urlscan.io logo urlscan.io
SecurityTrails logo

yalla-shoots.tv Open in urlscan Pro
104.21.235.80  Public Scan

Go To Rescan Add Verdict Report
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Submission: On May 22 via manual from TN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 65 IPs in 11 countries across 54 domains to perform 309 HTTP transactions. The main IP is 104.21.235.80, located in and belongs to CLOUDFLARENET, US. The main domain is yalla-shoots.tv.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 27th 2023. Valid for: a year.
This is the only time yalla-shoots.tv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 104.21.235.80 13335 (CLOUDFLAR...)
32 2606:4700::68... 13335 (CLOUDFLAR...)
5 205.185.216.42 20446 (STACKPATH...)
2 172.67.141.250 13335 (CLOUDFLAR...)
1 2 188.114.96.3 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.21.233.171 13335 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
42 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
5 2a04:4e42::485 54113 (FASTLY)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 65.9.66.68 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
18 2a02:2638:3::3 44788 (ASN-CRITE...)
6 2a00:1450:400... 15169 (GOOGLE)
2 35.190.39.111 15169 (GOOGLE)
1 54.154.67.141 16509 (AMAZON-02)
1 4 2a02:2638:3::c 44788 (ASN-CRITE...)
4 162.19.138.118 16276 (OVH)
1 178.250.7.13 44788 (ASN-CRITE...)
1 69.16.175.10 20446 (STACKPATH...)
1 69.16.175.42 20446 (STACKPATH...)
1 34.192.176.230 14618 (AMAZON-AES)
13 2a00:1450:400... 15169 (GOOGLE)
4 45.133.44.3 39572 (ADVANCEDH...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 145.239.139.16 16276 (OVH)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
3 2a02:2638:d::c 44788 (ASN-CRITE...)
3 2a02:2638:3::12 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 178.250.1.6 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a0c:5c81:514... 55081 (24SHELLS)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 89.207.16.201 41041 (VCLK-EU-SE)
2 2 34.91.62.186 396982 (GOOGLE-CL...)
1 18 142.250.185.226 15169 (GOOGLE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
3 3 213.155.156.185 1299 (TWELVE99 ...)
2 2 37.157.6.233 198622 (ADFORM)
3 3 213.19.147.44 3356 (LEVEL3)
1 1 20.127.253.7 8075 (MICROSOFT...)
3 2a02:2638:3::1a 44788 (ASN-CRITE...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a02:2638:d::a 44788 (ASN-CRITE...)
2 6 216.52.2.6 32475 (SINGLEHOP...)
1 8 51.89.9.251 16276 (OVH)
4 147.75.84.158 54825 (PACKET)
4 2a02:2638:d::13 44788 (ASN-CRITE...)
4 216.239.32.3 15169 (GOOGLE)
1 178.250.7.9 44788 (ASN-CRITE...)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 134.122.57.34 14061 (DIGITALOC...)
1 1 69.173.144.165 26667 (RUBICONPR...)
1 69.166.1.12 27630 (AS-XFERNET)
1 1 2600:9000:211... 16509 (AMAZON-02)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 185.29.132.241 30419 (MEDIAMATH...)
1 18.180.74.73 16509 (AMAZON-02)
1 1 193.0.160.131 54312 (ROCKETFUEL)
12 45.84.217.72 212411 (MYWEB)
1 51.77.64.70 16276 (OVH)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 141.95.33.111 16276 (OVH)
309 65
9    104.21.235.80 (None, )

ASN13335 (CLOUDFLARENET, US)
yalla-shoots.tv
32    2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)
live.demand.supply
5    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
jscdn.greeter.me
2    172.67.141.250 (United States)

ASN13335 (CLOUDFLARENET, US)
web-api.scorarab.com
2    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
live.shoot-yalla.tv
lives.shoot-yalla.tv
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    104.21.233.171 (None, )

ASN13335 (CLOUDFLARENET, US)
dalbouh.xyz
1    2a02:26f0:3500:c::5c7b:682a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
tg1.modoro360.com
42    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
13    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
www.googletagservices.com
5    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2600:9000:2250:4400:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
18    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
6    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
1    54.154.67.141 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-67-141.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
4    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
1    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
feed.avplayer.com
1    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
player.avplayer.com
1    34.192.176.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-176-230.compute-1.amazonaws.com
servt.modoro360.com
13    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.aplhb.adipolo.com
player.adtelligent.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
adipolo.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
20    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    145.239.139.16 (France)

ASN16276 (OVH, FR)
PTR: ip16.ip-145-239-139.eu
storage.de.cloud.ovh.net
1    2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn-adipolo.urekamedia.com
3    2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
3    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
5    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
5    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a0c:5c81:5142::2 (Brent, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.aplhb.adipolo.com
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    89.207.16.201 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams04-nessy-float1.dotomi.com
dclk-match.dotomi.com
2    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
18    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
1    2a05:d018:d29:3601:ec79:c227:a0d8:f76e (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    213.155.156.185 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
2    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    213.19.147.44 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
3    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
4    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
4    2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
6    216.52.2.6 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
8    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
4    147.75.84.158 (North Holland, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
4    216.239.32.3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr3.eu.criteo.com
1    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    2600:9000:211e:1200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    18.180.74.73 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-180-74-73.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
1    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
a.rfihub.com
12    45.84.217.72 (Valencia, Spain)

