8a5tdZ_op6fdyydflTZN6tRv4eR6qa1Fph09h7-LR0r9-xsXMc735mvTtBwcrqIeZW6uTqdosKhxTCuIm5zbcDzkdxPopNFzkd3B_v&cid=CAQSTABpAlJWLYyFBVLssEmz2DTl9c3d2QXf5oFBmlRpIMyZDap129SrVhGEfkF7pwS3VabKUii2MPqJnNoUVlDEaX8YrccBtxYLYSGLTxQYAQ&dv3_ver=m202306200101&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=10807340616832588000&adk=2086295851&idt=87&cac=0&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cfc877e5b225e70428776d8b9a06a53247437200ab583283d61e7ee3e31c31a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37601
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:28 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
962527
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 06 Jun 2023 12:52:54 GMT
Server
cloudflare
ETag
W/"845b176368f98c92daf7aa531dcbc491"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzkiYhpO8xQdzXARQYZRR7uDqcUxonFXFr%2B4y%2BDk1nyncME%2B7mgLkWuor9zqCVjHlbyZOXR0NSDHxFYSKw7jUCY8qu5ekeMZ5mF2XStqI86Z%2F%2FeBT2EDJeNfAEMzj5ilWoXx45zDM%2Fm0owq9"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7e8c5c76390c1d86-FRA
suurl4.php
youradexchange.com/script/ Frame C758 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=4827899&chmob=%3F0&cbur=0.23236855610850804&cbiframe=1&cbWidth=1060&cbHeight=484&cbtitle=&cbpage=https%3A%2F%2Fdalbouh.xyz%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=velocitycdn.com&aggr=0&ts=1689700468176&srs=dc6aaa50ad80584cbeeb0c8c2fa7cb4a
Requested by
Host: velocitycdn.com
URL: https://velocitycdn.com/script/q91a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8b25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.sportsonline.sx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43UC7O6dyjREDxSsJf3iJlyG3A3nNPpuP641M%2FXUiQ%2FysSCR1Lsifsq1qPtTiVnMzq74rPy8t%2B6uJWo7NgxC3GWzkuT3k5LiHriKeFAZvL3JYQLO1Oj8cNm4%2FsSL1OUqAeodzMYnkKl2Id%2BjqTKI7uw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7e8c5c765d802ba4-FRA
alt-svc
h3=":443"; ma=86400
cwdjkhlh9g
q9g3eq75cjvp82.dynamicrevival.net/embed/ Frame 9C75 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://q9g3eq75cjvp82.dynamicrevival.net/embed/cwdjkhlh9g
Requested by
Host: v3.sportsonline.sx
URL: https://v3.sportsonline.sx/channels/hd/hd6.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3d9fd510ff21a29aadf5ac50c294b59d1d60ea733ea267e32ac2d18e5d5395a

Request headers

Referer
https://v3.sportsonline.sx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e8c5c765d814d3d-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 18 Jul 2023 17:14:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=va5XnO78%2FjWKxSWpAvZMKsSnsWMPiEGINngxdRpBwq4djK%2Fw3j7CAvzrnsk2NM4SoxfKa5wlKbZTiXcWVWYJlTQc1q7HIyl8NND2hgn6jGe29tkJdx7PGoV%2BJRYIHBNN2ljkeRyY4XQR%2FGPFHRq8QpfL2pM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
js15_as.js
s10.histats.com/ Frame C758 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: v3.sportsonline.sx
URL: https://v3.sportsonline.sx/channels/hd/hd6.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.sportsonline.sx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
4557
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
7e8c5c766971363e-FRA
content-length
4547
view
googleads4.g.doubleclick.net/pcs/ Frame EF99 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvgwHiSV0VHezPdHqAavnrDQvK1pHMfbH7uFWD73UFJRvygMckZRgTaYZhq8r5QQHifU5X7zAn6Qu6qh9m437nnRRLouDqsAQLsFTP9bRVKwYcnmfoguQV9ZVsLc7b9xMZmoPy-r8nQo7mcBt-R9-5frDxwn033VV0_JKkNepQAareHU0ILDkLmBo77j5RK6h2dueq2Xnq6qA2tCPThsbLeUv4cmLMNh8gvn5bPFGdkHpSlOyb5NmREkItyzgnXQFDArCD2ClJFaoctUcg5rn1Mist9pawY-p3nlY6QL3JmflHI6NPaCq0lUdR2tR43J7ioET1EkVHOkEWEqNlTn8IQnks5OAYZWEmKD6d8dxyIZAWFve_kX3wK6zyvPzYtxRkzuCw9Vjx2NK3iO2YZ6jbJdu4vfVnA89JOGZM4DqRl2EBY-e6p36eyGgfQ0MEnNeiBRVJhohQaD7byqmuIpXlAFH8HjG_aGLKhudFRdxNoquaF_TCVERKBjN44tArN6F4ROXSLO1vjQ7J0SZMF34SbrXqI2g0hL0XRCBtnba3SWW17GwvptGKATL8b2C0NGfyeEeS7IMFZHkGiuRGMm41E228Hcn6KvvE_z47zJ33VeifSMKt-EvPrc50kZjLdIpaLuzCfNLTGaEd6Bz42wAOuVHTtSyakGpmfA7NVfYXE6Dj1ysEIQNnqaSiLwfqV4epco287-UKFNViCb6yX9c0QTddiH3sgxkGEncXXOHjq3wgEa_-w-Sscad8kQeuHjg_uXVBUoeGIuzRB4uAnGtxl2C9TjulCyk5nNuW842YwbT7_lx8p0jMnjidid-rVvqzyAdsv2qIzRcMmEgkpsW86AQXBcRQbkKdquA-tOHZUkTQnyLWJ-Jhhdk4oDSO4gZRnzAveTYd7PK7X02F-qHCMz9r9egHYJ8LtCnD42R2SaTmp9Ql7sUFpCuywQIjG1bYv_noloMN30hk3yWePVuqP4E70sbui3dYb7U7ZyMUeMjq3dzN9tipOfn11jEh8AGN3vLH4GmBmEuQ-Kn65etO7Z4_HftTx-XRjoQQtGHeKAysl1l4FB5CEdRB0djLafjwkEEpAeJFezIC3Rimhek_Y6BahUl2mmh4GxR0wEhiHy0Idf-NFLw-us1XEevLunKstiFz6HOibRyeQJeaqMcCZLHdO3Pwz8irflknDOg3Zmm9TGhrJpB24OcgsPkkO3CAz95Xf07EIVN7G2fTGenN9dPn1p6JBOkG6u2sWSRdU7aptDWD-Qz8&sai=AMfl-YT7Ln-If9aa4-iLYmyWEs34Y-qFgm15pJbFClZrJ5xmwYnNIXLI3mOsm2pdRHucMMwQ8PeAVqouRrm5ZfR48LT2m_CRsJIxtiUI9tJwlBQfhbTzzaqu5YJ65babap7H83jrbPSCj_mFU7OpXgODr797sZ32INq12FUE_TCxND42AEDkq2HcylDPX66szC3fimE27x4o-0dVoFnxLs_-5L1z315zym0ddIJ-QOcXo31kDmm8mA8V-uipK5tO6W2DgQCw5yW-PICvB0mkkEItj7L5ztoprROD&sig=Cg0ArKJSzL8uZ09wlwpsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=147&vt=11&dtpt=146&dett=2&cstd=0&cisv=r20230717.00703&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5MqPFOutLeJWqxN8PYxw16scCcqBF9A04l44H3Uwe_gFOU3uR3kyfZoD-EkkiflmQJDgBFC-f8TN4i2AbDVz4_X2MoQ&cry=1&dbm_d=AKAmf-CF06BrIFV7BTazbfrC6jVha2VzDt1iLPCrsG3wx8X0vuypgErAx9db4U5L2Aw8Co8b3xhDqviWGEjpgGSIl0-Gmwa06XnW2yA3FjrTxWdRQt6BCua4wBAxsHo06a7fHA16STapdDanhue19Z14x5BJBkM0HUeH1O09DBu5ifINOmEBmxMbPtUddEY4zfsQyKWS8RnkB82LEGTaWu-RjDUgF51JoyFMqWmW-NZhLFKKNHgTVgUbEnXVBoLaD-ehBTNhhvEj9aPmYcq-c0JcWkRdvRNMhx223czSAWYwoLf20dAG6XiqbaMr0Jw-Yfg3Uwmiogt-e6vZUPPKrkwmRBcc_CHrJxHRHLrSrL4Z4iYBmE15ji-Q_y82G-rggJ0uaiN8__7hrcFBKcwMd-UergWLK6LFlO3keq0_uMjV1dl3VNMS6oMNB3LiLekFPmLzzyC1fqAjHGyOO_0J1iR1eQ4KVkO0vef3O-GGNn9hDu3zZm0qy4u9P3rs8ZtrBB0tygM6eOrr4oAmWva_BXcNXesiyOfIryRkeLZdhuFYRVwFY5rzdSXzymzstIiU6Zrd3REMwyiqGpjZIzWJa7tYnqE2m7y1J_etTFcli5AF4pd1d1ajapzUSCSU1w1u8kBSoYpRbBeBhfBMx7eag4C3AWt7l4zEA6c08ZQMCTEAwrASCoyWJ5DWflzISX_Cj6ux_0hD8zSMWI9PQ0LkNSSJWC4dMJIlI2AX_8kLwrPk7rMZ_0ja1h2LRGA9bxgy-we2gnSRUENy1SKWo4ESa46BAD8wphsbJtX0jb-ctWzmjt8H_vTcI-lXoiulHkR2W4aPJ6E4pQ8q9SAVNEZHZAXi9uuTlmMXdoWE66ZwTC6O1pLsLJgJjbpzhyt0imAYwDLXUxQpearM_yrDsJfRCqMVKUKPfmYEjuj0Ml94NBLTNJeyjN8VEvQzdPhcAlqCJa-IMGqKPMolmCNSfGwL6iHcDCD6NRWYHbScJ_G7jXrtZImPvBko1WqcFYR1W3X6S-XlvZYdcwBckPKgebBgP2KixdBqOnFxAHbKh4GsAtCf9WcnweW68TEdQi9VcojZ0SCyLEbntjab_AYrw4MrPxBLK7u1aeDTA9fTJB_ITkjW0k7stqmOjXKjbMXZaXhTDHTb1K3CbEvi9kxwejrk7CeBqy6l2TrUmHTHfTJuQ2oVAq5fLsMog1QdHSEoHtAfEpOEn29HN35XspuM6UDc2zGZsazDX7bZSy_fAP1l-wyTjhsR7lGH5QKxoPaFD4MLgM6n85Uq5zYsofvkUT2PmiGW35WwkVUqxjB5cUE9w4XSBiklf1EzsjJT3DBDfN1eerPOtBkZRi6ZbTrdtCVIcNUjDtsUu8-L34BPY6cIsTy0_-Tl8dl3od_y_LEsmOOJquiqhw81DGOYxtKIX9n8etHy_fDcf4XDLkymVDyQ9n6fatWT8KJpeb1oTK0MFy3kzMzob4-pzvxxUJbVtA1RmqBcyR0qNE0pXYqXiF2aHDNh1YhErStXzdCEJzFAvV2yHHSTNEXykhIvDogN6wx0zt4mM22kj3Agg4mt6wzAQ3eRqR1UKjCmX2bF1HF_ssChVGgkXdXPFx8DBGrHO5igH7E9Xs3nRKiHxDzEvd8ULhNGEoWS5VXRq4Wo3Acg-NA4sDz3dnay6zoGmoKhOH7l2lrcHYBHLg36sPIwANQtxfyQ3wKeWwqVACOXktLUi3KjisfsPiEzyU8kL3-y4MHvm0dmqjr0tFyCD7zb3xo0XAG16xO1Lfw4WICkoWjlvok_HHc8bPrg9RnYvCwtDQyWyVZ21Tdij140nusTTQanbAj7lDQELHZoOTEHk86GiPAONnR_16kJCobOP9SUmdAwglPS4e6y30g3z4qauEVpLvcj2bpH5NSEbkecFSMUBtQ53EMnNjU0Z-47khqrrGzWPBYJe-Zp5JnAg2SiJfGfSTxRsyKVE2paG4a5vnBlH-tem1nwGrvSk9TlK09HDtO49mxHasc2BUY-HGDnqH9R_UBQgIvnuZMPfO2N99whuQzZUvBAVz9SXAQlC4JrhpFM9B-AFZbo11xopI27wlp5SgxjTKsF1fTRqqJHWQ6IbJzpagfwTywCCyM9d19Lcl0DCzB-OiIqGCYBxRCDsUlU9oZVYB9Cavj2UMq3mwXNEhyFA7D3HcTG7TFxaA7KCeaRG0QCAmPt24BP15VeHSYrFpxAToB0Y7AyOmdkV-U59828-EhiatLfuAn0rB_tH21CQjtc9yZ9zY3fdWzfsJD7-Si84d1BGN8l3wPRmDLwous8S9FGMiw1Gbu6lzeQG_CVYcuMCmg00bAyIcpBddYBVLKOiWVjm3-wmbZiZA4gwywYya8U7Oja9xc5zoA9YzxGtbGrIRewjSb23004T1mYTt_hXPVnlP21-u8htX4efANcpJjMv4ejrnHpx909S0qeLqqN0VogT-gdaHX3R1rIUHdPK7deWER_0t3tUGYmhzu1hkrKYGAKm_XCLunDJSLZGIuL4hwH6tPKJAQ4ntBUrAwwCN5BxlDY0ahNoG_nFRUq4VNPuQgtYHEekEM7qFmaRW933AXnfTkZDuKJ8rjcm1aqONjTtod8PEUVecwsIHNmRKOFXRx7N8CIjwaUNiMn-gbRikAbT8EezXigHLyIzEc2SRUl1PZdrLkjEwAgcK0Y4M5MJb7DeHXl9Cglmq1QHtAdaSxg0yY2WRg2Zh8h48KRtXxNiyF9ov4K2NitVi1zPQiEiHmxLrKSQ26T2f1y-c9XEoel0ZC4P4WWj_IU5aEIg-3fUTskg5EKoL-fwbBXXyNWo27h7sCjkNHRW30Kpp604fp7vJBdfKCakFXrUeinyF0ZchvQKbARYk94_we6xslP1AMth232KyDm80KRjg72KTkFN6uVhpkNg9gt8rTAbpksTx209tHqV7TZLbn4AF4DtH7fa2oqpep2C_4HrOIQxcEGElkLzxkdGX6226cRmD3T_73VTzqPWv-q4Nnx2srUyK7FlLH2Fz4WQUue_UA1ifwfZ6mYXtjLK1o95wZo38ufQZSajOhNUeLX8KQX1xNIRVpSCieZfxhfLx2_JLyMVX7swZzaU4oUPxslhCzIfxn1NzwnsZ7xYHVtzXCcYbb2_ay8hmo3_R6IW_eSqXWdqI_Q0XcUQg_L8bC97XSQ2PtFUEuaOgZJOsLFy4MIGFmOmoSdVDlxcIBF-2pYVQbKsi5-6oiETTZS_oMnx3oHvjbtnB4LBTOdoBcxjtc9lRBeL-kItvSKOf1CaJowHwbUf71-uumNAsO5V-9mWUq-AWA55Nmir4V_zibL1XBKsLpK7diZk2X4uZggbrZ79Zx5Amx5NzoB6N0x3cdHgUNgTVy9Z02ZHO-OaMoueQ87LOIyhGJ-cC2yn50RpzgF_A74Y2Z_kSvC6DEa9JK4QFOzMH_Ec3xztrbuaIUQxyJCnt-_opGIcVRG8p9b3MuPggvYVGDasslLS6ayRyBpnw6dqnyGbMKVFiEnRrJxk5loa-HbckIsVA1Dl9Jt5ttXz4KQNUwUlWz_DTt_IK-GZDYew9AoTkQ2Obo&cid=CAQSSwBpAlJWNLfHo7QpLtg_29_XCMAlZvz0QNNVL9SQFnXNwRJt8Tu7P_U5M0ZraviryfHBuNJZXTr428mUif8jTJ-mAlOiM14VHin4WRgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=12448798890644533000&adk=250412560&idt=123&cac=0&dtd=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 18 Jul 2023 17:14:28 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FC93 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
22420
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 11:00:48 GMT
expires
Wed, 17 Jul 2024 11:00:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
verify.js
rtb0.doubleverify.com/ Frame 37C6 		1 KB
925 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_116409824691&jsTagObjCallback=__tagObject_callback_116409824691&num=6&ctx=29074404&cmp=30088679&plc=369086996&sid=8754143&advid=&adsrv=&unit=728x90&isdvvid=&uid=116409824691&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.10&dvpx_strhd=0.10&brid=3&brver=114&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=9&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=166&eparams=DC4FC%3Dl9EEADTbpTauTauJ2%3D%3D2%5CD9%40%40ED%5DEGTauU2%3F4r92%3A%3Fl9EEADTbpTauTauJ2%3D%3D2%5CD9%40%40ED%5DEGTar9EEADTbpTauTau2ff72h2hdc3e6hafd_cda2ccc3eh3d25%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=6.20&callbackName=__verify_callback_116409824691
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
de6b9ebcdb5619569cae06fc0c69c9905af71e92ded9e70ce23bd3cfc0872e98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 17:14:28 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
07/17/2023 17:14:28
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1355555487957082&correlator=3163552015091492&eid=31072019&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Ccube&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=9&adks=323800357&didk=2675907389&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D8238e40493fbd91b%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_Malw_5R-3LX6FK69-8-Txt8IbExYA&gpic=UID%3D00000c3fe02dedc8%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_MahRX1CYAsRGeOFxbuXoH1RIBm9KA&abxe=1&dt=1689700468229&lmt=1689700454&dlt=1689700466828&idt=526&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11511%2F1042679%2Fvalencia-vs-nottingham-forest%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1232595036.1689700467&ga_sid=1689700467&ga_hid=948966620&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
559517e9eb92f5cc64ad57d513a5f2402b30bc2531f9b5b3cad3a2a2b2337ffe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:30 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11671
x-xss-protection
0
google-lineitem-id
5818019657
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374037624
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		382 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1355555487957082&correlator=3163552015091492&eid=31072019&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Ccube2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=10&adks=2685385890&didk=2675907388&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D8238e40493fbd91b%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_Malw_5R-3LX6FK69-8-Txt8IbExYA&gpic=UID%3D00000c3fe02dedc8%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_MahRX1CYAsRGeOFxbuXoH1RIBm9KA&abxe=1&dt=1689700468231&lmt=1689700454&dlt=1689700466828&idt=526&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11511%2F1042679%2Fvalencia-vs-nottingham-forest%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1232595036.1689700467&ga_sid=1689700467&ga_hid=948966620&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6fbae4db94388c0c1feacfa631653cd3f0786157c4a61e89f1076fc278fce845
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:30 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1355555487957082&correlator=3163552015091492&eid=31072019&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Ccube3&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=11&adks=1315967423&didk=2675907387&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D8238e40493fbd91b%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_Malw_5R-3LX6FK69-8-Txt8IbExYA&gpic=UID%3D00000c3fe02dedc8%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_MahRX1CYAsRGeOFxbuXoH1RIBm9KA&abxe=1&dt=1689700468232&lmt=1689700454&dlt=1689700466828&idt=526&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11511%2F1042679%2Fvalencia-vs-nottingham-forest%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1232595036.1689700467&ga_sid=1689700467&ga_hid=948966620&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b199c09d410f6721b4edef1369b3848c36639e134cd2a2207ad3233200cb50a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:30 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11632
x-xss-protection
0
google-lineitem-id
5818019657
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374438803
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		380 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1355555487957082&correlator=3163552015091492&eid=31072019&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Crich&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C320x50%7C320x100&ifi=12&adks=4183778&didk=2675907386&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D8238e40493fbd91b%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_Malw_5R-3LX6FK69-8-Txt8IbExYA&gpic=UID%3D00000c3fe02dedc8%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_MahRX1CYAsRGeOFxbuXoH1RIBm9KA&abxe=1&dt=1689700468233&lmt=1689700454&dlt=1689700466828&idt=526&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11511%2F1042679%2Fvalencia-vs-nottingham-forest%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1232595036.1689700467&ga_sid=1689700467&ga_hid=948966620&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb228164692b2a0f5fb7d8848c3897c77008f1151d9f652e14d6405326f1c894
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		381 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1355555487957082&correlator=3163552015091492&eid=31072019&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Crich2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C320x50%7C320x100&ifi=13&adks=861436630&didk=2675907385&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D8238e40493fbd91b%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_Malw_5R-3LX6FK69-8-Txt8IbExYA&gpic=UID%3D00000c3fe02dedc8%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_MahRX1CYAsRGeOFxbuXoH1RIBm9KA&abxe=1&dt=1689700468234&lmt=1689700454&dlt=1689700466828&idt=526&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11511%2F1042679%2Fvalencia-vs-nottingham-forest%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1232595036.1689700467&ga_sid=1689700467&ga_hid=948966620&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c41bcb14520d5eed3b15a09477079b3909f9cf94f900a54dfcefef8206446b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1355555487957082&correlator=3163552015091492&eid=31072019&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Csky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=120x600%7C160x600%7C300x600&ifi=14&adks=2501595801&didk=2675907384&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D8238e40493fbd91b%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_Malw_5R-3LX6FK69-8-Txt8IbExYA&gpic=UID%3D00000c3fe02dedc8%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_MahRX1CYAsRGeOFxbuXoH1RIBm9KA&abxe=1&dt=1689700468235&lmt=1689700454&dlt=1689700466828&idt=526&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11511%2F1042679%2Fvalencia-vs-nottingham-forest%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1232595036.1689700467&ga_sid=1689700467&ga_hid=948966620&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13e8eb49d146d029bd12aed3e5ea436e966e87a56e90738051516b3d1ed91af9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11625
x-xss-protection
0
google-lineitem-id
5850403633
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374456614
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1355555487957082&correlator=3163552015091492&eid=31072019&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cresponsive&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=15&adks=656180126&didk=2675907335&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D8238e40493fbd91b%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_Malw_5R-3LX6FK69-8-Txt8IbExYA&gpic=UID%3D00000c3fe02dedc8%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_MahRX1CYAsRGeOFxbuXoH1RIBm9KA&abxe=1&dt=1689700468236&lmt=1689700454&dlt=1689700466828&idt=526&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=f&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11511%2F1042679%2Fvalencia-vs-nottingham-forest%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1232595036.1689700467&ga_sid=1689700467&ga_hid=948966620&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b05499599384fd8e086d3e55620ea6bd0a49e6951feaec3aa31b290c2e1bf8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11626
x-xss-protection
0
google-lineitem-id
5818019657
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374033787
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		118 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1355555487957082&correlator=3163552015091492&eid=31072019&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cresponsive3&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=16&adks=1041763575&didk=2675907334&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D8238e40493fbd91b%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_Malw_5R-3LX6FK69-8-Txt8IbExYA&gpic=UID%3D00000c3fe02dedc8%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_MahRX1CYAsRGeOFxbuXoH1RIBm9KA&abxe=1&dt=1689700468237&lmt=1689700454&dlt=1689700466828&idt=526&adxs=1018&adys=605&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=g&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11511%2F1042679%2Fvalencia-vs-nottingham-forest%2F&frm=20&vis=1&psz=1076x33&msz=1076x0&fws=4&ohw=1076&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1232595036.1689700467&ga_sid=1689700467&ga_hid=948966620&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b284bf56717abd7b847ee0f5954779e8da080a4e7bc0507b8609045c36e1a931
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39482
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1355555487957082&correlator=3163552015091492&eid=31072019&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cresponsive4&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=17&adks=2149091243&didk=2675907333&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D8238e40493fbd91b%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_Malw_5R-3LX6FK69-8-Txt8IbExYA&gpic=UID%3D00000c3fe02dedc8%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_MahRX1CYAsRGeOFxbuXoH1RIBm9KA&abxe=1&dt=1689700468239&lmt=1689700454&dlt=1689700466828&idt=526&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=h&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11511%2F1042679%2Fvalencia-vs-nottingham-forest%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1232595036.1689700467&ga_sid=1689700467&ga_hid=948966620&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05c5b16d0ed7f13b08fc09b855c03d9717e9acab593e4256eb1b0d737c5cd7a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11625
x-xss-protection
0
google-lineitem-id
5818019657
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374037645
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		34 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1355555487957082&correlator=3163552015091492&eid=31072019&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cresponsive5&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=18&adks=2023909493&didk=1220294050&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D8238e40493fbd91b%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_Malw_5R-3LX6FK69-8-Txt8IbExYA&gpic=UID%3D00000c3fe02dedc8%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_MahRX1CYAsRGeOFxbuXoH1RIBm9KA&abxe=1&dt=1689700468240&lmt=1689700454&dlt=1689700466828&idt=526&adxs=1018&adys=3748&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=i&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11511%2F1042679%2Fvalencia-vs-nottingham-forest%2F&frm=20&vis=1&psz=1076x2548&msz=1076x0&fws=4&ohw=1100&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1232595036.1689700467&ga_sid=1689700467&ga_hid=948966620&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b75eab0b71c98ac99cc3aba15699caee9b5924877d464d340585446261e365c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14043
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1355555487957082&correlator=3163552015091492&eid=31072019&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90&ifi=19&adks=3539973942&didk=1959687422&sfv=1-0-40&prev_scp=test%3Drefresh%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D8238e40493fbd91b%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_Malw_5R-3LX6FK69-8-Txt8IbExYA&gpic=UID%3D00000c3fe02dedc8%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_MahRX1CYAsRGeOFxbuXoH1RIBm9KA&abxe=1&dt=1689700468242&lmt=1689700454&dlt=1689700466828&idt=526&adxs=315&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=j&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11511%2F1042679%2Fvalencia-vs-nottingham-forest%2F&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1232595036.1689700467&ga_sid=1689700467&ga_hid=948966620&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0edb8acde4ed69a3896c5ea82b67fb68350dc0a52093451472b5e85345f399b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11289
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame AED0 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
22420
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 11:00:48 GMT
expires
Wed, 17 Jul 2024 11:00:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7829 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
22420
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 11:00:48 GMT
expires
Wed, 17 Jul 2024 11:00:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
request.php
hal900011.redintelligence.net/ Frame 2137
Redirect Chain
  • https://hal900011.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=8dcf54e18a&subid=&uid=4fe0f076e03b0560&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900011.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=8dcf54e18a&subid=&uid=4fe0f076e03b0560&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900011.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=8dcf54e18a&subid=&uid=4fe0f076e03b0560&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB5IZc8i2ZO6SG4K39u8PyP6-wAum5b2gaZWTnKfJD_AuEAEglZvKIWCV6rGCvAfIAQmpAp5z0P5d17I-qAMByAObBKoE7gFP0ILLFDNJjw5pNtmiIvZ5ceOUo_4hHcymgsTftPJ2wPPZ7VQSAaOP5Ae3vUxAKFNjOlN2rq1BvJN04FLRuT8L8qM1tXcnjM47alpjoSgs30VGd8Hzazigkv1g3GwpqaBqp2pzuLr0hA8WxP7ffbggVxvy5KR-ou9CRh5jQGW_Z0xH1qJ84UQFFVux5zI-sFj3FULhnYrsb2ElQNQTACgHLD0KxqO_R1emhgUVoxHLBoLPX8YMnJ7HEu720FS5T6WreYCbnf4npoSOrVfOzBhD85275gcgqKKpVb821THx7S7qwwqn_B1huROcXkqowATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJWk6RUR4NkT_1CaSkTEal8BDUFctkIxVrxRjv1eYHtPEdm_Cqeu0ZM8IIgy9RRERRJ7o9LgAAsmiZOYG2desfZbu5kDhXPWhgB%26sig%3DAOD64_3GsBkpEPqZx4cvtCHAPXrjhBJWmQ%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-CsYrrJ2_DO6ADdAxOSFnr7v4RMIZdlulZ9reGJy7ZyjODQmqBSobMxIUEjO5OeJvPBztiY9MzVSSp7G2WbtK_1eG1Y3a01WON31Bb6L2vLH3WFRnSy8LJfP363LElqIBlUTNoLteerghLmUcJCUDpmkiJHzJv0nzoBs35IrBGhzz1CI4c%26cry%3D1%26dbm_d%3DAKAmf-Cg1jRAD_q8xAsOwiyPSYMRpc_Shi-dSHJbdnMNlidPGomfp5ehGg5pn_qV4FpgWqfrGAtcXX4PFRyU95DVDIehPl4h89_UbzUA3xW21T3YqLMgk6oVuetjh69bDxPdlEPKMc2lHoKLPfrn-467u7GS6unn2rXLlZ4hIhiTL2MiKjRGLMWm6VA4FnMdnb4MLnSuARq5DqGARoywJvrJ27IdMmSjYstfgxb0VK17oxI1XhH0Y0BOzr6bViFuWLexmjBj6tG8VzoQOjxbbIM4vhLEcmkTCP4XZL-8E1GCNH034V_nz8Yhn_Idogpkt8ppMx_FGtS4dgUEwZb4-_jiEuwpd5VWm0bspuFyRP0f8VCifBLxsF4Y5N_wg20M3VbmSQuPzU2JtFfSlja4TbWZkp7PiJfMdjbgGZrupju4zAIIVbQyjV40I77piIhjjl8PumjCfeISz1wFoLjVZSKiM7obeGeAmztDGQKAvQqn0huoIWzSzhhXNkV0o8nd5SAZegPZordIO0TT-Axqd-ZVaaNbveGFr3P-cCLL4p4UBxBUB10lar052tCvAgG1PukX-2StHq9RnI95OD7ML3P_hNVQf5Y3aokpJUWgYx4bXK-AY070yAM%26adurl%3D&documentReferer=https%3A%2F%2Fyalla-shoots.tv%2F&ancestorOrigins=https%3A%2F%2Fyalla-shoots.tv&random=3406708527405&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.64.201.138.clients.your-server.de
Software
Apache /
Resource Hash
597714c5dcd58c5e5fd0c5ba3536cfd30894109a38c8a9a8c529c0442b71e6f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 17:14:28 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
26483600103410104444990012389011
Connection
close
Content-Length
1412
Expires
Tue, 18 Jul 2023 18:14:28 +0200

Redirect headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 17:14:28 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=8dcf54e18a&subid=&uid=4fe0f076e03b0560&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB5IZc8i2ZO6SG4K39u8PyP6-wAum5b2gaZWTnKfJD_AuEAEglZvKIWCV6rGCvAfIAQmpAp5z0P5d17I-qAMByAObBKoE7gFP0ILLFDNJjw5pNtmiIvZ5ceOUo_4hHcymgsTftPJ2wPPZ7VQSAaOP5Ae3vUxAKFNjOlN2rq1BvJN04FLRuT8L8qM1tXcnjM47alpjoSgs30VGd8Hzazigkv1g3GwpqaBqp2pzuLr0hA8WxP7ffbggVxvy5KR-ou9CRh5jQGW_Z0xH1qJ84UQFFVux5zI-sFj3FULhnYrsb2ElQNQTACgHLD0KxqO_R1emhgUVoxHLBoLPX8YMnJ7HEu720FS5T6WreYCbnf4npoSOrVfOzBhD85275gcgqKKpVb821THx7S7qwwqn_B1huROcXkqowATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJWk6RUR4NkT_1CaSkTEal8BDUFctkIxVrxRjv1eYHtPEdm_Cqeu0ZM8IIgy9RRERRJ7o9LgAAsmiZOYG2desfZbu5kDhXPWhgB%26sig%3DAOD64_3GsBkpEPqZx4cvtCHAPXrjhBJWmQ%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-CsYrrJ2_DO6ADdAxOSFnr7v4RMIZdlulZ9reGJy7ZyjODQmqBSobMxIUEjO5OeJvPBztiY9MzVSSp7G2WbtK_1eG1Y3a01WON31Bb6L2vLH3WFRnSy8LJfP363LElqIBlUTNoLteerghLmUcJCUDpmkiJHzJv0nzoBs35IrBGhzz1CI4c%26cry%3D1%26dbm_d%3DAKAmf-Cg1jRAD_q8xAsOwiyPSYMRpc_Shi-dSHJbdnMNlidPGomfp5ehGg5pn_qV4FpgWqfrGAtcXX4PFRyU95DVDIehPl4h89_UbzUA3xW21T3YqLMgk6oVuetjh69bDxPdlEPKMc2lHoKLPfrn-467u7GS6unn2rXLlZ4hIhiTL2MiKjRGLMWm6VA4FnMdnb4MLnSuARq5DqGARoywJvrJ27IdMmSjYstfgxb0VK17oxI1XhH0Y0BOzr6bViFuWLexmjBj6tG8VzoQOjxbbIM4vhLEcmkTCP4XZL-8E1GCNH034V_nz8Yhn_Idogpkt8ppMx_FGtS4dgUEwZb4-_jiEuwpd5VWm0bspuFyRP0f8VCifBLxsF4Y5N_wg20M3VbmSQuPzU2JtFfSlja4TbWZkp7PiJfMdjbgGZrupju4zAIIVbQyjV40I77piIhjjl8PumjCfeISz1wFoLjVZSKiM7obeGeAmztDGQKAvQqn0huoIWzSzhhXNkV0o8nd5SAZegPZordIO0TT-Axqd-ZVaaNbveGFr3P-cCLL4p4UBxBUB10lar052tCvAgG1PukX-2StHq9RnI95OD7ML3P_hNVQf5Y3aokpJUWgYx4bXK-AY070yAM%26adurl%3D&documentReferer=https%3A%2F%2Fyalla-shoots.tv%2F&ancestorOrigins=https%3A%2F%2Fyalla-shoots.tv&random=3406708527405&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Tue, 18 Jul 2023 18:14:28 +0200
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame FB26 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Origin
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 13:46:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12450
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jul 2023 13:46:58 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/ Frame FB26 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A0Q3C9-3o01dOiBnDvi3Z89i9twevIsvTeIDaNSSudLoPlW9ZtWSPwrSC1MfPoOH2gCoLr8HAjHhfOzqQ_PtE7uMtP7g&cry=1&dbm_d=AKAmf-DVxDICyqhwMGm1aZwCilf6dIzNmIpOQJuoX2iUovtfSSf34Y66vNIbZuJvUmucNXWf2E3p9CdtlOsZYpd1BVOxg79zJpGYc3rpVOhlO9LewoyzNX0xYrbzR5FgfpCzgITsbFlTVtqYFIhsX8YFW1o4cTE7ZujkprqWKXigtzze4NrjX1OQd_s9ESrAa9bzzyxBUZRWPZ7ym5IqMYhUQlrWiGAppF7Fy6dGERpQm-EWJb9xrNJAvNnrjYbQ1L9ntBRLgS_l7FpZ-nKosXg7B6k2DJB46Db9HFib01NoDTr6ttCj0bj4M5BZ4ltgT-ysZ9AsD26211g1WNtxSyqTGrQRoMyh47lM2ADjOSGO0gMQBW1OnO_ZcgdJ-IdR3KXHsW3PTX9qk3T5qSjChs6i_VS-cxAwSmRzroBUONclcVWQVR1gL3gstYHtS9ChzJKrQg4ODJOOENfmZWn4-b-84yX9j4hIsglIPtu8AJdkNBEFjDPOPI3VpSE_Z-Zb9BFkXBm33yL8i4Bn0MCPlINw5eEw0KgvzdB2r2QtW-s6lXKWRUc47D59V1_iAStRkTV2vE3bgubZRiJ1bGm21ccbPq-N_MdAQz63pq4AvEfLYPmT0rcgHea8a1MPLPVhzlL4FOcffTBtmNgN0Owsjw1cgJxdEBLzI29qGby791SYBKJZTxla7jWGvU_rUBB11pKe432kBKD-ORgN2NRFXeZbyzhO1voLiY-yM_7PqDxZQMAfvu2a9yH0sqI18jyEJRk8tmKesF0c_BKpgrgYo5sP1zudbyH7ahVBXEihJZYuQkGZ-PCXmHfPRc39atRwSAdMmSPJ15vwaojMlG1gSs3nD9rVQyZjeA4ONX4ShRivP7mZIt_LclpgFKnQlgfltKjOLvnAPSlwOE0hBj_Cqjyld4dttnzUuXHRyoKuOGi_RvKSyhp8TeoPsRNGxnerfUPIuDSbcdVBaljpB0c_3T9nIYmiJ8X0mcUkP_Bg_1OHMMruJkUP9j9l8ITQEi-DWF1Gd4bMaqy3dO1HabCj5I6CSAw2zMvA7-SdLYmRZe-zZbaXOXQLniXRbCY16pQ2BcJLVdpv9Ga3UUuXji-_0FroZNrXEka1Fky_wpI1YDE_DCrCkJCMhgl5217gsWDFKLCYBKuAlNF75r3lxmWBmNj1KIICgIVUoolPlNZqtsKFheCdT-R-oeJs3QBH54ZJHzDV-2l_ER593pOy8u8khdAY8rbfU_NxzN7KjWsXMFUoBwHQ4R_MX1uDZxLSN4IVHSIFtb02CuOLLcmNNXtZ7jksNyKps0ZUOMchFPfMaiz3uAWc-A7kSsOwv7mLhM8Z8jV_0zGeEa14rq6pLNFs8KBbFMsLwgBEwkNLryksaWWjSgNkWX59dQAP7mCA-0Unek_mWalw6pTNMBo6h3c5u1qfOck7N85J2vpJB8VAX3ntL-FfYTq9GIiuoZ2zzjDb7qbdtOwpLjqqpjGfqWP65oIxtGggiMniJFJTi_J7ebolT6-j8d6ozqbubrBhLGDKvLk8jlg46imssPX6RAfPY_xM3JcVIO6zENFrhkWdsMMShjWhnYU5bmiWwoydKuTonNVd4IEzYZe9Q-C8AKjcSRFRXAcvIMwL_qbdJfhuiXO1OI6rQkBiRZI5oOexXEilSuQMfYW4oWiIcSi7a3gQ-_8A-iMysLG45r-XJsmoU1ZLcGbmE9vFoPaxPkbjPfaQeMX3JpbVo0M9wG726ZLXLZ3rfme_u1MJY0WzbdhNhxpM-qMBGkJWw8vWtdTF3HSFaRqErS6WJMezMcVeRaZKufyaGUmIwv4zN-Dh98V0XQiea_IHhtBa2HQCgxa_i6jNfKgaUdoFajlcCqlbw2XXFZ_Z8B_YmUZxJFmlv-qpgArzVotPyDlgoIuRGat2gRcdep0mOhRRItJGVLE9XP9Uq5kOshkJtM-zIlKtQPHk5q81MmrhAi77MG8Yz-_N-oup_lzm4TiseVx2uOaQ9z5JozDAnwOrK0yjbREZ-4n0h5wdhfFSjBgKTDToHbxYjPhB96nQxsIuo29g1_2K7EitucKXGXIaVe1HDcIUw_v5qKq9Pwu4KVqpJ1sGUlgajigzvfICLx5opPHRC5Z6lN-THv98F7B_WbY7G3urlCJ4QWhN2ER8GeK724F17ro95zLKSehFzvbeXcqeKHD46CWeSTZE3rkGDxMw6iDUtv6bT0zpuzayZFP20q3jGx9XNWd1ZrzyITlHD8Bhq2-T1LWhBqoRAZeuPtbn60z0U-AHXfdUhN-gk_IeX5ZbGNE15zW1k0-QKmdrNeFvY3B_jjsV0H5uMdXACl7nNTO-mGBk1Isz8Rp6M2ItcL6joa7Dl30vc3OKkT9F3riZ-RHw47O8HW0CfH5pOqZQ3zqL72ng5SDEM1X24k44ttvqfPMhSiJCCmBzJcTWG-IOp7M3M5TnQTArh_2RZZippRwU_qFwNPFIpjxTpP8RBgvn3EPOrksTuObl8_uKpCeliWDH8V05Wj5bJHpZRbfKwraQ0mNjoK5ZKxeBzElxQmLqjsELoULM3ZQyGWnkXItO0gcvnygo0wAiSW2NtwYIeLSrEfy7I2XTJfCUPx-SNtbzvZKVL1TBkuKSXm9zbchfNMy48pQmQSO4YWyHJ1waGj4Qk-D_Q4gpgzcrpgOtkS0y_bMK5okjpvBAEPvxmkARLUWpLl2jK-hTS9Erd8R_BrKVxdp1jNly1KqelHNOaO1FkKb7GBsz7HbJ6iX5EORtScoIYQjzikrY_OmnVw6lVCqi2H2BCaYRyGpgThplqFfrKyrByzDpCb_a1-IbnBfZhhwbkIIZDvJD1AozoVAzQ8MY58zeWV4bTwbSaLYaKjoVsZcCXFDWBQ2LMnVIYxdI-emGXXUqNKSBms3Pm_VFGSShNfHqR3rls8At0ubQGqX8A83T96vERb6OXukZixtKqDrUJPfPFNpgvKQYssQ1847cTljvZaMyeE3V9wKjmQjMdfII2TEw6hsyId_ZXa_53JqT2n4RODkNL4MfB1k4sJkj1MMZ7qLdzg_LSm7oCeZx_gzJc96vDYnzN-gI9KFbwqZnNH8BV9d0NrUUYJx477ZezQO7MiiRPAld-K02xjdQ_jwKW2hCFksHunIDmozmCHpgVfW69OOaTRVjYW22Y86Gsq-qMAjzfogmUmfGMX53NECjl_FwsxKZWJ3Nbz3WwMqqecv3Z6wiEPFx19D-DeNJuO84vGyz4DkkE2ApItx7wHPs6XHf_Q0y_pUO0pcXP7EDqxIIw_O7px_fdWaA0ylf8hDrf--rjua9E9X3jqLe0LO7oGje62kTVQAVepBxO1QsUh5XO2CsqiyqP9SeERcjV29PlPAbldfHSsYKgPiDJV28WVQ2ThZlHVu1Gg0-B7pP0DiMCZK6Da5sHs_tqGoC3i8a5tdZ_op6fdyydflTZN6tRv4eR6qa1Fph09h7-LR0r9-xsXMc735mvTtBwcrqIeZW6uTqdosKhxTCuIm5zbcDzkdxPopNFzkd3B_v&cid=CAQSTABpAlJWLYyFBVLssEmz2DTl9c3d2QXf5oFBmlRpIMyZDap129SrVhGEfkF7pwS3VabKUii2MPqJnNoUVlDEaX8YrccBtxYLYSGLTxQYAQ&dv3_ver=m202306200101&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=10807340616832588000&adk=2086295851&idt=87&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
85980
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 17:21:28 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame FB26 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A0Q3C9-3o01dOiBnDvi3Z89i9twevIsvTeIDaNSSudLoPlW9ZtWSPwrSC1MfPoOH2gCoLr8HAjHhfOzqQ_PtE7uMtP7g&cry=1&dbm_d=AKAmf-DVxDICyqhwMGm1aZwCilf6dIzNmIpOQJuoX2iUovtfSSf34Y66vNIbZuJvUmucNXWf2E3p9CdtlOsZYpd1BVOxg79zJpGYc3rpVOhlO9LewoyzNX0xYrbzR5FgfpCzgITsbFlTVtqYFIhsX8YFW1o4cTE7ZujkprqWKXigtzze4NrjX1OQd_s9ESrAa9bzzyxBUZRWPZ7ym5IqMYhUQlrWiGAppF7Fy6dGERpQm-EWJb9xrNJAvNnrjYbQ1L9ntBRLgS_l7FpZ-nKosXg7B6k2DJB46Db9HFib01NoDTr6ttCj0bj4M5BZ4ltgT-ysZ9AsD26211g1WNtxSyqTGrQRoMyh47lM2ADjOSGO0gMQBW1OnO_ZcgdJ-IdR3KXHsW3PTX9qk3T5qSjChs6i_VS-cxAwSmRzroBUONclcVWQVR1gL3gstYHtS9ChzJKrQg4ODJOOENfmZWn4-b-84yX9j4hIsglIPtu8AJdkNBEFjDPOPI3VpSE_Z-Zb9BFkXBm33yL8i4Bn0MCPlINw5eEw0KgvzdB2r2QtW-s6lXKWRUc47D59V1_iAStRkTV2vE3bgubZRiJ1bGm21ccbPq-N_MdAQz63pq4AvEfLYPmT0rcgHea8a1MPLPVhzlL4FOcffTBtmNgN0Owsjw1cgJxdEBLzI29qGby791SYBKJZTxla7jWGvU_rUBB11pKe432kBKD-ORgN2NRFXeZbyzhO1voLiY-yM_7PqDxZQMAfvu2a9yH0sqI18jyEJRk8tmKesF0c_BKpgrgYo5sP1zudbyH7ahVBXEihJZYuQkGZ-PCXmHfPRc39atRwSAdMmSPJ15vwaojMlG1gSs3nD9rVQyZjeA4ONX4ShRivP7mZIt_LclpgFKnQlgfltKjOLvnAPSlwOE0hBj_Cqjyld4dttnzUuXHRyoKuOGi_RvKSyhp8TeoPsRNGxnerfUPIuDSbcdVBaljpB0c_3T9nIYmiJ8X0mcUkP_Bg_1OHMMruJkUP9j9l8ITQEi-DWF1Gd4bMaqy3dO1HabCj5I6CSAw2zMvA7-SdLYmRZe-zZbaXOXQLniXRbCY16pQ2BcJLVdpv9Ga3UUuXji-_0FroZNrXEka1Fky_wpI1YDE_DCrCkJCMhgl5217gsWDFKLCYBKuAlNF75r3lxmWBmNj1KIICgIVUoolPlNZqtsKFheCdT-R-oeJs3QBH54ZJHzDV-2l_ER593pOy8u8khdAY8rbfU_NxzN7KjWsXMFUoBwHQ4R_MX1uDZxLSN4IVHSIFtb02CuOLLcmNNXtZ7jksNyKps0ZUOMchFPfMaiz3uAWc-A7kSsOwv7mLhM8Z8jV_0zGeEa14rq6pLNFs8KBbFMsLwgBEwkNLryksaWWjSgNkWX59dQAP7mCA-0Unek_mWalw6pTNMBo6h3c5u1qfOck7N85J2vpJB8VAX3ntL-FfYTq9GIiuoZ2zzjDb7qbdtOwpLjqqpjGfqWP65oIxtGggiMniJFJTi_J7ebolT6-j8d6ozqbubrBhLGDKvLk8jlg46imssPX6RAfPY_xM3JcVIO6zENFrhkWdsMMShjWhnYU5bmiWwoydKuTonNVd4IEzYZe9Q-C8AKjcSRFRXAcvIMwL_qbdJfhuiXO1OI6rQkBiRZI5oOexXEilSuQMfYW4oWiIcSi7a3gQ-_8A-iMysLG45r-XJsmoU1ZLcGbmE9vFoPaxPkbjPfaQeMX3JpbVo0M9wG726ZLXLZ3rfme_u1MJY0WzbdhNhxpM-qMBGkJWw8vWtdTF3HSFaRqErS6WJMezMcVeRaZKufyaGUmIwv4zN-Dh98V0XQiea_IHhtBa2HQCgxa_i6jNfKgaUdoFajlcCqlbw2XXFZ_Z8B_YmUZxJFmlv-qpgArzVotPyDlgoIuRGat2gRcdep0mOhRRItJGVLE9XP9Uq5kOshkJtM-zIlKtQPHk5q81MmrhAi77MG8Yz-_N-oup_lzm4TiseVx2uOaQ9z5JozDAnwOrK0yjbREZ-4n0h5wdhfFSjBgKTDToHbxYjPhB96nQxsIuo29g1_2K7EitucKXGXIaVe1HDcIUw_v5qKq9Pwu4KVqpJ1sGUlgajigzvfICLx5opPHRC5Z6lN-THv98F7B_WbY7G3urlCJ4QWhN2ER8GeK724F17ro95zLKSehFzvbeXcqeKHD46CWeSTZE3rkGDxMw6iDUtv6bT0zpuzayZFP20q3jGx9XNWd1ZrzyITlHD8Bhq2-T1LWhBqoRAZeuPtbn60z0U-AHXfdUhN-gk_IeX5ZbGNE15zW1k0-QKmdrNeFvY3B_jjsV0H5uMdXACl7nNTO-mGBk1Isz8Rp6M2ItcL6joa7Dl30vc3OKkT9F3riZ-RHw47O8HW0CfH5pOqZQ3zqL72ng5SDEM1X24k44ttvqfPMhSiJCCmBzJcTWG-IOp7M3M5TnQTArh_2RZZippRwU_qFwNPFIpjxTpP8RBgvn3EPOrksTuObl8_uKpCeliWDH8V05Wj5bJHpZRbfKwraQ0mNjoK5ZKxeBzElxQmLqjsELoULM3ZQyGWnkXItO0gcvnygo0wAiSW2NtwYIeLSrEfy7I2XTJfCUPx-SNtbzvZKVL1TBkuKSXm9zbchfNMy48pQmQSO4YWyHJ1waGj4Qk-D_Q4gpgzcrpgOtkS0y_bMK5okjpvBAEPvxmkARLUWpLl2jK-hTS9Erd8R_BrKVxdp1jNly1KqelHNOaO1FkKb7GBsz7HbJ6iX5EORtScoIYQjzikrY_OmnVw6lVCqi2H2BCaYRyGpgThplqFfrKyrByzDpCb_a1-IbnBfZhhwbkIIZDvJD1AozoVAzQ8MY58zeWV4bTwbSaLYaKjoVsZcCXFDWBQ2LMnVIYxdI-emGXXUqNKSBms3Pm_VFGSShNfHqR3rls8At0ubQGqX8A83T96vERb6OXukZixtKqDrUJPfPFNpgvKQYssQ1847cTljvZaMyeE3V9wKjmQjMdfII2TEw6hsyId_ZXa_53JqT2n4RODkNL4MfB1k4sJkj1MMZ7qLdzg_LSm7oCeZx_gzJc96vDYnzN-gI9KFbwqZnNH8BV9d0NrUUYJx477ZezQO7MiiRPAld-K02xjdQ_jwKW2hCFksHunIDmozmCHpgVfW69OOaTRVjYW22Y86Gsq-qMAjzfogmUmfGMX53NECjl_FwsxKZWJ3Nbz3WwMqqecv3Z6wiEPFx19D-DeNJuO84vGyz4DkkE2ApItx7wHPs6XHf_Q0y_pUO0pcXP7EDqxIIw_O7px_fdWaA0ylf8hDrf--rjua9E9X3jqLe0LO7oGje62kTVQAVepBxO1QsUh5XO2CsqiyqP9SeERcjV29PlPAbldfHSsYKgPiDJV28WVQ2ThZlHVu1Gg0-B7pP0DiMCZK6Da5sHs_tqGoC3i8a5tdZ_op6fdyydflTZN6tRv4eR6qa1Fph09h7-LR0r9-xsXMc735mvTtBwcrqIeZW6uTqdosKhxTCuIm5zbcDzkdxPopNFzkd3B_v&cid=CAQSTABpAlJWLYyFBVLssEmz2DTl9c3d2QXf5oFBmlRpIMyZDap129SrVhGEfkF7pwS3VabKUii2MPqJnNoUVlDEaX8YrccBtxYLYSGLTxQYAQ&dv3_ver=m202306200101&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=10807340616832588000&adk=2086295851&idt=87&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49d743921311f4dca350ba007b50229debbcbd4b03441c515c567f48fc98cdda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
85980
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11526
x-xss-protection
0
server
cafe
etag
9288292274712301977
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 17:21:28 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FB26 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 13:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
12113
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jul 2024 13:52:35 GMT
hb.php
youradexchange.com/ut/ Frame C758 		0
421 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/ut/hb.php?cb=0.8721198291318768
Requested by
Host: velocitycdn.com
URL: https://velocitycdn.com/script/ut.js?cb=1689700468143
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8b25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://v3.sportsonline.sx/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5TV78EnATFpwx%2FUqWbv6sW3%2BaEFGiGYUOoaZVEp1p1Cx%2F%2B2V2xzAnHgmAmlYmhU3WJ%2BLUaLVPGKX2xkhCLW%2BOubRR3R9jG0N0mEZkkbZ0mWMibu1spsP2K2UVfav63L8XEU%2BZiFFJjXLPXpeB3EjZ8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7e8c5c7758783653-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ Frame FB26 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65a79062ce113e5836b032ad6fbeee2205857c6c98e180b3c6b0be21722ca7ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
0.php
s4.histats.com/stats/ Frame C758 		52 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4743517&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fdalbouh.xyz%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-95584634&@b3:1689700468&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fv3.sportsonline.sx%2Fchannels%2Fhd%2Fhd6.php&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.130 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534298.ip-149-56-240.net
Software
/
Resource Hash
4a47de124792a1d70223f96ff73358f5dc5c0fbb72d79fde0a69c9b6e92105b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.sportsonline.sx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:31 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
embed.min.css
q9g3eq75cjvp82.dynamicrevival.net/css/ Frame 9C75 		1 KB
905 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://q9g3eq75cjvp82.dynamicrevival.net/css/embed.min.css?v=0.4
Requested by
Host: q9g3eq75cjvp82.dynamicrevival.net
URL: https://q9g3eq75cjvp82.dynamicrevival.net/embed/cwdjkhlh9g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c7cf941b4eb9254e850875107ded812b5cf2da9de46f85919561f2a73876257

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://q9g3eq75cjvp82.dynamicrevival.net/embed/cwdjkhlh9g
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 09 Jun 2022 09:49:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3277
etag
W/"62a1c21c-4f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XkSM4hC%2F8sK%2FtNxWljMQTOaXtVB0%2Ba8Zwzb1mhAmTkPF1PFkAbgWBdX2jzNNQy2J473OrsC4JsKZJofm8BmHcYsSPvh25%2FR5%2B8hPTVcX6JFsp3nUOxyqzLrBnZmpqG0fkBqlDmXJCwDLM9k%2BdIFWWljfuc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=608400
cf-ray
7e8c5c777f6f4d3d-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 25 Jul 2023 17:19:51 GMT
jquery.min.js
q9g3eq75cjvp82.dynamicrevival.net/js/ Frame 9C75 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q9g3eq75cjvp82.dynamicrevival.net/js/jquery.min.js
Requested by
Host: q9g3eq75cjvp82.dynamicrevival.net
URL: https://q9g3eq75cjvp82.dynamicrevival.net/embed/cwdjkhlh9g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://q9g3eq75cjvp82.dynamicrevival.net/embed/cwdjkhlh9g
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 18:05:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3277
etag
W/"5fa984ce-15283"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=szeLdXmIvPYSU%2FE0iZRpnyylRIZ3KD49%2FbZSK%2BnNDcHIBEeN11w62OW2PECCACx8fecFxYMUu%2FoMpU1bhj4i5n0Nl2i5Azj9Ps6luvvLvOp9lnnZW%2FzMQpZQlev2KwRKj2lHCcYB6KbZLnVU1gCM%2BLrIVgU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=608400
cf-ray
7e8c5c777f704d3d-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 25 Jul 2023 17:19:51 GMT
j79z9kzty.js
swarm.video/ Frame 9C75 		532 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://swarm.video/j79z9kzty.js?v=1.1
Requested by
Host: q9g3eq75cjvp82.dynamicrevival.net
URL: https://q9g3eq75cjvp82.dynamicrevival.net/embed/cwdjkhlh9g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:9ae8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7c260f5e1dcb04331e9fb5ea2c0a5b82552133dd170d219384ec76afb1ec9b3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://q9g3eq75cjvp82.dynamicrevival.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
752814
cf-polished
origSize=545594
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 10 Jul 2023 00:04:36 GMT
server
cloudflare
etag
W/"8533a-1893d1d4765"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYxe4H3%2FzUv%2FloxOrXQlWRhuiPWvykJJXh0aCgffVfVF0QQ%2BAkvg84qfdHMyg5LKMrq2vOqBCEfPBZL%2BbsFfeWa%2Bab0cUfhU9ZNVbMSAGYWFBDqxao7F24C3tTCUd5jj4cFmiKOvejFmfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
7e8c5c77bc713734-FRA
clappr.min.js
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 9C75 		513 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Requested by
Host: q9g3eq75cjvp82.dynamicrevival.net
URL: https://q9g3eq75cjvp82.dynamicrevival.net/embed/cwdjkhlh9g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://q9g3eq75cjvp82.dynamicrevival.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 18 Jul 2023 17:14:28 GMT
x-content-type-options
nosniff
content-encoding
br
age
19723
x-jsd-version
0.3.13
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
145133
x-served-by
cache-fra-eddf8230073-FRA
x-jsd-version-type
version
etag
W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
/
widgets.amung.us/draw/ Frame 9C75
Redirect Chain
  • https://whos.amung.us/cwidget/15ky356qz4/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=4241&c=000000ffffff&p=left
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=4241&c=000000ffffff&p=left
Requested by
Host: q9g3eq75cjvp82.dynamicrevival.net
URL: https://q9g3eq75cjvp82.dynamicrevival.net/embed/cwdjkhlh9g
Protocol
H2
Server
2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aee081c3e9a17111761ad20c4ee9d6432eaf8ffdb00373ec54f49a820ef955a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://q9g3eq75cjvp82.dynamicrevival.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
cf-cache-status
HIT
last-modified
Sat, 15 Jul 2023 15:13:19 GMT
server
cloudflare
age
266469
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
content-disposition
filename=wau-widget.png
cf-ray
7e8c5c790f5d911f-FRA
expires
Sun, 16 Jul 2023 15:13:19 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=4241&c=000000ffffff&p=left
date
Tue, 18 Jul 2023 17:14:28 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7e8c5c77ddf0911f-FRA
content-type
text/html; charset=UTF-8
deb.js
q9g3eq75cjvp82.dynamicrevival.net/ Frame 9C75 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q9g3eq75cjvp82.dynamicrevival.net/deb.js
Requested by
Host: q9g3eq75cjvp82.dynamicrevival.net
URL: https://q9g3eq75cjvp82.dynamicrevival.net/embed/cwdjkhlh9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00f55721ec6181d9c16cc365dfe2ca9aab2fb8008ffe22ded892085019fd33b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://q9g3eq75cjvp82.dynamicrevival.net/embed/cwdjkhlh9g
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Feb 2023 13:57:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3425
etag
W/"63f61f52-6450"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQMc9mzx8t1mK6whg2%2F9Pm4wMjhzeGAzq88zaAqe145ankX1nABTfGBR4XMHn0hDC2s3B%2Bxa4fIhxthBrlpmWl5vd7SnShQJqPolL%2Fk%2FwIbNn%2B64d7tuJyaQzh5B9xcM8IFg4bo%2BaYB6s%2FvR55o8kk0c%2B%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=608400
cf-ray
7e8c5c77dfd5913a-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 25 Jul 2023 17:17:23 GMT
script.js
plausible.io/js/ Frame 9C75 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plausible.io/js/script.js
Requested by
Host: q9g3eq75cjvp82.dynamicrevival.net
URL: https://q9g3eq75cjvp82.dynamicrevival.net/embed/cwdjkhlh9g
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://q9g3eq75cjvp82.dynamicrevival.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
1081
cdn-cachedat
07/18/2023 07:38:26
cdn-pullzone
682664
cross-origin-resource-policy
cross-origin
application
10.0.1.5
server
BunnyCDN-DE1-1081
cdn-proxyver
1.03
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cache-control
public, must-revalidate, max-age=86400
permissions-policy
interest-cohort=()
cdn-requestid
15cbf76c7b8b664096a7e5b6b1408569
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
container.html
a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 849D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 17:14:27 GMT
expires
Wed, 17 Jul 2024 17:14:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
pagead2.googlesyndication.com/bg/ Frame FC93 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efd1f2d633a46174e9297aa571dd85617c750b8f87d16a52778d5bc4109b7017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 14:04:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
11400
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14507
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Jul 2024 14:04:28 GMT
e.js
live.demand.supply/e/ 		0
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_interstitial_desktop&e=nai&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.5.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id
01H37XBZTS5HKQ2F1CQXNBQG5A
date
Tue, 18 Jul 2023 17:14:28 GMT
cf-cache-status
HIT
age
450581
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"081b1367cd2301d3bf23f0a40952d236-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7e8c5c77bf481e4a-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		163 KB
48 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1355555487957082&correlator=65423123280626&eid=31072019&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C0d2503d0-0ba5-488d-b5c8-a33cd4dbb165&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=20&adks=382925298&didk=2510433324&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3Dc677851b-eb3a-4f42-9848-077d0b71f2d2%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D83&eri=1&sc=1&cookie=ID%3D8238e40493fbd91b%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_Malw_5R-3LX6FK69-8-Txt8IbExYA&gpic=UID%3D00000c3fe02dedc8%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_MahRX1CYAsRGeOFxbuXoH1RIBm9KA&abxe=1&dt=1689700468439&lmt=1689700454&dlt=1689700466828&idt=526&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=k&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11511%2F1042679%2Fvalencia-vs-nottingham-forest%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1232595036.1689700467&ga_sid=1689700467&ga_hid=948966620&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYtYX8z5YxSABSAghkEhkKCnB1YmNpZC5vcmcY1oX8z5YxSABSAghqEu4BCghydGJob3VzZRLYAXorUDUrWkRxeWJsUXpOdURDVmNkRXpwL3p0NnJGanpRT1B6Y3JxS21XVU9iaCtEb1F2MVJ1ZGtGdEc5QkxKNVYxVVlZK2tQYitpdzBRUjdWTndjeHd1aVNQRllUUlhkNE9PZnR2R25iaDdTdXFsYmVFb0xvS0pLT1FtU1Z1dGRweWpteGFpcSsvdFdFMDVVZXd0RElPd09USzVWUmJOV2crL2xSSG5LZDhlQUZCaWhiZ1d0L2IzTjhOd2UrUVNaSDNVbnZUYUFURzVvMi9iQlZ2RTRZZUE9PRi8h_zPljFIABIdCg5lc3AuY3JpdGVvLmNvbRi1hfzPljFIAFICCGQSGQoKdWlkYXBpLmNvbRi1hfzPljFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGLCG_M-WMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96f0aa2ba01a47e696ae882e4a086ee57018aeefccc13f61b167e93b3736ac50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49390
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
pagead2.googlesyndication.com/bg/ Frame AED0 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efd1f2d633a46174e9297aa571dd85617c750b8f87d16a52778d5bc4109b7017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 14:04:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
11400
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14507
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Jul 2024 14:04:28 GMT
79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
pagead2.googlesyndication.com/bg/ Frame 7829 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efd1f2d633a46174e9297aa571dd85617c750b8f87d16a52778d5bc4109b7017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 14:04:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
11400
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14507
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Jul 2024 14:04:28 GMT
css
fonts.googleapis.com/ Frame 9C75 		1 KB
817 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: q9g3eq75cjvp82.dynamicrevival.net
URL: https://q9g3eq75cjvp82.dynamicrevival.net/css/embed.min.css?v=0.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83bb47871b3895cd8f4bf5da67037710b6d9a9e1fab80d03b579cd83a448fe23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://q9g3eq75cjvp82.dynamicrevival.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 18 Jul 2023 16:11:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Jul 2023 17:14:28 GMT
bsevent.gif
rtbc-ew1.doubleverify.com/ Frame 37C6 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-ew1.doubleverify.com/bsevent.gif?flvr=0&impid=4919d833ea434a93abd14024870b030a&vfdur=175&cbust=1689700468472903
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Tue, 18 Jul 2023 17:14:28 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
07/17/2023 17:14:28
dcmads.js
www.googletagservices.com/dcm/ Frame 37C6 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 16:50:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6830
x-xss-protection
0
last-modified
Wed, 24 May 2023 18:59:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 18 Jul 2023 17:50:48 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1882 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRDDtunGBBil54XuATAB&v=APEucNVu3Ugolp-qiaCBdMT9ioWBytimQTpHWvZ5vb_9HAzMKaM1_HZtpJvNrdAlnaOZYc0wmudnTXKJmcjeGjDl9vWdOih5ik4cbnxmyx610hRwdV8CMG-evs0PCCCyphTENvEmqI7CKiHwdQE0qGKbvcyfSpo4FkK4I6RLfHdam4rlnrraQRo
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 17:14:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 1405 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29781
x-xss-protection
0
server
cafe
etag
4315658989838864570
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 18 Jul 2023 17:14:28 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 1405 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=29074404&cmp=30088679&plc=369086996&sid=8754143&dvregion=0&unit=728x90
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:6::17d5:a18f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
db556c877765791cfa9dc4febd9a83ab0dfdd29245b4c0ca786911f4ada39bbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 08:57:29 GMT
Server
UploadServer
ETag
"0a227e506cc4cb4f9940be0b4f6d5c1e"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=86400,no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
925
Expires
Wed, 12 Jul 2023 08:57:55 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 1405 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 16:10:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
3824
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Aug 2023 16:10:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 1405 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
486
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8291
x-xss-protection
0
server
cafe
etag
17061476539903440100
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Aug 2023 17:06:22 GMT
l
www.google.com/ads/measurement/ Frame 1405 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQomziUdY0MFHjp9SrH5AWIIq4ZbmpXUBIPGGv0EPBYnAdwPAWeLPT_36YaDb6lCm2OA07Rn2dR1piercc3dAnK5YMZDQ
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1405 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689594152080714"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 17:14:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1405 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A9G6eJeRUqYjluZzV-WT7BxEj_VR_T1jJXSV3ripmB4R6LPnhaNZiiRBcBLVWTQIPkTrmmzi3_AgufU33PdknGckfxuylqe5UKJeyV4a3KZmpveZM
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1405 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2435619057792864556&x=1&ct=76
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/10254353390152580160/ Frame 7FB3 		17 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10254353390152580160/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce1e6317a770c7b4c73394d96997eb0d878dce5d505fd183b29c8349c6680bcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
534072
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4371
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 12 Jul 2023 12:53:16 GMT
expires
Thu, 11 Jul 2024 12:53:16 GMT
last-modified
Fri, 21 Apr 2023 09:17:46 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame FB26 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstYqMlRbkdbSXxTUpI1OSZlt_HHvd2dUdi_csn32NscOqO5qww7KEln0ngWSbB2sSf6zka-fHbI6IruwNbBi0LOLQDM4T_X-K9MX2_lcBAnVZkvkJ1aXE3Q5q1TDDK8rtmja3fLckLtkIL1ccc6oMk9R_qGHja9Hk7Dgb2H-YVfIM8YPjDlVnZ7lCEeBPoPt1YJ5FQaFWT_ppVI7zv-TAAWnzmNBdjcqJQtBwkbfSONmYs7x7ckyiT4tp7bhqjHJEAzC8suEj9tFS88ashkboJHZdtSymR-eYKy9IQ1WqK6nGLah8muoD4RasMQJIeyD-YELJy887dat1BqnD0XWUntw4IuyoFW0cv-2SUnpL2WuPrYQowcASjfQMupF4oeN1g8bJUBoYYt2TDEVrryJIp2WItErJCzpWAyj2Rr7ONdN5uOUaabN-uigaW2gHaBnMBckDWRt2KkpZN2dtmGr1cgE_AknutTWPJKV9JsQCZkHztVAHJr3sIOSzy-4ZFdigmEVrAjFovQ18gPzf8XGFTsjpKrqp_tYE4CKaZoZC1SkKkmSx9QWA0jIa0gylh0J8Z-XbeqDWFIX8KlHLKs_alukJOhzMRWo6OWIG88OD0DkCXUm5r9o2GxLriTPc7CVqPw6oQZh316w8HxieIX7SRYgYD7tbcg3nagimJY_AZR0olunRsR-LevtLNz4pQih77g7UPCisFXvOunx7x5bBEVRxZs1y5RkVm6-yoIx3TT558tlus24EQMPGriPMZcEjjMfQ_4JYNsdvxorlgazDM1fr4RSYpp5Uxtvr5vcDZUNxgpxlnXBXbKA4MqZlY91iDhS-KYb5Th1_-igDmoEca6dFhQSWozzh78KTR5DXjXF3TjZNH0oCRGSYhfYWv0wq93Wq7zr7FKau2ZVR6px7gDFX1pvXxs_FTl50uSNFVbjIjvk34g6ni6vQedXhccW7QJXdqiMImoGa6EpWkN4XbSXa9At-ZvTccEF-vldj-mY3gzASBpVq0ApA7YSIRJwAP4x8d6N7ioXDAdEgCDD0_Wyfy2uX-4ZgpOoq4Ie2yp8eOhuGrevKEX0aecgKuijRuM2IAdfFYu5CFyNl9pF4qwREwigE4lAlqivyoEwomyMgBZmiXMCLrYLoIx78Rpgh6baPaWcUUoJsowKIbRlWerazR0NFvt1pzOFL6KlHCpQ0UvynIHUX0SDdBmtfTyaPzb2hFRjmYwHiB89rQJeSSG0blkZyvkJdJOinEwLpXBUOh7eZUzM_vP0v24MH-D&sai=AMfl-YQEaMLFQWK3-4plZ_IxAmmG5_C5pjpPvhLibaIGVjCzuOY1V2XgMWfyNIPh-jl-3Rce9vhWv-PytVDpU6vQ-HEdw_HBCqLLKHG6Pie2O2Aofd3o68sKZxwIgIZb4PlS6ajK-zJ7W39JU21PevWOzlkQx-hiV37G0z4gOgq9rl5EjHiuVPwalJcVQ15RhzAbS-KdDjSUMy9C50rjtEIwzGJqBAKaRaMBMT3v_3_OgrZA0vZiwAxZ--Zrsp-DFHkpvBgoendKxJ45fUH5rGZjZDt2iJXjaWSpRVSaax6c3bPJb8rqKH434Hg-dIP6&sig=Cg0ArKJSzJMwhRUjLGWkEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=203&cbvp=1&cstd=197&cisv=r20230717.32614&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 18 Jul 2023 17:14:28 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 18 Jul 2023 17:14:28 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BC97 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
22420
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 11:00:48 GMT
expires
Wed, 17 Jul 2024 11:00:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
impl_v96.js
www.googletagservices.com/dcm/ Frame 37C6 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v96.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 16:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
87541
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20157
x-xss-protection
0
last-modified
Mon, 22 May 2023 16:41:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 Jul 2024 16:55:27 GMT
generate_204
tpc.googlesyndication.com/ Frame 236F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?1OAhjg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
4a9c94527c5bb3ece589f56532583d89.js
s0.2mdn.net/sadbundle/10254353390152580160/ Frame 7FB3 		103 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10254353390152580160/4a9c94527c5bb3ece589f56532583d89.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10254353390152580160/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f97a1208bfbed36adde1345a778e2ddd3b5267b96fcb85abb1e4b3e7d261bbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10254353390152580160/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 20:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248144
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30082
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 09:17:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 14 Jul 2024 20:18:44 GMT
sd
us-u.openx.net/w/1.0/ Frame 1882
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEK8sLT0AWEEbjVLIQOfkllM&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEK8sLT0AWEEbjVLIQOfkllM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRDDtunGBBil54XuATAB&v=APEucNVu3Ugolp-qiaCBdMT9ioWBytimQTpHWvZ5vb_9HAzMKaM1_HZtpJvNrdAlnaOZYc0wmudnTXKJmcjeGjDl9vWdOih5ik4cbnxmyx610hRwdV8CMG-evs0PCCCyphTENvEmqI7CKiHwdQE0qGKbvcyfSpo4FkK4I6RLfHdam4rlnrraQRo
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEK8sLT0AWEEbjVLIQOfkllM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 1882 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRDDtunGBBil54XuATAB&v=APEucNVu3Ugolp-qiaCBdMT9ioWBytimQTpHWvZ5vb_9HAzMKaM1_HZtpJvNrdAlnaOZYc0wmudnTXKJmcjeGjDl9vWdOih5ik4cbnxmyx610hRwdV8CMG-evs0PCCCyphTENvEmqI7CKiHwdQE0qGKbvcyfSpo4FkK4I6RLfHdam4rlnrraQRo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 1882
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEHBYlg32idohO5aXiehi1fk&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEHBYlg32idohO5aXiehi1fk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRDDtunGBBil54XuATAB&v=APEucNVu3Ugolp-qiaCBdMT9ioWBytimQTpHWvZ5vb_9HAzMKaM1_HZtpJvNrdAlnaOZYc0wmudnTXKJmcjeGjDl9vWdOih5ik4cbnxmyx610hRwdV8CMG-evs0PCCCyphTENvEmqI7CKiHwdQE0qGKbvcyfSpo4FkK4I6RLfHdam4rlnrraQRo
Protocol
H2
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Tue, 18 Jul 2023 17:14:28 GMT
pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEHBYlg32idohO5aXiehi1fk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 1882 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRDDtunGBBil54XuATAB&v=APEucNVu3Ugolp-qiaCBdMT9ioWBytimQTpHWvZ5vb_9HAzMKaM1_HZtpJvNrdAlnaOZYc0wmudnTXKJmcjeGjDl9vWdOih5ik4cbnxmyx610hRwdV8CMG-evs0PCCCyphTENvEmqI7CKiHwdQE0qGKbvcyfSpo4FkK4I6RLfHdam4rlnrraQRo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Tue, 18 Jul 2023 17:14:28 GMT
pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame 98A9 		0
497 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=26483600103410104444990012389011&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=8dcf54e18a&subid=&uid=4fe0f076e03b0560&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB5IZc8i2ZO6SG4K39u8PyP6-wAum5b2gaZWTnKfJD_AuEAEglZvKIWCV6rGCvAfIAQmpAp5z0P5d17I-qAMByAObBKoE7gFP0ILLFDNJjw5pNtmiIvZ5ceOUo_4hHcymgsTftPJ2wPPZ7VQSAaOP5Ae3vUxAKFNjOlN2rq1BvJN04FLRuT8L8qM1tXcnjM47alpjoSgs30VGd8Hzazigkv1g3GwpqaBqp2pzuLr0hA8WxP7ffbggVxvy5KR-ou9CRh5jQGW_Z0xH1qJ84UQFFVux5zI-sFj3FULhnYrsb2ElQNQTACgHLD0KxqO_R1emhgUVoxHLBoLPX8YMnJ7HEu720FS5T6WreYCbnf4npoSOrVfOzBhD85275gcgqKKpVb821THx7S7qwwqn_B1huROcXkqowATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJWk6RUR4NkT_1CaSkTEal8BDUFctkIxVrxRjv1eYHtPEdm_Cqeu0ZM8IIgy9RRERRJ7o9LgAAsmiZOYG2desfZbu5kDhXPWhgB%26sig%3DAOD64_3GsBkpEPqZx4cvtCHAPXrjhBJWmQ%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-CsYrrJ2_DO6ADdAxOSFnr7v4RMIZdlulZ9reGJy7ZyjODQmqBSobMxIUEjO5OeJvPBztiY9MzVSSp7G2WbtK_1eG1Y3a01WON31Bb6L2vLH3WFRnSy8LJfP363LElqIBlUTNoLteerghLmUcJCUDpmkiJHzJv0nzoBs35IrBGhzz1CI4c%26cry%3D1%26dbm_d%3DAKAmf-Cg1jRAD_q8xAsOwiyPSYMRpc_Shi-dSHJbdnMNlidPGomfp5ehGg5pn_qV4FpgWqfrGAtcXX4PFRyU95DVDIehPl4h89_UbzUA3xW21T3YqLMgk6oVuetjh69bDxPdlEPKMc2lHoKLPfrn-467u7GS6unn2rXLlZ4hIhiTL2MiKjRGLMWm6VA4FnMdnb4MLnSuARq5DqGARoywJvrJ27IdMmSjYstfgxb0VK17oxI1XhH0Y0BOzr6bViFuWLexmjBj6tG8VzoQOjxbbIM4vhLEcmkTCP4XZL-8E1GCNH034V_nz8Yhn_Idogpkt8ppMx_FGtS4dgUEwZb4-_jiEuwpd5VWm0bspuFyRP0f8VCifBLxsF4Y5N_wg20M3VbmSQuPzU2JtFfSlja4TbWZkp7PiJfMdjbgGZrupju4zAIIVbQyjV40I77piIhjjl8PumjCfeISz1wFoLjVZSKiM7obeGeAmztDGQKAvQqn0huoIWzSzhhXNkV0o8nd5SAZegPZordIO0TT-Axqd-ZVaaNbveGFr3P-cCLL4p4UBxBUB10lar052tCvAgG1PukX-2StHq9RnI95OD7ML3P_hNVQf5Y3aokpJUWgYx4bXK-AY070yAM%26adurl%3D&documentReferer=https%3A%2F%2Fyalla-shoots.tv%2F&ancestorOrigins=https%3A%2F%2Fyalla-shoots.tv&random=3406708527405&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Request-ID
Content-Length
0
Content-Type
application/javascript; charset=utf-8
Date
Tue, 18 Jul 2023 17:14:28 GMT
Host
pv.medialead.de
Keep-Alive
timeout=20
Proxy-Host
pv.medialead.de
Server
nginx/1.17.5
Strict-Transport-Security
max-age=15768000
Vary
Origin
X-IPLB-Instance
40027
X-IPLB-Request-ID
B2A2D18A:976E_91EFC182:01BB_64B6C874_E08EB0C:25BD1
/
adv.office-partner.de/ Frame DA28 		930 B
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=8dcf54e18a&subid=&uid=4fe0f076e03b0560&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB5IZc8i2ZO6SG4K39u8PyP6-wAum5b2gaZWTnKfJD_AuEAEglZvKIWCV6rGCvAfIAQmpAp5z0P5d17I-qAMByAObBKoE7gFP0ILLFDNJjw5pNtmiIvZ5ceOUo_4hHcymgsTftPJ2wPPZ7VQSAaOP5Ae3vUxAKFNjOlN2rq1BvJN04FLRuT8L8qM1tXcnjM47alpjoSgs30VGd8Hzazigkv1g3GwpqaBqp2pzuLr0hA8WxP7ffbggVxvy5KR-ou9CRh5jQGW_Z0xH1qJ84UQFFVux5zI-sFj3FULhnYrsb2ElQNQTACgHLD0KxqO_R1emhgUVoxHLBoLPX8YMnJ7HEu720FS5T6WreYCbnf4npoSOrVfOzBhD85275gcgqKKpVb821THx7S7qwwqn_B1huROcXkqowATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJWk6RUR4NkT_1CaSkTEal8BDUFctkIxVrxRjv1eYHtPEdm_Cqeu0ZM8IIgy9RRERRJ7o9LgAAsmiZOYG2desfZbu5kDhXPWhgB%26sig%3DAOD64_3GsBkpEPqZx4cvtCHAPXrjhBJWmQ%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-CsYrrJ2_DO6ADdAxOSFnr7v4RMIZdlulZ9reGJy7ZyjODQmqBSobMxIUEjO5OeJvPBztiY9MzVSSp7G2WbtK_1eG1Y3a01WON31Bb6L2vLH3WFRnSy8LJfP363LElqIBlUTNoLteerghLmUcJCUDpmkiJHzJv0nzoBs35IrBGhzz1CI4c%26cry%3D1%26dbm_d%3DAKAmf-Cg1jRAD_q8xAsOwiyPSYMRpc_Shi-dSHJbdnMNlidPGomfp5ehGg5pn_qV4FpgWqfrGAtcXX4PFRyU95DVDIehPl4h89_UbzUA3xW21T3YqLMgk6oVuetjh69bDxPdlEPKMc2lHoKLPfrn-467u7GS6unn2rXLlZ4hIhiTL2MiKjRGLMWm6VA4FnMdnb4MLnSuARq5DqGARoywJvrJ27IdMmSjYstfgxb0VK17oxI1XhH0Y0BOzr6bViFuWLexmjBj6tG8VzoQOjxbbIM4vhLEcmkTCP4XZL-8E1GCNH034V_nz8Yhn_Idogpkt8ppMx_FGtS4dgUEwZb4-_jiEuwpd5VWm0bspuFyRP0f8VCifBLxsF4Y5N_wg20M3VbmSQuPzU2JtFfSlja4TbWZkp7PiJfMdjbgGZrupju4zAIIVbQyjV40I77piIhjjl8PumjCfeISz1wFoLjVZSKiM7obeGeAmztDGQKAvQqn0huoIWzSzhhXNkV0o8nd5SAZegPZordIO0TT-Axqd-ZVaaNbveGFr3P-cCLL4p4UBxBUB10lar052tCvAgG1PukX-2StHq9RnI95OD7ML3P_hNVQf5Y3aokpJUWgYx4bXK-AY070yAM%26adurl%3D&documentReferer=https%3A%2F%2Fyalla-shoots.tv%2F&ancestorOrigins=https%3A%2F%2Fyalla-shoots.tv&random=3406708527405&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Tue, 18 Jul 2023 17:14:28 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Tue, 25 Jul 2023 17:14:28 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
htlp
futalis.de/ Frame BDA5
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=26483600103410104444990012389011&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2890142890
350 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2890142890
Requested by
Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=8dcf54e18a&subid=&uid=4fe0f076e03b0560&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB5IZc8i2ZO6SG4K39u8PyP6-wAum5b2gaZWTnKfJD_AuEAEglZvKIWCV6rGCvAfIAQmpAp5z0P5d17I-qAMByAObBKoE7gFP0ILLFDNJjw5pNtmiIvZ5ceOUo_4hHcymgsTftPJ2wPPZ7VQSAaOP5Ae3vUxAKFNjOlN2rq1BvJN04FLRuT8L8qM1tXcnjM47alpjoSgs30VGd8Hzazigkv1g3GwpqaBqp2pzuLr0hA8WxP7ffbggVxvy5KR-ou9CRh5jQGW_Z0xH1qJ84UQFFVux5zI-sFj3FULhnYrsb2ElQNQTACgHLD0KxqO_R1emhgUVoxHLBoLPX8YMnJ7HEu720FS5T6WreYCbnf4npoSOrVfOzBhD85275gcgqKKpVb821THx7S7qwwqn_B1huROcXkqowATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJWk6RUR4NkT_1CaSkTEal8BDUFctkIxVrxRjv1eYHtPEdm_Cqeu0ZM8IIgy9RRERRJ7o9LgAAsmiZOYG2desfZbu5kDhXPWhgB%26sig%3DAOD64_3GsBkpEPqZx4cvtCHAPXrjhBJWmQ%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-CsYrrJ2_DO6ADdAxOSFnr7v4RMIZdlulZ9reGJy7ZyjODQmqBSobMxIUEjO5OeJvPBztiY9MzVSSp7G2WbtK_1eG1Y3a01WON31Bb6L2vLH3WFRnSy8LJfP363LElqIBlUTNoLteerghLmUcJCUDpmkiJHzJv0nzoBs35IrBGhzz1CI4c%26cry%3D1%26dbm_d%3DAKAmf-Cg1jRAD_q8xAsOwiyPSYMRpc_Shi-dSHJbdnMNlidPGomfp5ehGg5pn_qV4FpgWqfrGAtcXX4PFRyU95DVDIehPl4h89_UbzUA3xW21T3YqLMgk6oVuetjh69bDxPdlEPKMc2lHoKLPfrn-467u7GS6unn2rXLlZ4hIhiTL2MiKjRGLMWm6VA4FnMdnb4MLnSuARq5DqGARoywJvrJ27IdMmSjYstfgxb0VK17oxI1XhH0Y0BOzr6bViFuWLexmjBj6tG8VzoQOjxbbIM4vhLEcmkTCP4XZL-8E1GCNH034V_nz8Yhn_Idogpkt8ppMx_FGtS4dgUEwZb4-_jiEuwpd5VWm0bspuFyRP0f8VCifBLxsF4Y5N_wg20M3VbmSQuPzU2JtFfSlja4TbWZkp7PiJfMdjbgGZrupju4zAIIVbQyjV40I77piIhjjl8PumjCfeISz1wFoLjVZSKiM7obeGeAmztDGQKAvQqn0huoIWzSzhhXNkV0o8nd5SAZegPZordIO0TT-Axqd-ZVaaNbveGFr3P-cCLL4p4UBxBUB10lar052tCvAgG1PukX-2StHq9RnI95OD7ML3P_hNVQf5Y3aokpJUWgYx4bXK-AY070yAM%26adurl%3D&documentReferer=https%3A%2F%2Fyalla-shoots.tv%2F&ancestorOrigins=https%3A%2F%2Fyalla-shoots.tv&random=3406708527405&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.14.134 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-2.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Tue, 18 Jul 2023 17:14:28 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2890142890
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame 2137 		0
497 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=26483600103410104444990012389011&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=8dcf54e18a&subid=&uid=4fe0f076e03b0560&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB5IZc8i2ZO6SG4K39u8PyP6-wAum5b2gaZWTnKfJD_AuEAEglZvKIWCV6rGCvAfIAQmpAp5z0P5d17I-qAMByAObBKoE7gFP0ILLFDNJjw5pNtmiIvZ5ceOUo_4hHcymgsTftPJ2wPPZ7VQSAaOP5Ae3vUxAKFNjOlN2rq1BvJN04FLRuT8L8qM1tXcnjM47alpjoSgs30VGd8Hzazigkv1g3GwpqaBqp2pzuLr0hA8WxP7ffbggVxvy5KR-ou9CRh5jQGW_Z0xH1qJ84UQFFVux5zI-sFj3FULhnYrsb2ElQNQTACgHLD0KxqO_R1emhgUVoxHLBoLPX8YMnJ7HEu720FS5T6WreYCbnf4npoSOrVfOzBhD85275gcgqKKpVb821THx7S7qwwqn_B1huROcXkqowATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJWk6RUR4NkT_1CaSkTEal8BDUFctkIxVrxRjv1eYHtPEdm_Cqeu0ZM8IIgy9RRERRJ7o9LgAAsmiZOYG2desfZbu5kDhXPWhgB%26sig%3DAOD64_3GsBkpEPqZx4cvtCHAPXrjhBJWmQ%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-CsYrrJ2_DO6ADdAxOSFnr7v4RMIZdlulZ9reGJy7ZyjODQmqBSobMxIUEjO5OeJvPBztiY9MzVSSp7G2WbtK_1eG1Y3a01WON31Bb6L2vLH3WFRnSy8LJfP363LElqIBlUTNoLteerghLmUcJCUDpmkiJHzJv0nzoBs35IrBGhzz1CI4c%26cry%3D1%26dbm_d%3DAKAmf-Cg1jRAD_q8xAsOwiyPSYMRpc_Shi-dSHJbdnMNlidPGomfp5ehGg5pn_qV4FpgWqfrGAtcXX4PFRyU95DVDIehPl4h89_UbzUA3xW21T3YqLMgk6oVuetjh69bDxPdlEPKMc2lHoKLPfrn-467u7GS6unn2rXLlZ4hIhiTL2MiKjRGLMWm6VA4FnMdnb4MLnSuARq5DqGARoywJvrJ27IdMmSjYstfgxb0VK17oxI1XhH0Y0BOzr6bViFuWLexmjBj6tG8VzoQOjxbbIM4vhLEcmkTCP4XZL-8E1GCNH034V_nz8Yhn_Idogpkt8ppMx_FGtS4dgUEwZb4-_jiEuwpd5VWm0bspuFyRP0f8VCifBLxsF4Y5N_wg20M3VbmSQuPzU2JtFfSlja4TbWZkp7PiJfMdjbgGZrupju4zAIIVbQyjV40I77piIhjjl8PumjCfeISz1wFoLjVZSKiM7obeGeAmztDGQKAvQqn0huoIWzSzhhXNkV0o8nd5SAZegPZordIO0TT-Axqd-ZVaaNbveGFr3P-cCLL4p4UBxBUB10lar052tCvAgG1PukX-2StHq9RnI95OD7ML3P_hNVQf5Y3aokpJUWgYx4bXK-AY070yAM%26adurl%3D&documentReferer=https%3A%2F%2Fyalla-shoots.tv%2F&ancestorOrigins=https%3A%2F%2Fyalla-shoots.tv&random=3406708527405&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:28 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
B2A2D18A:9772_91EFC182:01BB_64B6C874_E1DFCBD:1ECFD
X-IPLB-Instance
40028
Vary
Origin
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Request-ID
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 2137 		43 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=26483600103410104444990012389011&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=8dcf54e18a&subid=&uid=4fe0f076e03b0560&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB5IZc8i2ZO6SG4K39u8PyP6-wAum5b2gaZWTnKfJD_AuEAEglZvKIWCV6rGCvAfIAQmpAp5z0P5d17I-qAMByAObBKoE7gFP0ILLFDNJjw5pNtmiIvZ5ceOUo_4hHcymgsTftPJ2wPPZ7VQSAaOP5Ae3vUxAKFNjOlN2rq1BvJN04FLRuT8L8qM1tXcnjM47alpjoSgs30VGd8Hzazigkv1g3GwpqaBqp2pzuLr0hA8WxP7ffbggVxvy5KR-ou9CRh5jQGW_Z0xH1qJ84UQFFVux5zI-sFj3FULhnYrsb2ElQNQTACgHLD0KxqO_R1emhgUVoxHLBoLPX8YMnJ7HEu720FS5T6WreYCbnf4npoSOrVfOzBhD85275gcgqKKpVb821THx7S7qwwqn_B1huROcXkqowATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJWk6RUR4NkT_1CaSkTEal8BDUFctkIxVrxRjv1eYHtPEdm_Cqeu0ZM8IIgy9RRERRJ7o9LgAAsmiZOYG2desfZbu5kDhXPWhgB%26sig%3DAOD64_3GsBkpEPqZx4cvtCHAPXrjhBJWmQ%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-CsYrrJ2_DO6ADdAxOSFnr7v4RMIZdlulZ9reGJy7ZyjODQmqBSobMxIUEjO5OeJvPBztiY9MzVSSp7G2WbtK_1eG1Y3a01WON31Bb6L2vLH3WFRnSy8LJfP363LElqIBlUTNoLteerghLmUcJCUDpmkiJHzJv0nzoBs35IrBGhzz1CI4c%26cry%3D1%26dbm_d%3DAKAmf-Cg1jRAD_q8xAsOwiyPSYMRpc_Shi-dSHJbdnMNlidPGomfp5ehGg5pn_qV4FpgWqfrGAtcXX4PFRyU95DVDIehPl4h89_UbzUA3xW21T3YqLMgk6oVuetjh69bDxPdlEPKMc2lHoKLPfrn-467u7GS6unn2rXLlZ4hIhiTL2MiKjRGLMWm6VA4FnMdnb4MLnSuARq5DqGARoywJvrJ27IdMmSjYstfgxb0VK17oxI1XhH0Y0BOzr6bViFuWLexmjBj6tG8VzoQOjxbbIM4vhLEcmkTCP4XZL-8E1GCNH034V_nz8Yhn_Idogpkt8ppMx_FGtS4dgUEwZb4-_jiEuwpd5VWm0bspuFyRP0f8VCifBLxsF4Y5N_wg20M3VbmSQuPzU2JtFfSlja4TbWZkp7PiJfMdjbgGZrupju4zAIIVbQyjV40I77piIhjjl8PumjCfeISz1wFoLjVZSKiM7obeGeAmztDGQKAvQqn0huoIWzSzhhXNkV0o8nd5SAZegPZordIO0TT-Axqd-ZVaaNbveGFr3P-cCLL4p4UBxBUB10lar052tCvAgG1PukX-2StHq9RnI95OD7ML3P_hNVQf5Y3aokpJUWgYx4bXK-AY070yAM%26adurl%3D&documentReferer=https%3A%2F%2Fyalla-shoots.tv%2F&ancestorOrigins=https%3A%2F%2Fyalla-shoots.tv&random=3406708527405&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:28 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
B2A2D18A:9770_91EFC182:01BB_64B6C874_E092956:25BD0
X-IPLB-Instance
40027
Vary
Origin
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Request-ID
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=20
Content-Length
43
Proxy-Host
pv.medialead.de
cshow.php
www.awin1.com/ Frame 2137 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2338577&v=11830&q=357066&r=296283&pref1=26483600103410104444990012389011&pv=1
Requested by
Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=8dcf54e18a&subid=&uid=4fe0f076e03b0560&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB5IZc8i2ZO6SG4K39u8PyP6-wAum5b2gaZWTnKfJD_AuEAEglZvKIWCV6rGCvAfIAQmpAp5z0P5d17I-qAMByAObBKoE7gFP0ILLFDNJjw5pNtmiIvZ5ceOUo_4hHcymgsTftPJ2wPPZ7VQSAaOP5Ae3vUxAKFNjOlN2rq1BvJN04FLRuT8L8qM1tXcnjM47alpjoSgs30VGd8Hzazigkv1g3GwpqaBqp2pzuLr0hA8WxP7ffbggVxvy5KR-ou9CRh5jQGW_Z0xH1qJ84UQFFVux5zI-sFj3FULhnYrsb2ElQNQTACgHLD0KxqO_R1emhgUVoxHLBoLPX8YMnJ7HEu720FS5T6WreYCbnf4npoSOrVfOzBhD85275gcgqKKpVb821THx7S7qwwqn_B1huROcXkqowATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJWk6RUR4NkT_1CaSkTEal8BDUFctkIxVrxRjv1eYHtPEdm_Cqeu0ZM8IIgy9RRERRJ7o9LgAAsmiZOYG2desfZbu5kDhXPWhgB%26sig%3DAOD64_3GsBkpEPqZx4cvtCHAPXrjhBJWmQ%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-CsYrrJ2_DO6ADdAxOSFnr7v4RMIZdlulZ9reGJy7ZyjODQmqBSobMxIUEjO5OeJvPBztiY9MzVSSp7G2WbtK_1eG1Y3a01WON31Bb6L2vLH3WFRnSy8LJfP363LElqIBlUTNoLteerghLmUcJCUDpmkiJHzJv0nzoBs35IrBGhzz1CI4c%26cry%3D1%26dbm_d%3DAKAmf-Cg1jRAD_q8xAsOwiyPSYMRpc_Shi-dSHJbdnMNlidPGomfp5ehGg5pn_qV4FpgWqfrGAtcXX4PFRyU95DVDIehPl4h89_UbzUA3xW21T3YqLMgk6oVuetjh69bDxPdlEPKMc2lHoKLPfrn-467u7GS6unn2rXLlZ4hIhiTL2MiKjRGLMWm6VA4FnMdnb4MLnSuARq5DqGARoywJvrJ27IdMmSjYstfgxb0VK17oxI1XhH0Y0BOzr6bViFuWLexmjBj6tG8VzoQOjxbbIM4vhLEcmkTCP4XZL-8E1GCNH034V_nz8Yhn_Idogpkt8ppMx_FGtS4dgUEwZb4-_jiEuwpd5VWm0bspuFyRP0f8VCifBLxsF4Y5N_wg20M3VbmSQuPzU2JtFfSlja4TbWZkp7PiJfMdjbgGZrupju4zAIIVbQyjV40I77piIhjjl8PumjCfeISz1wFoLjVZSKiM7obeGeAmztDGQKAvQqn0huoIWzSzhhXNkV0o8nd5SAZegPZordIO0TT-Axqd-ZVaaNbveGFr3P-cCLL4p4UBxBUB10lar052tCvAgG1PukX-2StHq9RnI95OD7ML3P_hNVQf5Y3aokpJUWgYx4bXK-AY070yAM%26adurl%3D&documentReferer=https%3A%2F%2Fyalla-shoots.tv%2F&ancestorOrigins=https%3A%2F%2Fyalla-shoots.tv&random=3406708527405&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 17:14:28 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1405 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2584475204198&version=m202306200101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1405 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2584475204198&version=m202306200101&ct=76&x=1&cor=2435619057792865000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1405 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C8wzYZMqzOlUU_pBrVRXPf-08nE5SjBRZoZQLaahRQjVrb1f7Lt9QNsG8hD2u2MmAA7pwhbzzSZcLYo0PEzZlzzFKFQRzvJrj1cjiLRw_kkHr0P5xyrhyTQC11hlncQPrHXEltSqMxjGkyK_jWwyiXbNfsk4xdlaAkhhU6k3phDWMaQzw&cry=1&dbm_d=AKAmf-AAlmKrnLgUAH7Ze8dE7S7bi4_W-KLgn7pESr5B7NNahViBxGAM1DB9nhLuAPwvNmy9toHAE0V1pebpuaiy3kjGbrH_-xbjoK2S-sa4aC7X9X-7W3kUVwJVPKn4c5oar6nXP_PWkpMECpgPDVWzIMLzZGRqAMgIlv6fxHLoQYzlRiFZPzjLKtRKydeOAvIPhkS6kGPK1Pv04T-EvGQbmNV5r1aCUwDIsefduC73-qCTLdWFGv-DGXIYZpRQwCq2XKVov0n8RCsGUKEsAmEClX13Oa_rCrXIV9-t7bMlwiyml9U40CyevMWB7Z5vHz8F6ZhagK8JNIiuQz-yxFwvfU66thJDE4isCvtH8-pzR30RQIF9lcyty_J1IXAUOqngQwj_AWsvUnSzj3JoGWK-sh1vtepwQxpm3tY7m_74PflU5uM7fWhPaYfODtHujOB6PSa5e7QgofB-P_L00FP_RtHb_XYY_tFVfgQ0YBn0YkhERFcd0WXs9puSkR_bR_2YNpVDd7g-pWnnVOskvbG7yHLDoXnxQciMe3FbWI1xfZEz5diSHO9e7_RoD0gw7BwB0YT5EdRP-wzm8AydtqUSSEhCLLRBCLssdtPM9pu_AFLqQRbwZ09PCnF5rFSQOJs3GbrrbEp60F6x801DBbIXOvHsvzw7RewCWHUs-hM4Xi9_3rktOKRNfmoLY3LQsaOGqbaxRP7mPKRJS_A6XcKCurxgI6WYlt69irzYfW0Lg9Sct-zjy5xBQ_2M7PzwE2gb4rgH_9CW0rzanOcQwdNBOgsXKUay8S4U3llYbDmf15UW6x5uPvyv6vgeeTTSH6m_aQsEF5iKu9a7QW0aH-4TfkSPdWh5U6feu-rwaOq7btEgJWgcgZoMQRLuuEXxYkQfTE_Pa8YgsuGNf85Kk5gOLr7xlZi5EUu_ANdPWxvVMda4QtsyvJepp1J9M18DyhcHEhtsLUqItLMl61p4irLN5E0S58FyhFv9yG-Ftl6VQTXuEKRvvqf73_ifas3nsuOlxqeRsi_TiMpeZrZgeFL2MlsoHEove34I_I1OLhIJuTSvsdGcSHVOIYW-EVDLkkwMZOQP9DGw100eRoSpNR-wZcye4LlhXQWDSBQRSz5yO9EduWgg8fIx-eklegqD3eHc9G2qpQlKeQUfECbuG-gQTcFczrS1L_yhuYWBcMpGsMZpoxqVba-u4dnTsUnZtYr8PcAMOEuttJoRhhgWFGAdISjbq_vRR5HL0aPQlWLFN0PnSMztlTN2F8LFSXuvAURXq3yWqOH8TijeKvRX2SI15xhzVxRkVbMtSsM_4zCclYIRFnxg7J7KF2eKHEMKy4aC2c32DEdLJim4FCFxxUKKEwDZMt-ryOXEQ30DUidAy1lXNrLHzzDOMQBhIg3kNmXR-GzfHJREmZoV595wKKu0LfBViylGnu0WoTr1BoqLy9j6GDhfaCWgxRdzrnhXiUqUuTvRdR6iweUT5Ocl2bffz4BsCbyztpqdsMV8Z_sHoRHxInJgvplIwZQK2TranoED05owofTOJ0hv_6Y1xI67rDr5IxfwVKU0r0jDxPcrvgeeESJV63Vq3ZG36VpnnuOSzlH1yhgniJ7QUqzT8Y-SeMWctdEr3Uyt5rgnQCO6oXxCZYD3fB8wJMVtUBYn6JC7vMvZVXTeVPp4hsgEj9YPMu-nZZHgJj7VDSiiiu9l3CGl1qdMPlnUd8K9sHXArYhEXnWhgBtmf48AScaG3WfGBg9v_dw0rQXFrCAfgntuQeAxTU5B437OH3ySy2QAMOb4Bgp4U4Jiycx-GKpe2kPN2yaGA5tucJq2uI5NomGhJsxkQ0bNoFI0QL_JtzY3jhv8ALrSwkmRA4dXvnEEysNmndPH8LCTw0_G6MbCvg5sPcmq4U5YGkLQNUAs1X9BISDE8sSNH0iZn1CTSKUJLkHoLehylvw7HIS2SZaAB2hFWitUmJBF1Ag4Ie2kfoAzZOw0DQKsozEs1gD_o45krvxby4imvprzpAqral3TRCxDiEKj5P77PWRIKV0cGuPIZeUz5hzLXZuppiF-CZCWnfo98gLsnZ97gFToPatPO3wbPRIXL0pk1PLNUxl-sS28xyumpptrxHrGv_EV7DNQb0IkGdGW58atag28r5UJus8jZXcU3zueaxCQxQOFiBpXzrQfOm7wnPhF0bogDk7eROHOHg1jJN2PUaZvr3-7dsq3vueet7w9XDMB8grEADCHPhTYwfijAPYpkpavu8G1AfEnSRsGF2uS8v62E9S_GBRJC4eR1uYA3HFAnyVZ4Ksqpa2LKyXTsQuZXoheZ-Kzwq608chJ1uYE1JzLW-ZCWCBAe5Vk7lruI5aTD5UY9JtAJiMV7atK8rjhfk0ERSynxNFQV14fI8PdzggvTd2MBuTekIhKDQPDOD07q6WwHV2RJqVGlcjH8YlQrMSZZol_QR6yHaYxC5CAp6v6z4cYqpkqtT69eDfMY3YOuf8hUvlQoJh7_zDUXP1stmMCvS6s2coVnTxn2BXWlXG_GWZ5dT-rtJQi49Bg_MVQPRJIwl35nD04tgN7L1d9dCF4zxVQrLkP_KRPz96VcoC7pp2Kdzm-5PL5z95WIOUnweQ1bV2SCP-5xVKNai3RpYWAHEtytElZBIO3Mw802xGT2ZA6GBSROgHtiiPJ_qREDGoNNb7lu37mcrbVegpeKGumekCatyiRYANwnNSF4EuAxdejhsGRq5TKFjK_cQzjyOiOCrGGvAhBrccNsN-TefL0PsRln5D1uZ_T3dhPASFGUBDWidz3mC2kTdweSToDiBS-xH4GEH1ZAhoMftQbP9Nca2TuTdsTw8ZdSw0S-xS-Q0ggM3U8JUmAgjLnGbGPqyBWdXhKkemgyDDxOvqCrz3ibFAHJur7a_yd60ZNE9ud3WuS9Wlm_vft5uDnn-cXGLFJDVGbD080lulYgt_DKkRvr7uUV7aQD3DT0l1--zJ9HbdLjgt6EXbN7M8ZYEJRmzAKBvVZnDD89Y9HFDOM&cid=CAQSPABpAlJWW4aewgEJfCkZccEla66f4i3d2KW2JHj_8Wv_n_Rf39ifMfOaq7zMhMtW-bDuoZAJlsWsHj69bxgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=2435619057792865000&adk=2988274607&idt=88&cac=0&dtd=26
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18d6b705bd77645b4da4ad07ce1724672e269f9dc070e68e257dc790447170bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11848
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B9689862.280630144;dc_ver=96.284;sz=728x90;u_sd=1;dc_adk=4167744936;ord=if42iq;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fyalla-shoots.tv%2F$0;xdt=1;crlt=ARE)!pcjN...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 37C6 		62 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=96.284;sz=728x90;u_sd=1;dc_adk=4167744936;ord=if42iq;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fyalla-shoots.tv%2F$0;xdt=1;crlt=ARE)!pcjNt;stc=1;chaa=1;sttr=199;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
33dcaf6d7d51db8d5c01a48c2e4c19e3606d7850253232fe43f5b9bb22e0db3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29391
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 27D6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 17:14:27 GMT
expires
Wed, 17 Jul 2024 17:14:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.2&b=3&r=yalla-shoots.tv_auto_interstitial_desktop&sy=64e53e73-fd4e-4117-bc08-114ae8d54619&ts=83&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=c677851b-eb3a-4f42-9848-077d0b71f2d2&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.5.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id
01H37XBZTS5HKQ2F1CQXNBQG5A
date
Tue, 18 Jul 2023 17:14:28 GMT
cf-cache-status
HIT
age
450581
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"081b1367cd2301d3bf23f0a40952d236-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7e8c5c7a1b961e4a-FRA
q91a.js
velocitycdn.com/script/ Frame 9C75 		108 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://velocitycdn.com/script/q91a.js
Requested by
Host: q9g3eq75cjvp82.dynamicrevival.net
URL: https://q9g3eq75cjvp82.dynamicrevival.net/embed/cwdjkhlh9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:850a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3c1ec939f76af85129668e50fde8c400dd132f6d692aa4fdac67707f2a5c7d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://q9g3eq75cjvp82.dynamicrevival.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
762
x-guploader-uploadid
ADPycdsJywUh2-yR3im9v12urzjcqHQ2-ae7W7YYXXROQbo0ouMTQy0xZYd4cpHHW8L_DjBavoDREhj6s8efsNGdQ3gWWw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 17 Jul 2023 07:44:53 GMT
server
cloudflare
etag
W/"a726dc538eb317d5d0385c010024e554"
vary
Accept-Encoding
x-goog-hash
crc32c=bFiWhQ==, md5=pybcU46zF9XQOFwBACTlVA==
x-goog-generation
1689579893146065
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGQPV7WPJJGMRM4D4q7K17rVpochPoel3y2ECSF%2B%2B2xricpqB3Sv1qLj9A2UUGjdNwQn6aR7ljQA%2B%2FLhUi6lSpb1fH7Iw%2B1XLAI%2FhzdeXmjBimWZ6tdC5DlwZgKRs8illTyq130jwz3JCWE9uVY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
110796
cf-ray
7e8c5c7a2d152bb2-FRA
expires
Tue, 18 Jul 2023 18:01:01 GMT
79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
pagead2.googlesyndication.com/bg/ Frame BC97 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efd1f2d633a46174e9297aa571dd85617c750b8f87d16a52778d5bc4109b7017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 14:04:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
11400
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14507
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Jul 2024 14:04:28 GMT
ts.js
cdn.retailads.net/ Frame BDA5 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2890142890
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
last-modified
Wed, 05 Apr 2023 20:14:46 GMT
server
Apache
etag
"1416-5f89c717cdc2f"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5142
gtm.js
www.googletagmanager.com/ Frame DA28 		116 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f8de75c6577a6873a1b45bc565424cefa6ad61731ba1f6cd5313fa700ad4595e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45441
x-xss-protection
0
last-modified
Tue, 18 Jul 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 18 Jul 2023 17:14:28 GMT
event
plausible.io/api/ Frame 9C75 		2 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://plausible.io/api/event
Requested by
Host: plausible.io
URL: https://plausible.io/js/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://q9g3eq75cjvp82.dynamicrevival.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
cdn-edgestorageid
1081
cdn-cachedat
07/18/2023 17:14:28
cdn-pullzone
682664
application
10.0.1.2
content-length
2
x-request-id
F3MFn8FCkDNq3K4hZg-G
server
BunnyCDN-DE1-1081
cdn-proxyver
1.03
cdn-requestpullcode
202
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cache-control
must-revalidate, max-age=0, private
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
cdn-requestid
5306fc1242496040702274967313ad79
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ Frame 7FB3 		2 KB
644 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:500
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10254353390152580160/4a9c94527c5bb3ece589f56532583d89.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fd3fad3e15262b0e096e7d7cc57efd2e684a679ccacb704d94542ba3d7d93d17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 18 Jul 2023 16:43:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Jul 2023 17:14:28 GMT
961ed28705676d956c987036ed0f7dad.jpg
s0.2mdn.net/sadbundle/10254353390152580160/media/ Frame 7FB3 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10254353390152580160/media/961ed28705676d956c987036ed0f7dad.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10254353390152580160/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f5c057bd0ed3f119574571e42d8f70f2722937ba964b6bf977c322b2b789e28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10254353390152580160/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 22:31:34 GMT
x-content-type-options
nosniff
age
326574
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46253
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 09:17:46 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 Jul 2024 22:31:34 GMT
c5ad402885a9558b2b998260df514f8d.png
s0.2mdn.net/sadbundle/10254353390152580160/media/ Frame 7FB3 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10254353390152580160/media/c5ad402885a9558b2b998260df514f8d.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10254353390152580160/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
057ef8ec13911c59222a107dd0dbefa5eafe3ff97a493ffd4f94cf2ca3a977c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10254353390152580160/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 22:07:29 GMT
x-content-type-options
nosniff
age
241619
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9039
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 09:17:46 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 14 Jul 2024 22:07:29 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1405 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C8wzYZMqzOlUU_pBrVRXPf-08nE5SjBRZoZQLaahRQjVrb1f7Lt9QNsG8hD2u2MmAA7pwhbzzSZcLYo0PEzZlzzFKFQRzvJrj1cjiLRw_kkHr0P5xyrhyTQC11hlncQPrHXEltSqMxjGkyK_jWwyiXbNfsk4xdlaAkhhU6k3phDWMaQzw&cry=1&dbm_d=AKAmf-AAlmKrnLgUAH7Ze8dE7S7bi4_W-KLgn7pESr5B7NNahViBxGAM1DB9nhLuAPwvNmy9toHAE0V1pebpuaiy3kjGbrH_-xbjoK2S-sa4aC7X9X-7W3kUVwJVPKn4c5oar6nXP_PWkpMECpgPDVWzIMLzZGRqAMgIlv6fxHLoQYzlRiFZPzjLKtRKydeOAvIPhkS6kGPK1Pv04T-EvGQbmNV5r1aCUwDIsefduC73-qCTLdWFGv-DGXIYZpRQwCq2XKVov0n8RCsGUKEsAmEClX13Oa_rCrXIV9-t7bMlwiyml9U40CyevMWB7Z5vHz8F6ZhagK8JNIiuQz-yxFwvfU66thJDE4isCvtH8-pzR30RQIF9lcyty_J1IXAUOqngQwj_AWsvUnSzj3JoGWK-sh1vtepwQxpm3tY7m_74PflU5uM7fWhPaYfODtHujOB6PSa5e7QgofB-P_L00FP_RtHb_XYY_tFVfgQ0YBn0YkhERFcd0WXs9puSkR_bR_2YNpVDd7g-pWnnVOskvbG7yHLDoXnxQciMe3FbWI1xfZEz5diSHO9e7_RoD0gw7BwB0YT5EdRP-wzm8AydtqUSSEhCLLRBCLssdtPM9pu_AFLqQRbwZ09PCnF5rFSQOJs3GbrrbEp60F6x801DBbIXOvHsvzw7RewCWHUs-hM4Xi9_3rktOKRNfmoLY3LQsaOGqbaxRP7mPKRJS_A6XcKCurxgI6WYlt69irzYfW0Lg9Sct-zjy5xBQ_2M7PzwE2gb4rgH_9CW0rzanOcQwdNBOgsXKUay8S4U3llYbDmf15UW6x5uPvyv6vgeeTTSH6m_aQsEF5iKu9a7QW0aH-4TfkSPdWh5U6feu-rwaOq7btEgJWgcgZoMQRLuuEXxYkQfTE_Pa8YgsuGNf85Kk5gOLr7xlZi5EUu_ANdPWxvVMda4QtsyvJepp1J9M18DyhcHEhtsLUqItLMl61p4irLN5E0S58FyhFv9yG-Ftl6VQTXuEKRvvqf73_ifas3nsuOlxqeRsi_TiMpeZrZgeFL2MlsoHEove34I_I1OLhIJuTSvsdGcSHVOIYW-EVDLkkwMZOQP9DGw100eRoSpNR-wZcye4LlhXQWDSBQRSz5yO9EduWgg8fIx-eklegqD3eHc9G2qpQlKeQUfECbuG-gQTcFczrS1L_yhuYWBcMpGsMZpoxqVba-u4dnTsUnZtYr8PcAMOEuttJoRhhgWFGAdISjbq_vRR5HL0aPQlWLFN0PnSMztlTN2F8LFSXuvAURXq3yWqOH8TijeKvRX2SI15xhzVxRkVbMtSsM_4zCclYIRFnxg7J7KF2eKHEMKy4aC2c32DEdLJim4FCFxxUKKEwDZMt-ryOXEQ30DUidAy1lXNrLHzzDOMQBhIg3kNmXR-GzfHJREmZoV595wKKu0LfBViylGnu0WoTr1BoqLy9j6GDhfaCWgxRdzrnhXiUqUuTvRdR6iweUT5Ocl2bffz4BsCbyztpqdsMV8Z_sHoRHxInJgvplIwZQK2TranoED05owofTOJ0hv_6Y1xI67rDr5IxfwVKU0r0jDxPcrvgeeESJV63Vq3ZG36VpnnuOSzlH1yhgniJ7QUqzT8Y-SeMWctdEr3Uyt5rgnQCO6oXxCZYD3fB8wJMVtUBYn6JC7vMvZVXTeVPp4hsgEj9YPMu-nZZHgJj7VDSiiiu9l3CGl1qdMPlnUd8K9sHXArYhEXnWhgBtmf48AScaG3WfGBg9v_dw0rQXFrCAfgntuQeAxTU5B437OH3ySy2QAMOb4Bgp4U4Jiycx-GKpe2kPN2yaGA5tucJq2uI5NomGhJsxkQ0bNoFI0QL_JtzY3jhv8ALrSwkmRA4dXvnEEysNmndPH8LCTw0_G6MbCvg5sPcmq4U5YGkLQNUAs1X9BISDE8sSNH0iZn1CTSKUJLkHoLehylvw7HIS2SZaAB2hFWitUmJBF1Ag4Ie2kfoAzZOw0DQKsozEs1gD_o45krvxby4imvprzpAqral3TRCxDiEKj5P77PWRIKV0cGuPIZeUz5hzLXZuppiF-CZCWnfo98gLsnZ97gFToPatPO3wbPRIXL0pk1PLNUxl-sS28xyumpptrxHrGv_EV7DNQb0IkGdGW58atag28r5UJus8jZXcU3zueaxCQxQOFiBpXzrQfOm7wnPhF0bogDk7eROHOHg1jJN2PUaZvr3-7dsq3vueet7w9XDMB8grEADCHPhTYwfijAPYpkpavu8G1AfEnSRsGF2uS8v62E9S_GBRJC4eR1uYA3HFAnyVZ4Ksqpa2LKyXTsQuZXoheZ-Kzwq608chJ1uYE1JzLW-ZCWCBAe5Vk7lruI5aTD5UY9JtAJiMV7atK8rjhfk0ERSynxNFQV14fI8PdzggvTd2MBuTekIhKDQPDOD07q6WwHV2RJqVGlcjH8YlQrMSZZol_QR6yHaYxC5CAp6v6z4cYqpkqtT69eDfMY3YOuf8hUvlQoJh7_zDUXP1stmMCvS6s2coVnTxn2BXWlXG_GWZ5dT-rtJQi49Bg_MVQPRJIwl35nD04tgN7L1d9dCF4zxVQrLkP_KRPz96VcoC7pp2Kdzm-5PL5z95WIOUnweQ1bV2SCP-5xVKNai3RpYWAHEtytElZBIO3Mw802xGT2ZA6GBSROgHtiiPJ_qREDGoNNb7lu37mcrbVegpeKGumekCatyiRYANwnNSF4EuAxdejhsGRq5TKFjK_cQzjyOiOCrGGvAhBrccNsN-TefL0PsRln5D1uZ_T3dhPASFGUBDWidz3mC2kTdweSToDiBS-xH4GEH1ZAhoMftQbP9Nca2TuTdsTw8ZdSw0S-xS-Q0ggM3U8JUmAgjLnGbGPqyBWdXhKkemgyDDxOvqCrz3ibFAHJur7a_yd60ZNE9ud3WuS9Wlm_vft5uDnn-cXGLFJDVGbD080lulYgt_DKkRvr7uUV7aQD3DT0l1--zJ9HbdLjgt6EXbN7M8ZYEJRmzAKBvVZnDD89Y9HFDOM&cid=CAQSPABpAlJWW4aewgEJfCkZccEla66f4i3d2KW2JHj_8Wv_n_Rf39ifMfOaq7zMhMtW-bDuoZAJlsWsHj69bxgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=2435619057792865000&adk=2988274607&idt=88&cac=0&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 13:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
12113
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jul 2024 13:52:35 GMT
dvbs_src_internal119.js
cdn.doubleverify.com/ Frame 1405 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal119.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=29074404&cmp=30088679&plc=369086996&sid=8754143&dvregion=0&unit=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:6::17d5:a18f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
97570defe15fe0a83b49642f0ecf2dcc9c7400d21272372d3b140beb372bd08e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 08:57:31 GMT
Server
UploadServer
ETag
"4455786dc20506b8e54048c7119b5c5f"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=946080000,no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18798
Expires
Thu, 11 Jul 2024 05:45:16 GMT
css2
fonts.googleapis.com/ Frame 27D6 		4 KB
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 18 Jul 2023 17:08:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Jul 2023 17:14:28 GMT
css
fonts.googleapis.com/ Frame 568B 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
62218c89aeba998ce96c351c07bba16f0f37d591eb24b3a5c954fae4adda5cc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 18 Jul 2023 16:16:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Jul 2023 17:14:28 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame 568B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite_fy2021.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:04:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
578
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9071
x-xss-protection
0
server
cafe
etag
17378926570389699705
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Aug 2023 17:04:50 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 568B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 16:10:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
3824
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Aug 2023 16:10:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 568B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
486
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8291
x-xss-protection
0
server
cafe
etag
17061476539903440100
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Aug 2023 17:06:22 GMT
l
www.google.com/ads/measurement/ Frame 568B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSIFagGw0HZTiS64w_ydJ_Zat2tmnaWrnV86GOUqAF95lTnZDKl-rOA_WFo_3mODPFbA1IfuPd66Upq3JwljivoyO-N6Q
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 568B 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689594152080714"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 17:14:28 GMT
db0cdd5d6449829815370f69ba3f47bd.js
www.gstatic.com/mysidia/ Frame 568B 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/db0cdd5d6449829815370f69ba3f47bd.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 17:24:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
345011
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14165
x-xss-protection
0
last-modified
Fri, 14 Jul 2023 17:15:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 17:24:17 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/ Frame 27D6 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fb0d90e8980f676d84a0d346de07086e7fc6afce1e48c53ff73060c31496380
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:19:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
86103
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8597
x-xss-protection
0
server
cafe
etag
17435004113268094812
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 17:19:25 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 27D6 		205 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 05:56:38 GMT
x-content-type-options
nosniff
age
127070
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 17:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 16 Jul 2024 05:56:38 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 27D6 		604 B
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 18:13:26 GMT
x-content-type-options
nosniff
age
82862
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 17:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 16 Jul 2024 18:13:26 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7FB3 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 01:50:32 GMT
x-content-type-options
nosniff
age
314637
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 01:50:32 GMT
ut.js
velocitycdn.com/script/ Frame 9C75 		80 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://velocitycdn.com/script/ut.js?cb=1689700468996
Requested by
Host: velocitycdn.com
URL: https://velocitycdn.com/script/q91a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:850a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
091b4aff1bd881f734aabd98a69780bc5efee1e418dcf2a1e130d56342536456