ASN212411 (MYWEB, BZ)
a6.koora.cloud
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
us.web3-lab.com
1    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
lb.eu-1-id5-sync.com
Apex Domain
Subdomains		 Transfer
60 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
365 KB
39 googlesyndication.com
0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 93
tpc.googlesyndication.com — Cisco Umbrella Rank: 132
252 KB
32 demand.supply
live.demand.supply — Cisco Umbrella Rank: 35452
43 KB
25 criteo.net
static.criteo.net — Cisco Umbrella Rank: 639
csm.eu.criteo.net — Cisco Umbrella Rank: 8905
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9070
3 MB
20 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 413
mug.criteo.com — Cisco Umbrella Rank: 2837
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 16347
ads.eu.criteo.com — Cisco Umbrella Rank: 8856
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10084
bidder.criteo.com — Cisco Umbrella Rank: 723
cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 9810
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15150
71 KB
12 koora.cloud
a6.koora.cloud — Cisco Umbrella Rank: 901394
2 MB
12 google.com
adservice.google.com — Cisco Umbrella Rank: 68
www.google.com — Cisco Umbrella Rank: 2
2 KB
11 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
84 KB
9 yalla-shoots.tv
yalla-shoots.tv
241 KB
8 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 729
2 KB
8 adipolo.com
player.aplhb.adipolo.com — Cisco Umbrella Rank: 129387
adipolo.com — Cisco Umbrella Rank: 114963
ghb.aplhb.adipolo.com — Cisco Umbrella Rank: 148819
128 KB
7 google.de
adservice.google.de — Cisco Umbrella Rank: 9037
1 KB
6 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 597
3 KB
6 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1351
mp.4dex.io — Cisco Umbrella Rank: 1975
25 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
289 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
imasdk.googleapis.com — Cisco Umbrella Rank: 437
133 KB
5 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 862
id5-sync.com — Cisco Umbrella Rank: 421
20 KB
5 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 344
197 KB
5 greeter.me
jscdn.greeter.me — Cisco Umbrella Rank: 126189
19 KB
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 855
296 B
3 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4789
917 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 742
s.tribalfusion.com — Cisco Umbrella Rank: 1808
1 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 514
2 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 562
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 722
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
21 KB
2 avplayer.com
feed.avplayer.com — Cisco Umbrella Rank: 23175
player.avplayer.com — Cisco Umbrella Rank: 14425
61 KB
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 3109
360 B
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1025
bcp.crwdcntrl.net — Cisco Umbrella Rank: 863
12 KB
2 modoro360.com
tg1.modoro360.com — Cisco Umbrella Rank: 75761
servt.modoro360.com — Cisco Umbrella Rank: 85328
8 KB
2 shoot-yalla.tv
live.shoot-yalla.tv — Cisco Umbrella Rank: 399751
lives.shoot-yalla.tv — Cisco Umbrella Rank: 496500
2 KB
2 scorarab.com
web-api.scorarab.com — Cisco Umbrella Rank: 313034
23 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 939
402 B
1 web3-lab.com
us.web3-lab.com — Cisco Umbrella Rank: 216251
705 B
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5348
302 B
1 rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 2743
1 KB
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 5642
44 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 482
870 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 686
465 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 713
442 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 874
498 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 315
461 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2106
550 B
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1398
708 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1040
573 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 423
712 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2889
104 B
1 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 6866
5 KB
1 urekamedia.com
cdn-adipolo.urekamedia.com — Cisco Umbrella Rank: 277329
1 ovh.net
storage.de.cloud.ovh.net — Cisco Umbrella Rank: 101538
15 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2631
2 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2758
2 KB
1 dalbouh.xyz
dalbouh.xyz — Cisco Umbrella Rank: 816176
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
46 KB
309 54
Domain Requested by
42 securepubads.g.doubleclick.net live.demand.supply
securepubads.g.doubleclick.net
jscdn.greeter.me
yalla-shoots.tv
0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
www.googletagservices.com
32 live.demand.supply yalla-shoots.tv
live.demand.supply
client
20 tpc.googlesyndication.com securepubads.g.doubleclick.net
0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
yalla-shoots.tv
tpc.googlesyndication.com
18 cm.g.doubleclick.net 1 redirects 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
18 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
imasdk.googleapis.com
0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
player.aplhb.adipolo.com
13 pagead2.googlesyndication.com securepubads.g.doubleclick.net
yalla-shoots.tv
0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
12 a6.koora.cloud cdn.jsdelivr.net
9 yalla-shoots.tv yalla-shoots.tv
8 onetag-sys.com 1 redirects player.aplhb.adipolo.com
0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
7 adservice.google.com securepubads.g.doubleclick.net
7 adservice.google.de securepubads.g.doubleclick.net
6 ap.lijit.com 2 redirects player.aplhb.adipolo.com
6 www.googletagservices.com jscdn.greeter.me
0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
yalla-shoots.tv
securepubads.g.doubleclick.net
6 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 www.google.com yalla-shoots.tv
tpc.googlesyndication.com
0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
5 cdn.jsdelivr.net securepubads.g.doubleclick.net
yalla-shoots.tv
5 jscdn.greeter.me yalla-shoots.tv
4 csi.gstatic.com imasdk.googleapis.com
4 imageproxy.eu.criteo.net 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
4 prebid.a-mo.net player.aplhb.adipolo.com
4 bidder.criteo.com player.aplhb.adipolo.com
4 mp.4dex.io player.aplhb.adipolo.com
4 ghb.aplhb.adipolo.com player.aplhb.adipolo.com
4 fonts.gstatic.com fonts.googleapis.com
4 id5-sync.com cdn.id5-sync.com
player.aplhb.adipolo.com
4 gum.criteo.com 1 redirects static.criteo.net
player.aplhb.adipolo.com
3 csm.eu.criteo.net ads.eu.criteo.com
3 d5p.de17a.com 3 redirects
3 cat.nl3.eu.criteo.com ads.eu.criteo.com
0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
3 www.gstatic.com 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
3 ads.eu.criteo.com yalla-shoots.tv
imasdk.googleapis.com
3 rtb.fr3.eu.criteo.com yalla-shoots.tv
0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
3 fonts.googleapis.com 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
3 player.aplhb.adipolo.com jscdn.greeter.me
player.aplhb.adipolo.com
2 sync.1rx.io 2 redirects
2 c1.adform.net 2 redirects
2 um.simpli.fi 2 redirects
2 script.4dex.io player.aplhb.adipolo.com
script.4dex.io
2 imasdk.googleapis.com 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 web-api.scorarab.com yalla-shoots.tv
1 lb.eu-1-id5-sync.com player.aplhb.adipolo.com
1 us.web3-lab.com cdn.jsdelivr.net
1 pro.ip-api.com cdn.jsdelivr.net
1 a.rfihub.com 1 redirects
1 cc.adingo.jp 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
1 sync.mathtag.com 1 redirects
1 cms.quantserve.com 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
1 s.ad.smaato.net 1 redirects
1 sync.go.sonobi.com 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
1 pixel.rubiconproject.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 s.tribalfusion.com
1 a.tribalfusion.com 1 redirects
1 rtb.nl3.eu.criteo.com 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
1 cat.fr3.eu.criteo.com 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
1 sync.inmobi.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 dclk-match.dotomi.com 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
1 player.adtelligent.com player.aplhb.adipolo.com
1 cdn-adipolo.urekamedia.com
1 storage.de.cloud.ovh.net
1 adipolo.com
1 servt.modoro360.com
1 player.avplayer.com tg1.modoro360.com
1 feed.avplayer.com tg1.modoro360.com
1 mug.criteo.com yalla-shoots.tv
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tg1.modoro360.com yalla-shoots.tv
1 dalbouh.xyz yalla-shoots.tv
1 www.googletagmanager.com yalla-shoots.tv
1 lives.shoot-yalla.tv yalla-shoots.tv
1 live.shoot-yalla.tv 1 redirects
309 79
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-27 -
2024-01-26		 a year crt.sh
demand.supply
Cloudflare Inc ECC CA-3		 2023-02-19 -
2024-02-19		 a year crt.sh
greeter.me
E1		 2023-05-15 -
2023-08-13		 3 months crt.sh
*.scorarab.com
GTS CA 1P5		 2023-03-30 -
2023-06-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
wl1.aniview.com
R3		 2023-05-09 -
2023-08-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-04-28 -
2023-07-28		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-05-18 -
2023-08-16		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-05-17 -
2023-08-15		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.avplayer.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-08-08 -
2023-09-08		 a year crt.sh
*.adservrs.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-05-25		 3 months crt.sh
player.aplhb.adipolo.com
R3		 2023-05-20 -
2023-08-18		 3 months crt.sh
adipolo.com
E1		 2023-05-06 -
2023-08-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
storage.de.cloud.ovh.net
Sectigo RSA Domain Validation Secure Server CA		 2023-01-25 -
2024-01-25		 a year crt.sh
1372348363.rsc.contentproxy9.cz
R3		 2023-03-23 -
2023-06-21		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2023-06-25		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-13 -
2023-08-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-18 -
2023-08-18		 3 months crt.sh
player.adtelligent.com
R3		 2023-05-20 -
2023-08-18		 3 months crt.sh
ghb.aplhb.adipolo.com
ZeroSSL ECC Domain Secure Site CA		 2023-04-06 -
2023-07-05		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-26 -
2023-06-29		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.a-mo.net
R3		 2023-04-13 -
2023-07-12		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.adingo.jp
Amazon RSA 2048 M01		 2023-02-13 -
2023-11-11		 9 months crt.sh
a6.koora.cloud
R3		 2023-05-14 -
2023-08-12		 3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
*.web3-lab.com
GTS CA 1P5		 2023-04-01 -
2023-06-30		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh