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://q9g3eq75cjvp82.dynamicrevival.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:29 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdvsby7jI-QakLMwya-Choa6Niunvb4nF31n9gUtQjUGdWrUw78EskgjoPTXVZP0x1czuQKoY_S3_gm7Kyr6NpMawoyP5-un
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 13 Jul 2023 09:50:18 GMT
server
cloudflare
etag
W/"72e22fae715e00acd76c3e9e8b86099d"
vary
Accept-Encoding
x-goog-hash
crc32c=cuIxCA==, md5=cuIvrnFeAKzXbD6ei4YJnQ==
x-goog-generation
1689241818079753
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BXyBNNwAmrFuQwnEHfOaCsuP1wzMZ145tY6IKrqpTlIZkEGIXpvEiv8CftVLw20mrzkonT96AxnGDogKt6ZrNOViIER8UKA%2FVmFLTQ9CQ22%2F9GM5kgxRwmO80xybVkQaefW6EqZlwBSoD4irHE0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
82250
cf-ray
7e8c5c7b3e742bb2-FRA
expires
Tue, 18 Jul 2023 17:48:35 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/ Frame 37C6 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=96.284;sz=728x90;u_sd=1;dc_adk=4167744936;ord=if42iq;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fyalla-shoots.tv%2F$0;xdt=1;crlt=ARE)!pcjNt;stc=1;chaa=1;sttr=199;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
85981
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 17:21:28 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 37C6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmevi4TGmP6s2h734szDXK9mIC1MTN35IJ2Kow1fSOgntvHbr5qE4ssL4FMLomMX_KAmeg2Y9Gfb98NcNb76bcLhMWHAFeKlZyfO6gZRPD3OCJ-uqYoLQBRKMbxkfcGDv9RQv1LkBDJ7dPKAeRXwtaNi7Xl58KPsGEn0SdGQ&sai=AMfl-YTQfzD6kfQUL6ntfTs__cdWSHRccgC1h3ip1cU3CGnQR7s047Kyuc7UcF-GowsvBx0sN7TTYW8C1rrMV7kj41IzngMa1KT-J098tA&sig=Cg0ArKJSzOGkPA-QBDsbEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230717.24865&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=96.284;sz=728x90;u_sd=1;dc_adk=4167744936;ord=if42iq;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fyalla-shoots.tv%2F$0;xdt=1;crlt=ARE)!pcjNt;stc=1;chaa=1;sttr=199;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 18 Jul 2023 17:14:29 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 37C6 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=96.284;sz=728x90;u_sd=1;dc_adk=4167744936;ord=if42iq;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fyalla-shoots.tv%2F$0;xdt=1;crlt=ARE)!pcjNt;stc=1;chaa=1;sttr=199;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 13:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
12114
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jul 2024 13:52:35 GMT
7410484386335067809
s0.2mdn.net/simgad/ Frame 37C6 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7410484386335067809
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcbd4882f0c4557f44d9d7340ab5a08c7b8cdf3dc5cba9996a18c95160acbd5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 11:44:08 GMT
x-content-type-options
nosniff
age
19821
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126353
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 16:06:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jul 2024 11:44:08 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame B1A7 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3478
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 16:16:31 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A2E8 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
12450
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 13:46:59 GMT
etag
48472445140208031
expires
Wed, 19 Jul 2023 13:46:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
link.html
track.webgains.com/ Frame 2137 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=26483600103410104444990012389011&nw=1
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.28.186 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-28-186.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c11c5dfba413937a31e20f510cca9e01bef0752258f290439800eb00ee12e33d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:29 GMT
last-modified
Tue, 18 Jul 2023 17:14:29 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 18 Jul 2023 17:15:29 GMT
activityi;dc_pre=CO-09uHgmIADFdOHsgodwdQD1w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4965740761028.912
5994599.fls.doubleclick.net/ Frame D1C0
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4965740761028.912?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CO-09uHgmIADFdOHsgodwdQD1w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4965740761028.912?
391 B
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CO-09uHgmIADFdOHsgodwdQD1w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4965740761028.912?
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
c5c4f7ed5d1b2889eed835f1ae87114d6202082df8ec5edb8c9c1798f44a8fc0
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
214
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 17:14:29 GMT
expires
Tue, 18 Jul 2023 17:14:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 17:14:29 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CO-09uHgmIADFdOHsgodwdQD1w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4965740761028.912?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900011.redintelligence.net/ Frame 93F5 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900011.redintelligence.net/request_content.php?s=26483600103410104444990012389011&a=3e8db58e
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.64.201.138.clients.your-server.de
Software
Apache /
Resource Hash
4f9c0958521368930a1468c3074035f6021dcc7070362e7b020b1a5a23b3fd9a

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2174
Content-Type
text/html; charset=utf-8
Date
Tue, 18 Jul 2023 17:14:29 GMT
Expires
Tue, 18 Jul 2023 18:14:29 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
truncated
/ Frame 2137 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ba2370f2932bf414efafbd565f5e497ee1ebb6d611019df6ddbe8258c17ffb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
container.html
a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E445 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 17:14:27 GMT
expires
Wed, 17 Jul 2024 17:14:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
suurl4.php
youradexchange.com/script/ Frame 9C75 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=7108866&chmob=%3F0&cbur=0.763461996523018&cbiframe=1&cbWidth=1060&cbHeight=484&cbtitle=&cbpage=https%3A%2F%2Fv3.sportsonline.sx%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=velocitycdn.com&aggr=0&ts=1689700469099&srs=052d91de87785b4ceba9ef1dec26f5cb
Requested by
Host: velocitycdn.com
URL: https://velocitycdn.com/script/q91a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8b25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://q9g3eq75cjvp82.dynamicrevival.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:29 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hG%2FFSw%2FuPXfIZTrHyzbi9wv9vxkNyxG5TnqpSq2bkyK%2FhtxTc3w5%2FkC40J5y5WYWILiSCL4DvK5rKdHj4LXgUjdoXJu8FN3PkiyOk9FH1JzxjVjB8O6dMy4NO3pZWhgxzPhE3YEx1N9Ok%2Bd3BGOecpg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7e8c5c7becdd2ba4-FRA
alt-svc
h3=":443"; ma=86400
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame AA79 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
22421
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 11:00:48 GMT
expires
Wed, 17 Jul 2024 11:00:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 37C6 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689594152080714"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 17:14:29 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FB26 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstYqMlRbkdbSXxTUpI1OSZlt_HHvd2dUdi_csn32NscOqO5qww7KEln0ngWSbB2sSf6zka-fHbI6IruwNbBi0LOLQDM4T_X-K9MX2_lcBAnVZkvkJ1aXE3Q5q1TDDK8rtmja3fLckLtkIL1ccc6oMk9R_qGHja9Hk7Dgb2H-YVfIM8YPjDlVnZ7lCEeBPoPt1YJ5FQaFWT_ppVI7zv-TAAWnzmNBdjcqJQtBwkbfSONmYs7x7ckyiT4tp7bhqjHJEAzC8suEj9tFS88ashkboJHZdtSymR-eYKy9IQ1WqK6nGLah8muoD4RasMQJIeyD-YELJy887dat1BqnD0XWUntw4IuyoFW0cv-2SUnpL2WuPrYQowcASjfQMupF4oeN1g8bJUBoYYt2TDEVrryJIp2WItErJCzpWAyj2Rr7ONdN5uOUaabN-uigaW2gHaBnMBckDWRt2KkpZN2dtmGr1cgE_AknutTWPJKV9JsQCZkHztVAHJr3sIOSzy-4ZFdigmEVrAjFovQ18gPzf8XGFTsjpKrqp_tYE4CKaZoZC1SkKkmSx9QWA0jIa0gylh0J8Z-XbeqDWFIX8KlHLKs_alukJOhzMRWo6OWIG88OD0DkCXUm5r9o2GxLriTPc7CVqPw6oQZh316w8HxieIX7SRYgYD7tbcg3nagimJY_AZR0olunRsR-LevtLNz4pQih77g7UPCisFXvOunx7x5bBEVRxZs1y5RkVm6-yoIx3TT558tlus24EQMPGriPMZcEjjMfQ_4JYNsdvxorlgazDM1fr4RSYpp5Uxtvr5vcDZUNxgpxlnXBXbKA4MqZlY91iDhS-KYb5Th1_-igDmoEca6dFhQSWozzh78KTR5DXjXF3TjZNH0oCRGSYhfYWv0wq93Wq7zr7FKau2ZVR6px7gDFX1pvXxs_FTl50uSNFVbjIjvk34g6ni6vQedXhccW7QJXdqiMImoGa6EpWkN4XbSXa9At-ZvTccEF-vldj-mY3gzASBpVq0ApA7YSIRJwAP4x8d6N7ioXDAdEgCDD0_Wyfy2uX-4ZgpOoq4Ie2yp8eOhuGrevKEX0aecgKuijRuM2IAdfFYu5CFyNl9pF4qwREwigE4lAlqivyoEwomyMgBZmiXMCLrYLoIx78Rpgh6baPaWcUUoJsowKIbRlWerazR0NFvt1pzOFL6KlHCpQ0UvynIHUX0SDdBmtfTyaPzb2hFRjmYwHiB89rQJeSSG0blkZyvkJdJOinEwLpXBUOh7eZUzM_vP0v24MH-D&sai=AMfl-YQEaMLFQWK3-4plZ_IxAmmG5_C5pjpPvhLibaIGVjCzuOY1V2XgMWfyNIPh-jl-3Rce9vhWv-PytVDpU6vQ-HEdw_HBCqLLKHG6Pie2O2Aofd3o68sKZxwIgIZb4PlS6ajK-zJ7W39JU21PevWOzlkQx-hiV37G0z4gOgq9rl5EjHiuVPwalJcVQ15RhzAbS-KdDjSUMy9C50rjtEIwzGJqBAKaRaMBMT3v_3_OgrZA0vZiwAxZ--Zrsp-DFHkpvBgoendKxJ45fUH5rGZjZDt2iJXjaWSpRVSaax6c3bPJb8rqKH434Hg-dIP6&sig=Cg0ArKJSzJMwhRUjLGWkEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=874&vt=11&dtpt=671&dett=3&cstd=197&cisv=r20230717.32614&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 18 Jul 2023 17:14:29 GMT
verify.js
rtb0.doubleverify.com/ Frame 1405 		1 KB
926 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_785118824070&jsTagObjCallback=__tagObject_callback_785118824070&num=6&ctx=29074404&cmp=30088679&plc=369086996&sid=8754143&advid=&adsrv=&unit=728x90&isdvvid=&uid=785118824070&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=114&bridua=3&dup=null&chro=1&hist=2&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=12&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=166&eparams=DC4FC%3Dl9EEADTbpTauTauJ2%3D%3D2%5CD9%40%40ED%5DEGTauU2%3F4r92%3A%3Fl9EEADTbpTauTauJ2%3D%3D2%5CD9%40%40ED%5DEGTar9EEADTbpTauTau2ff72h2hdc3e6hafd_cda2ccc3eh3d25%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTau2ff72h2hdc3e6hafd_cda2ccc3eh3d25%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=13.20&callbackName=__verify_callback_785118824070
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
22e40a7d9dc36475522b1c002600a753d5085f5a417dc6fb908849ddfd275e27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 17:14:29 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
07/17/2023 17:14:29
css
fonts.googleapis.com/ Frame 93F5 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=26483600103410104444990012389011&a=3e8db58e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900011.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 18 Jul 2023 17:14:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 18 Jul 2023 15:34:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Jul 2023 17:14:29 GMT
/
hal9000.redintelligence.net/scale/ Frame 93F5 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=26483600103410104444990012389011&a=3e8db58e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
4cfdc6280ac32acb418baaf1ae31c0a3f86b8ff04d4bbeef6d5fdbd5b4051bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900011.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:29 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 93F5 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=26483600103410104444990012389011&a=3e8db58e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
a5e45db23d56c837e5f268c11d3dd5881d54bc57ad3dd156c5694594db2f0aa5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900011.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:29 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
57464
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 93F5 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/32783/creativesup/1200x627-1.jpg
Requested by
Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=26483600103410104444990012389011&a=3e8db58e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
046582122558967f4b0fb8662e960dca7f4c152bb309c71589f6c719b75a62a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900011.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:29 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 93F5 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=125&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=26483600103410104444990012389011&a=3e8db58e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
8afb03c9a0d987158b44840ba348cb8850184d3e2dbcadbaa4b2503b82a48bbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900011.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:29 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
47178
Vary
Accept-Encoding
Content-Type
image/png
js
www.googletagmanager.com/gtag/ Frame DA28 		259 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a5727f9e0754b5bb1dd7fcc9215ebfab2aa2a7d199ffc6efd1b3611e25128ccd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88857
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 18 Jul 2023 17:14:29 GMT
truncated
/ Frame 37C6 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16f63d72b602e34291537fffc4dfb909573e9c0568fcb1bc7ce28fd4b31bef61

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 37C6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmevi4TGmP6s2h734szDXK9mIC1MTN35IJ2Kow1fSOgntvHbr5qE4ssL4FMLomMX_KAmeg2Y9Gfb98NcNb76bcLhMWHAFeKlZyfO6gZRPD3OCJ-uqYoLQBRKMbxkfcGDv9RQv1LkBDJ7dPKAeRXwtaNi7Xl58KPsGEn0SdGQ&sai=AMfl-YTQfzD6kfQUL6ntfTs__cdWSHRccgC1h3ip1cU3CGnQR7s047Kyuc7UcF-GowsvBx0sN7TTYW8C1rrMV7kj41IzngMa1KT-J098tA&sig=Cg0ArKJSzOGkPA-QBDsbEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=296&vt=11&dtpt=294&dett=2&cstd=0&cisv=r20230717.24865&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=96.284;sz=728x90;u_sd=1;dc_adk=4167744936;ord=if42iq;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fyalla-shoots.tv%2F$0;xdt=1;crlt=ARE)!pcjNt;stc=1;chaa=1;sttr=199;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 18 Jul 2023 17:14:29 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EF99 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstoY67JRaDN0Ja3-ohcZiGfrEFInCP5dvxhZqDsOhHCIrz7oH-Fs2Tcaa1CT1pI6qehwVB9oqkG6xPvFkGI8BLiWqI4pue61xt8AH2N88ZBxaG-CRmQsBdiGSaqe-lZmIU-f4uCyksVyC6W&sai=AMfl-YStkTIACv1jL2JpCSN9tDcoz3BgLMU_TcPTBgId8JQxib_WXrd3yCYBh0gOFcfJ75QH1qTynvsef8MLKHB8CGEoqsc5uTQHUGuw5Pe2wJoik6cc5Ijezv0n0TmuRv8nokHdOpfQbh_q6T_v&sig=Cg0ArKJSzDIxXjyhTJ5QEAE&cid=CAQSSwBpAlJWNLfHo7QpLtg_29_XCMAlZvz0QNNVL9SQFnXNwRJt8Tu7P_U5M0ZraviryfHBuNJZXTr428mUif8jTJ-mAlOiM14VHin4WRgB&id=lidar2&mcvt=1133&p=220,315,470,1285&mtos=1133,1133,1133,1133,1133&tos=1133,0,0,0,0&v=20230717&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2630399188&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689700467633&rpt=547&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
multitracking
ghb.aplhb.adipolo.com/adunit/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19556/hbw_master_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.210 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://yalla-shoots.tv
Date
Tue, 18 Jul 2023 17:14:28 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
cwdjkhlh9g.m3u8
ss7aja9crp62j2zf.cdnspectrum.net/hls/ Frame 9C75 		856 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ss7aja9crp62j2zf.cdnspectrum.net:8443/hls/cwdjkhlh9g.m3u8?s=nVsiDSQbuoG8TBrZ5Yu5WA&e=1689722068
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.154.206.103 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d3e6e56fdd4360855d5667258efb3425a4f7d6233cc123dcaa4a5c25708be035

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://q9g3eq75cjvp82.dynamicrevival.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:26 GMT
Last-Modified
Tue, 18 Jul 2023 17:14:18 GMT
Server
nginx/1.18.0
ETag
"64b6c86a-358"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
856
e.js
live.demand.supply/e/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_728x90_sticky_display_bottom&e=ao&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.5.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id
01H37XBZTS5HKQ2F1CQXNBQG5A
date
Tue, 18 Jul 2023 17:14:29 GMT
cf-cache-status
HIT
age
450582
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"081b1367cd2301d3bf23f0a40952d236-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7e8c5c7d6a1e1e4a-FRA
css
fonts.googleapis.com/ Frame E445 		4 KB
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 18 Jul 2023 17:14:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 18 Jul 2023 15:41:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Jul 2023 17:14:29 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame E445 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite_fy2021.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:04:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
579
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9071
x-xss-protection
0
server
cafe
etag
17378926570389699705
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Aug 2023 17:04:50 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame E445 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 16:10:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
3825
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Aug 2023 16:10:44 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2FCF 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
12450
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 13:46:59 GMT
etag
48472445140208031
expires
Wed, 19 Jul 2023 13:46:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame E445 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
487
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8291
x-xss-protection
0
server
cafe
etag
17061476539903440100
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Aug 2023 17:06:22 GMT
l
www.google.com/ads/measurement/ Frame E445 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR3mGTHFjNHOe3wziDRk6Qu4LKCLA72FcBJPMGoS83XXYmNCBYzs2Fxokt74x6ebIeJ1icpJNeFbDljQIo7cBNtV3LNrA
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E445 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689594152080714"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 17:14:29 GMT
db0cdd5d6449829815370f69ba3f47bd.js
www.gstatic.com/mysidia/ Frame E445 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/db0cdd5d6449829815370f69ba3f47bd.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 17:24:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
345012
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14165
x-xss-protection
0
last-modified
Fri, 14 Jul 2023 17:15:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 17:24:17 GMT
dc_pre=CO-09uHgmIADFdOHsgodwdQD1w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4965740761028.912
adservice.google.com/ddm/fls/z/ Frame D1C0 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CO-09uHgmIADFdOHsgodwdQD1w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4965740761028.912
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CO-09uHgmIADFdOHsgodwdQD1w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4965740761028.912?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
961ed28705676d956c987036ed0f7dad.jpg
s0.2mdn.net/sadbundle/10254353390152580160/media/ Frame 7FB3 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10254353390152580160/media/961ed28705676d956c987036ed0f7dad.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f5c057bd0ed3f119574571e42d8f70f2722937ba964b6bf977c322b2b789e28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10254353390152580160/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 22:31:34 GMT
x-content-type-options
nosniff
age
326575
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46253
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 09:17:46 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 13 Jul 2024 22:31:34 GMT
c5ad402885a9558b2b998260df514f8d.png
s0.2mdn.net/sadbundle/10254353390152580160/media/ Frame 7FB3 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10254353390152580160/media/c5ad402885a9558b2b998260df514f8d.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
057ef8ec13911c59222a107dd0dbefa5eafe3ff97a493ffd4f94cf2ca3a977c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10254353390152580160/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 22:07:29 GMT
x-content-type-options
nosniff
age
241620
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9039
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 09:17:46 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 14 Jul 2024 22:07:29 GMT
truncated
/ Frame E445 		287 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
4091503581208051288
tpc.googlesyndication.com/simgad/ Frame E445
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
  • https://tpc.googlesyndication.com/simgad/4091503581208051288
107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4091503581208051288
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 08:42:39 GMT
x-content-type-options
nosniff
age
376310
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109931
x-xss-protection
0
last-modified
Wed, 23 Oct 2019 12:45:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 13 Jul 2024 08:42:39 GMT

Redirect headers

date
Mon, 17 Jul 2023 19:41:01 GMT
x-content-type-options
nosniff
server
cafe
age
77608
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/4091503581208051288
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 19:41:01 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A2E8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENEabyrsw8QZjupQbehFQ4g&google_cver=1&google_push=AaAOQGGd-wYitHxSdGqi23XTjb83EWhJ8WK7R2ML6qjJjewj3Ch3YWW866C9IXQafOM7IKbYy3fQuPz-VzvkLg5aJettzOp83UVM
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDA5MjEzNDAyODUxODIyOTQ2OQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENEabyrsw8QZjupQbehFQ4g&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENEabyrsw8QZjupQbehFQ4g&google_cver=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENEabyrsw8QZjupQbehFQ4g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame A2E8
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIjjgoE__Uzc5d5rW3baYrw&google_cver=1&google_push=AaAOQGFr96lvVhE-XQp49wm3N5aIwtQjxtkoD5WrHPguXLzOvMvectymcUGSqqdwkrzYh7qbeYV7QYH5jrOVzU1Y-w-Wi8TMKQU&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIjjgoE__Uzc5d5rW3baYrw&google_cver=1&google_push=AaAOQGFr96lvVhE-XQp49wm3N5aIwtQjxtkoD5WrHPguXLzOvMvectymcUGSqqdwkrzYh7qbeYV7QYH5jrOVzU1Y-w-Wi8TMKQU...
43 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIjjgoE__Uzc5d5rW3baYrw&google_cver=1&google_push=AaAOQGFr96lvVhE-XQp49wm3N5aIwtQjxtkoD5WrHPguXLzOvMvectymcUGSqqdwkrzYh7qbeYV7QYH5jrOVzU1Y-w-Wi8TMKQU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFr96lvVhE-XQp49wm3N5aIwtQjxtkoD5WrHPguXLzOvMvectymcUGSqqdwkrzYh7qbeYV7QYH5jrOVzU1Y-w-Wi8TMKQU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7e8c5c7fbd741e45-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:29 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
447
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIjjgoE__Uzc5d5rW3baYrw&google_cver=1&google_push=AaAOQGFr96lvVhE-XQp49wm3N5aIwtQjxtkoD5WrHPguXLzOvMvectymcUGSqqdwkrzYh7qbeYV7QYH5jrOVzU1Y-w-Wi8TMKQU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFr96lvVhE-XQp49wm3N5aIwtQjxtkoD5WrHPguXLzOvMvectymcUGSqqdwkrzYh7qbeYV7QYH5jrOVzU1Y-w-Wi8TMKQU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7e8c5c7e5ba61e45-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A2E8
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEL6jlPpiUfW858JDRitrzG8&google_cver=1&google_push=AaAOQGE_PoYT_Z5tQ6j1x4XlHxn9aQh3O8peot4W_q7Zfyzp00ZTuvaq4mwflsSMlD0-WOaOxMdmp0u8OvD...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGE_PoYT_Z5tQ6j1x4XlHxn9aQh3O8peot4W_q7Zfyzp00ZTuvaq4mwflsSMlD0-WOaOxMdmp0u8OvDAlJUBk5xGifBVn0c&google_hm=5HvoZvoOQNyvpRfZNK-K0oo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGE_PoYT_Z5tQ6j1x4XlHxn9aQh3O8peot4W_q7Zfyzp00ZTuvaq4mwflsSMlD0-WOaOxMdmp0u8OvDAlJUBk5xGifBVn0c&google_hm=5HvoZvoOQNyvpRfZNK-K0oo
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:28 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGE_PoYT_Z5tQ6j1x4XlHxn9aQh3O8peot4W_q7Zfyzp00ZTuvaq4mwflsSMlD0-WOaOxMdmp0u8OvDAlJUBk5xGifBVn0c&google_hm=5HvoZvoOQNyvpRfZNK-K0oo
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A2E8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIkoyxDUcl727P1365zLkmg&google_cver=1&google_push=AaAOQGGjxJYmbikTH7ijOZZiYx1FCW-0vpG0cBb_xzSTEb-fk715cadvsIbbOo4i4-X46MP10SJ6pQaqWUNsv...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEIkoyxDUcl727P1365zLkmg&google_push=AaAOQGGjxJYmbikTH7ijOZZiYx1FCW-0vpG0cBb_xzSTEb-fk715cadvsIbbOo4i4-X46MP10SJ6pQaqWUNsv...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AaAOQGGjxJYmbikTH7ijOZZiYx1FCW-0vpG0cBb_xzSTEb-fk715cadvsIbbOo4i4-X46MP10SJ6pQaqWUNsvEYZfEt4L-Kd8fFS&google_hm=dVh5aGFnT3EtelowaWhm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AaAOQGGjxJYmbikTH7ijOZZiYx1FCW-0vpG0cBb_xzSTEb-fk715cadvsIbbOo4i4-X46MP10SJ6pQaqWUNsvEYZfEt4L-Kd8fFS&google_hm=dVh5aGFnT3EtelowaWhmc3N1c2w=
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 17:14:30 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AaAOQGGjxJYmbikTH7ijOZZiYx1FCW-0vpG0cBb_xzSTEb-fk715cadvsIbbOo4i4-X46MP10SJ6pQaqWUNsvEYZfEt4L-Kd8fFS&google_hm=dVh5aGFnT3EtelowaWhmc3N1c2w=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A2E8
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMHHRW12aM65mlnXCfVlppw&google_cver=1&google_push=AaAOQGEBuwakAy8bltLDN5pAJFSMWDS1mt3sYH3z02yjBxH5a48ZavqEFADc7mL8EbDwRxlTnq1aBVD4TXPRmxbYWj0Y8ooZzbs
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGEBuwakAy8bltLDN5pAJFSMWDS1mt3sYH3z02yjBxH5a48ZavqEFADc7mL8EbDwRxlTnq1aBVD4TXPRmxbYWj0Y8ooZzbs...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY2NjU1ODIwMTQ0OTY4ODIyNjM4Mg%3D%3D&google_push=AaAOQGEBuwakAy8bltLDN5pAJFSMWDS1mt3sYH3z02yjBxH5a48ZavqE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY2NjU1ODIwMTQ0OTY4ODIyNjM4Mg%3D%3D&google_push=AaAOQGEBuwakAy8bltLDN5pAJFSMWDS1mt3sYH3z02yjBxH5a48ZavqEFADc7mL8EbDwRxlTnq1aBVD4TXPRmxbYWj0Y8ooZzbs
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY2NjU1ODIwMTQ0OTY4ODIyNjM4Mg%3D%3D&google_push=AaAOQGEBuwakAy8bltLDN5pAJFSMWDS1mt3sYH3z02yjBxH5a48ZavqEFADc7mL8EbDwRxlTnq1aBVD4TXPRmxbYWj0Y8ooZzbs
date
Tue, 18 Jul 2023 17:14:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
cc.adingo.jp/adx/push/ Frame A2E8 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEIws1KDJBX61NV5K9rzZd38&google_cver=1&google_push=AaAOQGGJyH3_Oh1Z-uVamePSk4cljGh3BCmB1Tkmk4fhe7zYntRtaSmLR9qL0hTItfnPeyYSDwygyPeqrmNuIWsFTz12kJfsx8OQ
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.181.23.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-181-23-196.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:30 GMT
server
awselb/2.0
0.gif
id5-sync.com/i/495/ Frame A2E8
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEHpH4H8EAh4o4ntBU2yJ-H0&google_cver=1&google_push=AaAOQGEv01LziZOMEIXmlw1Zd_8i1sahx5Hd5IOkK74cxTyJwFeIDFc6JJoE2GHTBx4HVCr1uMLvkoERY0KPcDnYSR54KrG0-E-8yw
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAaAOQGEv01LziZOMEIXmlw1Zd_8i1sahx5Hd5IOkK74cxTyJ...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAaAOQGEv01LziZOMEIXmlw1Zd_8i1sahx5Hd5IOkK74cxTyJwFeIDFc6JJoE2GHTBx4HVCr1uMLvkoERY0KPcDnYSR54KrG0-E-8yw
Protocol
HTTP/1.1
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 18 Jul 2023 17:14:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

date
Tue, 18 Jul 2023 17:14:29 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAaAOQGEv01LziZOMEIXmlw1Zd_8i1sahx5Hd5IOkK74cxTyJwFeIDFc6JJoE2GHTBx4HVCr1uMLvkoERY0KPcDnYSR54KrG0-E-8yw
x-download-options
noopen
vary
Accept
content-length
273
x-xss-protection
0
attr
cm.g.doubleclick.net/pixel/ Frame A2E8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LogbdY0PQDy_LHbY3z0iTuRzatgIGslqJ_-Bh5NmFpru4ZInYMM0inauq706pPFPavIGrwyA
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame EF99 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3541104534699&version=m202306200101&ct=76&x=1&cor=12448798890644533000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bsevent.gif
rtbc-ew1.doubleverify.com/ Frame 1405 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-ew1.doubleverify.com/bsevent.gif?flvr=0&impid=80a96b5f65994d70b8e9b9ef0fd96ff7&vfdur=28&cbust=1689700469517672
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Tue, 18 Jul 2023 17:14:29 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
07/17/2023 17:14:29
dcmads.js
www.googletagservices.com/dcm/ Frame 1405 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 16:50:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1421
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6830
x-xss-protection
0
last-modified
Wed, 24 May 2023 18:59:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 18 Jul 2023 17:50:48 GMT
viewability
hal900011.redintelligence.net/ Frame 93F5 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900011.redintelligence.net/viewability?s=26483600103410104444990012389011&a=a0dc54ca&vb=m
Requested by
Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=26483600103410104444990012389011&a=3e8db58e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.64.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900011.redintelligence.net/request_content.php?s=26483600103410104444990012389011&a=3e8db58e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:29 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame FB26 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssGy7lMKJ2f8edn-iSJbFiWA9haLiTDT3vprs19LgkK91xbR5Lj9sDh095fJ0SF1nqyuZJSe2af_PrNgYntUeV4Tz0pSQ95QX48SXQrenpDvxWMSRI6i3eiLFx3gZKZi-fIvNXhfUs6CO6N&sai=AMfl-YQi_zRaGkUexSEC8de-G83X366xX7_TQ9hIeFVCvTsa6n0xT8juzITc1uytYFBICG9LT0J7lzoddciYNQ6B-YaIGLHresaK_v65hGiFAdcdxhFJANRVWd6B-M59CAKnJXDwhZnyW7dXONCtdQ&sig=Cg0ArKJSzDql4m53p0rJEAE&cid=CAQSTABpAlJWLYyFBVLssEmz2DTl9c3d2QXf5oFBmlRpIMyZDap129SrVhGEfkF7pwS3VabKUii2MPqJnNoUVlDEaX8YrccBtxYLYSGLTxQYAQ&id=lidar2&mcvt=1142&p=650,315,900,1285&mtos=1142,1142,1142,1142,1142&tos=1142,0,0,0,0&v=20230717&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1780369902&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689700467919&rpt=453&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E445 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 01:50:32 GMT
x-content-type-options
nosniff
age
314637
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 01:50:32 GMT
cwdjkhlh9g.m3u8
ss7aja9crp62j2zf.cdnspectrum.net/hls/ Frame 9C75 		856 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ss7aja9crp62j2zf.cdnspectrum.net:8443/hls/cwdjkhlh9g.m3u8?s=nVsiDSQbuoG8TBrZ5Yu5WA&e=1689722068
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.154.206.103 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d3e6e56fdd4360855d5667258efb3425a4f7d6233cc123dcaa4a5c25708be035

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://q9g3eq75cjvp82.dynamicrevival.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:27 GMT
Last-Modified
Tue, 18 Jul 2023 17:14:18 GMT
Server
nginx/1.18.0
ETag
"64b6c86a-358"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
856
gen_204
pagead2.googlesyndication.com/pagead/ Frame FC93 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bf3iNc8i2ZOnDNqeBx_AP7pixgAsAAAAAOAHgBAI&bg=!7O-l77vNAAa3SiIRl0o7ADkAdvg8Wrzm6O8dgertUY50c1lbnD1aNKnFPe_EUh7c7b5iyBrmSll4FWi5jGqttM1Pi1zvFaDE3wMCAAACzlIAAAALaAEHCgCR-lxPos82zXcnMnbzdSBvvhGWpaGBtU1H92hMDQcS-pLe4Ubty3ifc87ixkIzCrOQqouU_faBo_sIwA0jqi6tYuykanEfzlOTrlUKge-GMrOb4WgwyXE9LBBtgIXqFbUSUwqj7HNYMMQBV-MugsmlZrAlpvZFFoIWb8wFfAIwfAqXdW_N_khMVdjUdN9qzKqvcJkC7HTkuzBxbTd8w2h4ua3seRyh4QiP-mAhNzhJKw78a76nUlahDCPM310og2UdnKuDgdJMTauTwUtnjD6LKQMGQ4Cao19qLNxOKyv1oaa9VJZrOgB3xMBo-pPfrnSM4K3HSI5MyabAYi5U8z2joniv97_9qhbCgyYDoq1fWXE9UMscfsHwPDNa1y34CL4LsFUsnu6WGBBglOKoMejCEAfg9IykjkxGxU4TObnbJJjynEzGchHKJqf1KkJRXrEYbX_9FmREhhdEUAnktJtQKjjKUPJv12rJtbl74pC6rerZwhUKJn87lw_8JFtPsI_Lp9GT-juC3JR_RzPIGNHqGgWvU23RFFTGxqk8hOF7VvdFa4J7EkkaGTfYegfNgcjovgFZPQoXT0mtgTmes-XHgOC-8-q9kJQOzKobO1UHMzn5-66_ifIvVETQP_-DntcdR1Y6EvpWdSO_PIylpu0AzK3ypu98Xfk35cT2Tq1ejYE-GoVv3wDJrlkKsUSPgv8snorsmI3NkETCSEfS3kyck32pIdi-glAJQvaY-M8BorJF8AW6sCI2EqxBbsuTuq2JeHrUE-c_8t-awHBJsV2VAiNN5DLlH2pv0XF7oEdPXn4OFt09igdGHuck-ai4QOJ--WygGpkDJOflPrf-x5N4My4vgLrtyATm1J4lN7q623C4JxyTLPJeJ8me71ojjRkpfP7p0PAsrVmbbSoVVFLc4zQuJMzZcZg5zuy0lUgM-0A0bBNu_e2NfnVzgIxvK7FEmR_BQUQMLd750HS_BffWZiUf617rQMsoLf4jZfxDG8VvmZwOEZw-ryvkkug4vGHFClG6-_CZUnUq55E4YsGGWU1t9kyyHWeyGZNMeEJoG1ddbK4wa9Dvcuq2bUY_tnI4fVJqLIXT-1IdTygwtw6ITCWZ9_MhHZMU1I0sLz8xDBhTx_5a2dFgeRwsi7CwzcTlDsY_2_pAqFUDmkc19w1yIQJjKzdgBUD9C2yp_UvHZSo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 2137 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=26483600103410104444990012389011&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-48.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 11:11:27 GMT
content-encoding
gzip
via
1.1 c807be9a1ebef174d61ebd59fb655d20.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
21783
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
847YFLSKBsEs_OERE9wIrqfjuDfIjDymXAO3OIuoDsHn4_1PpCx7OA==
1x1_0.png
cdn.track.production.webgains.team/7121/ Frame 2137 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1689700769&Signature=d282BBmtDIgLch7dur2XkjGioxm8SvdVNKqgaULPHW0cDLOrywJonSKlZ6Mmg570eYYoKzV1908TsgNYWqnEY786jIqnHOUFWHXIdme9Kt~1CqUrcN~7OecPcHP-J5zyK8qtxLfqk4C6LzU69O33rL~OD-4ZpMT78mJz7QzWrZekpo7VZI-1jnEJOgoE6dtYfd-aKu0aHi2cfth8j64i~9-w-i6K4pMrmF0ArBzhEiXP8~BAc0kRYx6Lge5SNgvrlFwmbqINnx46ifJBadHpb9onF~Cc4rVlbNcKVK3WP1m7gROwKvFGXM5eVZfiTTeVatW8G36AdtxGdRTokBqvLg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-21.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 18 Jul 2023 06:26:51 GMT
via
1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
38859
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
RQO4O1Qb_Ls44se-oahuml9v_IMGaMYRDDX8MQjFe47t1UkM4XR0Ng==
hb.php
youradexchange.com/ut/ Frame 9C75 		0
285 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/ut/hb.php?cb=0.7683029244366215
Requested by
Host: velocitycdn.com
URL: https://velocitycdn.com/script/ut.js?cb=1689700468996
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8b25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://q9g3eq75cjvp82.dynamicrevival.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Tue, 18 Jul 2023 17:14:29 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RtfwbHDBp3a0ep3XUtsslWu8q2Ehkrtwl7wdDN9T88QtHYwQKm965AUdosgQobIpmGYaVKEZfSqy3P83u7VONSDxe6NIvSKtESL9%2Bl9FgP8qPrOSAMinfXzcb1O%2FAS2KeR7rARrUEc%2BIQ47AZJn654k%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7e8c5c7ecc503653-FRA
alt-svc
h3=":443"; ma=86400
gen_204
pagead2.googlesyndication.com/pagead/ Frame AED0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bf63mc8i2ZLn_O8vVgQeIw4TYBgAAAAA4AeAEAg&bg=!KSqlKn7NAAa3SiIRl0o7ADkAdvg8WrML4smiwlQbBEPtGklquyLA_Z95WUs2diSOCpsnl8umyA42v-fp-frxgd6jls1jsGSQZP8CAAAC81IAAAAGaAEHmQMBjAv9EIqkUEiJD5-_A2x6KKp2Q3zbRsSoCI0BBXaNBVzrWLackVeiJHr2ZIJsRlJG9QbBFpHhOVs5xjg12HJhR8JzwgGhvrMLLK7zuWuhp4xgOIiTNig2NKm2LITYHWMdMvFHZ5gtFxmM97RkbhUSNvhUImx_dHL9exS9NO-SYguKERIvuDp9G5R6w_MiTulJwTwON8ZRccTogIkbPd6l6mCTIhi8JJ9mnc_AdfcHsnBOxXpMK0I6h5D71tpRV_OpiViFO_kD1fH1ykxz2jPXfyTitreGTF4wCdZtbA_gaYf2c6wmUDbc348pgxv6AvSpkr478rTdtVDU0sGUGZzjDfTMGQQEJSuRAJBri9LNfVrcFNU6HmoMHHyGE4-LHXFX61gANzRW2fm5Of-gMFFfFLT3YVNrMrBmP6-LcWh0qsFnuf_MmVEqy2l_qq2P_1AAb7_wyWBJXZADmKtXIXo6LcBQtk80jJ1_G9kDO-yXLKLW4pDpPCCa9OL5-6KAGzNjfShyD3ThOKU3oAciV1E43Gib1E79HKI7W7oFsJhrgry4Dkf0LCdhZ_V6Vx0GwUr2ZUc0UE5m2MDlNuVtLCu2FylPVY-sPu1tSdTOAvyfTu7MQFdEecN9u5xhfPve0qoQtyNN9JDEKtO-ZTy56V1IG4e1cOYXdZQBS9-SgMwRIFmCI0EGC3B5baH7t7omgFuUpEZA8HygRBrl-aQUEo418TfLdNRabUyfL964byWD9OSfrZ4Rry6griztqi5r3RAVE6PJ5fzI1GPKZ4C0IPREp7gvRvvzQ9vmro3greusuY_hAuAU2CtmFH6XO_h6oYve08JRqm1xRhy6kbpJDqKfwqSIeMvOySNqmuRmH-K3SG4tvRpz2t-nRXcvWmkVA35EcTcvnbftPqCh_eGGxm-uVGhPU2GTjxbSJo75st1eXHxchy941eFMizlsuVQ0G1SMyytNFqKouVlNJCvyJMLvSz5IpEML-neBomhSHdUIuvkIkZ-pv2PpZ_hxfCMGyIUhuw
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame B1A7
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 17:14:29 GMT
expires
Tue, 18 Jul 2023 17:14:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 17:14:29 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
pagead2.googlesyndication.com/bg/ Frame AE8C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efd1f2d633a46174e9297aa571dd85617c750b8f87d16a52778d5bc4109b7017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 14:04:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
11401
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14507
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Jul 2024 14:04:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7829 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5zjTc8i2ZPvGO9fz3wOu5q-YCAAAAAA4AeAEAg&bg=!_v2l_anNAAa3SiIRl0o7ADkAdvg8Wu6xoqYNDMQvRQFcVFclEOJSmvfUNKCTLxx8sliQgKa5giDWj6kdcvsvWZq0jTfSVXdfW_QCAAAC8lIAAAAIaAEHCgBLm-T34-15duRIFT_wGYqPt9Iu4_Tpd2scTqkKroCQzL9_pwjg2NkYuky2LkOucqcWqdwZjBlUgWF6_HiWmJJ4p_UvNR10NHeIGE2hmQLoKqIS5HFDvcs2nKm4jN0EX-h5WLpCBdEKQMKNhJbMMSDiowNs-DtM5KAXtpGmmwa-ifRQz9mHHsIqAn7i64GZC_LriTRBVJvlQ_EYYMGQFd3eMPW2P3-Z8H3EfWaVPkXhkwb-YnA3OaV_aGUFtuxryiqA89aVeZKIJYkcMgi3ZwAICaoOm2OC8483vQzW-gubuWFPUOCZgTHE4SR5NDWENY3GtbNiDTfxL6wgv4mkpsYYqYT_JwUOlz1Pz7MKVdP1iNfz3iy5iLXUNiSdISG0xzaKX2u17dm1Z96-AR0sDS1qnBRt3qST_BZ_gJ6_qMiIxbRj_5rJKefXvz_BYKrNCjapHIdG6LI1WXQgEACN4KjT7SP94D1Cs9fLO9VQ9QaSyiNG6MYidJr3P011RKAynMAeNnvzdmGW2Mx26pFcgBEcahlJMhyQX7-FR8rpmeH5KRXqK9scweCh1tLNrDL9vXJvq95bFKKPicbuooBBfIm5FKHrxfUnQpPyYuts2aD2J_l195FZ7PEQOqnebDu9AfZaNSYVyNL1N_j7lnSjABtnqA0AcBZb5XevKygWlRFeBNjX6zMmVc-rm8BBSvkqHKw1Sm2e3MDWu31BawR0f5zTKlg24vnM6j2SNKc0CsXhcOn0shPO1w92cHKwK3ze5s1osxWaPyKSHPlUDY4B44Yy2Dv91BaaXC7EBhWVBCwaBuAMdS3runwErg9TPdWjne4JepXU09FZSFle95vsm5UWLUQDBoo3RyBJ_k2G06hK-ejbM6uPxgUEJuxuPEWe7_2-1Zp1nyX0pGQ5-uSPS5PtTTHlPe2siKmnG5GUHXQbrBT_oT9uzxlcaXQFJrFnCFG_ODZdgneoUDOWZdtaRH97fep96UnSV5tiRxlZ5v0TINviGGMl09Tpdc7q-ifLoEbeDWQFhZj4uJ0TtEmmQGlUTNTFbb83vqzxQVNxbSq53WQmY7G-7m3ofoXBcaWPuALYEwPthpkb
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
pagead2.googlesyndication.com/bg/ Frame AA79 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efd1f2d633a46174e9297aa571dd85617c750b8f87d16a52778d5bc4109b7017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 14:04:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
11401
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14507
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Jul 2024 14:04:28 GMT
a69b0a65-fb3c-404f-bac5-7f8f786b7ecc
https://q9g3eq75cjvp82.dynamicrevival.net/ Frame 9C75 		61 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://q9g3eq75cjvp82.dynamicrevival.net/a69b0a65-fb3c-404f-bac5-7f8f786b7ecc
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
62280
Content-Type
text/javascript
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F915 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
22421
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 11:00:48 GMT
expires
Wed, 17 Jul 2024 11:00:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1305 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 17:14:27 GMT
expires
Wed, 17 Jul 2024 17:14:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307110101&jk=1355555487957082&bg=!T0ylTBjNAAa3SiIRl0o7ADkAdvg8WmLqWzNVjWTbE_hNz2lNxnXytfWktPPJGwv3obnWx0-eGEaerlJsVzTH1zcvshEw9bWzOy4CAAACAFIAAAAHaAEHCgBtCsVnIjQYJVRfTNPPj1tiP-8AdGCr4EdJCU4nmeVsk2L-oR5rC4mKYoUkUxdXhHobryRODTjLwoIUPHWY_CQo1MVE591I3V0Ljzo48Tuq1AxDwjtJgZWP0jgsHPKQd2aBDnfHRIUJRN6juwq2WZkCrV3DrWh5m4cXhmo-Ojva_u6I1c3s7r77vMV8EwNNgjw376oHauqIvUlO4KPmbp4g9buf0XXtXStfH90_zmom5etbbgAJW6mk_s2tKDE1VASdPVlPUdvwdEi2kyunTggKlZTWvoswwnesKU7O03yhNeZe0RfMlggYJn0_hyMc1QS-KHJLj_7CTs1qFZ8xLgC1-_GcdnYrA1HzMFiTbSyV8c5AgqUjHdpHzvB7CzcmZ0udXnblzqlj3FWOQNFMxtsTGSkj6cjk6cjiky0v3dqcI3qbOunCibPmwtQ91sqvG4_fWNYZf5SUrFQoTwMkdj2ql9H5aqDRcpZHhIBb_vEmFWMJzQZLc5Mo7U8Gskqr6-f7HurH4w9UHee877tm_zENr-Fc1MMo1Rz6h5ZcbA52DA8P8J7CjH0S0u_rFfU8dcc9RKvzLFJeAdm-0sYOWb-69JPoFWk-xgfTjcwBnYVuxgcWy8E-yjPMrAyfEFo4B6MjnWRuJagnu-sVcsTNg-8Ou_3MAEMqznktcyVHJ2aLwvC52ocMR6LQVbiE2CYvg7pYeBDsztRHB3POHv3X_9Z4xohEoAD1OuN2gEfGOjItm90L_1XtTzXq3Rc-LvOit7Qaf-HHVvd1NQK5ue5FfKzkD8OOwWye48N89vwjtjXgcGIGjrW4RFpo09qv_tqGGpnCig-DOcz5B76uwVz7LHiW1RvxstJtEX8jcaU69TCrFTkIgd-MK4fAbiqW9DQ2u6htGA77CJcvKiFfY0-L8Zs61fFW0xj8-MMSBjYU-H5qQLYh6g4Y9o63V6siwJi_MxH4vjgvs4czSHUTEIl9oFx7pV8GzdBkmV4vrXyQZ-TFurEyQ_ddsd4yR8eZlLl9psP2b4lHBU0XiZptU-lfh9X_55zTYPiu2vosX8S3_Ao
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 93F5 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900011.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 18:52:01 GMT
x-content-type-options
nosniff
age
80548
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Jul 2024 18:52:01 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 93F5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900011.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 18:52:01 GMT
x-content-type-options
nosniff
age
80548
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Jul 2024 18:52:01 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 2FCF
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENEabyrsw8QZjupQbehFQ4g&google_cver=1&google_push=AaAOQGEuWWkfqyaOpivsZPx63y9B0yrtYAJNRAFLO42tHdI-zAjW61Fq479lPp_BuQ7Kiwomg9x16s675fJEFGpvEtMYw7p8Mdwdmg
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDA5MjEzNDAyODUxODIyOTQ2OQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENEabyrsw8QZjupQbehFQ4g&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENEabyrsw8QZjupQbehFQ4g&google_cver=1
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 18 Jul 2023 17:14:29 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENEabyrsw8QZjupQbehFQ4g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 2FCF
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIjjgoE__Uzc5d5rW3baYrw&google_cver=1&google_push=AaAOQGFLP_r6HbygFX7g5wIikWi24k-hmPwV4CbrHm5NbEycIGhBJkr4NkInrWM3JlzrTugx_mTXlUUCtnmwD_HxrAqgWFIFAxUP5...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIjjgoE__Uzc5d5rW3baYrw&google_cver=1&google_push=AaAOQGFLP_r6HbygFX7g5wIikWi24k-hmPwV4CbrHm5NbEycIGhBJkr4NkInrWM3JlzrTugx_mTXlUUCtnmwD_HxrAqgWFIFAxU...
43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIjjgoE__Uzc5d5rW3baYrw&google_cver=1&google_push=AaAOQGFLP_r6HbygFX7g5wIikWi24k-hmPwV4CbrHm5NbEycIGhBJkr4NkInrWM3JlzrTugx_mTXlUUCtnmwD_HxrAqgWFIFAxUP5g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFLP_r6HbygFX7g5wIikWi24k-hmPwV4CbrHm5NbEycIGhBJkr4NkInrWM3JlzrTugx_mTXlUUCtnmwD_HxrAqgWFIFAxUP5g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7e8c5c810f721e45-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:29 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
384
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIjjgoE__Uzc5d5rW3baYrw&google_cver=1&google_push=AaAOQGFLP_r6HbygFX7g5wIikWi24k-hmPwV4CbrHm5NbEycIGhBJkr4NkInrWM3JlzrTugx_mTXlUUCtnmwD_HxrAqgWFIFAxUP5g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGFLP_r6HbygFX7g5wIikWi24k-hmPwV4CbrHm5NbEycIGhBJkr4NkInrWM3JlzrTugx_mTXlUUCtnmwD_HxrAqgWFIFAxUP5g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7e8c5c7f6d0b1e45-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 2FCF
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-e7K1cGqkQ2FnfSqTwuGkRPC1J2Rb_yx40hnVGQ&google_push=PUSH_DATA
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:29 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
146684
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
274
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2FCF
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ivNUxmosSQCxrTY_AP3ikA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ivNUxmosSQCxrTY_AP3ikA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGF7u47UfgZt2PYPmh3S4TnO2GwKg5dlWSWy6QP5V8z3e9NHcWfGFSt4HKle4OIlR5QAnC2jEz1hH-5PmoS3NCOXzroPSx6tUQ
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ivNUxmosSQCxrTY_AP3ikA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGF7u47UfgZt2PYPmh3S4TnO2GwKg5dlWSWy6QP5V8z3e9NHcWfGFSt4HKle4OIlR5QAnC2jEz1hH-5PmoS3NCOXzroPSx6tUQ
date
Tue, 18 Jul 2023 17:14:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 2FCF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJZ9KSusLPLfTdn60eLhfy8&google_cver=1&google_push=AaAOQGEpeVakaiuhUoBpjp6H2qo9H9jhYB6HlfIZ2_4h-3Zjv6FHWdVju5j8ATBAixoIcmYGPvB...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEs4SzE2TkMtMjQtNTI4&google_push=AaAOQGEpeVakaiuhUoBpjp6H2qo9H9jhYB6HlfIZ2_4h-3Zjv6FHWdVju5j8ATBAixoIcmYGPvBTqgN2qLAJueduzwXInrpnvWcRbw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEs4SzE2TkMtMjQtNTI4&google_push=AaAOQGEpeVakaiuhUoBpjp6H2qo9H9jhYB6HlfIZ2_4h-3Zjv6FHWdVju5j8ATBAixoIcmYGPvBTqgN2qLAJueduzwXInrpnvWcRbw
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEs4SzE2TkMtMjQtNTI4&google_push=AaAOQGEpeVakaiuhUoBpjp6H2qo9H9jhYB6HlfIZ2_4h-3Zjv6FHWdVju5j8ATBAixoIcmYGPvBTqgN2qLAJueduzwXInrpnvWcRbw
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
sync
ssbsync.smartadserver.com/api/ Frame 2FCF 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEHI2MDgL_BqKKJysGpGPyKg&google_cver=1&google_push=AaAOQGGIOZ9DAJ1I7NxvHmhU634Z0qXHic_r3UpJ7CbpeVivrX0FXnAPoHsNvdRtS344miy2bp_kEpePLIiAW-r0zRAMIujwgsnJ
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:29 GMT
content-length
0
report
sync.teads.tv/um/ Frame 2FCF
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECEU9siTOGuy...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGH94jf2S39i8HBIm-qETIGXRc-0_fe3jSE79PK-XIobSMMUOSXe_dGdLaN--Lxq7aHYmXrsfprx3GfkE_5I3VGqcdB0Zd4tWw
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Tue, 18 Jul 2023 17:14:29 GMT
pragma
no-cache
date
Tue, 18 Jul 2023 17:14:29 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 2FCF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KV7_UTqQ4mEglMj9Mn-oDj1k5K1QugaMr_HkZWCEfNmAQT0YPTEeBJh1ZU9dJODajNjE3_Lw
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
impl_v96.js
www.googletagservices.com/dcm/ Frame 1405 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v96.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 16:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
87542
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20157
x-xss-protection
0
last-modified
Mon, 22 May 2023 16:41:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 Jul 2024 16:55:27 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 805A 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRDDtunGBBjV5YXuATAB&v=APEucNUafPQ8QPP03-dJ6q-DIGANvzQhE8jUd7udyJQIhLDUuKbCco13zczW0xtNNY3keQj8jESsD_kiyyuuw9amOwHp9cUAmFDL-5AHEKlFwS0mOl9jabpp3UIa0it4C1WkxOaeRDrtzKkHZZPy0rBaHOLhZgFEB_RxLxDYlRWTRjeB-Q20FnI
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 17:14:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 1305 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29781
x-xss-protection
0
server
cafe
etag
4315658989838864570
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 18 Jul 2023 17:14:29 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1305 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CDxR3-GFrYGOBGRbOA2aSa5oHIre-wFsyxP1wzIyMJHOX7tO-SktgRix_S-JKWElbcGGNXI0gh86g3pbBH_W1-jU_BYzSQtF3UJAqkbQGBmJgagmc
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1305 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5945865739376062299&x=1&ct=76
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 1305 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=29074404&cmp=30088679&plc=369087017&sid=8754143&dvregion=0&unit=300x250
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:6::17d5:a18f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
db556c877765791cfa9dc4febd9a83ab0dfdd29245b4c0ca786911f4ada39bbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 08:57:29 GMT
Server
UploadServer
ETag
"0a227e506cc4cb4f9940be0b4f6d5c1e"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=86400,no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
925
Expires
Wed, 12 Jul 2023 08:57:55 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 1305 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 16:10:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
3825
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Aug 2023 16:10:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 1305 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
487
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8291
x-xss-protection
0
server
cafe
etag
17061476539903440100
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Aug 2023 17:06:22 GMT
l
www.google.com/ads/measurement/ Frame 1305 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRCYHwbhwp0vDC53vzEDYSPa5_HrLJt73kyw3MqpAvLs22GHxNDhKQDvjrKIVpezKMqUGBRC6G9DwV-EElCLWFB-UVatw
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1305 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689594152080714"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 17:14:29 GMT
truncated
/ Frame E445 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42dd21a4c8d4d36d9de3bca637d692b5dc0c94a03d41f88bbf16b2fbcb7f019e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
B9689862.280630144;dc_ver=96.284;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=3424353018;ord=m2a9vl;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fyalla-shoots.tv%2F$0;xdt=...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 1405 		62 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=96.284;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=3424353018;ord=m2a9vl;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fyalla-shoots.tv%2F$0;xdt=1;crlt=ARE)!pcjNt;stc=1;chaa=1;sttr=194;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
8635ab6523110c03cca8daaa629a9a501ed74d8eb78437e932fe0bd8311e1bcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29384
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2F3E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 17:14:27 GMT
expires
Wed, 17 Jul 2024 17:14:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
partner
sync.search.spotxchange.com/ Frame 805A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEwX0OQ7nHzYmZDUR-I72Kc&google_cver=1
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEwX0OQ7nHzYmZDUR-I72Kc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRDDtunGBBjV5YXuATAB&v=APEucNUafPQ8QPP03-dJ6q-DIGANvzQhE8jUd7udyJQIhLDUuKbCco13zczW0xtNNY3keQj8jESsD_kiyyuuw9amOwHp9cUAmFDL-5AHEKlFwS0mOl9jabpp3UIa0it4C1WkxOaeRDrtzKkHZZPy0rBaHOLhZgFEB_RxLxDYlRWTRjeB-Q20FnI
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:30 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
102
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEwX0OQ7nHzYmZDUR-I72Kc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 805A
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OGU2ODM4ZTEtMjU4ZS0xMWVlLWE2YzItMTYyZDQ2MDYwNTA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OGU2ODM4ZTEtMjU4ZS0xMWVlLWE2YzItMTYyZDQ2MDYwNTA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRDDtunGBBjV5YXuATAB&v=APEucNUafPQ8QPP03-dJ6q-DIGANvzQhE8jUd7udyJQIhLDUuKbCco13zczW0xtNNY3keQj8jESsD_kiyyuuw9amOwHp9cUAmFDL-5AHEKlFwS0mOl9jabpp3UIa0it4C1WkxOaeRDrtzKkHZZPy0rBaHOLhZgFEB_RxLxDYlRWTRjeB-Q20FnI
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 18 Jul 2023 17:14:30 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OGU2ODM4ZTEtMjU4ZS0xMWVlLWE2YzItMTYyZDQ2MDYwNTA2
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
49
Connection
keep-alive
Content-Length
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame 805A 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRDDtunGBBjV5YXuATAB&v=APEucNUafPQ8QPP03-dJ6q-DIGANvzQhE8jUd7udyJQIhLDUuKbCco13zczW0xtNNY3keQj8jESsD_kiyyuuw9amOwHp9cUAmFDL-5AHEKlFwS0mOl9jabpp3UIa0it4C1WkxOaeRDrtzKkHZZPy0rBaHOLhZgFEB_RxLxDYlRWTRjeB-Q20FnI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:30 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cwdjkhlh9g-309635370.ts
ss7aja9crp62j2zf.cdnspectrum.net/hls/ Frame 9C75 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ss7aja9crp62j2zf.cdnspectrum.net:8443/hls/cwdjkhlh9g-309635370.ts
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.154.206.103 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2775af782574121920f57fff91e5a634e219f5023b7b5518a44085aa1368e84d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://q9g3eq75cjvp82.dynamicrevival.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:27 GMT
Last-Modified
Tue, 18 Jul 2023 17:13:18 GMT
Server
nginx/1.18.0
ETag
"64b6c82e-119a20"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
1153568
cwdjkhlh9g-310385340.ts
ss7aja9crp62j2zf.cdnspectrum.net/hls/ Frame 9C75 		968 KB
968 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ss7aja9crp62j2zf.cdnspectrum.net:8443/hls/cwdjkhlh9g-310385340.ts
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.154.206.103 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
072bacb79dd23f999b744a3cbd1ebc4789217e1fe68e01f1dae7e422e7629d85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://q9g3eq75cjvp82.dynamicrevival.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:27 GMT
Last-Modified
Tue, 18 Jul 2023 17:13:28 GMT
Server
nginx/1.18.0
ETag
"64b6c838-f205c"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
991324
J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js
pagead2.googlesyndication.com/bg/ Frame F915 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27d1641078d09f5541e3073bb961a6a18f8ea20d093779ef8cc702ece3a23d97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
440052
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14539
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Jul 2024 15:00:17 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame E445 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cevr3dMi2ZL7XILiU9u8P18OhqAr55OrFbcrVg5jTDI3WhZmAHBABILnb8yZgleqxgrwHoAGwuqHXA8gBCakCnnPQ_l3Xsj7gAgCoAwHIA8sEqgSdAk_Qo3jSj9b2JcmjNgUxb5dDcy7aFPpr36ErlGFuz5YHgACeGpSVETu4wYFQ7dHYuaWq7hIdZ5M3CSSRY2CXYyOp4wL2gX4TBsDh065i7imf2Efa6FVDjStM5psAVenN9QiuBYdeGId78I_63olSc3QP10ExNIBBU8BTdc-N0nkmJuXTXvF2nXiWGcE_7HUdaE1oOFzMkxKHD8tg61Ws95JFbNq4dbRSK2hCp46mKg2scJ8rSXoyEn3q1W1O5hYutOdpeD-QJiH9pg4oXK3EZnVw1cD4k203oOxRzrU_15pB-RYt7nl5lppDksDJH3e8zggKjK3MQ3RMEbpKkv1BV42huXNHnAfQvjj-qwBPm-2OlTsrYCGtX5U3YdAe_sAEuav95KID4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7_ZvWCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQgMMI0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAdgTDIgUAtAVAYAXAbIXHgocCAASFHB1Yi02NzM2MjU2NDczMjAyNzMzGOTDDg&sigh=vO9gbHwdTHQ&uach_m=[UACH]&cid=CAQSPABpAlJWlITfxFINfwz4vJC6WltXjQB1N6nEfvLzYjFLsQKwIeNJCSN5XaHy4r5C9IJQ5KIuaLlQzn3YAhgB&template_id=494&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
cdb
bidder.criteo.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=34712431683
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/469361/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://yalla-shoots.tv
date
Tue, 18 Jul 2023 17:14:29 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid
ap.lijit.com/rtb/ 		25 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.4
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/469361/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
cc147b60966fc18fa1acef2485d29d74d5c8331b3f4689bf36380c67f4beb0cb