This page contains 21 frames:

Primary Page: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Frame ID: 4DCE6BF907DFE9FB6799FF8FF3411FBA
Requests: 161 HTTP requests in this frame

Frame: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BFA67D474EBB4E2C47F820BE0B1D21E8
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=yalla-shoots.tv
Frame ID: D12BF36B7FA38555BB03691BA7883B8E
Requests: 2 HTTP requests in this frame

Frame: https://yalla-shoots.tv/frame.php?ch=p1_1&p=10&token=NmQ2YTY1MzM2YzZhNzkzMDZjNmE2NTMxNmQ3MzM0MzU3NTY4NzY3YTYxNjQ2OTc3NmQ2YTY5NzI2ZDZhNjE3OTZkNjM3MDZhNzI2NTYyMzY2ZTMyNjYzNTZlNzg3OTdhNmU2OTY2MzY2ZTczNmQ=&kt=1684785594
Frame ID: 1264868811C656E43D85444128D612D6
Requests: 21 HTTP requests in this frame

Frame: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 14EA12089A8F3A4B1CE1E0AB7B1A1CD2
Requests: 10 HTTP requests in this frame

Frame: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DD281B66D2EE18B891FA9458E74054EA
Requests: 1 HTTP requests in this frame

Frame: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8F5899A66A91F9149F34166F69D55B1C
Requests: 19 HTTP requests in this frame

Frame: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F5FEB9F428CAF59625B6C8DA89CF94F9
Requests: 28 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CEyjMuslrZLzPE_SM7_UP_NGV4APJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAnSeHjg1I7I-4AIAqAMBqgTUAk_Qn2iDFL6XhlWTRlYKGMtwunwxlyF475_TyxGQv_rVTdwdio7UcoolptcA5t9BfuYmYL7KkljbdGaZBwLe1itjqSpiLhezz7JVFihCmKUnN_6XkryQBdfBY8i6wL5OmxBgL9WrCkqPun1Abnh5raILV7-_1y6wNEFeWa4jZrbOHTWpwWNBpVt16ki0Vkmn9Z_rNITLC3AbpEQVbj3ncRXkJhjsWcmABrObQjX5JXMq3eGogIMZxrnbiyQFBgsaIs1gsX6BlLzz72U41hOYVJtH_jXIqWOE48vlZv181o37OWuagUhkUs3d2mblLcjYJ93E3lPvHLUttgEQHS77zYlrlOn1Dbt8gS5NpLCYaIqRchyV9d2vZtHqpqJfPwKTomzIMEhAsdbhFpKDrdDBpqmUGdjXpEOR6zl0uWnJKJdRERNJuqVJsZ8lqbHWWxPCqlT_MGfgBAGABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=dJk3oM2Vfyk&uach_m=[UACH]&cid=CAQSPABygQiDQ_kgGzYHn7HGio40VHSjwqFAKNeO6caalRC-PDDmtyqZHGwjl_9LHZzRL-P4gmxGquSCPmD9FRgB
Frame ID: AED1C0765AE81DAC120645B0F1182875
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGvJugAE57wIu8Z0AAVo_OcofmX5EHP05_1LDQ&u=%7Cho5ubfHL4T5203Hg0SKPua5xgBoUM9p6MzjibgBseKY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4de_avzMTZocfjtZw8FbQLQ5NGzsuhL0MlZZTh7DCBPNp-Ga77_bUuzZzjKD59slFuvPKhYDTW3yyjqskM_JZ76XnTg-OuoDXik8vue5Ahb_MlkTsZyfMWw0MjGvrBHp8utAnRJapbl2e_jwaIyBLVyZdFLO7dXC20EcHbiRBr3QSuDpU53gyHM20pE93Szw8zbRDf75DO_FC4H1Ohbq2gbWhIgdBQ6ajm44Yv3sZtGq1i7Q-hzYUv8lAJ-kHQbUwyIpQ4eb96XcI7qxjZJBF7RGqAx2F_rUntNhrp6YDZ25vgOGs8lxmlSWu9gReKRl1z85MJ6-aUxavw7e8FUEs9H9O4sV9gufO-lzoof1HIPhNdkrLMeqrJYILyns7nCeCx53iovVaUkPPY_pF8VdW6imwXgCp4TyQN77fwE-3Oo9I-Nn5HywWUItChNcEx2qzby8sPV_F8tKhml-g0vEfL2bFCiqlJNe_5AURbPZw8xU3cxKvYWAjcxgpNrNEyPrXuntn_iGSAAWnKkpRJPBsbSx3CW08U95E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQUFNuslrZLzPE_SM7_UP_NGV4APJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAnSeHjg1I7I-4AIAqAMBqgTXAk_Qn2iDFL6XhlWTRlYKGMtwunwxlyF475_TyxGQv_rVTdwdio7UcoolptcA5t9BfuYmYL7KkljbdGaZBwLe1itjqSpiLhezz7JVFihCmKUnN_6XkryQBdfBY8i6wL5OmxBgL9WrCkqPun1Abnh5raILV7-_1y6wNEFeWa4jZrbOHTWpwWNBpVt16ki0Vkmn9Z_rNITLC3AbpEQVbj3ncRXkJhjsWcmABrObQjX5JXMq3eGogIMZxrnbiyQFBgsaIs1gsX6BlLzz72U41hOYVJtH_jXIqWOE48vlZv181o37OWuagUhkUs3d2mblLcjYJ93E3lPvHLUttgEQHS77zYlrlOn1Dbt8gS5NpLCYaIqRchyV9d2vZtHqpqJfPwKTomzIMEhAsdbhFpKDrdDB5Ku1i19YOFAudy3XaVRv0J5FG6VDlL3LBVcYD0NpRT_aL_57I9hAG73gBAGABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bxCh027IAFzsq9s4Lt9KSzmZkJg%26client%3Dca-pub-3831894559014614%26adurl%3D
Frame ID: 6B015FAC4C01176A099AC2DADB54A15B
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D5F6FF54520E34872109FBF19797495B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2AD8588ED983D6D930705CC211DFDC49
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 80B007ADCB5C5D7B650FFB2A2048994E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 142A642DD6192EC7ADA113C096C4FA6E
Requests: 9 HTTP requests in this frame