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 18 Jul 2023 17:14:29 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
prebid
mp.4dex.io/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/469361/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:29 GMT
x-err
Parsing the Prebid Request. org/site not found
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7e8c5c814d4218e9-FRA
expires
0
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/469361/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
c
prebid.a-mo.net/a/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/469361/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 18 Jul 2023 17:14:29 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1305 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4155735620819&version=m202306200101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1305 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4155735620819&version=m202306200101&ct=76&x=1&cor=5945865739376062000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1305 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ar528BUmVlSmZJxecEnoN2gHrtAkTNMA47cVJU0PHMSm1RsNJ06UPLCiWyjfBixcaqIhd9PzAPzoZ1vO2J-dRicvnCwqYwREN4PSc4cyYZZXo-2p5mRnlqaBuOsvxpyhPM7Wby--kyVOcj4GtbIFTxZtiLhuX7Hqh82Pw952nI0u6O6aA&cry=1&dbm_d=AKAmf-A6tL05HeJtVsuSK8r_8JT6rhBZEPUuM2tQZbKO2h8zL0MSv4tGqkHoDrrTFk_8cUh1v9lgtdcquRYdDMlKe-MkmLFWMIHUBLhNf3f0uMHLrqmblJvZtTuHEo0sBy2jV7TpFlhDUuu4Q7h1ArnnrWaU2gu27DgIPbFC3u1leLKYLKGFWqcgdMOQPWFBXzFVARelA_abxuyuDAE_CCh-Z1eiYwO845EaHJrkJNzcZ89aptV-I5D1n6eXEsXJ1XUM5rZt1VOsmvHdIysJWm78KHD4iIdgH4Ff3kV_m2U24VnqltGI58LKVyXTYzybyW9U2VybOWvmCzfskeIv6mQidrXMGHeEXwXlE4KxYf00Bcyv4n4sfHDe2r31gAV9yQ81t8Yp0WTsGb9NeMGodbJD6iFPNCZmXUl28miuBzSEHcp2fXC61fSgA7kFIldZTJSQswB2t5xVRJaDYnbt-INeI3ut8-DuYapbxgSG46ToGAfkc2udTWCkzPHU_OmvmBJYVBwGMUKcpOoev3btxSUy3dNiTF1HAbfi__wO9D58yGBTThQtIEG-vUM-fqtffeI7jG8Dl9khlfBjbIiOW6aIhSUy9uxJTCz1wouNlysEvee6Ldtbn-NJgDF7V_2BD2F0KuaNHH1k9AvB9PFfSZrEyyvHxfHUp2Q0kQAMTkH_UbpDCIzyUNX_2ciaujXAGoiUpHtCeBzu9ms-9F-Vej8LCgA3QuRzQwcNFvgaVJcT4A7Z-04MJWWM45W-BSUHQU5cth_meKobxGBTXcoSqxtScOZCrOkc9EtXrNxc-EcQ0h5_v1OkPwYd3YpqbfMPzo7deRxNNlXQwlxPssjJLukjN2bqQbLmEtUj43S90aF6RzemORM62ZdbbvFM-NSQdCiGF3_VB77pEkhcW5vOCn98RykhDYbyl14QslQPcHRSBxkkRJLa5jPhXFXViahKua4k8PqG01VKX6ntUS_f-HWqISN0h1Vcgy1dhJ67mEaSehHkP6Bph6_QaC27JS4ofFosu7_n05LnpSiOs0KtV4ac_4M1qYrSRcUkMRaGOPddBgavit36zpZlINrPaShtvvsdtr12xQE5ppwSiXG6lrsagHXP6ZPV3jDjMDLr10i9W1Sk25kHygGWrfMSWQESXb73UNp0DhpKex1hdLq-WyNhe3trWm3Q6BSbaqT1JQPMibv0CnxtUXy48pSlRrEW6LdvZ1K9R_IpAjQoEA5ouiELMapUMqo6QCFXDdp9Xl35zmd4_AHm0MUfX1awLItUQ4YvJfB-wlTEpKmqdZHixKd26tiR_9m7VM8K2Wq_jV1iCqEnMOuS1ZBxBitIQFPaOrd_0MMuV-Mpd4_ASK46wKRjfzymD0qPgHrMi5dVS-hZuf8uopI7AkIlUwBWjw2V1pRFADpx4WntQ4PQpGXdnCYZn4nugUtd0JwmF9d0JJhn2-NXh7T19-OGeUd5RU8Tyk5uGVHl9zP53_QTRH9RFn0adj5_IBBYY5o9Db-qqqU2ypXp8fvflCbp-5rnQgcd673yn1p3Th_Ida0qqr5wNlGvh6Qf9vVLI8LwjV-eeDWfwLFBsN0oL4l0Wcweu5AaKeHzf5eueZ3WzYMEYlbeeWgCqS9Y61eW0toXZ6I3zOS0vKxtsdKhG818V7-fhRBRASnbljFVfCZKLed0GlQ34874ndV6UPbwoh3id2A1t9wk4GP928KWEx0BpE0DCtoONdeWL47Lg4-Avtow-tqjZxzHBFXwYtpZER5xUbbg8kW8mNBspxXk4IWKj1Xw_kASeR0bWMDCHfgmfJ9kCF43ubE72AZHgNnxVaSgbp4SK1p96ir13En9CSp5kOVEC2gahuoizKAbA2M0hDbWU4pmpjD1ayQwMNGm7nSEKwkojzF9Gx3L4Ze-HOE_Kujso_F3BomSS-kNRGNlbOkYxq5_IcFEFuJcaPYdx1rSFT_JIOUZmIgnkT8EzbEKz86HWtux6KOx7GcQ9KtV6LMNSLs6jwHyLM_n4MDZgTJVDreYIYmE4hewHlMzeNrypiz3roqwR-WMZA9H1SSl1C5eyVQxYdJCRjFKr_sSsgQF1XwD09cbaEusrP5rvN_TycJtM0qW0fWNltuH3zEBGPUJUXhtWpZILppUcV4HRU1gPGACAXp8kJXMvOOC_bm3zQjyir6E4prFUL6hD4ijiEMrKmpvC1TBVKXdhSavHvC1XlxmMUnhwbmKYJzrpk_c9vMdfDXTtV5NFsl8y9dtUT0zpEfB7_SfOLbEJHADRHcqaVHN00WPqBznt8NyqVx33_il4ZzTZ9-eee605QBssOkCpAzuhheL6AkPttw1HzkU9WA_FpTizO8lqRaAUQS2XS6EULNdLkRg8ZfmOOjeI15-gOIRONFD6OXLUe57bS0n8pY_s4Tj9Qb3Xqj9ft2PWb53mOYoLqAsfminfSZTvrkD7xgTwmDrVyW3BYuZkzMHCk8tcUxIFYuD4HXXf8Kt5RymjREJDfYhaxREjEasynRxf_dPhKJuh6CJzIkuk-gMQ4kkmRtuDsnOqRnnwzdcLptbvb27PdopSV1I0tKWa3ZiZ_Hp4eEVgrZV2HqhrObQqa-DAMrsFTR5G29i-54tWsVj--E3_8nC4kfk-JZEvyePInrO4EYu1Nu4bBCzFCE9ar-m4kHb6eCf9OKyuMcPsV0rh64qrs1hnOTg-lYeg1NlhqqifbBIg9p9qQDy9Gfoy0Tl7ZTseIJSrEVKV3AfvNyqBCzjcofdg1xn-AbWeM96PZUy0eCNrzfjf3O7DNyvmIQSMqhjIaxIoMukH-oyhokve2rbqiAZM4pwJJWFyDvLVd2YZtjss-p1Rgw2g0AA9cgNsxb-vSoTLaS-89F9IETgCMiMutRete7fAY_SAodRHSUZlj_LMJj3f1vJxVf3AF0sK_nQGKEtAtGro9nmrXPsOI5kGkmUjZcNBTh3eWv7Kewj1TnfWz6tfxCt1hRe3-w54OZjCgQgTERgeauZlin4Mb7JMRI1j5deJ3451adJK_271Yba7w9yf7_bVw&cid=CAQSPABpAlJW06h3XE_iIHzg9hedGWyjj5F8EqGjw6eO1ZhxClScxOR_EG7kTW92-_kUtZIQTQ4xNZRlwNmt9hgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=5945865739376062000&adk=3690638929&idt=109&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c2e239a1960e4555322fb9c10f9b0fc69829d736c40c1055a1a6e906c88de22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12053
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
pagead2.googlesyndication.com/bg/ Frame 96C6 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efd1f2d633a46174e9297aa571dd85617c750b8f87d16a52778d5bc4109b7017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 14:04:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
11402
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14507
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Jul 2024 14:04:28 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0686 		398 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNW-_AK2FK3rUUCHToHOBK8F-DCIpMrg6zPG5fH-ZpFeI5UBuELF-nECA53yRIcGYwjaPaT4cQQI-bY2th1K1mnCE-IcK9IIMeJ1xUVakX0BQ2s9NFbmcg9LnKkzGipJpFhkJ9tmFvuT1FVC37L1uW9hiXl_PbMhZ5P9f9a_sUo_sH-ZjJc
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
202
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 17:14:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 2F3E 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29781
x-xss-protection
0
server
cafe
etag
4315658989838864570
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 18 Jul 2023 17:14:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F3E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BgsRNb4YJ4wJVlXRuX9ci0n6JkxPML8UToKXySjGEXQmkt0QXF0PZ-wLefWUS5hn7J4hqyvr4bohwJmwiCJf9U2vxJ1Wt4Zueaeq0kHXxo077An2M
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F3E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15791509426008634622&x=1&ct=76
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 2F3E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 16:10:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
3826
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Aug 2023 16:10:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 2F3E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
488
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8291
x-xss-protection
0
server
cafe
etag
17061476539903440100
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Aug 2023 17:06:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2F3E 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689594152080714"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 17:14:30 GMT
7410484386335067809
s0.2mdn.net/simgad/ Frame 1405 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7410484386335067809
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=96.284;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=3424353018;ord=m2a9vl;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fyalla-shoots.tv%2F$0;xdt=1;crlt=ARE)!pcjNt;stc=1;chaa=1;sttr=194;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcbd4882f0c4557f44d9d7340ab5a08c7b8cdf3dc5cba9996a18c95160acbd5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 11:44:08 GMT
x-content-type-options
nosniff
age
19822
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126353
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 16:06:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jul 2024 11:44:08 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/ Frame 1405 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=96.284;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=3424353018;ord=m2a9vl;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fyalla-shoots.tv%2F$0;xdt=1;crlt=ARE)!pcjNt;stc=1;chaa=1;sttr=194;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
85982
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 17:21:28 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1405 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss8EIaqLaDOIt2l_KR7h_MdW5Z7rH1kUBpXEFXB2nILOx9t_G1c0Sq7Aki3t_XFFETzusQ2kPh-dPjj0S6_YSaRxQNqTF96fjHVYpthcM1fftpEcQmDGWUUh0Q7tfgygvX9gJ8XpWhXrHJ4OehuIlCFmdPprdALZkNflr9uHA&sai=AMfl-YRqHZaBcf3nONjF4UtZjEGW8-IAFd1AVrgIkaDHpTVSpNi3JotVdD8lmHSI3uj3Wt63A2d4JLBKl0IpPfxsj4fpUq20-dnQ7ygbgA&sig=Cg0ArKJSzFdAbTsOgAIWEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230717.89347&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=96.284;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=3424353018;ord=m2a9vl;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fyalla-shoots.tv%2F$0;xdt=1;crlt=ARE)!pcjNt;stc=1;chaa=1;sttr=194;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 18 Jul 2023 17:14:30 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E325 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
12451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 13:46:59 GMT
etag
48472445140208031
expires
Wed, 19 Jul 2023 13:46:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1405 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689594152080714"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 17:14:30 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/469361/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:13:32 GMT
server
nginx
etag
W/"642e8d3c-15c1d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 19 Jul 2023 17:14:30 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 297A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
22422
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 11:00:48 GMT
expires
Wed, 17 Jul 2024 11:00:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		34 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1355555487957082&correlator=508336490470376&eid=31072019&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600&ifi=21&adks=2699624902&didk=2950404310&sfv=1-0-40&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D8238e40493fbd91b%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_Malw_5R-3LX6FK69-8-Txt8IbExYA&gpic=UID%3D00000c3fe02dedc8%3AT%3D1689700467%3ART%3D1689700467%3AS%3DALNI_MahRX1CYAsRGeOFxbuXoH1RIBm9KA&abxe=1&dt=1689700470181&lmt=1689700454&dlt=1689700466828&idt=526&adxs=-300&adys=601&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=l&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11511%2F1042679%2Fvalencia-vs-nottingham-forest%2F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=516&ohw=300&psts=ABnkTfCSlTlYU7ZMYCiLIk6hcyqtWY3tfJ7h12CIl6uHRxM_QASMQoxQIEy2CbPaFzXIo9H2guWTL3X6M9Emnjoq8LIEbfQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfDCHMG9Ff9PksGP1cQ608CX0za_ZAkYd3DsWkRXv91ZJx4mE3-ndP5kbdwrl2FMXLq5qpM_vYCelUI1GeT8AXP-0Ao%2CABnkTfDzNSWbZigLgXLAr-pz_DyJ7RPpjCd92G0ET00541-skcjqYfOleDMN4lV6FvKx6KOQXOscfU3X7cNq43-U9-HlYX0%2CABnkTfCpu7UcUvORl3eHNr6T-aBFoPcsRIF01B9zvB0Zr4vJOydrvEsexOeZv8f9UEg_eYXT7CtbTP8oyzveOMdl-TGxS1k&ga_vid=1232595036.1689700467&ga_sid=1689700467&ga_hid=948966620&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f31dcc93dca34eab5d1231f120357eff82ec5e20b2958a8f71f3c6eefba880e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:30 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13707
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 0686
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESENeNYeyDvZYFLBJZC6lnHig&google_cver=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESENeNYeyDvZYFLBJZC6lnHig&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNW-_AK2FK3rUUCHToHOBK8F-DCIpMrg6zPG5fH-ZpFeI5UBuELF-nECA53yRIcGYwjaPaT4cQQI-bY2th1K1mnCE-IcK9IIMeJ1xUVakX0BQ2s9NFbmcg9LnKkzGipJpFhkJ9tmFvuT1FVC37L1uW9hiXl_PbMhZ5P9f9a_sUo_sH-ZjJc
Protocol
HTTP/1.1
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:29 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESENeNYeyDvZYFLBJZC6lnHig&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 0686 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNW-_AK2FK3rUUCHToHOBK8F-DCIpMrg6zPG5fH-ZpFeI5UBuELF-nECA53yRIcGYwjaPaT4cQQI-bY2th1K1mnCE-IcK9IIMeJ1xUVakX0BQ2s9NFbmcg9LnKkzGipJpFhkJ9tmFvuT1FVC37L1uW9hiXl_PbMhZ5P9f9a_sUo_sH-ZjJc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:30 GMT
transfer-encoding
chunked
content-type
image/gif
view
googleads4.g.doubleclick.net/pcs/ Frame 1405 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss8EIaqLaDOIt2l_KR7h_MdW5Z7rH1kUBpXEFXB2nILOx9t_G1c0Sq7Aki3t_XFFETzusQ2kPh-dPjj0S6_YSaRxQNqTF96fjHVYpthcM1fftpEcQmDGWUUh0Q7tfgygvX9gJ8XpWhXrHJ4OehuIlCFmdPprdALZkNflr9uHA&sai=AMfl-YRqHZaBcf3nONjF4UtZjEGW8-IAFd1AVrgIkaDHpTVSpNi3JotVdD8lmHSI3uj3Wt63A2d4JLBKl0IpPfxsj4fpUq20-dnQ7ygbgA&sig=Cg0ArKJSzFdAbTsOgAIWEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=158&vt=11&dtpt=156&dett=2&cstd=0&cisv=r20230717.89347&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=96.284;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=3424353018;ord=m2a9vl;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fyalla-shoots.tv%2F$0;xdt=1;crlt=ARE)!pcjNt;stc=1;chaa=1;sttr=194;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 18 Jul 2023 17:14:30 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1305 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ar528BUmVlSmZJxecEnoN2gHrtAkTNMA47cVJU0PHMSm1RsNJ06UPLCiWyjfBixcaqIhd9PzAPzoZ1vO2J-dRicvnCwqYwREN4PSc4cyYZZXo-2p5mRnlqaBuOsvxpyhPM7Wby--kyVOcj4GtbIFTxZtiLhuX7Hqh82Pw952nI0u6O6aA&cry=1&dbm_d=AKAmf-A6tL05HeJtVsuSK8r_8JT6rhBZEPUuM2tQZbKO2h8zL0MSv4tGqkHoDrrTFk_8cUh1v9lgtdcquRYdDMlKe-MkmLFWMIHUBLhNf3f0uMHLrqmblJvZtTuHEo0sBy2jV7TpFlhDUuu4Q7h1ArnnrWaU2gu27DgIPbFC3u1leLKYLKGFWqcgdMOQPWFBXzFVARelA_abxuyuDAE_CCh-Z1eiYwO845EaHJrkJNzcZ89aptV-I5D1n6eXEsXJ1XUM5rZt1VOsmvHdIysJWm78KHD4iIdgH4Ff3kV_m2U24VnqltGI58LKVyXTYzybyW9U2VybOWvmCzfskeIv6mQidrXMGHeEXwXlE4KxYf00Bcyv4n4sfHDe2r31gAV9yQ81t8Yp0WTsGb9NeMGodbJD6iFPNCZmXUl28miuBzSEHcp2fXC61fSgA7kFIldZTJSQswB2t5xVRJaDYnbt-INeI3ut8-DuYapbxgSG46ToGAfkc2udTWCkzPHU_OmvmBJYVBwGMUKcpOoev3btxSUy3dNiTF1HAbfi__wO9D58yGBTThQtIEG-vUM-fqtffeI7jG8Dl9khlfBjbIiOW6aIhSUy9uxJTCz1wouNlysEvee6Ldtbn-NJgDF7V_2BD2F0KuaNHH1k9AvB9PFfSZrEyyvHxfHUp2Q0kQAMTkH_UbpDCIzyUNX_2ciaujXAGoiUpHtCeBzu9ms-9F-Vej8LCgA3QuRzQwcNFvgaVJcT4A7Z-04MJWWM45W-BSUHQU5cth_meKobxGBTXcoSqxtScOZCrOkc9EtXrNxc-EcQ0h5_v1OkPwYd3YpqbfMPzo7deRxNNlXQwlxPssjJLukjN2bqQbLmEtUj43S90aF6RzemORM62ZdbbvFM-NSQdCiGF3_VB77pEkhcW5vOCn98RykhDYbyl14QslQPcHRSBxkkRJLa5jPhXFXViahKua4k8PqG01VKX6ntUS_f-HWqISN0h1Vcgy1dhJ67mEaSehHkP6Bph6_QaC27JS4ofFosu7_n05LnpSiOs0KtV4ac_4M1qYrSRcUkMRaGOPddBgavit36zpZlINrPaShtvvsdtr12xQE5ppwSiXG6lrsagHXP6ZPV3jDjMDLr10i9W1Sk25kHygGWrfMSWQESXb73UNp0DhpKex1hdLq-WyNhe3trWm3Q6BSbaqT1JQPMibv0CnxtUXy48pSlRrEW6LdvZ1K9R_IpAjQoEA5ouiELMapUMqo6QCFXDdp9Xl35zmd4_AHm0MUfX1awLItUQ4YvJfB-wlTEpKmqdZHixKd26tiR_9m7VM8K2Wq_jV1iCqEnMOuS1ZBxBitIQFPaOrd_0MMuV-Mpd4_ASK46wKRjfzymD0qPgHrMi5dVS-hZuf8uopI7AkIlUwBWjw2V1pRFADpx4WntQ4PQpGXdnCYZn4nugUtd0JwmF9d0JJhn2-NXh7T19-OGeUd5RU8Tyk5uGVHl9zP53_QTRH9RFn0adj5_IBBYY5o9Db-qqqU2ypXp8fvflCbp-5rnQgcd673yn1p3Th_Ida0qqr5wNlGvh6Qf9vVLI8LwjV-eeDWfwLFBsN0oL4l0Wcweu5AaKeHzf5eueZ3WzYMEYlbeeWgCqS9Y61eW0toXZ6I3zOS0vKxtsdKhG818V7-fhRBRASnbljFVfCZKLed0GlQ34874ndV6UPbwoh3id2A1t9wk4GP928KWEx0BpE0DCtoONdeWL47Lg4-Avtow-tqjZxzHBFXwYtpZER5xUbbg8kW8mNBspxXk4IWKj1Xw_kASeR0bWMDCHfgmfJ9kCF43ubE72AZHgNnxVaSgbp4SK1p96ir13En9CSp5kOVEC2gahuoizKAbA2M0hDbWU4pmpjD1ayQwMNGm7nSEKwkojzF9Gx3L4Ze-HOE_Kujso_F3BomSS-kNRGNlbOkYxq5_IcFEFuJcaPYdx1rSFT_JIOUZmIgnkT8EzbEKz86HWtux6KOx7GcQ9KtV6LMNSLs6jwHyLM_n4MDZgTJVDreYIYmE4hewHlMzeNrypiz3roqwR-WMZA9H1SSl1C5eyVQxYdJCRjFKr_sSsgQF1XwD09cbaEusrP5rvN_TycJtM0qW0fWNltuH3zEBGPUJUXhtWpZILppUcV4HRU1gPGACAXp8kJXMvOOC_bm3zQjyir6E4prFUL6hD4ijiEMrKmpvC1TBVKXdhSavHvC1XlxmMUnhwbmKYJzrpk_c9vMdfDXTtV5NFsl8y9dtUT0zpEfB7_SfOLbEJHADRHcqaVHN00WPqBznt8NyqVx33_il4ZzTZ9-eee605QBssOkCpAzuhheL6AkPttw1HzkU9WA_FpTizO8lqRaAUQS2XS6EULNdLkRg8ZfmOOjeI15-gOIRONFD6OXLUe57bS0n8pY_s4Tj9Qb3Xqj9ft2PWb53mOYoLqAsfminfSZTvrkD7xgTwmDrVyW3BYuZkzMHCk8tcUxIFYuD4HXXf8Kt5RymjREJDfYhaxREjEasynRxf_dPhKJuh6CJzIkuk-gMQ4kkmRtuDsnOqRnnwzdcLptbvb27PdopSV1I0tKWa3ZiZ_Hp4eEVgrZV2HqhrObQqa-DAMrsFTR5G29i-54tWsVj--E3_8nC4kfk-JZEvyePInrO4EYu1Nu4bBCzFCE9ar-m4kHb6eCf9OKyuMcPsV0rh64qrs1hnOTg-lYeg1NlhqqifbBIg9p9qQDy9Gfoy0Tl7ZTseIJSrEVKV3AfvNyqBCzjcofdg1xn-AbWeM96PZUy0eCNrzfjf3O7DNyvmIQSMqhjIaxIoMukH-oyhokve2rbqiAZM4pwJJWFyDvLVd2YZtjss-p1Rgw2g0AA9cgNsxb-vSoTLaS-89F9IETgCMiMutRete7fAY_SAodRHSUZlj_LMJj3f1vJxVf3AF0sK_nQGKEtAtGro9nmrXPsOI5kGkmUjZcNBTh3eWv7Kewj1TnfWz6tfxCt1hRe3-w54OZjCgQgTERgeauZlin4Mb7JMRI1j5deJ3451adJK_271Yba7w9yf7_bVw&cid=CAQSPABpAlJW06h3XE_iIHzg9hedGWyjj5F8EqGjw6eO1ZhxClScxOR_EG7kTW92-_kUtZIQTQ4xNZRlwNmt9hgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=5945865739376062000&adk=3690638929&idt=109&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 13:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
12115
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jul 2024 13:52:35 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FB26 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=425938563903&version=m202306200101&ct=76&x=1&cor=10807340616832588000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src_internal119.js
cdn.doubleverify.com/ Frame 1305 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal119.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=29074404&cmp=30088679&plc=369087017&sid=8754143&dvregion=0&unit=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:6::17d5:a18f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
97570defe15fe0a83b49642f0ecf2dcc9c7400d21272372d3b140beb372bd08e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 08:57:31 GMT
Server
UploadServer
ETag
"4455786dc20506b8e54048c7119b5c5f"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=946080000,no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18798
Expires
Thu, 11 Jul 2024 05:45:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F3E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9276796292319&version=m202306200101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F3E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9276796292319&version=m202306200101&ct=76&x=1&cor=15791509426008635000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 2F3E 		103 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AQMiEB2c2E1QhK478x9i_hvhWrDdW_VRLXr_xs6h4CuDEazPMq87NzQlsBxlpPdYiuWpT4Kxr0g3NK_cwYUoJRoydjLaPLTjO87HPsm78SqAcOM4cBBRNOvpR7IvaOD3Tx8ThAfZ7brmeC0l0EXsk_dwInDKeStBgsTO-qoltgYxf7Qio&dbm_d=AKAmf-CcPOwCJFFJw2M7B8e3ZE0QOcaTSl7ezDqe0sIKhWytCjycGZqh0FSEmkT4qRXzv6G3dRRiVoOfEyFg5xOwjXLp_znUk1a-N6sFuHejl6Fk6JYkrxluaL8pdt88b61oDZB33xdfYh4py7zvKOadWkSmZBSY2k4d8Ws2JhAFo1qrSXk_108_ZZBM626hTBvCXYM4OE4MqFDwTNf2gV0RbfXadjAByPwWzWHCPkorZkQ3E8oHmd6RaJy7HzOXrTvDrYyu9tdPW1y8--V7--xqU9-fC3NWeuJN8V4ChVS-O7_XZWNrqsEbLpboMh-p3q6gDw4og8YaF0m_MuPVwivb9m8JjXjSDBFq6KrILvVG2xL_52ID0X_bLDqFC6GvZvVVFDJ65L9x9EsSd-OSp6fpXD5QNGLmn81JD4ZgdZVGlLDKpd5PCxJ9FnccVVw-Ic24T5Nb9KQGcmfQV4o73GHVtfdb4bLBJJFhnqrgZAiVOKe15MfpHrCYlxhR3diW5hGUT3CiVql0K2oBSbTUF8kTZzgv5R0bmYSdDd0EJv9QTyq2bcZhfYsjP_aOfiWqSRsAFTRBe7l6LlZbN4G6VtzmVBxOz9h9TwVWIYrGHvte1xR9VS7MeKfTccQWdC7lKKUI9dfln1T7yAK743fOkx87qPo8hf5MTQAKxn4z02yKdOSx0tpB4R96yReIY8S6VjvE4CM8gOsITfePP9aA75oWi05f9DroEKF5n4E3z3W71YQz6SDa2_LMMjXq7DSRS-IV5OY0ub6S2S_3HDRRZqv5fGAU0I78TQ0BThCH4K8eUbrMnSolkDLjjojeJeYe4Gsu6VEeKjRzwZS6S_slu1Ze7EtmEssEaLhMJq1hobL5de52HA3vZE65moudi3SU2cNQEYLDwtSfEJQP-wkGVNGPOjwIkvJz4Xd_1L4AfAVc3sFsg90TKscNp679R_eR-pKPDa_MyzK0G-mULWyqvukr4fj_NnG3eY5Qzw1xrLeQb6-UtXeDWtYeY4_0UdbnJzAvdTEhPmnpQXCZuKSCBVEpDYBv1_j1gZy5sqS3P2Y62_HbJN46pStNqtnRQqgPc_GuxhaaMUxvpPqlVxNo0SVm_6FJCA7HibhOj7nwLm0MKBLEEmLVqv02B-yjQxw03V7EPdH22xs3RenSVfapriQQ5AXQs5HrchunZjWXSL5mgQUxIZ9gPy8kN_EIJDue0H_V_s8G2jmrcq6Iwt5y2bxXyshvl9xYsFfyP2RuDMJoOS8BShUjuXGwkWZGili_1HQ8yitfuZV5cP52fx86I6AZCrO17HtCcD3IuNzeYw8Wtg_UFL2pmPS429EviwuhjRPPx5HUxegWFcWx2Gm-QD7CLNsSrTRLvYnuuOex8PRQ-JjKqYFeaPKlQRU4a5R0oV_70cPjrZ5gEtFnJK9EEn0c53z79HGLqwRbrO7H2TjzPscnmKuJAfpZcGY3N---rkgFyMi54WF1qqMXaV9EnuR616hIkq9RauoP2g4H2FAlwgnyoaR0Lxj7z3BcXttEFHajOh0rTDv6Sno4MYfVSaQ_WD1eR6RRoNEkErkvmHUrecp4WbrBa0A_04A9QzAymTIxQ_lrMnoLw1IOd2kPKHX7-fuK5iNbnn_rDhCjg92P-9lEZbSrXr6x2hVDBxY75T7l-ch3jMw2VUI2BLcXeMT_qLK0CEctUySw5QzqHbLmhR4RJNzXMnlCi_9x4qCFdNsIlWigB5DMlsMsTxU79SAIee6hAApRitM_tM3w3EG2F2AxP8JsxH0x0V_q6cnUuW8Oo0yUeyx2BGqdAOscu5mJUvDDnwQzR9y9nxBFcEucImICMYgSRGNOk9xp2jjlDJczLjzZFmpWITaSznsrW-TvIFpBR5LimOzsR5mwazCtrekmqHUHxJgUVFfhhP0kVeLU9kkYcGVFE0kTYZJciJFtSq8RsZ4gbcWvh4Zi6SU-48_JcZwM4u2rQFbJ-ndTtFTwPYzPLta5bXUDpfOt0sJANFDoBhbL5qXgnVK1CJKacTVAocMjkX9UcmbGBnwQhu6x8OfaQxP15FDv9L1waGPshqKp68VEWJ6EB5E780lK0QupAFFoVvEfgT98O5RM5y3ZJlqi8eVbcAjtsB4JaU-nfH7eq05bvsLI-nNuKaFrMwAlral4sWnF4MkS64R1NPfFUQJe_Mqi5gyOOJUYBnOIcXMJGYdBruTZLpotoZl9iZ0cbEFnp9dl_LExr-DehoYTG7kUmivAxDNgqJNOkC5NXW7QuyIZ4N0FlrN1a-9Mb4aDg64KijojqzBjPjxqaQeNfgqFWo4QNYJQLxbLTjJdB-ZUjWJS7JEZAVfr3dmoo8VVpxdMyapqdkiaydu9kI1pWZRFX36mLn1xSxT8cRzfgedkEMF7Om6XhC_mq8Iw1AAL-SNjp9aFCONi-HEcCMk_qyJamjAA7KRkX9WYliZEvJCd4tPrmNllQDvQS9qWNjulNVSA9VbTB9EL-bZN1HAVAJTL0tfUKrZhUzha7_CSAx9DZkxVENNTdASVXCuUYHCSgxw2PLEhOIyiRUzENauvLLJ_KVxrGN7OSxemzGAYZH51VnFz66TWgJ4idBpIaKVS4wR-3ODlWd67RmiCZStJFWS3SWGEqV6CCO10TNFv8sBdTM7IuTkOp4eLjg-6KbfY5Z3Ubcy4A-fwxxDUE-oTe0IMXMz87hns4WGlV4qQ69_BvwqPJS-ZhfME10s_nVZlGq1jqwWW1m1ckd1r4834D8TAzkbMFYE69E3ybvRabFzNWf_1SkyS6H8C9ViykSBkNGr0h3UuEiPnmm6guUX5u3E9CjOZlFiAdrqF417fsQ9SSon1o2NX5u0CHaxTLMa5zQiSeHrepD1RaGro-qCtgcIi-qGsnZosJQq6XtQjj5Gba1EdFoYtXsixI8wG6gc56peaSAYBJ65ZCd1HaM13wwEwc_t4OndgY_cmKe0B7x1l3XyggTLqwiNsygvfROCYsrjz2uzWrjpWOatkAzd3XkaRsqv7I_bBLYPV4FmecNZdpWKvG__4hxrA2q1r87MGzyIPijSf5UWzqyF0bI5Fm1QA8o8lxU6FMJFMiGassOp_Hn0lpE2vbpmZO5kexjWGSyX0UkvGyV6ezfE3e3J0PqkVM-_m8wr8KewTiaUGI6_UqqwXqIvjvyJ5DxgFcLaeYgzL8SKeYvfnpL1VXyoD9M1a5jBerdOnyhO4TRgHxrTCYI8tV0AWvfcu9Z2Wke-6pBZL8zrYDB0sX7f-GjZxjlsojx1SGsF7t78IdbNdyNd5Fkan0BBoYvWiG8j583XcyhQFGbdTDgUUaArzRvSxnSHvw8Fz7fL6QyNsixgtXUCuY9QOZFVqcVqc5yXNuzG2AhK_Oqcw2B-kYL62GF-YwEsA-EUF5XT8X8PkVRbFxGB9glfrPtK_k0sNjObW2ruh8FPiP1I4sYcWHPpDeM9etEub8iTW-wJ_9TQJwC7MNoAMFfAwXRXYPV7qgaEEYFQaEy9sda8vqxmFy4x82xVOfE74hebmHefhpH4EFM45PLeGSKTB6l4QKGpYDG8MrZXhHGVG15aahDK3uox1v2s9fxzuWu5SVAkqWzF1sZJ7dAbSgtIFri7zAM_2ot4xcJKe4A0rz8ARLv8XV0rSacbvLqo7tNAgEFSW5CbEf2AM9UStO6h60iSSyf5Xb0hCdUPvaXmO4GoQ2OllrOLgr8kFI5xRKv5tcqKE12bVPg8m5iA1ng-vh64dgNyQHEQyNL5JJHBlr60R7LG_l4I1DxtHohw_oOSB8n_1Qz7iYrHBjtKsN2eUfGb3qVpOHfkdGBv212JxXAl7Yh0z6duc3ktxJJmRetWj5czc7X_ZvebfeqzMsqjHoRMOqOvdEzUEjDf_xlgUyQTon3gSSYKPdlCO8xnqm37_k3JlurWEkGDLFf-UIXSaGADNeII_Vu9zcsuMNlSTMm_LnGPZM50KWrnAejb4IrLf&cid=CAQSPABpAlJWuDAX0kDnp21Ce6yF3S2aXmPqmnW-4kiaMzqM0ZCNKcDxZlNEKBFgwdAsqBNrMYcbsZVx5zwg7hgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=15791509426008635000&adk=1033480531&idt=144&cac=0&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
662d481ee7a5c9319999db359b3078160adfef7b86a28d248f8f923428bc90cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40224
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BC97 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=ByctydMi2ZILhC6q7x_AP8IuDgAcAAAAAOAHgBAI&bg=!RkWlRRHNAAa3SiIRl0o7ADkAdvg8Wjtq1QhExneIrLJ5vBSWPoBBYZbFOtmSRluSnrM795yExBk6YB8pF78uz78rJNH9bwdPbvACAAAEOVIAAABTaAEHCgBE9MjpZBdNiIiC4ktCyeixZ-ox7D2BduH-GapP9WOO941mc5k0i-lntjS-cBIMg7F5s0LeYkg_CbRKOJ3hZTuWogwVlzmZAwb1pGcd7x9S6i9SXPmqRE9aWSEhw9Ypxfgkk3-dCS1kG6Pu2ZI3FlHndzz9uj1WK1bBRMxEGERYTY4urz-OFUJL59pe8V6GSxvF4Rfdrv-AvleL5gR1uS4nIABw2caTeNnNnw1cYjlczt43jByxX396kijU8FF2McGCvR5vviNG8sWHmo2Dx3EDl4mEDKfKRXvTtwnanJJmiYpUkd0Wf0ft4mTBKth5b-uWQdjpL1JZAyFLEXh5bkLmSWIHGtFWhSDrz7jnylnd4jHtFB29ejkxMMOdv0r3Uf-s0T11bi-kHsujkNfkLS_surVw8efiSFwoUcZpb98-4qE_5U1opzaejGbEJpro8k4Qv2nvdYGDqUSbZHUl_YdIrtI4HxqF0E6WZQ9daQANnx5Z3UCMPhrBk4JzfDs8suNgDoEiKaSpkLHH5RQFivvS6nl8y4dEjzhe5W5IK8H9BqREbpg4_Zy_D0VVk3PKF2cuX5FkCCtD5m9-KDeAQMJp_lwGD1d3mJHHffvCKIJBkOYBnkZahEBl9782mXAQtNlGyR979J_DpByi8vgj1DxRoprNSlWGaMyFof6tDv68xRke7hFz5RZ7GGhKX4p2LopZ4PQwKcxLynTr8-UizMXCn34xWptAsm0xkQTZQAwZqM2nEFBcfLkCh4K0FOjYhD-5LFSMij9qI9RDFyxMRvnMcUm_v8cThDDJTOwdk2iPm0zkVrnRWeFqk1MmPcH17753EsRxlBqoIX7ffv_cI5Xp4zSTj9KNvlrCfnHonjHACONXRZB28fxQYXoGID0bGXgBwEzmCtFGrCxm66n9LSE_7hQFfam2yPTBsQtMb6dx1TOwAYejbkzuSUdRXHrx3n7yx_Cvsm_R1sbjS0426q8L2QzUyDXzBwiKTnplnTrSKTSoylI_ZVgRj2K5OiX1d6tOIr32Bsy5Ro0DtQAiVBXbeF1VNMUPbw3xIW5CFoqtxNemSZcPf4GH6YkFB7Wc3QqJsxZ4k7o-H8vuMlT6XUvWiUgTqeLeDjNbfWCn7zU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame E325 		43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEIjjgoE__Uzc5d5rW3baYrw&google_cver=1&google_push=AaAOQGHKD2o5WtxsEky3gh_VNzG4o0lonPfec6QMPodIHPiiAZ1SizJK1IUk9ISvMxJ1-AFJDFkyawCdwaUqsmJLzPuToUNPCVTI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGHKD2o5WtxsEky3gh_VNzG4o0lonPfec6QMPodIHPiiAZ1SizJK1IUk9ISvMxJ1-AFJDFkyawCdwaUqsmJLzPuToUNPCVTI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7e8c5c83eca01e45-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E325
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKL7Hy5Zr25C_zxqX-xKDJM&google_cver=1&google_push=AaAOQGGSUJTe4ODaOeZbCnwSwx2fhN05I8ACq8HwEZsvda6dgWbc0eZ-5juWe54af71GYzLvof3HT0BNFPnVAz...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NzIwODI1ODcwMjYwNDQyOA%3D%3D&google_push=AaAOQGGSUJTe4ODaOeZbCnwSwx2fhN05I8ACq8HwEZsvda6dgWbc0eZ-5juWe54af71GYzLvof3HT0BNFPnVAzu4n7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NzIwODI1ODcwMjYwNDQyOA%3D%3D&google_push=AaAOQGGSUJTe4ODaOeZbCnwSwx2fhN05I8ACq8HwEZsvda6dgWbc0eZ-5juWe54af71GYzLvof3HT0BNFPnVAzu4n7oZe8wMdDyt
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NzIwODI1ODcwMjYwNDQyOA%3D%3D&google_push=AaAOQGGSUJTe4ODaOeZbCnwSwx2fhN05I8ACq8HwEZsvda6dgWbc0eZ-5juWe54af71GYzLvof3HT0BNFPnVAzu4n7oZe8wMdDyt
Date
Tue, 18 Jul 2023 17:14:30 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame E325
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPC8XHUdrmj1Scl33aJubss&google_cver=1&google_push=AaAOQGFD2-XLWFS4lsznppRgqfDmh-_-t4OYy_1GzNwdHv2kEM-i9a4DSfaSxsbR6t27fk-KLU2n_H4r...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPC8XHUdrmj1Scl33aJubss&google_cver=1&google_push=AaAOQGFD2-XLWFS4lsznppRgqfDmh-_-t4OYy_1GzNwdHv2kEM-i9a4DSfaSxsbR6t27fk-KLU2...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzkyODc2MzM5MDEwODM5ODQxNg&google_push=AaAOQGFD2-XLWFS4lsznppRgqfDmh-_-t4OYy_1GzNwdHv2kEM-i9a4DSfaSxsbR6t27fk-KLU2n_H...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzkyODc2MzM5MDEwODM5ODQxNg&google_push=AaAOQGFD2-XLWFS4lsznppRgqfDmh-_-t4OYy_1GzNwdHv2kEM-i9a4DSfaSxsbR6t27fk-KLU2n_H4rfvR3PoAopZyu3AgK-enr
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzkyODc2MzM5MDEwODM5ODQxNg&google_push=AaAOQGFD2-XLWFS4lsznppRgqfDmh-_-t4OYy_1GzNwdHv2kEM-i9a4DSfaSxsbR6t27fk-KLU2n_H4rfvR3PoAopZyu3AgK-enr
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame E325
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFe9tNZGKsez7ZKih-Hj3Vg&google_cver=1&google_push=AaAOQGHL0d36VyIjjAX2DiGt9BNsDwxvkCS0LdJjppIJC5IIB7KpE98LLQBC8STXf9Hgnb7O5htIROws8xbzcd-v...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGHL0d36VyIjjAX2DiGt9BNsDwxvkCS0LdJjppIJC5IIB7KpE98LLQBC8STXf9Hgnb7O5htIROws8xbzcd-vhluLw11xG4o4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGHL0d36VyIjjAX2DiGt9BNsDwxvkCS0LdJjppIJC5IIB7KpE98LLQBC8STXf9Hgnb7O5htIROws8xbzcd-vhluLw11xG4o4
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 18 Jul 2023 17:14:30 GMT
via
1.1 19392de11dadb918bd6f24e199ea180e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MUC50-P3
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGHL0d36VyIjjAX2DiGt9BNsDwxvkCS0LdJjppIJC5IIB7KpE98LLQBC8STXf9Hgnb7O5htIROws8xbzcd-vhluLw11xG4o4
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
PGYAWjP8O4dC6ZSQlGm8MPvP2mwTdMa8eoCu8cbvkJiGnchYV0PY2Q==
pixel
cm.g.doubleclick.net/ Frame E325
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEPeadHzgrU5rtaUNyaJhhQ4&google_cver=1&google_push=AaAOQGE15m0hJRa0myluDnJ3hUFcvaMYxJhBgl5kw9Lx6DUgs-xAwXsJM902bLkoAQCdatDedXcHgDmDORvVWQ54QKw08A...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEPeadHzgrU5rtaUNyaJhhQ4&google_cver=1&google_push=AaAOQGE15m0hJRa0myluDnJ3hUFcvaMYxJhBgl5kw9Lx6DUgs-xAwXsJM902bLkoAQCdatDedXcHgDmDORvVWQ54...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cHeR7BMVS16RFt0OonKSFg&google_push=AaAOQGE15m0hJRa0myluDnJ3hUFcvaMYxJhBgl5kw9Lx6DUgs-xAwXsJM902bLkoAQCdatDedXcHgDmDORvVWQ5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cHeR7BMVS16RFt0OonKSFg&google_push=AaAOQGE15m0hJRa0myluDnJ3hUFcvaMYxJhBgl5kw9Lx6DUgs-xAwXsJM902bLkoAQCdatDedXcHgDmDORvVWQ54QKw08AxyqwiS
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=cHeR7BMVS16RFt0OonKSFg&google_push=AaAOQGE15m0hJRa0myluDnJ3hUFcvaMYxJhBgl5kw9Lx6DUgs-xAwXsJM902bLkoAQCdatDedXcHgDmDORvVWQ54QKw08AxyqwiS
access-control-allow-origin
*
date
Tue, 18 Jul 2023 17:14:30 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame E325
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AaAOQGHhMXQC4YFHVUJpp1Ux4pWiOgudzWzMR3RdEi31H74N0T9hzHVQDYsGB8s7RYTHWdqPox7bzPAsQ5pw5vjHmxxg25UCg14&redir=https%3A%2F%2Fcm.g.double...
  • https://sync.targeting.unrulymedia.com/csync/RX-be872b05-8d70-4db7-8fd4-53b5d168069a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGHhMXQC4YFHVUJpp1Ux4...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGHhMXQC4YFHVUJpp1Ux4pWiOgudzWzMR3RdEi31H74N0T9hzHVQDYsGB8s7RYTHWdqPox7bzPAsQ5pw5vjHmxxg25UCg14&google_hm=A76HKwWNcE23j9RTtdFoBpo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGHhMXQC4YFHVUJpp1Ux4pWiOgudzWzMR3RdEi31H74N0T9hzHVQDYsGB8s7RYTHWdqPox7bzPAsQ5pw5vjHmxxg25UCg14&google_hm=A76HKwWNcE23j9RTtdFoBpo
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGHhMXQC4YFHVUJpp1Ux4pWiOgudzWzMR3RdEi31H74N0T9hzHVQDYsGB8s7RYTHWdqPox7bzPAsQ5pw5vjHmxxg25UCg14&google_hm=A76HKwWNcE23j9RTtdFoBpo
date
Tue, 18 Jul 2023 17:14:30 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXbe872b058d704db78fd453b5d168069a003
content-type
text/html
sync
ssbsync.smartadserver.com/api/ Frame E325 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEHI2MDgL_BqKKJysGpGPyKg&google_cver=1&google_push=AaAOQGF21rPBubmhzbAdD99evijNvorcsfIhwMuceg5KDU90OeuenRPF3DmXXWRHgs-VBvZvaiEqLVugYJy4r2foKf2Hj1c3QUVe
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:29 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame E325 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K9679WajcoKshsQ6Xixu7sUxahNlP-YZdppWGC1MFu65uZFhqcsRj-oDhQPrCt-LjiGHl6
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:30 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js
pagead2.googlesyndication.com/bg/ Frame 297A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27d1641078d09f5541e3073bb961a6a18f8ea20d093779ef8cc702ece3a23d97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
440053
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14539
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Jul 2024 15:00:17 GMT
verify.js
rtb0.doubleverify.com/ Frame 1305 		1 KB
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_770615825066&jsTagObjCallback=__tagObject_callback_770615825066&num=6&ctx=29074404&cmp=30088679&plc=369087017&sid=8754143&advid=&adsrv=&unit=300x250&isdvvid=&uid=770615825066&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=114&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=13&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=166&eparams=DC4FC%3Dl9EEADTbpTauTauJ2%3D%3D2%5CD9%40%40ED%5DEGTauU2%3F4r92%3A%3Fl9EEADTbpTauTauJ2%3D%3D2%5CD9%40%40ED%5DEGTar9EEADTbpTauTau2ff72h2hdc3e6hafd_cda2ccc3eh3d25%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=2.50&callbackName=__verify_callback_770615825066
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
0aadb303052dba8f18056f2766a45549f20f709c946f4e0b554b5e8149f18e4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 17:14:30 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
07/17/2023 17:14:30
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6AB6 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
22422
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 11:00:48 GMT
expires
Wed, 17 Jul 2024 11:00:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 37C6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsviHYUL2z1Fqa0UiPuOg5e8GdACx03iE9sPUrPvsHIHA0pK_prGY00EQQeIIbXOEHlYOyKfB0ulm-J80C6kxF8ajJ6V3e1J&sig=Cg0ArKJSzIOHAchHofqSEAE&id=lidar2&mcvt=1123&p=0,0,90,728&mtos=1123,1123,1123,1123,1123&tos=1123,0,0,0,0&v=20230717&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=4167744936&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689700467709&rpt=1599&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 37C6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxxWQKdHj5HtGPqdDuFC84dg820UJo9zyYLfUXr74vhdzrkpzYswknebmBSotnj5BAWopmWEE6G2C9Xw0bgDG2MJiR3Jpm0gAaqKsEAH13IsuO9671drjBB5DBqetKpElHKfdskxmHpBBa&sai=AMfl-YQWqYjEaUEx7Rx6J3FWF2cxarwyMjGCDmJQLNl1zbjgyZ8Q9_gjxwoStIba2FAABhPVSEC9twY5eteU_-iwPPo5rtnaGWpWKSQ-0ORmi4sHbBx9W1YviQDDENLSTqFElPiwmEvfUbhcxdY4MQ&sig=Cg0ArKJSzNYVTfiQTLTtEAE&cid=CAQSTABpAlJWTetPZylvecduU6y_44y0LxMD5mRW-Z6LN0NeBqRD8EymElcCqhFUBwmQBG9JJm0FkEJvvB2MO8nYeFe94N8IEXSYCjDNoacYAQ&id=lidar2&mcvt=1125&p=1110,436,1204,1164&mtos=0,1125,1125,1125,1125&tos=0,1125,0,0,0&v=20230717&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=1258472821&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689700467709&rpt=1594&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/990511/61634096/ Frame 2F3E 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/990511/61634096/skeleton.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-4903453974745530&ias_chanId=1&ias_placementId=19422215925&bidurl=https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jtGBYX5TZrpYbk5ar8z6_B
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.69.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-69-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c0ecce83f0152dc506d1bcf2b831551bae9fd8c4e5e4f72900a73a5385151f5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 2F3E 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Origin
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 13:46:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12452
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jul 2023 13:46:58 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/ Frame 2F3E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AQMiEB2c2E1QhK478x9i_hvhWrDdW_VRLXr_xs6h4CuDEazPMq87NzQlsBxlpPdYiuWpT4Kxr0g3NK_cwYUoJRoydjLaPLTjO87HPsm78SqAcOM4cBBRNOvpR7IvaOD3Tx8ThAfZ7brmeC0l0EXsk_dwInDKeStBgsTO-qoltgYxf7Qio&dbm_d=AKAmf-CcPOwCJFFJw2M7B8e3ZE0QOcaTSl7ezDqe0sIKhWytCjycGZqh0FSEmkT4qRXzv6G3dRRiVoOfEyFg5xOwjXLp_znUk1a-N6sFuHejl6Fk6JYkrxluaL8pdt88b61oDZB33xdfYh4py7zvKOadWkSmZBSY2k4d8Ws2JhAFo1qrSXk_108_ZZBM626hTBvCXYM4OE4MqFDwTNf2gV0RbfXadjAByPwWzWHCPkorZkQ3E8oHmd6RaJy7HzOXrTvDrYyu9tdPW1y8--V7--xqU9-fC3NWeuJN8V4ChVS-O7_XZWNrqsEbLpboMh-p3q6gDw4og8YaF0m_MuPVwivb9m8JjXjSDBFq6KrILvVG2xL_52ID0X_bLDqFC6GvZvVVFDJ65L9x9EsSd-OSp6fpXD5QNGLmn81JD4ZgdZVGlLDKpd5PCxJ9FnccVVw-Ic24T5Nb9KQGcmfQV4o73GHVtfdb4bLBJJFhnqrgZAiVOKe15MfpHrCYlxhR3diW5hGUT3CiVql0K2oBSbTUF8kTZzgv5R0bmYSdDd0EJv9QTyq2bcZhfYsjP_aOfiWqSRsAFTRBe7l6LlZbN4G6VtzmVBxOz9h9TwVWIYrGHvte1xR9VS7MeKfTccQWdC7lKKUI9dfln1T7yAK743fOkx87qPo8hf5MTQAKxn4z02yKdOSx0tpB4R96yReIY8S6VjvE4CM8gOsITfePP9aA75oWi05f9DroEKF5n4E3z3W71YQz6SDa2_LMMjXq7DSRS-IV5OY0ub6S2S_3HDRRZqv5fGAU0I78TQ0BThCH4K8eUbrMnSolkDLjjojeJeYe4Gsu6VEeKjRzwZS6S_slu1Ze7EtmEssEaLhMJq1hobL5de52HA3vZE65moudi3SU2cNQEYLDwtSfEJQP-wkGVNGPOjwIkvJz4Xd_1L4AfAVc3sFsg90TKscNp679R_eR-pKPDa_MyzK0G-mULWyqvukr4fj_NnG3eY5Qzw1xrLeQb6-UtXeDWtYeY4_0UdbnJzAvdTEhPmnpQXCZuKSCBVEpDYBv1_j1gZy5sqS3P2Y62_HbJN46pStNqtnRQqgPc_GuxhaaMUxvpPqlVxNo0SVm_6FJCA7HibhOj7nwLm0MKBLEEmLVqv02B-yjQxw03V7EPdH22xs3RenSVfapriQQ5AXQs5HrchunZjWXSL5mgQUxIZ9gPy8kN_EIJDue0H_V_s8G2jmrcq6Iwt5y2bxXyshvl9xYsFfyP2RuDMJoOS8BShUjuXGwkWZGili_1HQ8yitfuZV5cP52fx86I6AZCrO17HtCcD3IuNzeYw8Wtg_UFL2pmPS429EviwuhjRPPx5HUxegWFcWx2Gm-QD7CLNsSrTRLvYnuuOex8PRQ-JjKqYFeaPKlQRU4a5R0oV_70cPjrZ5gEtFnJK9EEn0c53z79HGLqwRbrO7H2TjzPscnmKuJAfpZcGY3N---rkgFyMi54WF1qqMXaV9EnuR616hIkq9RauoP2g4H2FAlwgnyoaR0Lxj7z3BcXttEFHajOh0rTDv6Sno4MYfVSaQ_WD1eR6RRoNEkErkvmHUrecp4WbrBa0A_04A9QzAymTIxQ_lrMnoLw1IOd2kPKHX7-fuK5iNbnn_rDhCjg92P-9lEZbSrXr6x2hVDBxY75T7l-ch3jMw2VUI2BLcXeMT_qLK0CEctUySw5QzqHbLmhR4RJNzXMnlCi_9x4qCFdNsIlWigB5DMlsMsTxU79SAIee6hAApRitM_tM3w3EG2F2AxP8JsxH0x0V_q6cnUuW8Oo0yUeyx2BGqdAOscu5mJUvDDnwQzR9y9nxBFcEucImICMYgSRGNOk9xp2jjlDJczLjzZFmpWITaSznsrW-TvIFpBR5LimOzsR5mwazCtrekmqHUHxJgUVFfhhP0kVeLU9kkYcGVFE0kTYZJciJFtSq8RsZ4gbcWvh4Zi6SU-48_JcZwM4u2rQFbJ-ndTtFTwPYzPLta5bXUDpfOt0sJANFDoBhbL5qXgnVK1CJKacTVAocMjkX9UcmbGBnwQhu6x8OfaQxP15FDv9L1waGPshqKp68VEWJ6EB5E780lK0QupAFFoVvEfgT98O5RM5y3ZJlqi8eVbcAjtsB4JaU-nfH7eq05bvsLI-nNuKaFrMwAlral4sWnF4MkS64R1NPfFUQJe_Mqi5gyOOJUYBnOIcXMJGYdBruTZLpotoZl9iZ0cbEFnp9dl_LExr-DehoYTG7kUmivAxDNgqJNOkC5NXW7QuyIZ4N0FlrN1a-9Mb4aDg64KijojqzBjPjxqaQeNfgqFWo4QNYJQLxbLTjJdB-ZUjWJS7JEZAVfr3dmoo8VVpxdMyapqdkiaydu9kI1pWZRFX36mLn1xSxT8cRzfgedkEMF7Om6XhC_mq8Iw1AAL-SNjp9aFCONi-HEcCMk_qyJamjAA7KRkX9WYliZEvJCd4tPrmNllQDvQS9qWNjulNVSA9VbTB9EL-bZN1HAVAJTL0tfUKrZhUzha7_CSAx9DZkxVENNTdASVXCuUYHCSgxw2PLEhOIyiRUzENauvLLJ_KVxrGN7OSxemzGAYZH51VnFz66TWgJ4idBpIaKVS4wR-3ODlWd67RmiCZStJFWS3SWGEqV6CCO10TNFv8sBdTM7IuTkOp4eLjg-6KbfY5Z3Ubcy4A-fwxxDUE-oTe0IMXMz87hns4WGlV4qQ69_BvwqPJS-ZhfME10s_nVZlGq1jqwWW1m1ckd1r4834D8TAzkbMFYE69E3ybvRabFzNWf_1SkyS6H8C9ViykSBkNGr0h3UuEiPnmm6guUX5u3E9CjOZlFiAdrqF417fsQ9SSon1o2NX5u0CHaxTLMa5zQiSeHrepD1RaGro-qCtgcIi-qGsnZosJQq6XtQjj5Gba1EdFoYtXsixI8wG6gc56peaSAYBJ65ZCd1HaM13wwEwc_t4OndgY_cmKe0B7x1l3XyggTLqwiNsygvfROCYsrjz2uzWrjpWOatkAzd3XkaRsqv7I_bBLYPV4FmecNZdpWKvG__4hxrA2q1r87MGzyIPijSf5UWzqyF0bI5Fm1QA8o8lxU6FMJFMiGassOp_Hn0lpE2vbpmZO5kexjWGSyX0UkvGyV6ezfE3e3J0PqkVM-_m8wr8KewTiaUGI6_UqqwXqIvjvyJ5DxgFcLaeYgzL8SKeYvfnpL1VXyoD9M1a5jBerdOnyhO4TRgHxrTCYI8tV0AWvfcu9Z2Wke-6pBZL8zrYDB0sX7f-GjZxjlsojx1SGsF7t78IdbNdyNd5Fkan0BBoYvWiG8j583XcyhQFGbdTDgUUaArzRvSxnSHvw8Fz7fL6QyNsixgtXUCuY9QOZFVqcVqc5yXNuzG2AhK_Oqcw2B-kYL62GF-YwEsA-EUF5XT8X8PkVRbFxGB9glfrPtK_k0sNjObW2ruh8FPiP1I4sYcWHPpDeM9etEub8iTW-wJ_9TQJwC7MNoAMFfAwXRXYPV7qgaEEYFQaEy9sda8vqxmFy4x82xVOfE74hebmHefhpH4EFM45PLeGSKTB6l4QKGpYDG8MrZXhHGVG15aahDK3uox1v2s9fxzuWu5SVAkqWzF1sZJ7dAbSgtIFri7zAM_2ot4xcJKe4A0rz8ARLv8XV0rSacbvLqo7tNAgEFSW5CbEf2AM9UStO6h60iSSyf5Xb0hCdUPvaXmO4GoQ2OllrOLgr8kFI5xRKv5tcqKE12bVPg8m5iA1ng-vh64dgNyQHEQyNL5JJHBlr60R7LG_l4I1DxtHohw_oOSB8n_1Qz7iYrHBjtKsN2eUfGb3qVpOHfkdGBv212JxXAl7Yh0z6duc3ktxJJmRetWj5czc7X_ZvebfeqzMsqjHoRMOqOvdEzUEjDf_xlgUyQTon3gSSYKPdlCO8xnqm37_k3JlurWEkGDLFf-UIXSaGADNeII_Vu9zcsuMNlSTMm_LnGPZM50KWrnAejb4IrLf&cid=CAQSPABpAlJWuDAX0kDnp21Ce6yF3S2aXmPqmnW-4kiaMzqM0ZCNKcDxZlNEKBFgwdAsqBNrMYcbsZVx5zwg7hgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=15791509426008635000&adk=1033480531&idt=144&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
85982
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 17:21:28 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame 2F3E 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AQMiEB2c2E1QhK478x9i_hvhWrDdW_VRLXr_xs6h4CuDEazPMq87NzQlsBxlpPdYiuWpT4Kxr0g3NK_cwYUoJRoydjLaPLTjO87HPsm78SqAcOM4cBBRNOvpR7IvaOD3Tx8ThAfZ7brmeC0l0EXsk_dwInDKeStBgsTO-qoltgYxf7Qio&dbm_d=AKAmf-CcPOwCJFFJw2M7B8e3ZE0QOcaTSl7ezDqe0sIKhWytCjycGZqh0FSEmkT4qRXzv6G3dRRiVoOfEyFg5xOwjXLp_znUk1a-N6sFuHejl6Fk6JYkrxluaL8pdt88b61oDZB33xdfYh4py7zvKOadWkSmZBSY2k4d8Ws2JhAFo1qrSXk_108_ZZBM626hTBvCXYM4OE4MqFDwTNf2gV0RbfXadjAByPwWzWHCPkorZkQ3E8oHmd6RaJy7HzOXrTvDrYyu9tdPW1y8--V7--xqU9-fC3NWeuJN8V4ChVS-O7_XZWNrqsEbLpboMh-p3q6gDw4og8YaF0m_MuPVwivb9m8JjXjSDBFq6KrILvVG2xL_52ID0X_bLDqFC6GvZvVVFDJ65L9x9EsSd-OSp6fpXD5QNGLmn81JD4ZgdZVGlLDKpd5PCxJ9FnccVVw-Ic24T5Nb9KQGcmfQV4o73GHVtfdb4bLBJJFhnqrgZAiVOKe15MfpHrCYlxhR3diW5hGUT3CiVql0K2oBSbTUF8kTZzgv5R0bmYSdDd0EJv9QTyq2bcZhfYsjP_aOfiWqSRsAFTRBe7l6LlZbN4G6VtzmVBxOz9h9TwVWIYrGHvte1xR9VS7MeKfTccQWdC7lKKUI9dfln1T7yAK743fOkx87qPo8hf5MTQAKxn4z02yKdOSx0tpB4R96yReIY8S6VjvE4CM8gOsITfePP9aA75oWi05f9DroEKF5n4E3z3W71YQz6SDa2_LMMjXq7DSRS-IV5OY0ub6S2S_3HDRRZqv5fGAU0I78TQ0BThCH4K8eUbrMnSolkDLjjojeJeYe4Gsu6VEeKjRzwZS6S_slu1Ze7EtmEssEaLhMJq1hobL5de52HA3vZE65moudi3SU2cNQEYLDwtSfEJQP-wkGVNGPOjwIkvJz4Xd_1L4AfAVc3sFsg90TKscNp679R_eR-pKPDa_MyzK0G-mULWyqvukr4fj_NnG3eY5Qzw1xrLeQb6-UtXeDWtYeY4_0UdbnJzAvdTEhPmnpQXCZuKSCBVEpDYBv1_j1gZy5sqS3P2Y62_HbJN46pStNqtnRQqgPc_GuxhaaMUxvpPqlVxNo0SVm_6FJCA7HibhOj7nwLm0MKBLEEmLVqv02B-yjQxw03V7EPdH22xs3RenSVfapriQQ5AXQs5HrchunZjWXSL5mgQUxIZ9gPy8kN_EIJDue0H_V_s8G2jmrcq6Iwt5y2bxXyshvl9xYsFfyP2RuDMJoOS8BShUjuXGwkWZGili_1HQ8yitfuZV5cP52fx86I6AZCrO17HtCcD3IuNzeYw8Wtg_UFL2pmPS429EviwuhjRPPx5HUxegWFcWx2Gm-QD7CLNsSrTRLvYnuuOex8PRQ-JjKqYFeaPKlQRU4a5R0oV_70cPjrZ5gEtFnJK9EEn0c53z79HGLqwRbrO7H2TjzPscnmKuJAfpZcGY3N---rkgFyMi54WF1qqMXaV9EnuR616hIkq9RauoP2g4H2FAlwgnyoaR0Lxj7z3BcXttEFHajOh0rTDv6Sno4MYfVSaQ_WD1eR6RRoNEkErkvmHUrecp4WbrBa0A_04A9QzAymTIxQ_lrMnoLw1IOd2kPKHX7-fuK5iNbnn_rDhCjg92P-9lEZbSrXr6x2hVDBxY75T7l-ch3jMw2VUI2BLcXeMT_qLK0CEctUySw5QzqHbLmhR4RJNzXMnlCi_9x4qCFdNsIlWigB5DMlsMsTxU79SAIee6hAApRitM_tM3w3EG2F2AxP8JsxH0x0V_q6cnUuW8Oo0yUeyx2BGqdAOscu5mJUvDDnwQzR9y9nxBFcEucImICMYgSRGNOk9xp2jjlDJczLjzZFmpWITaSznsrW-TvIFpBR5LimOzsR5mwazCtrekmqHUHxJgUVFfhhP0kVeLU9kkYcGVFE0kTYZJciJFtSq8RsZ4gbcWvh4Zi6SU-48_JcZwM4u2rQFbJ-ndTtFTwPYzPLta5bXUDpfOt0sJANFDoBhbL5qXgnVK1CJKacTVAocMjkX9UcmbGBnwQhu6x8OfaQxP15FDv9L1waGPshqKp68VEWJ6EB5E780lK0QupAFFoVvEfgT98O5RM5y3ZJlqi8eVbcAjtsB4JaU-nfH7eq05bvsLI-nNuKaFrMwAlral4sWnF4MkS64R1NPfFUQJe_Mqi5gyOOJUYBnOIcXMJGYdBruTZLpotoZl9iZ0cbEFnp9dl_LExr-DehoYTG7kUmivAxDNgqJNOkC5NXW7QuyIZ4N0FlrN1a-9Mb4aDg64KijojqzBjPjxqaQeNfgqFWo4QNYJQLxbLTjJdB-ZUjWJS7JEZAVfr3dmoo8VVpxdMyapqdkiaydu9kI1pWZRFX36mLn1xSxT8cRzfgedkEMF7Om6XhC_mq8Iw1AAL-SNjp9aFCONi-HEcCMk_qyJamjAA7KRkX9WYliZEvJCd4tPrmNllQDvQS9qWNjulNVSA9VbTB9EL-bZN1HAVAJTL0tfUKrZhUzha7_CSAx9DZkxVENNTdASVXCuUYHCSgxw2PLEhOIyiRUzENauvLLJ_KVxrGN7OSxemzGAYZH51VnFz66TWgJ4idBpIaKVS4wR-3ODlWd67RmiCZStJFWS3SWGEqV6CCO10TNFv8sBdTM7IuTkOp4eLjg-6KbfY5Z3Ubcy4A-fwxxDUE-oTe0IMXMz87hns4WGlV4qQ69_BvwqPJS-ZhfME10s_nVZlGq1jqwWW1m1ckd1r4834D8TAzkbMFYE69E3ybvRabFzNWf_1SkyS6H8C9ViykSBkNGr0h3UuEiPnmm6guUX5u3E9CjOZlFiAdrqF417fsQ9SSon1o2NX5u0CHaxTLMa5zQiSeHrepD1RaGro-qCtgcIi-qGsnZosJQq6XtQjj5Gba1EdFoYtXsixI8wG6gc56peaSAYBJ65ZCd1HaM13wwEwc_t4OndgY_cmKe0B7x1l3XyggTLqwiNsygvfROCYsrjz2uzWrjpWOatkAzd3XkaRsqv7I_bBLYPV4FmecNZdpWKvG__4hxrA2q1r87MGzyIPijSf5UWzqyF0bI5Fm1QA8o8lxU6FMJFMiGassOp_Hn0lpE2vbpmZO5kexjWGSyX0UkvGyV6ezfE3e3J0PqkVM-_m8wr8KewTiaUGI6_UqqwXqIvjvyJ5DxgFcLaeYgzL8SKeYvfnpL1VXyoD9M1a5jBerdOnyhO4TRgHxrTCYI8tV0AWvfcu9Z2Wke-6pBZL8zrYDB0sX7f-GjZxjlsojx1SGsF7t78IdbNdyNd5Fkan0BBoYvWiG8j583XcyhQFGbdTDgUUaArzRvSxnSHvw8Fz7fL6QyNsixgtXUCuY9QOZFVqcVqc5yXNuzG2AhK_Oqcw2B-kYL62GF-YwEsA-EUF5XT8X8PkVRbFxGB9glfrPtK_k0sNjObW2ruh8FPiP1I4sYcWHPpDeM9etEub8iTW-wJ_9TQJwC7MNoAMFfAwXRXYPV7qgaEEYFQaEy9sda8vqxmFy4x82xVOfE74hebmHefhpH4EFM45PLeGSKTB6l4QKGpYDG8MrZXhHGVG15aahDK3uox1v2s9fxzuWu5SVAkqWzF1sZJ7dAbSgtIFri7zAM_2ot4xcJKe4A0rz8ARLv8XV0rSacbvLqo7tNAgEFSW5CbEf2AM9UStO6h60iSSyf5Xb0hCdUPvaXmO4GoQ2OllrOLgr8kFI5xRKv5tcqKE12bVPg8m5iA1ng-vh64dgNyQHEQyNL5JJHBlr60R7LG_l4I1DxtHohw_oOSB8n_1Qz7iYrHBjtKsN2eUfGb3qVpOHfkdGBv212JxXAl7Yh0z6duc3ktxJJmRetWj5czc7X_ZvebfeqzMsqjHoRMOqOvdEzUEjDf_xlgUyQTon3gSSYKPdlCO8xnqm37_k3JlurWEkGDLFf-UIXSaGADNeII_Vu9zcsuMNlSTMm_LnGPZM50KWrnAejb4IrLf&cid=CAQSPABpAlJWuDAX0kDnp21Ce6yF3S2aXmPqmnW-4kiaMzqM0ZCNKcDxZlNEKBFgwdAsqBNrMYcbsZVx5zwg7hgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=15791509426008635000&adk=1033480531&idt=144&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49d743921311f4dca350ba007b50229debbcbd4b03441c515c567f48fc98cdda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
85982
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11526
x-xss-protection
0
server
cafe
etag
9288292274712301977
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 17:21:28 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2F3E 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 13:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
12115
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jul 2024 13:52:35 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B41C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
12451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 13:46:59 GMT
etag
48472445140208031
expires
Wed, 19 Jul 2023 13:46:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2F3E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ec070cbd78b703fa11d31ed9b23416ae4d7c044cb18fb124553447e16ca88787