Frame: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: ABD05A31C7370486A548894728A9E22E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CZoWGuslrZMK2POGClQeDhbSQA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakCdJ4eODUjsj7gAgCoAwGqBM4CT9AoYpZnAuOdbXbeJqlzZJj80qpcvah8UWnm64JcAMo3H0bothnEMXZvU6ynNYvvQoNJcCMWOGmLLwF2G_BR0F1MOlBcm4u3Iqknzp_nrl72EnASRntW_aV3u0OVZ40BTPoSuslJZzmKom0QnV0eStLzpIZXbQGeyg1U0dpX69jz9aIdPuqZwKQXjNaOiroVflZcON5L2STq5ubvVpdrvCKbLpmbmO9BygEmFmyPgR6gTlJskfzFCxM7Nmq_T1r1vCOHKDKj7Whjz7bRqYTjvPR8mXzJsXd6wvyjmJoh7aa77PUV44UMCHyT2dntPkYIFXjY-D_yKxZeeteIpKNUWa9GLHk4YXEfxLm4eiEGBZ6dRtGbxQQgmge08vk_Ml1DOFJQY-uM5ujcd9awEtJsvJHPnN2oFU9bLQxKGAFDvR86AWZPZUKVk_ReqA8M3eAEAYAG7Oilpufy97mNAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=pTIa_GwHS1I&uach_m=[UACH]&cid=CAQSPABygQiDF8J079xDIih7hVye8PrpZ0cgaD7BQNmaHKazJ-CF1Yy_mtmz49ZZox6TaWuGnnx0X3sbY1DTFRgB
Frame ID: 80A3CF642432301AA5F83B609EACE344
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGvJugAPG0IK5UFhAA0Cg77PzOa8Mx6RDkG6oQ&u=%7CPGctIPx%2BGtEQWYV32X7c0JUbCul4VJ8S65A80%2B6xiIc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4de_avzMTZocx0wFoOLS-9l59lwraN85AwASH-J7Ri_iUblhavnIKdtLdQPrLG_si49RCoMep427cUbL8g_d1TNZSZcMij4Pyjob1Y-yoTIusiDVeVgGBgKLcVrPbaNxHU73I173pjn581l2wxgPP7V28w_2-jkqgO3ZdssgcIAV1vwHIp0wGnlgdfKIJ0Cq6aXYG9dqrY-Hgq2KWBHKpAkBBrsg-BEmgK_8ErBpHqUp2RQ8Vb1xtYVPL9UZRqgsGoArTdTuJRsUVO01iFsAAtBKCTi2hBfqbVGJt_AS0p0GTjjwhkj1-A-m18MmX7QR78RzEBFItAXTtbsGVwkpWvZ9zi8Y4SmRp1LvWRbgYuRYd08LsWYe-xYaVuuiWB3VsFmAZLtlR-4ijuzZsLcay5MA6pQZhVhklOV-9XcGTmvktNEwWaWu8KUjUn-AvddHKBiKzENzT3FlF9NbN7v85oagimydbs8v02rvyLMa2O9DYmPCfnJ37mFLAmLXEXcuBnBwQ4BVLU5s0w32VT-F7K-hd0aXDf3ySUEGf4CouN_0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCACs7uslrZMK2POGClQeDhbSQA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakCdJ4eODUjsj7gAgCoAwGqBNECT9AoYpZnAuOdbXbeJqlzZJj80qpcvah8UWnm64JcAMo3H0bothnEMXZvU6ynNYvvQoNJcCMWOGmLLwF2G_BR0F1MOlBcm4u3Iqknzp_nrl72EnASRntW_aV3u0OVZ40BTPoSuslJZzmKom0QnV0eStLzpIZXbQGeyg1U0dpX69jz9aIdPuqZwKQXjNaOiroVflZcON5L2STq5ubvVpdrvCKbLpmbmO9BygEmFmyPgR6gTlJskfzFCxM7Nmq_T1r1vCOHKDKj7Whjz7bRqYTjvPR8mXzJsXd6wvyjmJoh7aa77PUV44UMCHyT2dntPkYIFXjY-D_yKxZeeteIpKNUWa9GLHk4YXEfxLm4eiEGBZ6dRtGbxQQgmge08vk_Ml1DOFJQY-uM5uiedfcilV3wry5TiH54KOmjJBhArgttpZ2OyVvpl_2Lv-zbAosfYsEN5uAEAYAG7Oilpufy97mNAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dajZiZohqjyyiYinbTaZNMRiACA%26client%3Dca-pub-3831894559014614%26adurl%3D
Frame ID: BA831FB436C919283FFF9C72BD380848
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 810C422CFBDA2F181647D3DA82B1B0A9
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuajXi9R0BlD8JIUQH-Vxg5vqVgeIeaVHYl_uSWv4kHgsatOann7P0U5lditQzG2Z3ggKOTFjob_zB3fhNeN4D6UMCoO5kWi7EtABBP4oaTMh2YRtdWCravWLjAjzha0RexUok1_FF8POT1UZDR-gAEqSW3pSxeNCPaRCYgH9hg-2w9CI-I7tdNVi6bj6GfHB4myAUIqCFXCEnBth-hvyOxnDtMIKumE2HC3nkph2sS-bWpfC5RAeFMXNU8nZ0RVprNo5ZVRTv2wt1k2na2DekeVHhtA4_v1cQRSY1LABv7ahJLBd8B0bp7lNgpuX4Msa2aGjh8Ykl9guxw&sai=AMfl-YTG5AbQPeRQVygKeFUBVHwb4I627KL9Wu2tb1FGHJdfpoCxaf2g2dKPohifVcYJw1zR_xkYdwZLWUEE0ALuozW_I3WEeg4wPS9A1xygbyJ3MTgwQ12useuaeXLF3uM&sig=Cg0ArKJSzLMh2FscVkIbEAE&uach_m=[UACH]&adurl=
Frame ID: C3AB53F3CA145D5C637775728A9732A2
Requests: 8 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1684785595177
Frame ID: 8E04BD4B3AA437F26FF86BECCEDA46D9
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1684785596499&gdpr=0
Frame ID: ED53677EF2FF43D2037763302E857D1A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

بث مباشر لمباراة نيوكاسل يونايتد و ليستر سيتي - الدوري الإنجليزي الممتاز - 2023-05-22

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

309
Requests

94 %
HTTPS

49 %
IPv6

54
Domains

79
Subdomains

65
IPs

11
Countries

7270 kB
Transfer

11815 kB
Size

37
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://live.shoot-yalla.tv/uploads/img/telegram.svg HTTP 301
  • https://lives.shoot-yalla.tv/uploads/img/telegram.svg
Request Chain 53
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=yalla-shoots.tv&sn=ChromeSyncframe&so=0&topUrl=yalla-shoots.tv&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=EAOgKHwyaTRiYWFrYnZ6SGhsazFoSXNiOCt4MkN4REtBYmVTam1QaGxKNk44V21hTVowK1c2K2U4MUs0cW1USzJuZzIzU1pYNW1WamIrMElzQnNONzdhZkQwWWQvZzZQSGQrYWREQVVVRDhVZmdzTmlMekprZUNXaXUwWjkxc3hGa3BPYitLZ2hBeURiQm5OS29zVkFZREVVWnkzOWhaVUJGc25SclA0VC9la05La1BWRDRJcEF0cGdwY24rWE1HS01QRUZwdzV6eFdGWk12eHlSOEY4QmIveERjNk5meU14bXNQeXVYa0lyclNxT08zdDMxL290WTZLbWh3Q1k4SGYycHBpalVrRDByT3FuSFppUkN6dk54VmRzT0ZuWkxkdXViOUZ0MmZoNnhSQkJ0MD18&cppv=2
Request Chain 162
  • https://um.simpli.fi/gp_match?google_gid=CAESEPTplNirERxNrN9rQuG4JRc&google_cver=1&google_push=ATf1kGOyP_iqWreaN7xJ0cpjnwL9OATD9J1r7JYq8PfskY6u-6X4w8gcuS75EDHVQXnzb4c8NOFGl7nK5LneMToazdehJdvXOMM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A6418807CFD541109B096C1CE74B826C&google_push=ATf1kGOyP_iqWreaN7xJ0cpjnwL9OATD9J1r7JYq8PfskY6u-6X4w8gcuS75EDHVQXnzb4c8NOFGl7nK5LneMToazdehJdvXOMM
Request Chain 163
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECrb3ymtPpdY_ITfzO9Jxa8&google_cver=1&google_push=ATf1kGNltzwyKge9CTEfyaDpuJ1YQml3C_THD7oIBy1FuZDpgd5a3lL7CK7OP_7q-oBpIPc5zhEYEWZp77nUkG7ZCnzrR8mzwFA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNltzwyKge9CTEfyaDpuJ1YQml3C_THD7oIBy1FuZDpgd5a3lL7CK7OP_7q-oBpIPc5zhEYEWZp77nUkG7ZCnzrR8mzwFA&google_hm=eS1HQnJaYkZkRTJwSGZyZk1ydXRaRHdlZDFJcnVvNEhTaH5B
Request Chain 164
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEI_9X6_y7ap5Es2nJMHJLrw&google_cver=1&google_push=ATf1kGMDCu8-KElXzHhPKlv5HK1DArK5Qvnd7Mp9Q0d4MSSSnX-7JtjNYnhEJ8PEjfCv_VwIdmRQWp2iG6zzAICNrga26zp6j9g HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEI_9X6_y7ap5Es2nJMHJLrw&google_cver=1&google_push=ATf1kGMDCu8-KElXzHhPKlv5HK1DArK5Qvnd7Mp9Q0d4MSSSnX-7JtjNYnhEJ8PEjfCv_VwIdmRQWp2iG6zzAICNrga26zp6j9g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMDCu8-KElXzHhPKlv5HK1DArK5Qvnd7Mp9Q0d4MSSSnX-7JtjNYnhEJ8PEjfCv_VwIdmRQWp2iG6zzAICNrga26zp6j9g
Request Chain 165
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEPjbxnSfKY0KZ2mPHE6-xQ&google_cver=1&google_push=ATf1kGOqvwTwWqLwZYG8bt8yP4fAI3gtln7gRURfpvvMs-TYiAiGP1D5Uay5OgFZ0b-a-PlNrakTHqxrd81MKUDwJ1lKcwLv4K8 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEPjbxnSfKY0KZ2mPHE6-xQ&google_cver=1&google_push=ATf1kGOqvwTwWqLwZYG8bt8yP4fAI3gtln7gRURfpvvMs-TYiAiGP1D5Uay5OgFZ0b-a-PlNrakTHqxrd81MKUDwJ1lKcwLv4K8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzU0MDk3MjQ0NDE1NDM2MTUwMg&google_push=ATf1kGOqvwTwWqLwZYG8bt8yP4fAI3gtln7gRURfpvvMs-TYiAiGP1D5Uay5OgFZ0b-a-PlNrakTHqxrd81MKUDwJ1lKcwLv4K8
Request Chain 166
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEEjfuIp8DzSeISKp4Kopukc&google_cver=1&google_push=ATf1kGP5jL9XgMFDx-HNehqs9hWQ7uXFztOrig22V5D1ehB235dGOZ_9G5HTupNWx1DSicbCiMgjSExcy5Lt1Btb4G_t7nWgZZ8 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGP5jL9XgMFDx-HNehqs9hWQ7uXFztOrig22V5D1ehB235dGOZ_9G5HTupNWx1DSicbCiMgjSExcy5Lt1Btb4G_t7nWgZZ8&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1684785595063 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-74d311a8-76bc-4b36-9fa5-418158ed1cca-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGP5jL9XgMFDx-HNehqs9hWQ7uXFztOrig22V5D1ehB235dGOZ_9G5HTupNWx1DSicbCiMgjSExcy5Lt1Btb4G_t7nWgZZ8%26google_hm%3DA3TTEah2vEs2n6VBgVjtHMo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGP5jL9XgMFDx-HNehqs9hWQ7uXFztOrig22V5D1ehB235dGOZ_9G5HTupNWx1DSicbCiMgjSExcy5Lt1Btb4G_t7nWgZZ8&google_hm=A3TTEah2vEs2n6VBgVjtHMo
Request Chain 167
  • https://sync.inmobi.com/gob?google_gid=CAESELSd03MBTbcX-H9W67K4VIk&google_cver=1&google_push=ATf1kGNJP6gM_ToXcF9HLL2XvG_UHoOOa5iR-9ptKgYvizUHOb14Ic7pNbXvSJSqFo8_ste-d4IoKwshL17wEzvv1keEUM1agUbm HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGNJP6gM_ToXcF9HLL2XvG_UHoOOa5iR-9ptKgYvizUHOb14Ic7pNbXvSJSqFo8_ste-d4IoKwshL17wEzvv1keEUM1agUbm
Request Chain 233
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEEgPMgflAJ0iazQMgzhtokw&google_cver=1&google_push=ATf1kGO3Le_Q-Bjk8gF6IOyi4lgZdDmmlCG7iFqfNc67c_a0QYe1kYzgUWAPvt4Ka0wH04jqGDzyDB6GgN7Cgw-pooT-hszx-HSY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGO3Le_Q-Bjk8gF6IOyi4lgZdDmmlCG7iFqfNc67c_a0QYe1kYzgUWAPvt4Ka0wH04jqGDzyDB6GgN7Cgw-pooT-hszx-HSY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEgPMgflAJ0iazQMgzhtokw&google_cver=1&google_push=ATf1kGO3Le_Q-Bjk8gF6IOyi4lgZdDmmlCG7iFqfNc67c_a0QYe1kYzgUWAPvt4Ka0wH04jqGDzyDB6GgN7Cgw-pooT-hszx-HSY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGO3Le_Q-Bjk8gF6IOyi4lgZdDmmlCG7iFqfNc67c_a0QYe1kYzgUWAPvt4Ka0wH04jqGDzyDB6GgN7Cgw-pooT-hszx-HSY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 234
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEN7j1spONgXT5tg6lZYXEeM&google_cver=1&google_push=ATf1kGMevhStS-AxzGPllSTjno_mVtumlqRzI6ZAUo7QJ7iCIpeV8myuDTNjZhCgkigc7JAsqDiUpgFdXSzvaGVpNj_GIpYFjJsY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGMevhStS-AxzGPllSTjno_mVtumlqRzI6ZAUo7QJ7iCIpeV8myuDTNjZhCgkigc7JAsqDiUpgFdXSzvaGVpNj_GIpYFjJsY
Request Chain 235
  • https://d5p.de17a.com/cookies/google?google_gid=CAESECnhlaHH8pfrrkivUbTbsMg&google_cver=1&google_push=ATf1kGOeBCV7UM9AtF6zxZl6q6AzzmC6UDrp95nmLHMqjxQDDVGFdlTCzNVU6K1XHmWQnnXgn_CdsiPWrge3zk5iFoT1ZSQxiXXYHA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGOeBCV7UM9AtF6zxZl6q6AzzmC6UDrp95nmLHMqjxQDDVGFdlTCzNVU6K1XHmWQnnXgn_CdsiPWrge3zk5iFoT1ZSQxiXXYHA
Request Chain 236
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBiOn9UXB5nu_uLP_GB3DFw&google_cver=1&google_push=ATf1kGO5kC88gv-slZ6QgvmUtpAVwbJMOY0v855OpxboZ6ShrU3anwHXdH9UJ82R7zzlGHEL0jZBhUsRs5P5TlrhBuR2Ad6_Dh6n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhaOVVEUTgtMVktNVJHSA==&google_push=ATf1kGO5kC88gv-slZ6QgvmUtpAVwbJMOY0v855OpxboZ6ShrU3anwHXdH9UJ82R7zzlGHEL0jZBhUsRs5P5TlrhBuR2Ad6_Dh6n
Request Chain 238
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJF0ooD4pVHW5AicLHQTUyg&google_cver=1&google_push=ATf1kGOzwEezcu0iOeBpEwxsR0KeurLbAaks5XSOmreV3COdvHOsXDbFAQYn1pY2NVhR3kcIQ4SbDwfKN8MmcyvTPZz1pp_MGKmK_Q HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOzwEezcu0iOeBpEwxsR0KeurLbAaks5XSOmreV3COdvHOsXDbFAQYn1pY2NVhR3kcIQ4SbDwfKN8MmcyvTPZz1pp_MGKmK_Q&google_hm=GsJPqBZHxMC6eVg7SFS0w3Dt
Request Chain 239
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHzAPznrGwNyFWjMPkUbF6Q&google_cver=1&google_push=ATf1kGPAq8eWNVdhwCYU6hA9R5qQiIh66ywjIxaDr7loiwSBpNCDT5kZdvHfp922nVF7lXROAwiKZgD5fcqvMMv81alooNFe6GbdsA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGPAq8eWNVdhwCYU6hA9R5qQiIh66ywjIxaDr7loiwSBpNCDT5kZdvHfp922nVF7lXROAwiKZgD5fcqvMMv81alooNFe6GbdsA
Request Chain 250
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEONVis8_kfRvlFsU0nr6Kl0&google_cver=1&google_push=ATf1kGO7MOgHktYSHG7FShB2WlWAUy00FTwA3iQXuenlQGmtsAv-yQOCrMWGU7ItNNTRF3J5UDDRxV5SjSM4v-XXl_7OsJysPw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGO7MOgHktYSHG7FShB2WlWAUy00FTwA3iQXuenlQGmtsAv-yQOCrMWGU7ItNNTRF3J5UDDRxV5SjSM4v-XXl_7OsJysPw
Request Chain 251
  • https://um.simpli.fi/gp_match?google_gid=CAESEO0AeMkkY_BS0nLqMOO-2P4&google_cver=1&google_push=ATf1kGNWCDN3f-drriW7nARAPMJG9Z8WjEV8784h5KushlKb9yUqibB4INR_UpBI4VIzr1HzFS29OpDvU11gXLOjoHBmmBA-v9Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A6418807CFD541109B096C1CE74B826C&google_push=ATf1kGNWCDN3f-drriW7nARAPMJG9Z8WjEV8784h5KushlKb9yUqibB4INR_UpBI4VIzr1HzFS29OpDvU11gXLOjoHBmmBA-v9Y
Request Chain 252
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEC79Kw33z2UgTFN2P4O5Aec&google_cver=1&google_push=ATf1kGPbEjo1ZNNRaj5N1GgHYJtXtmnTJ3hEJVkttaEAXV80G3InXsgSUT3AdHDFgL6KeTjT5-_uYH7csx3bUp8QXJy4Hg_I-A HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPbEjo1ZNNRaj5N1GgHYJtXtmnTJ3hEJVkttaEAXV80G3InXsgSUT3AdHDFgL6KeTjT5-_uYH7csx3bUp8QXJy4Hg_I-A&google_hm=GsJPqBZHxMC6eVg7SFS0w3Dt
Request Chain 254
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEFd1YuNo-twn9hz3Rmat3g0&google_cver=1&google_push=ATf1kGMIlZCGsCF1vCcFVsTYNb3BBia2-2xIDQBJpFJWa9VJ7nlN30U3hrrmv2Kr1PDq6xkcmOUEB9OdW5IV86Dfe5EwHUOb_smt HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ATf1kGMIlZCGsCF1vCcFVsTYNb3BBia2-2xIDQBJpFJWa9VJ7nlN30U3hrrmv2Kr1PDq6xkcmOUEB9OdW5IV86Dfe5EwHUOb_smt&google_hm=NDcwMDgyMTMxNjgyNDQ1MDU0MQ==
Request Chain 255
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHsNC0Oc1kISfv4nnFJQFSU&google_cver=1&google_push=ATf1kGOIc-lGCYXn1uJXBotw-Wb5wy0vWQNCBKyJmQvQiQIMqZpYaTbPBSAArLmy_sUqPRGn0s_BS-f_eGzbcCJw6VtdAgZk5OA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOIc-lGCYXn1uJXBotw-Wb5wy0vWQNCBKyJmQvQiQIMqZpYaTbPBSAArLmy_sUqPRGn0s_BS-f_eGzbcCJw6VtdAgZk5OA HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5