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
bsevent.gif
rtbc-ew1.doubleverify.com/ Frame 1305 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-ew1.doubleverify.com/bsevent.gif?flvr=0&impid=594144b652964a6aa82fd57d0751f362&vfdur=28&cbust=1689700470768850
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Tue, 18 Jul 2023 17:14:30 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
07/17/2023 17:14:30
dcmads.js
www.googletagservices.com/dcm/ Frame 1305 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 16:50:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1422
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6830
x-xss-protection
0
last-modified
Wed, 24 May 2023 18:59:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 18 Jul 2023 17:50:48 GMT
container.html
a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A006 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 17:14:27 GMT
expires
Wed, 17 Jul 2024 17:14:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA79 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMwmCdMi2ZIfoL4qI9u8P0LC68AEAAAAAOAHgBAI&bg=!CwilCFzNAAa3SiIRl0o7ADkAdvg8Wsz46ikNx0Mzo9DyCCZZ4twEcGp2Wo0KtxWzPhRYRCM5N8_09bg-0RNz2k5y-Mh0mugZKrkCAAADAlIAAAAHaAEHCgA74W3KY-yQZcwzoHGmrzzxBYbehq7z0havpPN9iC1YABo34DIPOpGht9awD0iTBDk2x9voDOpbTVuV3KeZAzocjbPYu1gjVzCZZ0knv_qFzNyRL7Y7N86H35pYRiBzUcS50B6JcU4LZHz5ykW6jxtBFl-yJPY_bvb0T8Mj5UwD6QMYinZxPedlcRDSZl5VMQ0XpZV0pxzvCe_vgVa_jdLAS-WZClpRABcUOW0INbONoPRB2EyI4fsiycu3Gl3v2A35ov0H959cwRg24pDV6uszBa5pWfdj02OwUKQJg0VfGQA8WMbnpPxy45JyMxLAJp6RJ70VMaECEavJ7RvRGiaM_7HrOM3X7ayUI5zyJiMIznqe5ROG454WzqZzNooO04Dlfps1bUHIKmkvOzl9p_EWJwKpFsTNMaITooRwPQhH7voYdr60Wjrd9kkkhs21nCaYK7Swv9qdeiX1ziouRIbPr3-tYIVIUyH_AgHjl0YVmmvFao-DESMpKJY3SiIXr-8uEqdYvd1IPLhKP__s_8XKKz3MadlZ0DDGLgX05DM9ueGD9ybs3rlARaA05r3FJMlz8BZz0BNOICztLWa2S0qUqY8A-0jT6EuzGqWPaG-8mUw_K8NWEoO3nC98DtbPlisDaBJuUE-Q7mHHP0oUQg_SpksYmVODxZeE2n2N_pKL3x5NMTu9y7gU1yfX2EYpZQBpEaWfhSWeP1DI6M8q-HgDypN8NEST4OgTttKpGCmlTHII4spgk9Zpad4z_QPEV0sd4XJOVy6EK9gkHKpKYIj7SKZgPh5sNkitZvd6NRNcB4sO4qOl709tWfjya2pi5U9t5uhV0gq7TWbWzVFn11kXA-x5cteufGK_vh_how--vTWe2EHRx0xvKb6FyC7Fn9wOcxHLRqua4ZbDMJFGrtqISn_BWbd75nCuBL3TMyPsjtS4Vt1gOaSYxsU8aIu16zudLTbDbER_4DqXa0WfOz7En2Zj8FetNVwp7O7mQgxPLBw5gf_gUq9AOOOPotmNlz85a0eCzvVndd_9PDMRgi5UAwLauprglXduXMJrbwdEDUENVLJoXQC_WkDyGNmkGv1ShuXV2t9C5X86YgWP9oF4VWGjt7cL_Pv0g7Yb8P_ajMjROmytX5CPlWPCYO49B5KIBx0dtLsXeiBVrrubnNlZTRuiwRwI-BSs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame 2137 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.40.20.169 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-40-20-169.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 18 Jul 2023 17:14:30 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.40.20.169 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-40-20-169.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 18 Jul 2023 17:14:30 GMT
server
nginx
79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
pagead2.googlesyndication.com/bg/ Frame 6AB6 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efd1f2d633a46174e9297aa571dd85617c750b8f87d16a52778d5bc4109b7017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 14:04:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
11402
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14507
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Jul 2024 14:04:28 GMT
impl_v96.js
www.googletagservices.com/dcm/ Frame 1305 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v96.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 16:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
87543
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20157
x-xss-protection
0
last-modified
Mon, 22 May 2023 16:41:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 Jul 2024 16:55:27 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7045 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMm8ZRDDtunGBBjenobuATAB&v=APEucNXJ1eYy7gCkRw0pLTWuiYW_dmzifNxh8W0hr2A-0mskVMWKa3c3EmrRCcW6l-3jpQTGlkd7D7iUBYE5MDaf0okr1_znkMlUqfaPeqvvsMv8t41tKAnEQJk4tdccOw3G3FKxMBZmaZAsFG4eAGJfmKY2KW8wEqIeHo_AAoALkadpncW85oY
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 17:14:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame A006 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29781
x-xss-protection
0
server
cafe
etag
4315658989838864570
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 18 Jul 2023 17:14:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A006 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D9hDxEbsGE20yAnjQ2fScbIrah89NcM3EBJoZnGQvsLejbkxsTMkJlxiBl0qQNlbSisQLZkwMhISfNwepRBvX1K9RIjDtT6vPLht2X-8SfxQAKfUA
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A006 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7985961651035585045&x=1&ct=76
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame A006 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=29074404&cmp=30088679&plc=369161266&sid=8754143&dvregion=0&unit=300x600
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:6::17d5:a18f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
db556c877765791cfa9dc4febd9a83ab0dfdd29245b4c0ca786911f4ada39bbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 08:57:29 GMT
Server
UploadServer
ETag
"0a227e506cc4cb4f9940be0b4f6d5c1e"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=86400,no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
925
Expires
Wed, 12 Jul 2023 08:57:55 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame A006 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 16:10:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
3826
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Aug 2023 16:10:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame A006 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
488
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8291
x-xss-protection
0
server
cafe
etag
17061476539903440100
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Aug 2023 17:06:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A006 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689594152080714"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 17:14:30 GMT
4.js
static.adsafeprotected.com/ Frame 2F3E
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/990511/61634096/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-4903453974745530&ias_chanId=1&ias_placementId=19422215925&bidurl=https://yalla-shoots.tv/l...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_dsi2ZOyuF9mY-gaDrJCQDg&cbFunctionName=goog_wrapCb_dsi2ZOyuF9mY-gaDrJCQDg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassba...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_dsi2ZOyuF9mY-gaDrJCQDg&cbFunctionName=goog_wrapCb_dsi2ZOyuF9mY-gaDrJCQDg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:26da:ee00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 15:37:16 GMT
x-amz-version-id
mb839cAlAkIXkKRyL_jbpMEPFNsjaQAC
content-encoding
gzip
via
1.1 86df4d22c97ec96360d46cef55fb5f2a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
age
5836
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Tue, 18 Jul 2023 15:37:13 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
3R4lxhr7dnrvGjvnOMyOhatrRbhtIGA4tPhuwAPO1z8sHpFqhnt8DQ==