309 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/ 		190 KB
61 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfb8cf57daf495b41dfcde00091feab4113176b19b367625fc229e6bf2dbe41f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=60
cf-cache-status
DYNAMIC
cf-ray
7cb7a4669f541cab-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 19:59:53 GMT
expires
Mon, 22 May 2023 20:00:53 GMT
feature-policy
microphone none;camera none;geolocation none;
last-modified
Mon, 22 May 2023 19:59:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), microphone=(), geolocation=()
pragma
public
referrer-policy
strict-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FnMFaeQz5s492bKmG8HH4mhFpiXTF3fsSRuYI%2BUhZH6f%2FRboLeWMyZ0cmvvo7vzV46O3fEI5O24jMNorJlMLqxUhluy68gHHgHIrlILJXtsybxp4z1JzZg8dkMlKRLtz%2Fr4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
up.js
live.demand.supply/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/up.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
169aac0703d536d967e93f2100881b77e51a6b2823995dd0d9c61f30b38ad90f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01H0JH3JA8TSZ1S1CGSMZY0Q5D
date
Mon, 22 May 2023 19:59:53 GMT
content-encoding
br
cf-cache-status
HIT
age
527
cf-polished
origSize=4391
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"ad72f581a14aa3fbbf4827fac4449705-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
7cb7a46758539b3a-FRA
link
<https://live.demand.supply/impl.v16.9.1.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/eWFsbGEtc2hvb3RzLnR2Lw==>; rel=preload; as=script
timing-allow-origin
*
A-letterbigger_Savir.png
jscdn.greeter.me/ 		945 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jscdn.greeter.me/A-letterbigger_Savir.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Sun, 10 Jul 2022 13:45:06 GMT
x-amz-request-id
tx00000000000009221f213-00646bc2b2-97329064-fra1b
etag
"f07519ec5fbc46385f386b577e6e2a1d"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1684785593.dop088.lo4.t,1684785593.cds289.lo4.hn,1684785593.cds287.lo4.c
content-type
image/png
cache-control
max-age=1801
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
945
yalla-shoot.png
yalla-shoots.tv/uploads/logo/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yalla-shoots.tv/uploads/logo/yalla-shoot.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3790ed75687a3b6c3d71bcf4bd62c99f82a3dd738ae4b6b2639bd36e4f6bca29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
432230
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6352
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Sat, 23 Jul 2022 01:22:27 GMT
server
cloudflare
etag
"62db4d53-18d0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PEdCosZLrfwru7T9D5sC%2BKJdYTU5srRmmtr91aRhKvprmCOa%2FuElSdjpUdjehQ%2BpYKpAuAiSRryFktG6yX2JCO913ZlE3GFtR%2FiFEjSJWmxbZKcfmyBJHzzPx2UbNIMIR24%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
cf-ray
7cb7a46728111cab-FRA
expires
Fri, 16 Jun 2023 19:56:03 GMT
truncated
/ 		451 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		944 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		248 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		460 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		500 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
NeoSansArabic.woff
yalla-shoots.tv/assets/fonts/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/assets/fonts/NeoSansArabic.woff
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Origin
https://yalla-shoots.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
432205
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
57364
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Sat, 23 Jul 2022 01:21:21 GMT
server
cloudflare
etag
"62db4d11-e014"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZzOFGLzWdDoWgFHkLroQ%2FEtmTyJxVL17X0Muijr6f9XKjpBzOC6%2FlqBDxYSwbToEm0AJT8Sk6C%2B%2BTa7%2BXv9%2FdU7wcySOZn1x3i17G%2F62SASQotqZ42ZGzoaMFyCsMtNICs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
cf-ray
7cb7a46738281cab-FRA
expires
Fri, 16 Jun 2023 19:56:28 GMT
1556955966.png
web-api.scorarab.com/uploads/team/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-api.scorarab.com/uploads/team/1556955966.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ee327743ca88bb95d1de12d383f6834f568fba609a87144d769a2fcabdf7f23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
473590
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10777
x-xss-protection
1; mode=block
last-modified
Wed, 08 Dec 2021 17:06:40 GMT
server
cloudflare
etag
"61b0e620-2a19"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2B0lujqtALyfCTAtmplhVeapo4K7JP316eXILF43k5M4xHlgrEq6qyDMRl%2FKcddy9NvkCaKbDZ%2B8J2ZBbpxy9dPeJNEZBtYalFMnrlpT4JNlzvo0%2Fd0mOBk6xNPPF7gE2dJby3guMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7cb7a4679f9a9188-FRA
expires
Fri, 16 Jun 2023 08:26:43 GMT
1557093197.png
web-api.scorarab.com/uploads/team/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-api.scorarab.com/uploads/team/1557093197.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bd6632a78536ac110f45dba520723c75f13dc78865cfa899331df5ab6c472df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
841952
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11593
x-xss-protection
1; mode=block
last-modified
Wed, 08 Dec 2021 17:06:40 GMT
server
cloudflare
etag
"61b0e620-2d49"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JIkKVm%2FGQEJBQvkBejB8GdiNCjqTlvEkoJ3h1QKdA1XuTDFEHbxPrz404Vp4Bt9oOPYAfMLQdLtpik4QuwBrLuyOpxYK%2BqVZq4LN3hpT0B2DODLmbo0B%2BJ5aSEo4ViZOPAn8bI2eA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7cb7a4679f9d9188-FRA
expires
Mon, 12 Jun 2023 02:07:21 GMT
rocket-loader.min.js
yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 18 May 2023 12:47:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64661e57-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QwUFsoTlg7eiIpj5f%2BxUAgv1q65AC%2FRjzykf5iLOIL5lP31lPiPA%2FjsddPNsuCRxO0ggWwXhKSv9L6jyx0dn%2Fi2hZ04oFK9sGYym8NSksccsu33i1lOtT7sSLov26uLBzGo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7cb7a467891a1d90-FRA
expires
Wed, 24 May 2023 19:59:53 GMT
telegram.svg
lives.shoot-yalla.tv/uploads/img/
Redirect Chain
  • https://live.shoot-yalla.tv/uploads/img/telegram.svg
  • https://lives.shoot-yalla.tv/uploads/img/telegram.svg
1 KB
939 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lives.shoot-yalla.tv/uploads/img/telegram.svg
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H2
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45dd60aee8728ca8786226233d74694db5f4c0110647c8e48710c49cdd5bdf41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
432233
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Fri, 03 Jun 2022 01:24:02 GMT
server
cloudflare
etag
W/"629962b2-424"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d35UUd2UxR8PNUhLbr1ykWoH168kTMqgBzyCT%2FJBE4f7s4LIDsd0erEuqe%2BmopjihnZmPYz1qBZ3jIsqpSoSOKbRGuOBj0abtrbaUWfSYKtKjQpBRqUdo%2FSaKVdZdquREy6Qpd6mHw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
7cb7a4680cbf698f-FRA
expires
Fri, 16 Jun 2023 19:56:00 GMT