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
server
nginx
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_dsi2ZOyuF9mY-gaDrJCQDg&cbFunctionName=goog_wrapCb_dsi2ZOyuF9mY-gaDrJCQDg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame A476 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:ee00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 21:19:49 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 86df4d22c97ec96360d46cef55fb5f2a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
age
3441283
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
4yp9GgqEWO1bQ-EZwawfrOkMtt8f3rlcJ2xHx8fojLfpScOGbJhgag==
dpixel
cms.quantserve.com/ Frame B41C 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELxCkC-NHGeqigV4D6rNqIs&google_cver=1&google_push=AaAOQGHUUpypw8t6euo5yzyTMs4Ar0b51XjJvdHiYvH5B20iAso8X6r4-V4cqQ8N7E9qn3lEGx35dz2CrQvut8-wZwXNhkkC7chx
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B41C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENwsnH4PO7FH69_2wiemJ_s&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENwsnH4PO7FH69_2wiemJ_s&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TzlqWGtzT0UxUWxPaHA1&google_gid=CAESENwsnH4PO7FH69_2wiemJ_s&google_cver=1&google_push=AaAOQGH6yUJx3mIbELARJ6O2gYijI9Fb3RYFMsMZzuNlfKc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TzlqWGtzT0UxUWxPaHA1&google_gid=CAESENwsnH4PO7FH69_2wiemJ_s&google_cver=1&google_push=AaAOQGH6yUJx3mIbELARJ6O2gYijI9Fb3RYFMsMZzuNlfKcMffzMZ4ap_SatXq_HoUqFSTFN59uF3fxErD7W7ON6BSp5Dk4x2Wba
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 17:14:31 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-783-g46ba6fe#rel-ec2-master i-0ee6b652682556fe2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TzlqWGtzT0UxUWxPaHA1&google_gid=CAESENwsnH4PO7FH69_2wiemJ_s&google_cver=1&google_push=AaAOQGH6yUJx3mIbELARJ6O2gYijI9Fb3RYFMsMZzuNlfKcMffzMZ4ap_SatXq_HoUqFSTFN59uF3fxErD7W7ON6BSp5Dk4x2Wba
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame B41C 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEG1Fr37Q2T56ubFCCi3jSZA&google_cver=1&google_push=AaAOQGEL2ZOeMTojLg4-5Rs7Hsa5TcPTWcI4-SKKQdqSYI2eMcDPZC9agyF0izo4T9KZ61hR6hzRWDbcUb6Kl1mklst743snR46t
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame B41C
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEFdvZytvWpRfRUyNXAS9YZo&google_cver=1&google_push=AaAOQGFOV5C7eAWGvFda8edqVcccoklyen4p1_Fmk2EIhD-zhGk4FQNsHTS_SDKddrQOiM7ScVtvYKDVmxiB_xZk...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=n7D5JzrwTtGfA6_Gs8i6_w2&google_push=AaAOQGFOV5C7eAWGvFda8edqVcccoklyen4p1_Fmk2EIhD-zhGk4FQNsHTS_SDKddrQOiM7ScVtvYKDVmxiB_xZk2gTC3_sVs9Qj
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=n7D5JzrwTtGfA6_Gs8i6_w2&google_push=AaAOQGFOV5C7eAWGvFda8edqVcccoklyen4p1_Fmk2EIhD-zhGk4FQNsHTS_SDKddrQOiM7ScVtvYKDVmxiB_xZk2gTC3_sVs9Qj
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 18 Jul 2023 17:14:31 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=n7D5JzrwTtGfA6_Gs8i6_w2&google_push=AaAOQGFOV5C7eAWGvFda8edqVcccoklyen4p1_Fmk2EIhD-zhGk4FQNsHTS_SDKddrQOiM7ScVtvYKDVmxiB_xZk2gTC3_sVs9Qj
x-host
tde-deliveryengine-production-6689f7fc45-jls8v
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame B41C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPC8XHUdrmj1Scl33aJubss&google_cver=1&google_push=AaAOQGESWtNwej_UVEucn_zWxGgmop8tY4kDhd_0Kaiwkqg0llY91sQe86g1Oj_viVxes0c1ClaQYx7E...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzkyODc2MzM5MDEwODM5ODQxNg&google_push=AaAOQGESWtNwej_UVEucn_zWxGgmop8tY4kDhd_0Kaiwkqg0llY91sQe86g1Oj_viVxes0c1ClaQYx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzkyODc2MzM5MDEwODM5ODQxNg&google_push=AaAOQGESWtNwej_UVEucn_zWxGgmop8tY4kDhd_0Kaiwkqg0llY91sQe86g1Oj_viVxes0c1ClaQYx7EGutK1O7aSNAcy8OAZVeX
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzkyODc2MzM5MDEwODM5ODQxNg&google_push=AaAOQGESWtNwej_UVEucn_zWxGgmop8tY4kDhd_0Kaiwkqg0llY91sQe86g1Oj_viVxes0c1ClaQYx7EGutK1O7aSNAcy8OAZVeX
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame B41C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJZ9KSusLPLfTdn60eLhfy8&google_cver=1&google_push=AaAOQGG2Klfy6jr7fDBabeCZ9Jn1o9o0D1qfI-GN3r73aa9_0n14KU7WonPzMSLrzcAMPGTXWsI...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEs4SzE3TFotMS1ERUdS&google_push=AaAOQGG2Klfy6jr7fDBabeCZ9Jn1o9o0D1qfI-GN3r73aa9_0n14KU7WonPzMSLrzcAMPGTXWsIQt7GqrCdtdkti12K5Is-Kvhg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEs4SzE3TFotMS1ERUdS&google_push=AaAOQGG2Klfy6jr7fDBabeCZ9Jn1o9o0D1qfI-GN3r73aa9_0n14KU7WonPzMSLrzcAMPGTXWsIQt7GqrCdtdkti12K5Is-Kvhg
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEs4SzE3TFotMS1ERUdS&google_push=AaAOQGG2Klfy6jr7fDBabeCZ9Jn1o9o0D1qfI-GN3r73aa9_0n14KU7WonPzMSLrzcAMPGTXWsIQt7GqrCdtdkti12K5Is-Kvhg
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
pixel
cm.g.doubleclick.net/ Frame B41C
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMHHRW12aM65mlnXCfVlppw&google_cver=1&google_push=AaAOQGF_RjbpuYJaVdmcSiyv4vLoatMlRsPs2fxFSyLk0sWshUt0t7mk8e3-NAHDLgNfEAr3FNCF9auNisYcYAmjnghJWp-Ad_g
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY2NjU1ODIwMTQ0OTY4ODIyNjM4Mg%3D%3D&google_push=AaAOQGF_RjbpuYJaVdmcSiyv4vLoatMlRsPs2fxFSyLk0sWshUt0t7mk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY2NjU1ODIwMTQ0OTY4ODIyNjM4Mg%3D%3D&google_push=AaAOQGF_RjbpuYJaVdmcSiyv4vLoatMlRsPs2fxFSyLk0sWshUt0t7mk8e3-NAHDLgNfEAr3FNCF9auNisYcYAmjnghJWp-Ad_g
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY2NjU1ODIwMTQ0OTY4ODIyNjM4Mg%3D%3D&google_push=AaAOQGF_RjbpuYJaVdmcSiyv4vLoatMlRsPs2fxFSyLk0sWshUt0t7mk8e3-NAHDLgNfEAr3FNCF9auNisYcYAmjnghJWp-Ad_g
date
Tue, 18 Jul 2023 17:14:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame B41C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IqwTGWdVhv86lUOuDSt7taVA_D7v5JilpvPC-vr3aq-U2BrAth6r9JYmVp2jXlshej95_R
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:30 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 37C6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4705018808315&version=m202306200101&ct=76&x=1&cor=14930560863192350000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 967C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
22423
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 11:00:48 GMT
expires
Wed, 17 Jul 2024 11:00:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/17990266662471768200/ Frame CE25 		141 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57c2b596262f49dfc85822938e3989a0345fcd5ddd698423283ca15f162f6b99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
457689
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22865
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jul 2023 10:06:22 GMT
expires
Fri, 12 Jul 2024 10:06:22 GMT
last-modified
Wed, 09 Feb 2022 10:37:12 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 2F3E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst-9rrUkCbePjDg-aosATpQXWythJP1Zdol98JBW_UbwAL6_29IKQXTzg68HHXjDyG8rk0Zz8O30eUeOn7HS8DdOuGWk60weJZyAz1nYKg9_qDvCLnN3GmaZB8LXQnT2CXHqjU00RqkGKoIffLfNKYmRouzkGOkshTqjDl8jXEOp5Nc5ATPMU1K8F4zqFOS81lnxhZVvR29j3dMLZ6onPDbQevrWSJowBn-dCQZgBwMOJgTEV3kgd4MdqMFUBgoy8s3Du18-xxe_wpA63NJGHDOXnuR0sj-Yige5PPAeZw6fIm0QdpLCZGNSXMIhU3OvwE00kwfJx_UV1p7KOX5gYegGuhqJb_m26IM27f6-odp6cZKs8TmUIJrb20Uenf3AHZRsFM1Ox08odK7g0wAChnIEHyYfgdcsivsEL9g6jWc5p_zhUtqFPuyPtopurKexQO9DOzGJFJq2mcwprKuN91rdhVpaLtr3GPLvM3WUnUmMrxN1vgL7lJcshUR2hhAU2U0vtF1QwKac_RvY07T_5A3E6dvRSnkePzvZCf7B_0WjL5BuA6DmOoW3TWF6UYYA19nHqf-LATKwGhgLq_H__FVSQyvUPwl6-NJglIf7qwEHwYyPqsWHcAnpycnk_A-WsswgB53t2wzV-k1ni0dCtTpQ0CvmB4VC0iNgUOuC_zz9WMwJNzweRRUQXVpW_b8m_gwqLBmukKGUpqtSXzUELLermptOBCtAA0zpryOL2VfvvAfv895lodPtzomcYX4kzBGQxewzM7g6y-38TOEkyLQxeLvExYRdSCChvcpNLDzfPhcXCHsg07SQuIT0aHYz0pwdJawdUUVZVdwj0GXPqQkHK3hthM2zpzYBbc1j5jmui6KtzUqwjXbuv3x6jiQOmu62czw_weB8uYvKDVvdZRujzazFyLyHSpHjiuxNendJjVgH4RxfrKF5OGBk2bqND2u6tVAJ3iMX7z7drqAJ_Yk5F4X58BWQ-ZP839vcFI1N7w36DMAI-A--7Ia6X6nDyHwQ_KNXGUle-KTlu-oi22z1TqTruz7cbOFKNfZbK3NjJnH9jkZuJxo1gcyluCZr9LuYk6iE6P07t7xOU-jva29XwEru0NOQM90fAjydh-cBAARwKVOybvzRvjzMNiCjVXNXHhdpf2Jt11Tn8UGXWdwqcmgIy6oo6YRazmmAv75XKY2DT_xT-A3iupOHsE9WusK_8_zGl25NenilD8hrqxg1cz6Nkh2gT3153rC5p9vTNdm7vtqJozkdkVP0K7EY1G-KlwnaZIB5gBy1T6EnbERKeS9&sai=AMfl-YRTuu_1lnSdOprOIVL32AKcdBqXIyYY3nqyatTWkQlXdNd5UrtgXVtscw7QzITVv-8BIVyP_CpTOLwZiecC4uMf8T6yrEoXUKZJTcifVqf2TPWKAMa0kvEF5xEg8rfYgDBraD35Dv6rNBYlltV9fnDBARyC8Nl_ZuMYeYLuj77hW98s-pnT0mGtEgJGXxe0go-nZyJww_nLiK47YvSESBoQiTjrQ5wHiuGeZSEqsNYzzfSAq2Pmw59rZG918D27xjBmbzE&sig=Cg0ArKJSzKn1lBhhUzYQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=383&cbvp=1&cstd=381&cisv=r20230717.52216&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 18 Jul 2023 17:14:31 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 18 Jul 2023 17:14:31 GMT
dt
dt.adsafeprotected.com/ Frame 2F3E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=af3068e3-86e5-c3b6-94de-fd2307cf0ed7&tv=%7Bc:iJWvHY,pingTime:-3,time:130,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:24%7D,%7Br:r,w:728,h:90,t:122%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:130,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B124~0%5D,as:%5B116~0.0,8~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tKnMYFi+11%7C12%7C1311%7C13121%7C141%7C142%7C151%7C152%7C153%7C154%7C155%7C156%7C157%7C161%7C162%7C1631%7C17%7C181%7C182%7C183%7C1911%7C1912%7C1913%7C19141%7C1a11%7C1a12%7C1a13%7C1b1%7C1b2%7C1c1%7C1c2%7C1d*.990511-61634096%7C1d1%7C1d2%7C1e1,idMap:1d*,rmeas:1,rend:0,renddet:svg.us,siq:25%7D&br=c
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:d6f8:acf0:9b52:531e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
server
nginx
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 2F3E 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=af3068e3-86e5-c3b6-94de-fd2307cf0ed7&tv=%7Bc:iJWvHZ,pingTime:-6,time:131,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:131,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B125~0%5D,as:%5B116~0.0,9~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tKnMYFi+11%7C12%7C1311%7C13121%7C141%7C142%7C151%7C152%7C153%7C154%7C155%7C156%7C157%7C161%7C162%7C1631%7C17%7C181%7C182%7C183%7C1911%7C1912%7C1913%7C19141%7C1a11%7C1a12%7C1a13%7C1b1%7C1b2%7C1c1%7C1c2%7C1d*.990511-61634096%7C1d1%7C1d2%7C1e1,idMap:1d*,rmeas:1,rend:0,renddet:svg.us,siq:25%7D&tpiLookup=ao:yalla-shoots.tv*&br=c
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:d6f8:acf0:9b52:531e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
server
nginx
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2137 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9462214537791&version=m202306200101&ct=77&x=1&cor=10033980739377460000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B9689862.280410797;dc_ver=96.284;sz=300x250;u_sd=1;dc_adk=2913917844;ord=02xuc7;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fyalla-shoots.tv%2F$0;xdt=1;crlt=ARE)!pcj...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 1305 		62 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=96.284;sz=300x250;u_sd=1;dc_adk=2913917844;ord=02xuc7;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fyalla-shoots.tv%2F$0;xdt=1;crlt=ARE)!pcjNt;stc=1;chaa=1;sttr=208;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v96.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
1d1337f89d69534615b7e6c4564ceb2871d12f790f22c6c3b2b390a4f7dfd40d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E445 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstoRdGtubFxMfNAfUO6GJmu608tYn9k5JUe8OCxzFt0vsBdhHS9Z8qa4sHbHHjIHYPJGQAd1M7PG-40cjRb86XK45lbE3Xlhwvnc7hB4xLjkBQjuglEJHK85czLc_vkJJkh2xSaY7Ownqfej3dd-XLRGUKemtIPG31WunZnPUY&sai=AMfl-YT-eTa9vKPlF4ouQlkWaj_jHJHrfgnvpIwavzq65s1poS0bXyvOBR5TaevaD2Hw73RWMquS8ecYCvDCWcdgl9y3wxaoo2VZhRiomms-RvKARgWWFeeitTLRbyS_&sig=Cg0ArKJSzDaPhjqE0kAREAE&cid=CAQSPABpAlJWlITfxFINfwz4vJC6WltXjQB1N6nEfvLzYjFLsQKwIeNJCSN5XaHy4r5C9IJQ5KIuaLlQzn3YAhgB&id=lidar2&mcvt=1076&p=617,1018,867,1338&mtos=1076,1076,1076,1076,1076&tos=1076,0,0,0,0&v=20230717&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1041763575&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689700469084&rpt=864&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 2F3E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=af3068e3-86e5-c3b6-94de-fd2307cf0ed7&tv=%7Bc:iJWvJ9,pingTime:-2,time:203,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:997,beZ:998,mfA:1000,cmA:1001,inA:1001,inZ:1005,prA:1005,prZ:1016,si:1021,poA:1022,poZ:1091,cmZ:1091,mfZ:1091,loA:1128,loZ:1131,ltA:1200,ltZ:1200%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:24%7D,%7Br:r,w:728,h:90,t:122%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:203,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B197~0%5D,as:%5B116~0.0,81~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tKnMYFi+11%7C12%7C1311%7C13121%7C141%7C142%7C151%7C152%7C153%7C154%7C155%7C156%7C157%7C161%7C162%7C1631%7C17%7C181%7C182%7C183%7C1911%7C1912%7C1913%7C19141%7C1a11%7C1a12%7C1a13%7C1b1%7C1b2%7C1c1%7C1c2%7C1d*.990511-61634096%7C1d1%7C1d2%7C1e1,idMap:1d*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,siq:25,sinceFw:178,readyFired:true%7D&br=c
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:d6f8:acf0:9b52:531e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
server
nginx
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame CE25 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 00:48:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59154
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jul 2023 00:48:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A006 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5581034592834&version=m202306200101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A006 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5581034592834&version=m202306200101&ct=76&x=1&cor=7985961651035586000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A006 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2Unb4mMRLWBMEUK1VL1UrRueLqHBp7VMjCF0P4e_aJUBTdUUFSQkHCQ0enMblkHA4CijTuR491LZjrLvKPvsm76VssRzMiOwzTm7lC5zUPNnjYgDEITgTVqCEIajg_q0LwC3qeABDnlLrh0zm9tdhO0FyIePmIX6ULW11p_DJqUirGIs&cry=1&dbm_d=AKAmf-C8o5hpIITWv9nI4SV2fLzHY0zI81OBL6gnNX-if3ye2v7glWBSg9ZuRoWjyC-8jH2CF6j0j-7n8k0Mlnv-kDQhYjO4XHsDlmx-UduCyd0t6e8e2gyD9oY_PMLSIxmazyqtogGNDM5BSKaShYoIk5656cTVtZXlh_-4emJGd_wBuZJguTbemB0U9AI8T5M-QvZSiWzIb7664cumg6Lc0u9AF2IinJxXsWarltkYqLioYAjaGqc9BWd9ghaj4aDMWv4jmsAHWOC2kDY5g4Mdd4F7ZkiGZr8rgs8Ll_ULozTP1VtsPYc454ELdG5uhiTIQQ8yHr-j5URLofyXu-pPUi0UVcln3B9Pg7Nkcm5Erw_WEf0EnAIzWyCHgFOAkB5OTLOHcjXDQidLW9aAlkA73QpwSPQg5iProucbPSjwc339qVnr4v0inq6N5ulokkpr8UZXsycr04SfTdRfWwvKnMSkDHL1FoYhPJvinqwi2u7srrMse22l1glcxWnT_RBTVKATxjn1jtnEESSCsOuw9XViy_nR_B9P0KD7ZMUnoQ5PCIBy0znDkzlbObscIPh-pBWPrJnzadFwtXu5oftpHUZxno36ZmCMquuynGkd7G671kQLe467UH5MX35NHb8EfEP8rUclvsOAUrsnpYfC0zpbF-QdELeuQDM7or1dF-w3S3NIJugRWRiYCogtcX0ow1rLw7Zu65L2PW3nZoL39cVHrRhwUm_VERrNU4rY1OBcu1-ZE3F5O8M3gwe0aqxxRK-EaZz1wGTBgIhCrlrDnSSVYJvNTdo1e8_gWTa48YfS5bsAkwQPgjElXiR2ccC2_cJmsotze_jVafab3HHHdXtJlvR9g-9cjs3Yrbnmloiw_fN649mIZiLMr2y-tAyrtP2p0cMZJM5UHH7-CufLNRAa14bkFFvbFe_TVbAxeCKorrV35bSFbzNZnaBSIAUOkvEysiYHVahVv2UYxDb6eYdAb3B3MmJdLf2LaoGn9IlYrp3FtfvXmVMWl1Qwt_PLT2XzkIPVrRfN13RZLFYKlp3rEHSEeximvyLePAVDo2BSFkySg5ijbXrGnS0bgi2ozm2PfOl6LO-hQNgsl3zuL_NnnuDRPMiJgyPA6rKaQay--bFrczimQpPN-ZaFCLa4hr7ivaMZrnwtULao5tPZu6ZOMfL8u4ZdGeZtzu6bdXmHxtCl9UjRoNvp8tLoY_LNGZmBQLMEJo84penzXcg8wsRR4cDJXYohZJ4lOe5WzlCJr0ta9nNVZW9tjdFXX8BWyi3XpylEBkbkh3lKRpWFATUMEHcG5i1UMvlZcLYClumJ8x7QfY5qqtLoHfArUWVQvbE8UKfzlaOipFdcMH27kAenKDoeQJr-tlRUbaQrFpCzQRMJ1m0fv3dQPl_yNwn3nhXMsDpBqJ4peK_OtKVgh7QlCa6EFEb5S4DutzR1wXERTPZO_8wfH2f3zvh7acmRBluw4JOn0Z_J8n_G2u8-geD2DCU7bruVtsz29dpvbN5URLJ5bhRFvT3MSSzU6oi43X0euT7NbcfNqVqMRS3nhp2w2tjHf6UsuRDp3jNUjgXnAew7OeTTEtE-ZVZycP1lLY3kProfkIVSVPsDnxYbVDlhGf_YnmzMvALq-7Tz15fizgUyWG_T1_tcQmNsMwPg05guySU_dIvYkTT-uEfyJICXn9gNCYAj4JxHgxIVVhrLZ3xxUJhzD-CS8fhQ3GJQwrotaa_zecJ3MZxqQ7Jxwc_Gb68lKpJXa6N7q4m8keDgyGSjBtLpZLvIWaRm3PR2Nf9JOQh57USwGlaDkVpPNKM2jD-8WYWLmWQ5PXWu1b3sMzESBzwPlbbhsmvjabEf5784_DmPXtH9TZo_9fqDUvc18wD5s0m8f5gDSWzPKmqwTnz_nHUMR5LGFNG1IVfme_O0TPkb1AsEBfL7_ZW6ffmp1-PR9FhNUjUhISXO-Q1jhnu4y3I1Tvrn64B9WKODNNrRXR2FFXVy_V5LibgGj6xJQfrlEGWNSv17-UPEbSFh0EiTywFZJTjW7utVIe6U39tHMiD2_ape1m_Z7brdxoYirw8n3oPiIOEwGgPbL11lkN02BhS-t5l_b6VxqxEOhvvrLiovYTb9sOwgnoL3GRLXsAN4aU7vgyD5h7p-6SDN-EBE-1YESEOq7ckkbZZlsC3MzKDZASxZnU-ctQcAMp5ebwUADzHxRaQUshAWiJx-U40SEWtfgzJhCLjgi0lWRYMPr-blfFaPxVHEUYdRf7EaUzLLcmz_abCfhThQzeuY3g4dluDCChic4QRzbKF_SwVampnaZ9rpe_rBfYR0MiPEh8BeIuYQZ8zNLyrtCHMna5n3edPEBpurG-hqJCJBC005cVnt5oEjNEumeyBQx-ZpUDYm-yn2AL3MCvPqbjpI410JWH-8OQNDUWX_qxk3ffKdNPcdUOjR13XIJ-C0kmZIPRpJ85YJBcu9w4g05KITUMZEPBFKUIZ8UgCmF2uMyaf01hZ_r6sRR3Eh5zPvgID9bZ5YP8fVOF0Zz8EEdrw06kgruUO0eYcUmzP8WuF1LF_lF4NKRqIy77O5LHxUrvXgYag-aoS7DGgchXO-PtY5XYtNavdpRVnHOGaMOwGLfqpkW49WYkSb2LeWJ7EKUpUDt4Jl7eHWmGkKXPHEzaqV08u6a6Jq7p5cWjC2QfBD0inB81LtOYyvGDF71Gw0iS2CtCfHWFttu0546lw098pXLgAxzkeRHNwIur1Lb4b5Z9V0z97AdzEsihCKs2-LVmHRYmxiD9S2DQSKjD8_tBOj-WO-SotA-X0ThVa3-WDmmBXvVZE4i9gti1vI2Tr2rq7N-5bzSgTZ5EFGl4GqHt0LgsFudpUAnC5XTPINdz_RyC-Z-PEqz79dTWmvaVlWy3CPqG_CvWnMHu4Eujby2y9Xi5Xf0GJFOEm3R6oGI8PrujJaRP1mMN5kFNKEtuxED1XUnHQAdCqxn0ULb_K_NE-yLx0z1kUm4MprIr90JalLx57LktE114JR6bnjrp6Eos7QE9mzMw&cid=CAQSPABpAlJWUwKHTROyTxYSexDmBwE4oTChTpY-FuCLUfblmmuMZe4b8zFUhbBVfBx2McMF3uZWCgI_ubpUQxgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=7985961651035586000&adk=4188270525&idt=127&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68fe55a2ec532c3c8ef0961798bbbfd02aba021684fcdeca63a434dbddd1ded3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12013
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/ Frame 1305 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=96.284;sz=300x250;u_sd=1;dc_adk=2913917844;ord=02xuc7;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fyalla-shoots.tv%2F$0;xdt=1;crlt=ARE)!pcjNt;stc=1;chaa=1;sttr=208;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
85983
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 17:21:28 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1305 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvHKNb-k-Ya72FAsf5vXdM9NuJzwS-NeVQgh0AUOjdjqN9uK5GkUJYYg9xz369AwwQeQemrzFz7hhKMdSw6hL_-4KSpmwpFfit8r1-zUlez5aGU6IA2_uwFlaIMSU2JFmRL8FoTVYl8yi0AgYeykp_wwbz4U7i-gdrzwBlgdg&sai=AMfl-YRBfld5at7eNOZhnLCnRlS7XkTRs717Z7fitxAQBo8Mf2ngZ5KrkdglIPvEUcUiRN7uba6GnTkswv0KLMChubC5mLglB7fIdNmZCg&sig=Cg0ArKJSzAi2Ugtoi0vbEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230717.42831&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=96.284;sz=300x250;u_sd=1;dc_adk=2913917844;ord=02xuc7;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fyalla-shoots.tv%2F$0;xdt=1;crlt=ARE)!pcjNt;stc=1;chaa=1;sttr=208;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 18 Jul 2023 17:14:31 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1305 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=96.284;sz=300x250;u_sd=1;dc_adk=2913917844;ord=02xuc7;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fyalla-shoots.tv%2F$0;xdt=1;crlt=ARE)!pcjNt;stc=1;chaa=1;sttr=208;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 13:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
12116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jul 2024 13:52:35 GMT
12224131752392196093
s0.2mdn.net/simgad/ Frame 1305 		144 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12224131752392196093
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e80f3c6479f08a7ea0b97f0c3538f4d3420e0f00df102e15469e7fc6ed013cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:06:42 GMT
x-content-type-options
nosniff
age
256069
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147304
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 20:18:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 14 Jul 2024 18:06:42 GMT
79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
pagead2.googlesyndication.com/bg/ Frame 967C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efd1f2d633a46174e9297aa571dd85617c750b8f87d16a52778d5bc4109b7017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 14:04:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
11403
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14507
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Jul 2024 14:04:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F915 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4X4gdMi2ZJWaNZ7P7_UP1p60iAYAAAAAOAHgBAI&bg=!aWqlaj7NAAa3SiIRl0o7ADkAdvg8WnfnWDJp1zZPCFjSkf8RRY-RHRURMHYIGPUIrj7BP0ynOQ4KwpcPGXQGyBkeGDKCcug5lWICAAADqVIAAAAEaAEHCgBxhW5RQnERufkHnAfOgUwnCBKhtn7IERZqLKgzSbCgfMojo0pBGj3owI3RXdOv7hElhZtSliqsCC82GBm3iGDJs81RkftjXhcP33JDebuI8602cgMBIi69xiuio8_UmxDXoecWuQtdwIDmvkw9akKRbOqZAv11VPFaBzkX5f87uVnbENlyy_EdVTO5xmy5NnXiuatxJPrKjZ0yPQqv2pO863p8JnEuyVlsFKXOiP6h4Ib2U9Eq0EFsBU5bpOl9daxQbCJSacnrWu1PPAB7vbDVUnxSVL3pWi52ojIkzuBDcWIW-_5b2YvgJwKhQOl9GLKvU8dydL5D0aQZV70ZjsggOdZbLQ_y87QTZms7ZgFk4-0CvQ6aCrjsoVKVSAGQmm1cVgJieag_qRES6IXMHEpY22mknAn-z84l_wE5it-3ycAVGpQvKz6tFtQ27di0UlABUoOGBwopt3FxiW1R-Dj_M8AjI1A2EmIwRrw4eo7X9OF47soX8M_uxXbtgfjsyU5IIB1e7bx8UWqe-E34Np3Nin7crEOWjoTtr37-A1Om_J3ZZZ6T5BIEFL73chfgC4XfGwEHHkzjDdnNKs0tM6Vzb9S39M3Of6tSpZ28o5-a0yy50afbn33B8oxmuaS7IVMcZGvNo11w6vpwyLULdVyt4bIkNVQF8qEazIQtOO0N3uLykrE2NEESOKPGxsTfizp0b0sOd7uJJf37rVt6rsBS2rN3zXlMwbFXxNfaKQZsgSv_7O6RYaWgqvZscBYcorszWk9btcwq0bkO5XAIrEJ6J7Be7ARC6s805POPCMG6SSnj7l9vtL4zlJPQuwUZThiA7R-zRLnEmfhxDnciaPjEJjEZgrWeWBm0mQj31xin6lGnk1q6joLMK9ExVilwbetli8mVi040I1IxkFvQTdC2WmAbiXHLdthLb5Z2fcuLEVyH9r2qBNBXMV1mXv3hmNicGrHuCkfzLaQX6RQK3dCwr--ezJeMf2ttdLPeYSuFeH_Kogqiz29rpsv6MjYEn0W7gwTD9BNnUmZDG6KDHj_hqfySMOAu3TXla3ZGSA9gShys_1npB9ZsJvBMpH3g4rCSQFeNMCWjkIF8ABuVacDyb-vdIKSr0_E3Ojrfyn6i2GWFhrGOdaB_prH_YjQFkYXWOsIjdkKAldjZ92U0s4u5FQ0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
multitracking
ghb.aplhb.adipolo.com/adunit/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19556/hbw_master_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.210 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://yalla-shoots.tv
Date
Tue, 18 Jul 2023 17:14:30 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B4D9 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
12452
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 13:46:59 GMT
etag
48472445140208031
expires
Wed, 19 Jul 2023 13:46:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fyalla-shoots.tv%2F&domain=yalla-shoots.tv&bundle=hJoGjl84VkVjbFFjVG1mQU0lMkZud0NkJTJGbkJCSzlSNjlrU3JMYSUyQlZkRDhzdTJzSXZ3S3daTGhXTlpLRHFkdk9NNkRUenB1V0xLc3dGNzNiYkJvd1VEdEMzUiUyRjc0c3pvcjk3Z3NNRUM3ODhJR1JyME1ZcWIzMkRNS1FNdFc3YWhpT1JiNWFMdEdlb1QzbHhUZ3QzclM1aDQyT1hDZyUzRCUzRA&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://yalla-shoots.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 18 Jul 2023 17:14:31 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
230964
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fyalla-shoots.tv%2F&domain=yalla-shoots.tv&bundle=hJoGjl84VkVjbFFjVG1mQU0lMkZud0NkJTJGbkJCSzlSNjlrU3JMYSUyQlZkRDhzdTJzSXZ3S3daTGhXTlpLRHFkdk9NNkRUenB1V0xLc3dGNzNiYkJvd1VEdEMzUiUyRjc0c3pvcjk3Z3NNRUM3ODhJR1JyME1ZcWIzMkRNS1FNdFc3YWhpT1JiNWFMdEdlb1QzbHhUZ3QzclM1aDQyT1hDZyUzRCUzRA&cw=1&pbt=1&lsw=1
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/469361/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:30 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
244057
expires
0
prebid
id5-sync.com/api/config/ 		135 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/469361/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://yalla-shoots.tv
date
Tue, 18 Jul 2023 17:14:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
/
onetag-sys.com/usync/ Frame 28D4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1689700470175&gdpr=0
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/469361/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame 0106 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1689700468128
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/469361/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
truncated
/ Frame 1305 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50ea8981e52d39daadb689c1141dca577ebad4a469203c85da9922730a1207d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 2F3E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst-9rrUkCbePjDg-aosATpQXWythJP1Zdol98JBW_UbwAL6_29IKQXTzg68HHXjDyG8rk0Zz8O30eUeOn7HS8DdOuGWk60weJZyAz1nYKg9_qDvCLnN3GmaZB8LXQnT2CXHqjU00RqkGKoIffLfNKYmRouzkGOkshTqjDl8jXEOp5Nc5ATPMU1K8F4zqFOS81lnxhZVvR29j3dMLZ6onPDbQevrWSJowBn-dCQZgBwMOJgTEV3kgd4MdqMFUBgoy8s3Du18-xxe_wpA63NJGHDOXnuR0sj-Yige5PPAeZw6fIm0QdpLCZGNSXMIhU3OvwE00kwfJx_UV1p7KOX5gYegGuhqJb_m26IM27f6-odp6cZKs8TmUIJrb20Uenf3AHZRsFM1Ox08odK7g0wAChnIEHyYfgdcsivsEL9g6jWc5p_zhUtqFPuyPtopurKexQO9DOzGJFJq2mcwprKuN91rdhVpaLtr3GPLvM3WUnUmMrxN1vgL7lJcshUR2hhAU2U0vtF1QwKac_RvY07T_5A3E6dvRSnkePzvZCf7B_0WjL5BuA6DmOoW3TWF6UYYA19nHqf-LATKwGhgLq_H__FVSQyvUPwl6-NJglIf7qwEHwYyPqsWHcAnpycnk_A-WsswgB53t2wzV-k1ni0dCtTpQ0CvmB4VC0iNgUOuC_zz9WMwJNzweRRUQXVpW_b8m_gwqLBmukKGUpqtSXzUELLermptOBCtAA0zpryOL2VfvvAfv895lodPtzomcYX4kzBGQxewzM7g6y-38TOEkyLQxeLvExYRdSCChvcpNLDzfPhcXCHsg07SQuIT0aHYz0pwdJawdUUVZVdwj0GXPqQkHK3hthM2zpzYBbc1j5jmui6KtzUqwjXbuv3x6jiQOmu62czw_weB8uYvKDVvdZRujzazFyLyHSpHjiuxNendJjVgH4RxfrKF5OGBk2bqND2u6tVAJ3iMX7z7drqAJ_Yk5F4X58BWQ-ZP839vcFI1N7w36DMAI-A--7Ia6X6nDyHwQ_KNXGUle-KTlu-oi22z1TqTruz7cbOFKNfZbK3NjJnH9jkZuJxo1gcyluCZr9LuYk6iE6P07t7xOU-jva29XwEru0NOQM90fAjydh-cBAARwKVOybvzRvjzMNiCjVXNXHhdpf2Jt11Tn8UGXWdwqcmgIy6oo6YRazmmAv75XKY2DT_xT-A3iupOHsE9WusK_8_zGl25NenilD8hrqxg1cz6Nkh2gT3153rC5p9vTNdm7vtqJozkdkVP0K7EY1G-KlwnaZIB5gBy1T6EnbERKeS9&sai=AMfl-YRTuu_1lnSdOprOIVL32AKcdBqXIyYY3nqyatTWkQlXdNd5UrtgXVtscw7QzITVv-8BIVyP_CpTOLwZiecC4uMf8T6yrEoXUKZJTcifVqf2TPWKAMa0kvEF5xEg8rfYgDBraD35Dv6rNBYlltV9fnDBARyC8Nl_ZuMYeYLuj77hW98s-pnT0mGtEgJGXxe0go-nZyJww_nLiK47YvSESBoQiTjrQ5wHiuGeZSEqsNYzzfSAq2Pmw59rZG918D27xjBmbzE&sig=Cg0ArKJSzKn1lBhhUzYQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=660&vt=11&dtpt=277&dett=3&cstd=381&cisv=r20230717.52216&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 18 Jul 2023 17:14:31 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A006 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2Unb4mMRLWBMEUK1VL1UrRueLqHBp7VMjCF0P4e_aJUBTdUUFSQkHCQ0enMblkHA4CijTuR491LZjrLvKPvsm76VssRzMiOwzTm7lC5zUPNnjYgDEITgTVqCEIajg_q0LwC3qeABDnlLrh0zm9tdhO0FyIePmIX6ULW11p_DJqUirGIs&cry=1&dbm_d=AKAmf-C8o5hpIITWv9nI4SV2fLzHY0zI81OBL6gnNX-if3ye2v7glWBSg9ZuRoWjyC-8jH2CF6j0j-7n8k0Mlnv-kDQhYjO4XHsDlmx-UduCyd0t6e8e2gyD9oY_PMLSIxmazyqtogGNDM5BSKaShYoIk5656cTVtZXlh_-4emJGd_wBuZJguTbemB0U9AI8T5M-QvZSiWzIb7664cumg6Lc0u9AF2IinJxXsWarltkYqLioYAjaGqc9BWd9ghaj4aDMWv4jmsAHWOC2kDY5g4Mdd4F7ZkiGZr8rgs8Ll_ULozTP1VtsPYc454ELdG5uhiTIQQ8yHr-j5URLofyXu-pPUi0UVcln3B9Pg7Nkcm5Erw_WEf0EnAIzWyCHgFOAkB5OTLOHcjXDQidLW9aAlkA73QpwSPQg5iProucbPSjwc339qVnr4v0inq6N5ulokkpr8UZXsycr04SfTdRfWwvKnMSkDHL1FoYhPJvinqwi2u7srrMse22l1glcxWnT_RBTVKATxjn1jtnEESSCsOuw9XViy_nR_B9P0KD7ZMUnoQ5PCIBy0znDkzlbObscIPh-pBWPrJnzadFwtXu5oftpHUZxno36ZmCMquuynGkd7G671kQLe467UH5MX35NHb8EfEP8rUclvsOAUrsnpYfC0zpbF-QdELeuQDM7or1dF-w3S3NIJugRWRiYCogtcX0ow1rLw7Zu65L2PW3nZoL39cVHrRhwUm_VERrNU4rY1OBcu1-ZE3F5O8M3gwe0aqxxRK-EaZz1wGTBgIhCrlrDnSSVYJvNTdo1e8_gWTa48YfS5bsAkwQPgjElXiR2ccC2_cJmsotze_jVafab3HHHdXtJlvR9g-9cjs3Yrbnmloiw_fN649mIZiLMr2y-tAyrtP2p0cMZJM5UHH7-CufLNRAa14bkFFvbFe_TVbAxeCKorrV35bSFbzNZnaBSIAUOkvEysiYHVahVv2UYxDb6eYdAb3B3MmJdLf2LaoGn9IlYrp3FtfvXmVMWl1Qwt_PLT2XzkIPVrRfN13RZLFYKlp3rEHSEeximvyLePAVDo2BSFkySg5ijbXrGnS0bgi2ozm2PfOl6LO-hQNgsl3zuL_NnnuDRPMiJgyPA6rKaQay--bFrczimQpPN-ZaFCLa4hr7ivaMZrnwtULao5tPZu6ZOMfL8u4ZdGeZtzu6bdXmHxtCl9UjRoNvp8tLoY_LNGZmBQLMEJo84penzXcg8wsRR4cDJXYohZJ4lOe5WzlCJr0ta9nNVZW9tjdFXX8BWyi3XpylEBkbkh3lKRpWFATUMEHcG5i1UMvlZcLYClumJ8x7QfY5qqtLoHfArUWVQvbE8UKfzlaOipFdcMH27kAenKDoeQJr-tlRUbaQrFpCzQRMJ1m0fv3dQPl_yNwn3nhXMsDpBqJ4peK_OtKVgh7QlCa6EFEb5S4DutzR1wXERTPZO_8wfH2f3zvh7acmRBluw4JOn0Z_J8n_G2u8-geD2DCU7bruVtsz29dpvbN5URLJ5bhRFvT3MSSzU6oi43X0euT7NbcfNqVqMRS3nhp2w2tjHf6UsuRDp3jNUjgXnAew7OeTTEtE-ZVZycP1lLY3kProfkIVSVPsDnxYbVDlhGf_YnmzMvALq-7Tz15fizgUyWG_T1_tcQmNsMwPg05guySU_dIvYkTT-uEfyJICXn9gNCYAj4JxHgxIVVhrLZ3xxUJhzD-CS8fhQ3GJQwrotaa_zecJ3MZxqQ7Jxwc_Gb68lKpJXa6N7q4m8keDgyGSjBtLpZLvIWaRm3PR2Nf9JOQh57USwGlaDkVpPNKM2jD-8WYWLmWQ5PXWu1b3sMzESBzwPlbbhsmvjabEf5784_DmPXtH9TZo_9fqDUvc18wD5s0m8f5gDSWzPKmqwTnz_nHUMR5LGFNG1IVfme_O0TPkb1AsEBfL7_ZW6ffmp1-PR9FhNUjUhISXO-Q1jhnu4y3I1Tvrn64B9WKODNNrRXR2FFXVy_V5LibgGj6xJQfrlEGWNSv17-UPEbSFh0EiTywFZJTjW7utVIe6U39tHMiD2_ape1m_Z7brdxoYirw8n3oPiIOEwGgPbL11lkN02BhS-t5l_b6VxqxEOhvvrLiovYTb9sOwgnoL3GRLXsAN4aU7vgyD5h7p-6SDN-EBE-1YESEOq7ckkbZZlsC3MzKDZASxZnU-ctQcAMp5ebwUADzHxRaQUshAWiJx-U40SEWtfgzJhCLjgi0lWRYMPr-blfFaPxVHEUYdRf7EaUzLLcmz_abCfhThQzeuY3g4dluDCChic4QRzbKF_SwVampnaZ9rpe_rBfYR0MiPEh8BeIuYQZ8zNLyrtCHMna5n3edPEBpurG-hqJCJBC005cVnt5oEjNEumeyBQx-ZpUDYm-yn2AL3MCvPqbjpI410JWH-8OQNDUWX_qxk3ffKdNPcdUOjR13XIJ-C0kmZIPRpJ85YJBcu9w4g05KITUMZEPBFKUIZ8UgCmF2uMyaf01hZ_r6sRR3Eh5zPvgID9bZ5YP8fVOF0Zz8EEdrw06kgruUO0eYcUmzP8WuF1LF_lF4NKRqIy77O5LHxUrvXgYag-aoS7DGgchXO-PtY5XYtNavdpRVnHOGaMOwGLfqpkW49WYkSb2LeWJ7EKUpUDt4Jl7eHWmGkKXPHEzaqV08u6a6Jq7p5cWjC2QfBD0inB81LtOYyvGDF71Gw0iS2CtCfHWFttu0546lw098pXLgAxzkeRHNwIur1Lb4b5Z9V0z97AdzEsihCKs2-LVmHRYmxiD9S2DQSKjD8_tBOj-WO-SotA-X0ThVa3-WDmmBXvVZE4i9gti1vI2Tr2rq7N-5bzSgTZ5EFGl4GqHt0LgsFudpUAnC5XTPINdz_RyC-Z-PEqz79dTWmvaVlWy3CPqG_CvWnMHu4Eujby2y9Xi5Xf0GJFOEm3R6oGI8PrujJaRP1mMN5kFNKEtuxED1XUnHQAdCqxn0ULb_K_NE-yLx0z1kUm4MprIr90JalLx57LktE114JR6bnjrp6Eos7QE9mzMw&cid=CAQSPABpAlJWUwKHTROyTxYSexDmBwE4oTChTpY-FuCLUfblmmuMZe4b8zFUhbBVfBx2McMF3uZWCgI_ubpUQxgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=7985961651035586000&adk=4188270525&idt=127&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 13:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
12116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jul 2024 13:52:35 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1305 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvHKNb-k-Ya72FAsf5vXdM9NuJzwS-NeVQgh0AUOjdjqN9uK5GkUJYYg9xz369AwwQeQemrzFz7hhKMdSw6hL_-4KSpmwpFfit8r1-zUlez5aGU6IA2_uwFlaIMSU2JFmRL8FoTVYl8yi0AgYeykp_wwbz4U7i-gdrzwBlgdg&sai=AMfl-YRBfld5at7eNOZhnLCnRlS7XkTRs717Z7fitxAQBo8Mf2ngZ5KrkdglIPvEUcUiRN7uba6GnTkswv0KLMChubC5mLglB7fIdNmZCg&sig=Cg0ArKJSzAi2Ugtoi0vbEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=88&vt=11&dtpt=87&dett=2&cstd=0&cisv=r20230717.42831&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=96.284;sz=300x250;u_sd=1;dc_adk=2913917844;ord=02xuc7;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fyalla-shoots.tv%2F$0;xdt=1;crlt=ARE)!pcjNt;stc=1;chaa=1;sttr=208;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 18 Jul 2023 17:14:31 GMT
dvbs_src_internal119.js
cdn.doubleverify.com/ Frame A006 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal119.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=29074404&cmp=30088679&plc=369161266&sid=8754143&dvregion=0&unit=300x600
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:6::17d5:a18f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
97570defe15fe0a83b49642f0ecf2dcc9c7400d21272372d3b140beb372bd08e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:31 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 08:57:31 GMT
Server
UploadServer
ETag
"4455786dc20506b8e54048c7119b5c5f"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=946080000,no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18798
Expires
Thu, 11 Jul 2024 05:45:16 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/469361/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
cf6a8ff6049b54592b6f8edcf20367840487dcef9752866b18f4b5666b1cd97a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://yalla-shoots.tv
date
Tue, 18 Jul 2023 17:14:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 297A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BG9BIdci2ZP7bNeCOjuwPnZi7gA8AAAAAOAHgBAI&bg=!Tk2lTRnNAAa3SiIRl0o7ADkAdvg8WiulYYxODtYYgjl3LYw0F1WR0Ott-QXKY2ICf0dQU2I9YKK12TWJF2ydsv7FkPwgPCVKvo4CAAAByVIAAAAFaAEHCgARnnlpsb1klj8-8BUoIBXeaDmZAzhqb8TnYOJ7WshbgNNU7l9y2gDRPOIwpuOrjFdou2nN9RvxQBPRiV9Outz5DVlfCbJm27jDYBNYdSE8KT0Lcw3wMj1pT8woeIRNUQLutn9xPsZ00CUYVmKfZZnd7ckMyRo0m2q2EGiS_Fl6eYafnJoTJTkmZs9Dbu_eIO2x8qmmW4LZEQzeAxD4oI-VHbQ3i7XPxFWrLzL0mMuOAxYrk0j8GhHWKZ-eDJfj5DFgAWZRykrJBw71Khmuwq047uee5okYUEilhe-pFuSVmIji4eZxSFZLKqDbUcfI1TjJiMGDnUxQZqGb0mIz5HZnrulqbZAGX51SY_iZ2SoI4-VPCH2algDOO65Ay8yV6kWAOzUKYGG80XYHMgC6z8GhW-3ayhLPsYwBwO7WULPDW8eLwCIph1djkemTCarniufBLZPUdT4RkkQdNtc8P_SJRvIfeu4LkFtvZrUeesmpPvIIEqKKxnDJyCGxvhueWYX0FsEm6SUeB7uLgVSyy_NNnFH7zRn_X9qERdNmyTwc0HLKvDACIEIrcimlCGZD5rVb4VqcU-AZBhFhwhCedm6PQlQ-G4XSlCk1MfZ0itMulZx6KugT9E5_DPZtZfVMrBPQ77ttuGofU0_quVglgdMT3Woy2OVhTBpWT2axXtENa0UV7fyNabm9UJMbZWvYRAECa8DUpj7_8WlIBBAeEOYdNG6wLvpaRTh1gQ1zGjenGGkrqmfAeuFSwKliLsd35ttBkPREB0DP7RjdFKrVsU8s9lZTrLty3k-pw724MtRQFTzQe6mvUoi1CgLCdyjvOJ2i9AGm8qldFzDeOSK1h8BCACqXZPrz_MTFJ3QT6z1jMLCsNR2MEsgKp29pNxhzqRpwbd71xhpYdYjBFFqgCaySkibo8rzZe2y4rhbbTPyVyTnZPHL65zZfZ7G_sc_RvjQ2D66Sh-bavfZH-kOG_xmHnep4Ix-9duFDq3C-5E5hhPrA1Z9cBMdtbaD3VLs8SazlKUVHuhES36J9o-LBpqNHtBlt73rsqQSpDxwCSLI6AkxEJhaRILPa5G89sS0X74Rz-h_a_mZVEl8zXaKbFvnmB6rQJrjWvzRB9d71zQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame B4D9 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEO0GB5mrNXNl2NpztDq0_ME&google_cver=1&google_push=AaAOQGGlsrMjQ4Pl0ioewuxFSJHm21Bjd78PQrLjzzhi11JYK3yYS3BZI2NfZeAsvaS4CjSIlU0KacIATTUz4oF-e97Hgsg-XTVN
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:31 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame B4D9
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKL7Hy5Zr25C_zxqX-xKDJM&google_cver=1&google_push=AaAOQGGUlQjSoQwfkVG6B9UODXJR2Sve62So8WuEZV4PpKT7rApU-VIMIh-ZdwdQC8n9vFuGhBXdEVdZA3UtxR...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NzIwODI1ODcwMjYwNDQyOA%3D%3D&google_push=AaAOQGGUlQjSoQwfkVG6B9UODXJR2Sve62So8WuEZV4PpKT7rApU-VIMIh-ZdwdQC8n9vFuGhBXdEVdZA3UtxROvHL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NzIwODI1ODcwMjYwNDQyOA%3D%3D&google_push=AaAOQGGUlQjSoQwfkVG6B9UODXJR2Sve62So8WuEZV4PpKT7rApU-VIMIh-ZdwdQC8n9vFuGhBXdEVdZA3UtxROvHLHrNOaXuww
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NzIwODI1ODcwMjYwNDQyOA%3D%3D&google_push=AaAOQGGUlQjSoQwfkVG6B9UODXJR2Sve62So8WuEZV4PpKT7rApU-VIMIh-ZdwdQC8n9vFuGhBXdEVdZA3UtxROvHLHrNOaXuww
Date
Tue, 18 Jul 2023 17:14:31 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame B4D9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAJrTIrHCPCv_a4H9Aj0gN4&google_cver=1&google_push=AaAOQGE2l7ZGBWXYvXdufZ4NkFY0NeZ3-O6rC3gCu9RZFZoFepIspscmxW5U_4ydehgPBZaC6F5FGNTNWnZCCj38k_A6...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAJrTIrHCPCv_a4H9Aj0gN4&google_cver=1&google_push=AaAOQGE2l7ZGBWXYvXdufZ4NkFY0NeZ3-O6rC3gCu9RZFZoFepIspscmxW5U_4ydehgPBZaC6F5FGNTNWnZCCj...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGE2l7ZGBWXYvXdufZ4NkFY0NeZ3-O6rC3gCu9RZFZoFepIspscmxW5U_4ydehgPBZaC6F5FGNTNWnZCCj38k_A6ElmMGF0d&google_hm=2huUjC0YSs282q2Z1lroLQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGE2l7ZGBWXYvXdufZ4NkFY0NeZ3-O6rC3gCu9RZFZoFepIspscmxW5U_4ydehgPBZaC6F5FGNTNWnZCCj38k_A6ElmMGF0d&google_hm=2huUjC0YSs282q2Z1lroLQ==
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGE2l7ZGBWXYvXdufZ4NkFY0NeZ3-O6rC3gCu9RZFZoFepIspscmxW5U_4ydehgPBZaC6F5FGNTNWnZCCj38k_A6ElmMGF0d&google_hm=2huUjC0YSs282q2Z1lroLQ==
date
Tue, 18 Jul 2023 17:14:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
dds
rtb.openx.net/sync/ Frame B4D9 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEAUOSuTBxPBvgUpIjvfJZJU&google_cver=1&google_push=AaAOQGEsFaNBy2Tu37i3jZYMUbw55ICLwZFbXpXqRZ3kfzNbtV7aCBN3ceNn2_sStFm-6oLrnWSJIlIrceIfo_QJ-NlgGMvD_hEm
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame B4D9
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ivNUxmosSQCxrTY_AP3ikA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ivNUxmosSQCxrTY_AP3ikA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGHDzGxRDxDB8ZFY5U7dnZ_39oH8SPks8duhJc4WqXT-5joFMPserAZ7FXza-KhvpH1iu2UoLY4EiOuNu52WKRaLi2lSD7q0
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ivNUxmosSQCxrTY_AP3ikA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGHDzGxRDxDB8ZFY5U7dnZ_39oH8SPks8duhJc4WqXT-5joFMPserAZ7FXza-KhvpH1iu2UoLY4EiOuNu52WKRaLi2lSD7q0
date
Tue, 18 Jul 2023 17:14:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame B4D9
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEExAi9tbsMJTU17sPfxRGvQ&google_cver=1&google_push=AaAOQGFwxjGhRBjhuAi65T1nmtBgNVkg2npj9I2YwkGYiUrjn8A2KSzSR0Aeoa825b9gedRNU9_rYNN7L4EL...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGFwxjGhRBjhuAi65T1nmtBgNVkg2npj9I2YwkGYiUrjn8A2KSzSR0Aeoa825b9gedRNU9_rYNN7L4ELgVDzL2TkTiebpNm4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGFwxjGhRBjhuAi65T1nmtBgNVkg2npj9I2YwkGYiUrjn8A2KSzSR0Aeoa825b9gedRNU9_rYNN7L4ELgVDzL2TkTiebpNm4
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGFwxjGhRBjhuAi65T1nmtBgNVkg2npj9I2YwkGYiUrjn8A2KSzSR0Aeoa825b9gedRNU9_rYNN7L4ELgVDzL2TkTiebpNm4
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
report
sync.teads.tv/um/ Frame B4D9
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECEU9siTOGuy...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGFeZB8V_wo4Lat0MTbCNW0yrNa-5t8fJ6eiI9tlLmlrVuIkY840TIyoSh2fshShDvhiTHV2zFG2N0XUeMoTWwzCJndzA7u39Q
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol
H2
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Tue, 18 Jul 2023 17:14:31 GMT
pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame B4D9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KpjMniRfi5T02_QPqYcXRtiguzIweGBXq4LCxYeVrvXKERMpzJC3FrX8IzJrOHim3SWNLaGw
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame CE25 		0
0
logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame CE25 		0
0
tui_live_happy_white.svg
s0.2mdn.net/creatives/assets/4426814/ Frame CE25 		0
0
head2_2line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame CE25 		0
0
head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame CE25 		0
0
728x90_kv_paare.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame CE25 		0
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 844A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
22423
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 11:00:48 GMT
expires
Wed, 17 Jul 2024 11:00:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
verify.js
rtb0.doubleverify.com/ Frame A006 		1 KB
927 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_921128802570&jsTagObjCallback=__tagObject_callback_921128802570&num=6&ctx=29074404&cmp=30088679&plc=369161266&sid=8754143&advid=&adsrv=&unit=300x600&isdvvid=&uid=921128802570&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=114&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=16&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=166&eparams=DC4FC%3Dl9EEADTbpTauTauJ2%3D%3D2%5CD9%40%40ED%5DEGTauU2%3F4r92%3A%3Fl9EEADTbpTauTauJ2%3D%3D2%5CD9%40%40ED%5DEGTar9EEADTbpTauTau2ff72h2hdc3e6hafd_cda2ccc3eh3d25%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=5.30&callbackName=__verify_callback_921128802570
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
0a1274d6f5ee3ffbdb2d96311d311740b6f5508ba764ee8d3822b0d8c2fb1a7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 17:14:31 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
07/17/2023 17:14:31
e.js
live.demand.supply/e/ 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_728x90_sticky_display_bottom&e=ao&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.5.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id
01H37XBZTS5HKQ2F1CQXNBQG5A
date
Tue, 18 Jul 2023 17:14:31 GMT
cf-cache-status
HIT
age
450584
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"081b1367cd2301d3bf23f0a40952d236-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7e8c5c8a29701e4a-FRA
activeview
pagead2.googlesyndication.com/pcs/ Frame 2F3E 		0
0
dc_oe=ChMI7MHB4uCYgAMVWYzeCh0DFgTiEAAYACCq7rBPQhMIwJiO4uCYgAMVBpL9Bx255QDu;met=1;&timestamp=1689700471385;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;
ade.googlesyndication.com/ddm/activity/ Frame 2F3E 		0
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BA8B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
22423
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 11:00:48 GMT
expires
Wed, 17 Jul 2024 11:00:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
692.json
id5-sync.com/g/v2/ 		241 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/469361/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
40d01d03ade526a5149601e462915a87197644bcba95180230efb8c9741e636c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://yalla-shoots.tv
date
Tue, 18 Jul 2023 17:14:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1405 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2584475204198&version=m202306200101&ct=76&x=1&cor=2435619057792865000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bsevent.gif
rtbc-ew1.doubleverify.com/ Frame A006 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-ew1.doubleverify.com/bsevent.gif?flvr=0&impid=c21d375688dd455e888149fc060e72fb&vfdur=26&cbust=1689700471445290
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Tue, 18 Jul 2023 17:14:31 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
07/17/2023 17:14:31
dcmads.js
www.googletagservices.com/dcm/ Frame A006 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal119.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 16:50:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1423
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6830
x-xss-protection
0
last-modified
Wed, 24 May 2023 18:59:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 18 Jul 2023 17:50:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6AB6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzAikdsi2ZLzsA9zF7_UP3Kil2AMAAAAAOAHgBAI&bg=!8POl86fNAAa3SiIRl0o7ADkAdvg8Wr9BYWRTb7VkL3y9pjLD-JdbueZlYTLK-m1twIph9JmMQ44tqqlii41eeHiD4Rb4rYoB3m8CAAABIVIAAAAFaAEHmQL4TnW74fVw2zab2rf9w0VePUHHFwGBOq0nvq1UuAjMDy12VvvBG58rw-9rDUVS7CYwOsHt1PYQtYlUci6v1RclgdtAsjhorBRcjLsHPASj6IIDPkQSN4trfID3Um9GjizvcBTcqFbdn_YuEJElmR2qs5a7W4WfYvwN91PA7n2AK5z7TOuNnWkGt29v4WqPSzuhUy_28KhN0gnwwEOqzmRDk-lhF-74UExmMXE0t6UzeVqf0a5kvV-e-p650LgMwx5mpGVlrKFZOWgY8WwRP5HLekfRmLM-1St6lk7XwaqEl0DkU_Lk_FbGiMP5PuatOcGkRHa-nzsDCuRhDGQyYnCpXpS2qRMLKXJM8AkRvMtRwC6IiKXI-Kowk3dWfzIFq_U7NWQZmuSmEZFaTUxtyNtwBpTWxB5ZOQtbxonK8359wewa_umWMME-iZ5nyIte8rTJ-dwvF8g0lo4pa2APiIkoSE9xtCB3Q_ekR0vNkY2RL64CurgrLMY15nUdjtx5j1JOKe8UILTLqH4t0ovbOMegguyQhCDE3Glif9l3nZoS6f4A0cFxrQjExJ10Gg6gm52Iz7-rb3R9rXCS-csBgFsh9oeDst2QjyENLGA-woWsbcAiD6tG_NVBkdlxQWxb4FxdUEQd77mvWwaNsJV1H-UjB-Yjvr_8rbovym8kbuga9BT5oQkdCwu9r3HBDC32Cxcy8xbSCPAiI36Pt8TsgdrR7q7S7ANsRyk1oTtUvRSDGqjjNiQJ42pfaoyyRzQBW4Ix2QCg5kPX7akhX8RMuJZOcIkZWYEcf_yeLFO8KEorchbZqu_2O3ihU_sslUCIcKGsw91sOlOfy6ADfE6PYukewXIeBz5Ity9nXavsJtlQvdHA612FAfibX0yc8p0HyOnTH_psPhDlamXcbSasASO4ef0C4WdcsQ1DvAAljF0eI3A-akLg_W5cNrp2nvTtpCcFNlWJ0mvA7b14GnQpamZbPz9TibE0vT5cg9rqYDul0Y62h4RmbHxPHw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js
pagead2.googlesyndication.com/bg/ Frame 844A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27d1641078d09f5541e3073bb961a6a18f8ea20d093779ef8cc702ece3a23d97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
440054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14539
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Jul 2024 15:00:17 GMT
79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
pagead2.googlesyndication.com/bg/ Frame BA8B 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/79Hy1jOkYXTpKXqlcd2FYXx1C4-H0WpSd41bxBCbcBc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efd1f2d633a46174e9297aa571dd85617c750b8f87d16a52778d5bc4109b7017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 14:04:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
11403
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14507
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Jul 2024 14:04:28 GMT
impl_v96.js
www.googletagservices.com/dcm/ Frame A006 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v96.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 16:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
87544
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20157
x-xss-protection
0
last-modified
Mon, 22 May 2023 16:41:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 Jul 2024 16:55:27 GMT
B9689862.280584279;dc_ver=96.284;sz=300x600;u_sd=1;dc_adk=4278337371;ord=opc1am;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fyalla-shoots.tv%2F$0;xdt=1;crlt=ARE)!pcj...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame A006 		62 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=96.284;sz=300x600;u_sd=1;dc_adk=4278337371;ord=opc1am;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fyalla-shoots.tv%2F$0;xdt=1;crlt=ARE)!pcjNt;stc=1;chaa=1;sttr=57;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v96.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
630f83a9a191e4ecb8d3429bccf6604930c620ad709ea895361202f9315ee180
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29232
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/ Frame A006 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230717/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=96.284;sz=300x600;u_sd=1;dc_adk=4278337371;ord=opc1am;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fyalla-shoots.tv%2F$0;xdt=1;crlt=ARE)!pcjNt;stc=1;chaa=1;sttr=57;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 17:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
85983
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 31 Jul 2023 17:21:28 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A006 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssQO2Fx_l7MKph1qMbuK_8WNXF-uz9K_TicpWU2Xo-9NC1jMOAIQRJdtTkiez41pctNCZ61m2BUEmGYTdxv5kc9LnT-WNgKQaVII7W4Sr_uksfxe3SyP5G0WqAB44slFOQwPOgiKsf2qo40wG2e_iJiJvQHjXkcjce1BeeGxQ&sai=AMfl-YS83KDgwdIVtWtTZqP1-xoRkEqOovcUvzu6g8ibvfIMiUDG7e6Jc_ux60xLcM5dkMEVMBX3081ybiWwOSJKD9UmogAJYkkfgvu8cw&sig=Cg0ArKJSzPOD21MxcRWaEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230717.46813&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=96.284;sz=300x600;u_sd=1;dc_adk=4278337371;ord=opc1am;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fyalla-shoots.tv%2F$0;xdt=1;crlt=ARE)!pcjNt;stc=1;chaa=1;sttr=57;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 18 Jul 2023 17:14:31 GMT
6335791767665586692
s0.2mdn.net/simgad/ Frame A006 		307 KB
307 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6335791767665586692
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bcc78c28638c7500c7f6ac759ee979e9dcbc49559d7766a99ff763aaef8f051
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 17:43:08 GMT
x-content-type-options
nosniff
age
603083
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314659
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 20:18:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Jul 2024 17:43:08 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C992 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
22423
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 11:00:48 GMT
expires
Wed, 17 Jul 2024 11:00:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8530 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
12452
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 13:46:59 GMT
etag
48472445140208031
expires
Wed, 19 Jul 2023 13:46:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A006 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fec1c62024154c07ac6d182d10f3e714daaff90f3f2bfd891d32afacc5fef28c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame A006 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssQO2Fx_l7MKph1qMbuK_8WNXF-uz9K_TicpWU2Xo-9NC1jMOAIQRJdtTkiez41pctNCZ61m2BUEmGYTdxv5kc9LnT-WNgKQaVII7W4Sr_uksfxe3SyP5G0WqAB44slFOQwPOgiKsf2qo40wG2e_iJiJvQHjXkcjce1BeeGxQ&sai=AMfl-YS83KDgwdIVtWtTZqP1-xoRkEqOovcUvzu6g8ibvfIMiUDG7e6Jc_ux60xLcM5dkMEVMBX3081ybiWwOSJKD9UmogAJYkkfgvu8cw&sig=Cg0ArKJSzPOD21MxcRWaEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=102&vt=11&dtpt=101&dett=2&cstd=0&cisv=r20230717.46813&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=96.284;sz=300x600;u_sd=1;dc_adk=4278337371;ord=opc1am;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fyalla-shoots.tv%2F$0;xdt=1;crlt=ARE)!pcjNt;stc=1;chaa=1;sttr=57;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 18 Jul 2023 17:14:31 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 9C75 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://q9g3eq75cjvp82.dynamicrevival.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 15:41:45 GMT
x-content-type-options
nosniff
age
264766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 15:41:45 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 8530 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEEzKCqMEkhItZ0ua-uBt4oE&google_cver=1&google_push=AaAOQGF4vGW8hXH2-tr9EJSHjHPg_gDhX-5l6O1ua1TXqYkCuVrUt6whNADJpf1MVjh4j5xp7DQdT915mZOrA8jqzPK9k1ZtkoTF
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 8530
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEL6jlPpiUfW858JDRitrzG8&google_cver=1&google_push=AaAOQGGaZNJw32maC5B2lSBEooHG4SezIgAG9u8v5gS82P7NjyiZamCjURNQ2c_NDYk6mUFAGUuDtdhOREW...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGaZNJw32maC5B2lSBEooHG4SezIgAG9u8v5gS82P7NjyiZamCjURNQ2c_NDYk6mUFAGUuDtdhOREWmhHLAi36MxpIunglGkA&google_hm=5HvoZvoOQNyvpRfZNK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGaZNJw32maC5B2lSBEooHG4SezIgAG9u8v5gS82P7NjyiZamCjURNQ2c_NDYk6mUFAGUuDtdhOREWmhHLAi36MxpIunglGkA&google_hm=5HvoZvoOQNyvpRfZNK-K0oo
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AaAOQGGaZNJw32maC5B2lSBEooHG4SezIgAG9u8v5gS82P7NjyiZamCjURNQ2c_NDYk6mUFAGUuDtdhOREWmhHLAi36MxpIunglGkA&google_hm=5HvoZvoOQNyvpRfZNK-K0oo
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8530
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEO0GB5mrNXNl2NpztDq0_ME&google_cver=1&google_push=AaAOQGG_NUaWSENVXpDxyGMRT3ApHqO3kuIaW98WIfYu2R-txC6oK10c27xOt1aozEJDf5D_onu1cUXrhb5Nlk...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AaAOQGG_NUaWSENVXpDxyGMRT3ApHqO3kuIaW98WIfYu2R-txC6oK10c27xOt1aozEJDf5D_onu1cUXrhb5Nlksdwdabc02ZLVAbFg&google_hm=hmS2yHdMZtSbTTX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AaAOQGG_NUaWSENVXpDxyGMRT3ApHqO3kuIaW98WIfYu2R-txC6oK10c27xOt1aozEJDf5D_onu1cUXrhb5Nlksdwdabc02ZLVAbFg&google_hm=hmS2yHdMZtSbTTXyMg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D64B6C8774C66D49B4D35F232BLIS
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AaAOQGG_NUaWSENVXpDxyGMRT3ApHqO3kuIaW98WIfYu2R-txC6oK10c27xOt1aozEJDf5D_onu1cUXrhb5Nlksdwdabc02ZLVAbFg&google_hm=hmS2yHdMZtSbTTXyMg&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D64B6C8774C66D49B4D35F232BLIS
date
Tue, 18 Jul 2023 17:14:31 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8530
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPC8XHUdrmj1Scl33aJubss&google_cver=1&google_push=AaAOQGGfoJKmIj26Pgyc63-ncfW4_M6SuBHy0MpTlzgt-AFSlegyj179NCwcql0c3HjM0beR9jGAhSef...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzkyODc2MzM5MDEwODM5ODQxNg&google_push=AaAOQGGfoJKmIj26Pgyc63-ncfW4_M6SuBHy0MpTlzgt-AFSlegyj179NCwcql0c3HjM0beR9jGAhS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzkyODc2MzM5MDEwODM5ODQxNg&google_push=AaAOQGGfoJKmIj26Pgyc63-ncfW4_M6SuBHy0MpTlzgt-AFSlegyj179NCwcql0c3HjM0beR9jGAhSefXEYgNCl8sfJE4yB_uWC16g
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzkyODc2MzM5MDEwODM5ODQxNg&google_push=AaAOQGGfoJKmIj26Pgyc63-ncfW4_M6SuBHy0MpTlzgt-AFSlegyj179NCwcql0c3HjM0beR9jGAhSefXEYgNCl8sfJE4yB_uWC16g
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame 8530 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEAUOSuTBxPBvgUpIjvfJZJU&google_cver=1&google_push=AaAOQGGw4HK6qBHn4CDV86ioqk3gxMDL99jssy88Xc3HP1HOp3YvYemy-w93sRXOZBMHuELG7qekGnyfz0osulxy75nEgwTfBrseyw
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame 8530
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJZ9KSusLPLfTdn60eLhfy8&google_cver=1&google_push=AaAOQGHrbQYMnuzAHl2HTh_Tp59HzuFOi1Xvhj_ngjqFDamTus3fZr8geZH8TPtT7iBBqL1-35j...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEs4SzE4N1gtTS1KVjRI&google_push=AaAOQGHrbQYMnuzAHl2HTh_Tp59HzuFOi1Xvhj_ngjqFDamTus3fZr8geZH8TPtT7iBBqL1-35jz6VUYGNJ7UYvM0_0w4f40vM2PrQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEs4SzE4N1gtTS1KVjRI&google_push=AaAOQGHrbQYMnuzAHl2HTh_Tp59HzuFOi1Xvhj_ngjqFDamTus3fZr8geZH8TPtT7iBBqL1-35jz6VUYGNJ7UYvM0_0w4f40vM2PrQ
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEs4SzE4N1gtTS1KVjRI&google_push=AaAOQGHrbQYMnuzAHl2HTh_Tp59HzuFOi1Xvhj_ngjqFDamTus3fZr8geZH8TPtT7iBBqL1-35jz6VUYGNJ7UYvM0_0w4f40vM2PrQ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
pixel
cm.g.doubleclick.net/ Frame 8530
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEExAi9tbsMJTU17sPfxRGvQ&google_cver=1&google_push=AaAOQGEg010ymYvy46HrYU2ncYOhR3UjhO-vngsuYPYpC6tVDbza-1LdMSPQiOsR2XJrk8CaaEKBPuO0WSsF...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEg010ymYvy46HrYU2ncYOhR3UjhO-vngsuYPYpC6tVDbza-1LdMSPQiOsR2XJrk8CaaEKBPuO0WSsFwq11Iv4BIGROM0vGvw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEg010ymYvy46HrYU2ncYOhR3UjhO-vngsuYPYpC6tVDbza-1LdMSPQiOsR2XJrk8CaaEKBPuO0WSsFwq11Iv4BIGROM0vGvw
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEg010ymYvy46HrYU2ncYOhR3UjhO-vngsuYPYpC6tVDbza-1LdMSPQiOsR2XJrk8CaaEKBPuO0WSsFwq11Iv4BIGROM0vGvw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame 8530 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KCqjHy3SA9OwaaWECc44fO08H25nM7XdtY9tTVH4FEuqBuSWsmRQlrjRSnr73M4PwSVAta
Requested by
Host: a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
URL: https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:14:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame BA8B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZUDnd8i2ZMmPCuP_3wOX-rnADgAAAAA4AeAEAg&bg=!fH-lfyvNAAa3SiIRl0o7ADkAdvg8WvB0nx38UNKX5VWNCkjd3M9qeaFexEgV2ITfStrdMXZPRJ1BwyVPNw78jOSiyAjDodzeLfICAAAA0lIAAAAEaAEHmQL7-AFxDuNh-cjUDBqlnRbQ1BtKvzIOjyyfP6-cZIVOeWJLCNQI0ZLgPzswk-VDQVMSW-G2dgXncX2QJ_I-DOyTf8Vml3bmaqK3WFCyuV9bHnyiX_NGssGs8eG2YzrG7ylz5eQhFDzvIODtbRktWEAvme6keEiVmbv0NGp44aSyWJtV7HUPGj8AgZ6cBs8Ktyb4BbeOym40mUB4XP3Ry7raup7K3jetkI8Ezbz9-6nL1vRXXQOuJSR0FKHlx2-aOJPMA-pUzBieRzwY1RnBHeNnCSv8JZCUw2F44s6YE4-UDQmcVAR514cp58YVKrIxcXlCStA8WabBPUW_l_J9TfvD_crtt1V925bY6NyxxYm8tCCRD7KVHRBybtNaNL3pYmX-t4y8-QvD6P95za2TUithMsOgmsbfATOUIoNaJMcEmi3uw37et1eOK0no1vNtY-lMIwpR7GccgAdEdwDeqkShXcIaDnLTlo7i657iFQHSQ2ujHheMpO0acQzoIDuHUkRfVWtqpmE53SjSloxxj4YRRDZjEv-Ne9DwhUYysWhRIzzLicbTMxIonZ8xCh7T9HnQrPqkVeKhRHnSIoFfHv9MZzAsi0fnkO1wYec2Kx2sabDAqTixH5-cSaJwykv-0UTaNaV3yUD9GkZwwYeydF9RXfpLgN9k90sWhJEuI54AD-7IyzsDm-ZL4_dK6OOJXSJ0uMHXYMNorGokXDSx3QiRkRTAwDSQuieNhmBDxRabuy8qL5kyWvW1h5lHTrVCy7YT_UVn6MUmH1LKT98cq4p6XgyUVufvWLdq2KyKdpeegjYnlbgaVB2LSHnx3iwwFu2l8OWlHgX1NrK6zeQos6QjX7L-cRvxLn0oexrbIVwoAbUmUBlp_86AtgFVDrb_ICVeZ94FL-qPtoogeM3qPPgcGLNEwsjUN7iJTvlZ156wfvsDMxGoby1jPTnc-duCqISOjS2m0QxWVIpibpDlddf_snPTNl9IgztU9CXxDGQwV3HiRVm-edy62i_uFA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js
pagead2.googlesyndication.com/bg/ Frame C992 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/J9FkEHjQn1VB4wc7uWGmoY-Oog0JN3nvjMcC7OOiPZc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27d1641078d09f5541e3073bb961a6a18f8ea20d093779ef8cc702ece3a23d97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
440054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14539
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Jul 2024 15:00:17 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 844A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlNrDd8i2ZLrBBc6XjuwPxLifgA4AAAAAOAHgBAI&bg=!REelRxPNAAa3SiIRl0o7ADkAdvg8WvZOiNe6krC59aK2uTzErXMpRszit8Ws-ZxkJO5e5fU4EdLwkzRyvCzcgnoAr_jpjnTbRXkCAAABBVIAAAAHaAEHCgBZIfEjFrgcvR1wD0VhSBF8Dn9iE-wzAYivok5OnnO515-ooDpWKwB0BhKnKlf5hniOOT94riUh8uBbU0emf2UtoOBI0StNZulHo3NPhU6J6xUSMUnXlNyNoySZAvZZClaUy8Uy17eaHY0tBF93cfmXyI3W2C98K3bkYd3gmE--SHDu0BWAK2Um6dAVvwwXecDSiEy8FoHJ0umgQNLx7RGSmJG0DM2UMO7u_vOK8FCbFQr1-vJ5J94Eazrf6ATOPLe3ZMkUV3rUY0IDZR6FH39xvCfL_1MHnC1AJ0M8zI2nq_yfyzTJXiXvBf00uv3Dvf8_YUC5r6VwpXNKrjDz2ei_SWBEwxIbNUEegNxOJI6bmCr2uSG_8vjOP1K7PUSg_p_wjkQjSRsIFigjcYGe7gHFaWzUDo_fldETraQBU1K8Uu7ZLBFWDbQTs6veGX8-XjMNp7Yhdp5T0x_E7Qox4nB5B-bMKKAVc1dEV3OYYmV6bE9bdDiyklxxufugYnF5k8RqP_1zavCpStME9X5s8eVqamYbsVo2rp2ChxVwu6KR44owjH78lDgRluEIli-SgLIspZlZ90LMgCO89yAgsqgZq2AJy4wXo2uBjygxgvF5yT1dPhbq9NSFUTffJToPIv5ubd9Z00fPyKSdn_SzupnqRCt6t0egFgAw3k3Jpq3XbxZ_DSC9SON-SMMRgzmI9CJ16GB1lLLSsfsTYAfYFPNNNou9EHQq3DlWQ0Tw6zJakKkxAyXo75Rphzt8MkJCYsQbs2SHrfDvEe6vJGNz32lihsNcEG6eXaNBUp4UGoF28G6NlhCW81YWy9IULSpIdGDcdlgRbEu-8zFQjk01I1dGT4728XrvWqpOPTAgtqwjcBvOocU8t0QaYUQqeU382BjcF9RFZG6qT-NJDpHO3ud4_jJnc3apc3kXn1JtwbBiwkheHj2JicTgayOESkGWPNJyRYGtF-8PXTSVCdd6bTWchjMzY2mEhRo7WCc1HPfmBySUCTvqdHNmihfKPVqbig2ZbA5HABFFNIBwT4WDswO0ymYF_RMoE5OTXMZ3VhIzNQHZgakGRRV2ZXnP6TKjauYlju575EKEpG7JPvXCf-8ra9YFHmabBYyPLj0MEwqDZlr8JA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C992 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3xk3d8i2ZPCbIein9u8P4I2h4A8AAAAAOAHgBAI&bg=!KyilKHzNAAa3SiIRl0o7ADkAdvg8WtwiAItJ2eXrrQtJkSa0vu8X-2kNA6JsmMuZpkeM5Zln0s2_pS7G9fJmetb_vt8RIUxKafoCAAAAWVIAAAAGaAEHCgB37Hci2CuH7fZTsiE2DzxIcla8SM1PYSKyXsJosOPJtfGm67_Be2Leh1Y79BMC_nHZ_Th3ZgEWWPqsMmgU6X0WQ1dxotzT-MC_qIVQXbNgqIqRydFXWHCaD6jTo1IJMS4gF7rTf9nBHUdOzP6q32tREfJBMyqFM4iZAv7hdP1yPKR2qWPniZqQ-ZdtzbeQBUg6UyIA1oHI7ys1jX6x29DDvu0GspQnEoDDmKcR-F5QgZPrLGXhpYEJb3T-Kd5OhQDRP4OaNOHRq3nZpk3iMxDO_LqeOp6mhdXvOEmV9q09gTJ4deMiHMA2oKhAtC2rLiA8bvglEFPZERzdL2HOpNAzSaYPJrHkCy1TNGSaxvPzMsXLETzFpOOcpBvo85oDwTkz_-m5NtiQUSpSWi-5DHeyyrG8TSHmxF27fLECJWngtidNsfd2k3tuSS1kk2yYFqzSA5ackz2sGlTFvASHakBcOxcXSIKlPdIr1JO7G3L9oBouNMU2YJiDlaZ6bLFkemFOCHIkg2wzSVOf0id81aO4bRZImoIlgiJ6uBS6o4dGEXH_e_8EJaZPRPV9UT-0naZ0emUTHdSdwweHGAkCXmL9dcDJ9DODaejjjk5wSlsa1t-583Y-YSNaw79zaQap9ghQtlfUvtmokjmcuWntPUSIaAXJlOsGN1fqHs1PYfM9Gg_BOaEEhmDK_HPhtuF9Fh75htpBd9ARiOlseURs1e1ZZ2wtm8wOf79Z2v5tNuXNIWk4R4BMz2zk9zGA0M8qwFW6INhmEVGALrfG-5N7WRr6b1yqEHgjqAfeCHfGl_wW8msMVIFC4CYjAvG03BxVn6HhYxj52I1XNFpevYUAPyMJTimsqzSP1abVxPl2pQn1AD7UbXww-ajySAyyb2YVqjTfrZX5jQ7Ep1LydefEDqXPKwIPegxJYW0NraPrIjXPgduvbBHVnvbzmGB4nm_V2ssGIRWhhDMiVlSOjHpYZ4D_Adi88X1MAk6yujSYaV0vyEM8errPiCBFdE68JYNAK5srOT2sUZ6FQOL-DZKoCPNnjOyTsVLIjFAc7pEkQDf_VTSIQj79DkiPRl9TAo6N7O-jIsAW_pJmZStL-jkJys3m_A9ZnH7bz9TL3SXza8RUzqF-OAJEO2EO9s7jtxu7TWV-bzn8sQmwvBOcwu6Wjiqr4ouot_9QSsHZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1305 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4155735620819&version=m202306200101&ct=76&x=1&cor=5945865739376062000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A006 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXRiVo_cbMCPd-vcDZNN5rHVjceCCBG7QL8nHBjvhi6R3T-gzQFFR20KvsxQ7jjPHfxlYf7Q20NIcQQDb2z3w-ph0j9p4bW7OC7x8nsg3_DdJ5fDMKetJmMQpwCzWfKI_ZZ8b6ct55HUgA&sai=AMfl-YSI2pviCV3TkZfc2Jq_3QoI5IaY7QYhvWQbRhhQKAd_zjyLPc-jaPgxx9SEav1jac7FFuCHdJMFrHIjgqBnj5-zfSWJh6KEnfbIBo7TbuYKUMnx2IFy7ZV0lvek&sig=Cg0ArKJSzBK1cOH61QfsEAE&cid=CAQSPABpAlJWUwKHTROyTxYSexDmBwE4oTChTpY-FuCLUfblmmuMZe4b8zFUhbBVfBx2McMF3uZWCgI_ubpUQxgB&id=lidar2&mcvt=1000&p=601,0,1205,300&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230717&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=2699624902&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689700470776&rpt=945&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A006 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszalQsucoDXGO2zqUQ0tSxAvqPuliy8eUvS--hBrem7G6DJeg-iNXT3-CaHFowXfApuyEsHoCxHjIKdLJq-nfideU8npWf&sig=Cg0ArKJSzDv8-e9MqyfmEAE&id=lidar2&mcvt=1002&p=0,0,600,300&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230717&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=4278337371&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689700470776&rpt=949&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A006 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5581034592834&version=m202306200101&ct=76&x=1&cor=7985961651035586000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 17:14:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cwdjkhlh9g.m3u8
ss7aja9crp62j2zf.cdnspectrum.net/hls/ Frame 9C75 		856 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ss7aja9crp62j2zf.cdnspectrum.net:8443/hls/cwdjkhlh9g.m3u8?s=nVsiDSQbuoG8TBrZ5Yu5WA&e=1689722068
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.154.206.103 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
388e45ac1986bf68f27e6fa41911def091b0602cfbcdc80224b8a02e64bd7204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://q9g3eq75cjvp82.dynamicrevival.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:30 GMT
Last-Modified
Tue, 18 Jul 2023 17:14:27 GMT
Server
nginx/1.18.0
ETag
"64b6c873-358"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
856
cwdjkhlh9g-311135400.ts
ss7aja9crp62j2zf.cdnspectrum.net/hls/ Frame 9C75 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ss7aja9crp62j2zf.cdnspectrum.net:8443/hls/cwdjkhlh9g-311135400.ts
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.154.206.103 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
21476a80b11fdbe3c9230a1ea00cdf1297552bfc2482fbffebf30e6517722566