Redirect headers

date
Mon, 22 May 2023 19:59:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
36
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N7ECi5LIlTfGBjK7xmMQkhwxgOSGSAdkIE36R%2FHXD%2BSJr0uNaS277QA%2FrJuO99djzeObhK0xO1POZtWTkZfoMcKaHUQ%2FYvoqGp9Gl3wc19n1LXOOpph71Pn9V4b8VqNKjJ%2BRCoMO"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://lives.shoot-yalla.tv/uploads/img/telegram.svg
access-control-allow-origin
*
cache-control
max-age=60
vary
Accept-Encoding
cf-ray
7cb7a467cc5e698f-FRA
expires
Mon, 22 May 2023 20:00:17 GMT
js
www.googletagmanager.com/gtag/ 		117 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-230085360-1
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
98f98f6a86576bf9f43af401cd6ddda17a124bc0ee441abec887b5cd30cfbfac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46530
x-xss-protection
0
last-modified
Mon, 22 May 2023 18:00:41 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 May 2023 19:59:53 GMT
lazyload.js
yalla-shoots.tv/assets/themes/yalla-shoot/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/assets/themes/yalla-shoot/js/lazyload.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1b682cb1fee45d7f80c900aba4d8ddcb18ac1016dcf38ece495801ac65eb14f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
432232
cf-polished
origSize=7249
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-bgj
minify
last-modified
Sat, 23 Jul 2022 01:24:16 GMT
server
cloudflare
etag
W/"62db4dc0-1c51"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IcvOz0yWIO7z1JO7vfPLGobQPfH9S4C7b0AHZdN5EO2LCEt25jKHzz5vtXei7fYa2nrfpPvigeWrZZ0foY0uu4SQnJsgXnI68Oa%2BDRv%2B%2Bz6S5tH8ClRX3rr5DZaWpDwN1LI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
cf-ray
7cb7a467c9921d90-FRA
expires
Fri, 16 Jun 2023 19:56:01 GMT
matche
dalbouh.xyz/api/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dalbouh.xyz/api/matche?t=1684785543
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.233.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
spt
tg1.modoro360.com/api/adserver/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=63e0c53d06b87484dc0f3a56&AV_PUBLISHERID=63e0c30829bdc76cde070e85
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c::5c7b:682a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
16ca0e8d4d895d76d015c2012050b66aa757cf1ea73bcf011c4aab292b6e842f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