Request headers

Referer
https://q9g3eq75cjvp82.dynamicrevival.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range
bytes=131070-

Response headers

Date
Tue, 18 Jul 2023 17:14:31 GMT
Last-Modified
Tue, 18 Jul 2023 17:13:38 GMT
Server
nginx/1.18.0
ETag
"64b6c842-12acc8"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Content-Range
bytes 131070-1223879/1223880
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
Range
Content-Length
1092810
e.js
live.demand.supply/e/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_native_multi_native1&e=ubs&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE1MTEvMTA0MjY3OS92YWxlbmNpYS12cy1ub3R0aW5naGFtLWZvcmVzdC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.5.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id
01H37XBZTS5HKQ2F1CQXNBQG5A
date
Tue, 18 Jul 2023 17:14:33 GMT
cf-cache-status
HIT
age
450586
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"081b1367cd2301d3bf23f0a40952d236-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7e8c5c98492b1e4a-FRA
cwdjkhlh9g.m3u8
ss7aja9crp62j2zf.cdnspectrum.net/hls/ Frame 9C75 		856 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ss7aja9crp62j2zf.cdnspectrum.net:8443/hls/cwdjkhlh9g.m3u8?s=nVsiDSQbuoG8TBrZ5Yu5WA&e=1689722068
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.154.206.103 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
388e45ac1986bf68f27e6fa41911def091b0602cfbcdc80224b8a02e64bd7204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://q9g3eq75cjvp82.dynamicrevival.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 17:14:34 GMT
Last-Modified
Tue, 18 Jul 2023 17:14:27 GMT
Server
nginx/1.18.0
ETag
"64b6c873-358"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
856

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s0.2mdn.net
URL
https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/creatives/assets/4426814/tui_live_happy_white.svg
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/creatives/assets/4453672/head2_2line_paare.svg
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/creatives/assets/4453672/728x90_kv_paare.jpg
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstc-cr1N3LvA1ybJTBBZuECc2-RfGbqesH9GncLOINLJ_FcPciXFzoT9oxwGxgwOYNjrbbQ5GlTir1mqfb4GW11Ygv4Rpza7UMjbQUbTlNub1UfTaidAzfPmxMxt72k_oN_RYEdROz-rpwn&sai=AMfl-YSHK-5iWBHQyMohsh4XwU_tjmHaf4i1qLEY1_pYNSbIy7u61kM-eedeKNFc_4XxwhO_RwIuFgLhqWloxNlC0uk4gYlyqVsidSUYFogKWOgwcCcN9VqjvBFknBNj&sig=Cg0ArKJSzAYzZfVtRuX8EAE&cid=CAQSPABpAlJWuDAX0kDnp21Ce6yF3S2aXmPqmnW-4kiaMzqM0ZCNKcDxZlNEKBFgwdAsqBNrMYcbsZVx5zwg7hgB&id=lidartos&mcvt=596&p=1110,436,1200,1164&mtos=596,596,596,596,596&tos=596,0,0,0,0&v=20230717&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3539973942&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1689700469883&rpt=863&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
ade.googlesyndication.com
URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7MHB4uCYgAMVWYzeCh0DFgTiEAAYACCq7rBPQhMIwJiO4uCYgAMVBpL9Bx255QDu;met=1;&timestamp=1689700471385;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;

Verdicts & Comments Add Verdict or Comment

220 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 boolean| credentialless object| onbeforetoggle object| onscrollend object| __cfQR string| demandSupplySc string| demandSupplyCr number| demandSupplySr object| houseAdCampaigns string| demandSupplyTi object| demandSupplyTc object| demandSupplyTcI number| demandSupplyPDI number| demandSupplyDFSS number| demandSupplyCRR object| demandSupply object| googletag object| fh object| dspbjs string| demandSupplyFS object| _app object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| google_reactive_ads_global_state number| google_unique_id object| gaGlobal object| pbjs function| setImmediate function| clearImmediate object| __uid2SecureSignalProvider object| __uid2 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_139 object| Criteo object| Criteo_identitytag_139 object| _33across object| signal_decrypted function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 string| currentUrl string| mainURL function| _0x480a function| _0x47df function| decrypt function| $ function| jQuery function| removeCustomBanner undefined| customBannerCountdownInterval number| p object| matche string| u_key string| k_url function| update_frame function| _0x17035d function| _0x1bbb function| _0x144026 function| _0x516788 object| divChannels object| rowChannel function| _0xef9dd0 function| _0x12aaab object| channels function| _0x599d function| _0x19cc99 object| channel0 object| aniplayerPos function| rdmode function| HqyLazyload function| gtag object| dataLayer boolean| __cfRLUnblockHandlers object| google_tag_manager object| gptAdSlots undefined| interstitialSlot undefined| staticSlot object| anchorSlot object| vmpbjs object| vpb object| adipolo string| GoogleAnalyticsObject function| ga object| com function| _avcp object| GoogleGcLKhOms object| gaplugins object| gaData object| vmpbjsChunk object| ADAGIO object| sas object| apntag object| _ADAGIO object| ONFOCUS object| google_image_requests

60 Cookies

Domain/Path Name / Value
live.demand.supply/ Name: demandSupplyTi
Value: c677851b-eb3a-4f42-9848-077d0b71f2d2
.demand.supply/ Name: __cf_bm
Value: VzAkPWE1E_4uo0RCV.gijraRnAmCB9rR9g4nlg2wKDI-1689700467-0-Acau8nahOZ7mnKLTRJfPk5VZG9iUQJEvqGaMc1GGvbYXbFRAJS2N6DB5ilZSpv3ZaVJztAjhT2F7GrJOVcsamrM=
.criteo.com/ Name: uid
Value: cf45ac7c-3c88-4b0f-8ffa-2909a5f7346c
.yalla-shoots.tv/ Name: cto_bundle
Value: hJoGjl84VkVjbFFjVG1mQU0lMkZud0NkJTJGbkJCSzlSNjlrU3JMYSUyQlZkRDhzdTJzSXZ3S3daTGhXTlpLRHFkdk9NNkRUenB1V0xLc3dGNzNiYkJvd1VEdEMzUiUyRjc0c3pvcjk3Z3NNRUM3ODhJR1JyME1ZcWIzMkRNS1FNdFc3YWhpT1JiNWFMdEdlb1QzbHhUZ3QzclM1aDQyT1hDZyUzRCUzRA
.yalla-shoots.tv/ Name: _ga_DSJ81X88Y5
Value: GS1.1.1689700467.1.0.1689700467.0.0.0
.yalla-shoots.tv/ Name: _ga
Value: GA1.2.1232595036.1689700467
.yalla-shoots.tv/ Name: _gid
Value: GA1.2.32777644.1689700468
.yalla-shoots.tv/ Name: _gat_gtag_UA_230085360_1
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUlAnao7B2qeDhzTDE90pi4WJdSXcjWpyJigujGR6B1bPQdE6Kug9ko3uz0A
.adnxs.com/ Name: uuid2
Value: 5985896728333072980
.yalla-shoots.tv/ Name: __gads
Value: ID=8238e40493fbd91b:T=1689700467:RT=1689700467:S=ALNI_Malw_5R-3LX6FK69-8-Txt8IbExYA
.yalla-shoots.tv/ Name: __gpi
Value: UID=00000c3fe02dedc8:T=1689700467:RT=1689700467:S=ALNI_MahRX1CYAsRGeOFxbuXoH1RIBm9KA
.casalemedia.com/ Name: CMID
Value: ZLbIc-ae0U9MlyvHuknCMwAA
.casalemedia.com/ Name: CMPS
Value: 5199
.casalemedia.com/ Name: CMPRO
Value: 5199
.doubleclick.net/ Name: APC
Value: Aa3gxNpuqg-kJoDc1tN7rw1RA5nv9WXbKR2vItk85-mUQeW8cr83LA
yalla-shoots.tv/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.yalla-shoots.tv/ Name: _pubcid
Value: f2bace92-23fd-4d1b-b9d8-7c822fcd4b21
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2IlinS:5y!]tau8i_iqf!oN/@E'zz<*Z0QpT4<QuI6ft3Z=([.F*OPrrS^Y]GCe9)8kM:TD._*PlZ[C[-kX-8EQ$i
q9g3eq75cjvp82.dynamicrevival.net/ Name: hf1
Value: 1
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 5b1cad1e744c56ca
.retailads.net/ Name: ppb2172
Value: 2890142890
.awin1.com/ Name: awpv11830
Value: 296283|1689700468|8db3ab10-258e-11ee-b199-223078f3fa88
.awin1.com/ Name: AWSESS
Value: 357066:2338577
.futalis.de/ Name: raSIDb
Value: 2890142890
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1689700469261,"clickCookie":false}}
.3lift.com/ Name: tluid
Value: 1666558201449688226382
.turn.com/ Name: uid
Value: 4092134028518229469
.ctnsnet.com/ Name: gid_CAESEL6jlPpiUfW858JDRitrzG8
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 8AF354C6-6A2C-4900-B1AD-363F00FDE290
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.zemanta.com/ Name: zuid
Value: uXyhagOq-zZ0ihfssusl
.lijit.com/ Name: ljt_reader
Value: HAJKtBZHzbVNJQ64SWSP1pQm
.spotxchange.com/ Name: audience
Value: 8e6838e1-258e-11ee-a6c2-162d46060506
.adfarm1.adition.com/ Name: UserID1
Value: 7257208258702604428
.adform.net/ Name: C
Value: 1
.360yield.com/ Name: tuuid
Value: 707791ec-1315-4b5e-9116-dd0ea2729216
.360yield.com/ Name: tuuid_lu
Value: 1689700470
.tribalfusion.com/ Name: ANON_ID
Value: aNntmIyg6AbrA7u8QCkvUXL7I7HW4E2aKTQFy0hUo3n2v62ULtoH78JJ4Ui4I7bJDZdNGt2QqZbv2GZbB2BnWUZccVDR
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-be872b05-8d70-4db7-8fd4-53b5d168069a-003%22%7D
.adform.net/ Name: uid
Value: 3928763390108398416
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-be872b05-8d70-4db7-8fd4-53b5d168069a-003%22%7D
.quantserve.com/ Name: d
Value: EA4BCQG_KYEA
.quantserve.com/ Name: mc
Value: 64b6c877-0201f-a4c51-fc4c7
.w55c.net/ Name: wfivefivec
Value: O9jXksOE1QlOhp5
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%229FB0F927-3AF0-4ED1-9F03-AFC6B3C8BAFF%22%7D
.w55c.net/ Name: matchgoogle
Value: 5
.bidswitch.net/ Name: tuuid
Value: da1b948c-2d18-4acd-bcda-ad99d65ae82d
.bidswitch.net/ Name: c
Value: 1689700471
.bidswitch.net/ Name: tuuid_lu
Value: 1689700471
.blismedia.com/ Name: b
Value: 64B6C8774C66D49B4D35F232BLIS
.bidswitch.net/ Name: google_push
Value: AaAOQGE2l7ZGBWXYvXdufZ4NkFY0NeZ3-O6rC3gCu9RZFZoFepIspscmxW5U_4ydehgPBZaC6F5FGNTNWnZCCj38k_A6ElmMGF0d
.ctnsnet.com/ Name: cid
Value: e47be866fa0e40dcafa517d934af8ad2

12 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: microphone, camera, geolocation. Values defined in Permissions-Policy header will be used.
other warning URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/(Line 412)
Message:
<link rel=preload> must have a valid `as` value
network error URL: https://dalbouh.xyz/api/matche?t=1689700454
Message:
Failed to load resource: the server responded with a status of 403 ()
rendering warning URL: https://q9g3eq75cjvp82.dynamicrevival.net/embed/cwdjkhlh9g(Line 5)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
other warning URL: https://www.googletagservices.com/dcm/impl_v96.js(Line 77)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v96.js(Line 77)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript warning URL: https://yalla-shoots.tv/live/11511/1042679/valencia-vs-nottingham-forest/
Message:
The resource https://live.demand.supply/p4/v16-10-0/eWFsbGEtc2hvb3RzLnR2Lw== was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
other warning URL: https://www.googletagservices.com/dcm/impl_v96.js(Line 77)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v96.js(Line 77)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
a.tribalfusion.com
a77fa9a954b6e92750452a444b69b5ad.safeframe.googlesyndication.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
adipolo.com
ads.travelaudience.com
adservice.google.com
adv.office-partner.de
analytics.webgains.io
ap.lijit.com
api.demand.supply
api.webgains.io
b1sync.zemanta.com
bcp.crwdcntrl.net
bidder.criteo.com
c1.adform.net
cc.adingo.jp
cdn-adipolo.urekamedia.com
cdn-ima.33across.com
cdn.doubleverify.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.retailads.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
dalbouh.xyz
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
esp.rtbhouse.com
feed.avplayer.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
fw.adsafeprotected.com
gcm.ctnsnet.com
ghb.aplhb.adipolo.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900011.redintelligence.net
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
invstatic101.creativecdn.com
jscdn.greeter.me
lb.eu-1-id5-sync.com
live.demand.supply
live.shoot-yalla.tv
match.360yield.com
match.adsrvr.org
mp.4dex.io
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
plausible.io
player.adtelligent.com
player.aplhb.adipolo.com
player.avplayer.com
pm.w55c.net
prebid.a-mo.net
pv.medialead.de
q9g3eq75cjvp82.dynamicrevival.net
r.turn.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.openx.net
rtb0.doubleverify.com
rtbc-ew1.doubleverify.com
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
s10.histats.com
s4.histats.com
script.4dex.io
securepubads.g.doubleclick.net
servt.modoro360.com
ss7aja9crp62j2zf.cdnspectrum.net
ssbsync.smartadserver.com
static.adsafeprotected.com
static.criteo.net
storage.de.cloud.ovh.net
swarm.video
sync.1rx.io
sync.inmobi.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
tags.crwdcntrl.net
tg1.modoro360.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
ups.analytics.yahoo.com
us-u.openx.net
v3.sportsonline.sx
velocitycdn.com
web-api.scorarab.com
whos.amung.us
widgets.amung.us
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
yalla-shoots.tv
youradexchange.com
ade.googlesyndication.com
pagead2.googlesyndication.com
s0.2mdn.net
104.18.35.34
104.21.233.171
104.21.235.80
104.21.4.192
104.64.118.247
104.75.89.75
108.138.36.21
108.138.36.48
13.248.245.213
13.32.110.114
13.40.20.169
13.41.28.186
130.211.44.5
138.201.64.38
141.95.4.204
142.250.181.230
142.250.186.130
142.250.186.38
145.239.193.130
145.40.97.67
149.56.240.130
15.197.193.217
162.19.138.117
162.19.138.119
167.233.14.134
172.217.16.194
178.250.1.11
178.250.7.11
18.181.23.196
18.193.242.108
185.239.173.210
185.64.190.78
185.80.39.216
185.86.138.154
185.86.139.94
185.89.210.20
185.94.180.126
188.114.96.3
188.114.97.3
20.127.253.7
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
205.185.216.10
216.52.2.48
2400:52e0:1e00::1081:1
2600:1f18:1aca:4280:d6f8:acf0:9b52:531e
2600:9000:225b:9c00:a:e047:753:be1
2600:9000:26da:ee00:8:48e:53c0:93a1
2600:9000:26db:ac00:1b:5138:8a40:93a1
2606:4700:10::6814:41d
2606:4700:10::6816:3556
2606:4700:10::6816:4bab
2606:4700:20::681a:8a9
2606:4700:3031::ac43:9ae8
2606:4700:3031::ac43:dee5
2606:4700::6810:8616
2606:4700::6812:19ad
2606:4700::6812:272
2606:4700:e2::ac40:850a
2606:4700:e2::ac40:8b25
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:802::2002
2a00:1450:4001:803::2003
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:806::2006
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::200e
2a00:1450:4001:813::200a
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2002
2a01:4f8:d0a:2321::2
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:1700:6::17d5:a18f
2a02:26f0:3500:c::5c7b:680c
2a02:6ea0:c700::19
2a02:fa8:8806:20::2040
2a04:4e42::485
2a06:98c1:3120::3
2a0b:4d07:101::1
3.212.220.14
3.248.69.61
3.71.149.231
34.96.105.8
34.96.70.87
34.98.64.218
35.186.193.173
35.190.0.66
35.190.39.111
35.227.252.103
37.157.3.30
45.133.44.3
45.133.44.4
45.154.206.103
46.228.174.117
46.4.10.47
51.38.120.206
52.28.142.138
52.48.190.189
52.49.225.165
64.202.112.31
69.16.175.10
69.16.175.42
69.173.144.138
85.114.159.93
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
00f55721ec6181d9c16cc365dfe2ca9aab2fb8008ffe22ded892085019fd33b5
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01eabffd7cc4d7d35d547e49123d37b51e5ee7016a69dba526da15434e5d5377
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
02e18778afdee67680c1328485dcbc52b4184b2206043dfedb687d2ff907ec4c
046582122558967f4b0fb8662e960dca7f4c152bb309c71589f6c719b75a62a7
057ef8ec13911c59222a107dd0dbefa5eafe3ff97a493ffd4f94cf2ca3a977c9
05c5b16d0ed7f13b08fc09b855c03d9717e9acab593e4256eb1b0d737c5cd7a6
05f7bf6bbabb9f9c1e68af18aad6f118d06883dbd9b075072bf79319bced328e
072bacb79dd23f999b744a3cbd1ebc4789217e1fe68e01f1dae7e422e7629d85
07c1fee0bf7550083ff082b9b20c0ff67601d801f9f07e502f2e4897ea3ae623
091b4aff1bd881f734aabd98a69780bc5efee1e418dcf2a1e130d56342536456
099588faedf07d2076acea7c3ad9730a09eaff20a82ebb2da69c0f1d3caff599
0a1274d6f5ee3ffbdb2d96311d311740b6f5508ba764ee8d3822b0d8c2fb1a7c
0aadb303052dba8f18056f2766a45549f20f709c946f4e0b554b5e8149f18e4e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0c2e239a1960e4555322fb9c10f9b0fc69829d736c40c1055a1a6e906c88de22
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
0edb8acde4ed69a3896c5ea82b67fb68350dc0a52093451472b5e85345f399b2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13e8eb49d146d029bd12aed3e5ea436e966e87a56e90738051516b3d1ed91af9
14aa7f42ac32f88b765a7e423dd0b73a6bbedf4c55459b83a1b3fc515b346149
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16f63d72b602e34291537fffc4dfb909573e9c0568fcb1bc7ce28fd4b31bef61
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
18d6b705bd77645b4da4ad07ce1724672e269f9dc070e68e257dc790447170bc
1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8
1d1337f89d69534615b7e6c4564ceb2871d12f790f22c6c3b2b390a4f7dfd40d
1e05f827c0088a9790aaf2ac5abe154b22ffa7ae0c50357641dbc675c6940936
21476a80b11fdbe3c9230a1ea00cdf1297552bfc2482fbffebf30e6517722566
22e40a7d9dc36475522b1c002600a753d5085f5a417dc6fb908849ddfd275e27
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
2775af782574121920f57fff91e5a634e219f5023b7b5518a44085aa1368e84d
27d1641078d09f5541e3073bb961a6a18f8ea20d093779ef8cc702ece3a23d97
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c
2c7cf941b4eb9254e850875107ded812b5cf2da9de46f85919561f2a73876257
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f5c057bd0ed3f119574571e42d8f70f2722937ba964b6bf977c322b2b789e28
2f6ab6e46a2192ed55c908924ebd8ba3fc8c299e763232040dd21f5d6b97fda6
2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33dcaf6d7d51db8d5c01a48c2e4c19e3606d7850253232fe43f5b9bb22e0db3f
340979466c5de70c1d522aa159c10ade7cf79fd53101078948d65c12a69a2d2b
35cf75de5d617b7a8e395dc30579c7245e3001a2b8227d55f3d3ddc2e773741d
3790ed75687a3b6c3d71bcf4bd62c99f82a3dd738ae4b6b2639bd36e4f6bca29
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
388e45ac1986bf68f27e6fa41911def091b0602cfbcdc80224b8a02e64bd7204
3aee081c3e9a17111761ad20c4ee9d6432eaf8ffdb00373ec54f49a820ef955a
3bcc78c28638c7500c7f6ac759ee979e9dcbc49559d7766a99ff763aaef8f051
3f31dcc93dca34eab5d1231f120357eff82ec5e20b2958a8f71f3c6eefba880e
3f9e4079df7deefcc571adc7c56e356c9653a50907a82750bff2f5289696003d
40d01d03ade526a5149601e462915a87197644bcba95180230efb8c9741e636c
4151b22743cdf1156af80f7661631ba67f8d4462d0f5d2442fbcd8f6f045100b
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
42dd21a4c8d4d36d9de3bca637d692b5dc0c94a03d41f88bbf16b2fbcb7f019e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
45dd60aee8728ca8786226233d74694db5f4c0110647c8e48710c49cdd5bdf41
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
49d743921311f4dca350ba007b50229debbcbd4b03441c515c567f48fc98cdda
4a47de124792a1d70223f96ff73358f5dc5c0fbb72d79fde0a69c9b6e92105b8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
4c3b617e086c78b053fd4b9c1f641e1c9870e54f4febbbcaaebd46a866fb2c1c
4cfdc6280ac32acb418baaf1ae31c0a3f86b8ff04d4bbeef6d5fdbd5b4051bcc
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4da56063dd051e0c0124dbc365a594f04d69ff065345d75f08b3ef0feae96e7f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f9c0958521368930a1468c3074035f6021dcc7070362e7b020b1a5a23b3fd9a
4fb0d90e8980f676d84a0d346de07086e7fc6afce1e48c53ff73060c31496380
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
50ea8981e52d39daadb689c1141dca577ebad4a469203c85da9922730a1207d8
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559517e9eb92f5cc64ad57d513a5f2402b30bc2531f9b5b3cad3a2a2b2337ffe
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
573a133dda9b8690dd3beca3179f68ea23b565f0206024c94819e670d53df5df
57c2b596262f49dfc85822938e3989a0345fcd5ddd698423283ca15f162f6b99
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
597714c5dcd58c5e5fd0c5ba3536cfd30894109a38c8a9a8c529c0442b71e6f7
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5aa49f0af3e388fdd29408e87eba4ea66280dc6023105732c233ebc6924784b9
5b05499599384fd8e086d3e55620ea6bd0a49e6951feaec3aa31b290c2e1bf8a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62218c89aeba998ce96c351c07bba16f0f37d591eb24b3a5c954fae4adda5cc1
62bc1d5a4b3e97b1972a193eeef479c2d021dc1ffdc7492f801df19108ddbdc1
630f83a9a191e4ecb8d3429bccf6604930c620ad709ea895361202f9315ee180
65a79062ce113e5836b032ad6fbeee2205857c6c98e180b3c6b0be21722ca7ae
662d481ee7a5c9319999db359b3078160adfef7b86a28d248f8f923428bc90cc
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66ca5ac6821c76acf8ba71a4abac6884ae8348af1951fb768f8c7462cd7f71b1
68fe55a2ec532c3c8ef0961798bbbfd02aba021684fcdeca63a434dbddd1ded3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d285ae6755d52c452904f5bdfa4a6c2082186d695304b242e9db2f12461f02e
6dfc298db75be4dd318f66a12977532a0b1667e5834d217d8f661787a9f70f0e
6fbae4db94388c0c1feacfa631653cd3f0786157c4a61e89f1076fc278fce845
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
780ad223730992d713b87d10989dfc4fc5d5c7b254a8c87d4a40d1ff7379ff2f
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
7aced49161163e4be2dc84d905b881dfa6665b0202ab3a748b1f0d1dadf06dee
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7ba2370f2932bf414efafbd565f5e497ee1ebb6d611019df6ddbe8258c17ffb7
7c260f5e1dcb04331e9fb5ea2c0a5b82552133dd170d219384ec76afb1ec9b3d
7df4cb45e2a46b173647a88e91fb054cd872c67961618c893741387cd562c311
80d0ebc5020bc903518de9b8211a81b85468fd92d728fd7d7a06373ccbef0092
8201673ccec504939654b775f62e84110a4395f983a07f5e3171bdcd19866af4
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
8328dfb00241d323a4e8b62f8b398a2b5d7b0a10c5a43a43d6bea15e38608914
83bb47871b3895cd8f4bf5da67037710b6d9a9e1fab80d03b579cd83a448fe23
843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f
8635ab6523110c03cca8daaa629a9a501ed74d8eb78437e932fe0bd8311e1bcf
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8afb03c9a0d987158b44840ba348cb8850184d3e2dbcadbaa4b2503b82a48bbb
8c5ebac2aa779f57722452320f7917cbc415734814c26df80ee7f23668065f46
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ef4b1bda1084ef5b8deb40916edc18255e54902e6a49e583c8af677e53bb05c
904f6f04cf7f2f04087372e931ac9af2e32d9f01b6599e9a9f7740aa5b5eb7c2
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
96c455dfd2b40b0db7ede3b5481ea3bf96db23078327e40e948d10c62eed1545
96f0aa2ba01a47e696ae882e4a086ee57018aeefccc13f61b167e93b3736ac50
97570defe15fe0a83b49642f0ecf2dcc9c7400d21272372d3b140beb372bd08e
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c41bcb14520d5eed3b15a09477079b3909f9cf94f900a54dfcefef8206446b0
9c8dad664444c99e0f275a40a84f325cbd3dee089a6b3bf7d87618ef5bcd7b3c
9f97a1208bfbed36adde1345a778e2ddd3b5267b96fcb85abb1e4b3e7d261bbe
9ff2d82f8bd39fb66e0d36dd87daa091fe525efe798c056fbd2efe1faa6c58e6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a31e81b5ee962da98d89c99da3f964c57755440e8b8e0c950b6cf63f4f29b7fa
a31eb5571ebae0fbc5c77d842c96b6334d207164f16fc7f4c38dd3ed936abe9f
a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5727f9e0754b5bb1dd7fcc9215ebfab2aa2a7d199ffc6efd1b3611e25128ccd
a5e45db23d56c837e5f268c11d3dd5881d54bc57ad3dd156c5694594db2f0aa5
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
ae0433ac5d000ac03daf9059492d0390e427b7461332f0f488bbc6f44b5107a7
ae1c0527eb004fcfc9e19bab44a5a088b8cf59cdd5b24f0900114f6b856b391c
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0e5ffbe1fbf32b9f80e09a1c81a35f51defe2846347e186184e3cea5a264280
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b199c09d410f6721b4edef1369b3848c36639e134cd2a2207ad3233200cb50a6
b1b682cb1fee45d7f80c900aba4d8ddcb18ac1016dcf38ece495801ac65eb14f
b284bf56717abd7b847ee0f5954779e8da080a4e7bc0507b8609045c36e1a931
b31011e6517ce1439b474e7345b40023ab62ffa5c001705a6688248496024e0b
b75eab0b71c98ac99cc3aba15699caee9b5924877d464d340585446261e365c0
b8b7d36c42968677c6c148d2a423e330b335aa5c9cdf711bdc0c213fcfc5359d
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c0ecce83f0152dc506d1bcf2b831551bae9fd8c4e5e4f72900a73a5385151f5d
c11c5dfba413937a31e20f510cca9e01bef0752258f290439800eb00ee12e33d
c122abb04ee37679f9d6bb19bd7fec29fee3d17ccc3ca507464043250a4c3edf
c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261
c5c4f7ed5d1b2889eed835f1ae87114d6202082df8ec5edb8c9c1798f44a8fc0
c73e7fcf76232d28a1760877bd3eccada211feb797fd25ba824df3bac45b46eb
c7e05b68eb47f0167793018bfc04a5fd640d8a9f406b6b2c1892a97f084f6769
c86efe6298b574072b40a83e9362b60e0cd478f68f7c25407294f41bcffa897e
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cba78783503f962e24d09c78f38add0360021817317c6972d14e37e250b52e3b
cc147b60966fc18fa1acef2485d29d74d5c8331b3f4689bf36380c67f4beb0cb
cc58bc24f61505fa4381b21b52bd972d422580ef6679af0fc97adf9f9264fdb3
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdb0cb4b387f5eb0674c7326a7c587dbe8104f15e8d75e2397008c9880e006ec
ce1e6317a770c7b4c73394d96997eb0d878dce5d505fd183b29c8349c6680bcc
ce5c1af25011aeec7d020abe768f2a5ebb3e9dba23109345b36b208ea0059322
cf6a8ff6049b54592b6f8edcf20367840487dcef9752866b18f4b5666b1cd97a
cfc877e5b225e70428776d8b9a06a53247437200ab583283d61e7ee3e31c31a8
d0dd3293e8074a0a4e9cb0485f180dfd51d05c55cfaafb698b3b99f35e695aed
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d3e6e56fdd4360855d5667258efb3425a4f7d6233cc123dcaa4a5c25708be035
d6abad93ede336d0935f45fb7a66d04ab1dede7978b3a7ac072231547292c96e
d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838
db556c877765791cfa9dc4febd9a83ab0dfdd29245b4c0ca786911f4ada39bbf
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
dcbd4882f0c4557f44d9d7340ab5a08c7b8cdf3dc5cba9996a18c95160acbd5d
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6b9ebcdb5619569cae06fc0c69c9905af71e92ded9e70ce23bd3cfc0872e98
deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c1ec939f76af85129668e50fde8c400dd132f6d692aa4fdac67707f2a5c7d4
e3d9fd510ff21a29aadf5ac50c294b59d1d60ea733ea267e32ac2d18e5d5395a
e4cea99569335a6cede37db3c96f7a28d5baf73969e58a77f35d170bf9088b7b
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7f269228159b85baef9e82aebdaf8f0ae2d5cc58dd20965be492a40b949ffad
e80f3c6479f08a7ea0b97f0c3538f4d3420e0f00df102e15469e7fc6ed013cbc
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
ec070cbd78b703fa11d31ed9b23416ae4d7c044cb18fb124553447e16ca88787
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd1f2d633a46174e9297aa571dd85617c750b8f87d16a52778d5bc4109b7017
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
f2b7bb8521c4d5375f60eaf6232ebeb47c81b65e38120bafd0ba027ca3c3d7af
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc
f8aa9a880d6e487e7842722fbaee7c4c914803cef2baf4f92b76167b48df3bad
f8de75c6577a6873a1b45bc565424cefa6ad61731ba1f6cd5313fa700ad4595e
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8
fb228164692b2a0f5fb7d8848c3897c77008f1151d9f652e14d6405326f1c894
fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb
fd3fad3e15262b0e096e7d7cc57efd2e684a679ccacb704d94542ba3d7d93d17
fec1c62024154c07ac6d182d10f3e714daaff90f3f2bfd891d32afacc5fef28c
ff44029619fd90ec051b320192c966a2a0488616ac98a49a461b4759b2d854cf