X-Bamboo-C-SkSt
1
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
Date
Mon, 22 May 2023 19:59:53 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Vary
Accept-Encoding
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Content-Length
7075
Expires
Mon, 22 May 2023 20:04:53 GMT
yalla-shoots.tvdynamic.js
jscdn.greeter.me/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jscdn.greeter.me/yalla-shoots.tvdynamic.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
35cf75de5d617b7a8e395dc30579c7245e3001a2b8227d55f3d3ddc2e773741d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Wed, 11 Jan 2023 19:24:32 GMT
x-amz-request-id
tx0000000000000923c95df-00646bc49e-9620c93c-fra1b
etag
"3cc898bc27a1b9035922667e9a7e891a"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1684785593.dop088.lo4.t,1684785593.cds289.lo4.hn,1684785593.cds293.lo4.c
content-type
text/javascript
cache-control
max-age=2293
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
7957
yalla-shoots.tvhead.js
jscdn.greeter.me/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jscdn.greeter.me/yalla-shoots.tvhead.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
c73e7fcf76232d28a1760877bd3eccada211feb797fd25ba824df3bac45b46eb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Wed, 11 Jan 2023 19:35:56 GMT
x-amz-request-id
tx0000000000000923db68d-00646bc51c-9620c93c-fra1b
etag
"559fe7c18011a3e1db9adb6276cba3f6"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1684785593.dop088.lo4.t,1684785593.cds289.lo4.hn,1684785593.cds265.lo4.c
content-type
text/javascript
cache-control
max-age=2419
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
7559
jquery.min.js
yalla-shoots.tv/assets/js/ 		87 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/assets/js/jquery.min.js?t=1684785543
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7e05b68eb47f0167793018bfc04a5fd640d8a9f406b6b2c1892a97f084f6769
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 21 Sep 2022 18:59:19 GMT
server
cloudflare
etag
W/"632b5f07-15d3a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2%2F7lEV8%2F2DzZz1dlQ10QXZ2aRULegia22a66gnzfdZEMpMhFFmsuS8fChwAmum3VoL0L%2BEL7NnpFzkLKN10vYsZ%2BFwwi83c%2BKaMqu2iTQO9cePf3998BDiltkwJQiCFzIA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
cf-ray
7cb7a467c9971d90-FRA
expires
Wed, 21 Jun 2023 19:59:53 GMT
impl.v16.9.1.js
live.demand.supply/ 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/impl.v16.9.1.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdeda8658c3f891c883f5a83c5f2b5e20a18c2fa65658d77a1522fe440b6d0e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01H0JGE5H42NN0NCVBZSKPPTF4
date
Mon, 22 May 2023 19:59:53 GMT
content-encoding
br
cf-cache-status
HIT
age
537190
cf-polished
origSize=75573
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"a92236f0259b51d5fbe112e5ac680198-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
7cb7a4691a2f9b3a-FRA
eWFsbGEtc2hvb3RzLnR2Lw==
live.demand.supply/p4/v16-2-0/ 		2 KB
980 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v16-2-0/eWFsbGEtc2hvb3RzLnR2Lw==
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc49b8fa6a37ba37475285dfbcb7a73324607a245021a86f84356ea0d3599dce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:53 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
7cb7a4691a319b3a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
e.js
live.demand.supply/e/ 		0
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?e=ll&d=308&cs=c&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Mon, 22 May 2023 19:59:53 GMT
cf-cache-status
HIT
age
1212809
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cb7a4692bfa372e-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9322b3a9c02a4482661e3ccc121cf25a085655b12e06bb3a857a6055f12b43de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25334
x-xss-protection
0
server
cafe
etag
32 / 19499 / m202305160101 / config-hash: 8319726746282660736
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 19:59:53 GMT
eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
live.demand.supply/p4/v16-2-0/ 		2 KB
938 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v16-2-0/eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d8066657064e86b4001d77e4e086a8c8c9bc03f905045c0ae8ff51e48db5dfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:53 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
7cb7a4691a339b3a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ds.2.html
live.demand.supply/ 		413 B
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GZ1RZWJJ11B8QMNKWM8Q3GJK
date
Mon, 22 May 2023 19:59:53 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1775792
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
7cb7a4692bfd372e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
yalla-shoots.tv_fluid_lb+sq
live.demand.supply/cp/ 		30 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_fluid_lb+sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a31f11e928816c87b61e97071e559129be986ec3a4711aa92dec6de6c88aaff7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7cb7a469ccb7372e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30
yalla-shoots.tv_native_multi_native1
live.demand.supply/cp/ 		21 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_native_multi_native1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7cb7a469ccb9372e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21
yalla-shoots.tv_fluid_sky+sq
live.demand.supply/cp/ 		29 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_fluid_sky+sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fbdc7885087f0d5ae6543c7ac88a88b5e9c08271fd8b2ebaf9cff3259ebf677

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7cb7a469ccba372e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29
yalla-shoots.tv_fluid_lb+sq
live.demand.supply/cp/ 		30 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_fluid_lb+sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a31f11e928816c87b61e97071e559129be986ec3a4711aa92dec6de6c88aaff7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7cb7a469ccbb372e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/ 		407 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c909c28a92bf7b48807218b7eb333d2e6700bd123064a9625b63e36764ae3d91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 18:29:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
5436
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128419
x-xss-protection
0
server
cafe
etag
9945815184239927542
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 21 May 2024 18:29:17 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		2 KB
612 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=yalla-shoots.tv&ppc_eid=31074403
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b8bf45887c36f2b86282ddb82be321a331550be5c3a87a626053de2db118aeaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
587
x-xss-protection
0
expires
Mon, 22 May 2023 19:59:53 GMT
yalla-shoots.tv_auto_728x90_sticky_display_bottom
live.demand.supply/cp/ 		30 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5ca67e74a9935ca04b01e7bb9f0e903311f44653d645e8e5447da918b0329ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7cb7a46a5d66372e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
878 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 May 2023 19:59:54 GMT
x-content-type-options
nosniff
content-encoding
br
age
31228
x-jsd-version
master
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230022-FRA
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:11:08 GMT
via
1.1 google
age
2926
x-guploader-uploadid
ADPycduYdrkwH1x2r7Dm2iK5QHfhpg0EvygEhGUx2w7BSCCRIR5Z5S6ViFi0xa7rE-_Fs1rJNew85JQSsLP8DxPhcM3dsQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1938
last-modified
Thu, 27 Apr 2023 19:53:17 GMT
server
UploadServer
etag
"0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation
1682625197861193
x-goog-hash
crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
1938
accept-ranges
bytes
expires
Mon, 22 May 2023 20:11:08 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 05:55:32 GMT
content-encoding
gzip
via
1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 00:14:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
50663
x-amz-server-side-encryption
AES256
etag
W/"37e703da55f96b973658b8e7aeed0e93"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
bM7-JEEG6JVoUpzOdNA2ZdYAvAGkJxYzt1IxLhZKHi3iG8al68UZAA==
esp.js
cdn.id5-sync.com/api/1.0/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
CKT0NRQT6X1WME85
age
77
etag
W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7cb7a46adb6303a0-FRA
x-amz-id-2
nadyFzAoxBy2AovEE/XB9fD+RV0Eny5nGuoN/67Dle3cARBdiEUCb3/rOAkBBDG0Jr15tXYQQsE=
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4400:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 02:36:56 GMT
Via
1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
62579
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
NtBhPRubowaml4JBSPYKtdMuH8S_Un4KL36gOKvhy2VHqyYpmY0oWg==
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-9c21"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 23 May 2023 19:59:54 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2722881580573987&correlator=1231727330631580&eid=31074405%2C31074401%2C31068367&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C175844fe-17b4-47e6-9355-28af1ff828c4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=1711219817&didk=1133630126&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D02dbc854-67e2-4bf7-98a2-63650bf48fab%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D14%26bid-p%3Dgoogle%26bsc%3D74&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1684785594011&lmt=1684785543&dlt=1684785593460&idt=494&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=579155913.1684785594&ga_sid=1684785594&ga_hid=1322753345&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYlf2vqIQxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiV_a-ohDFIAFICCGQSGQoKcHViY2lkLm9yZxiU_a-ohDFIAFICCGQSFwoIcnRiaG91c2UYlf2vqIQxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJX9r6iEMUgAUgIIZBIZCgp1aWRhcGkuY29tGJX9r6iEMUgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0308ee320c8fdbdddc9a94170d11a8d724d637acd5f4880d0b6d6883b10832b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1000
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BFA6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 19:59:54 GMT
expires
Tue, 21 May 2024 19:59:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8029665c0154234ddf67e798de4c9a5cad358071f988aa1c1f84bbae930ed8cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 05:22:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
52617
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12848
x-xss-protection
0
server
cafe
etag
13833340073225968366
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 21 May 2024 05:22:57 GMT
e.js
live.demand.supply/e/ 		0
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&pdc=0.13635876178741455&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Mon, 22 May 2023 19:59:54 GMT
cf-cache-status
HIT
age
1212810
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cb7a46acdde372e-FRA
e.js
live.demand.supply/x/ 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=da&r=yalla-shoots.tv_fluid_lb%2Bsq&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYCRJ7Z7YMGJ3EFJYC5AKSDX
date
Mon, 22 May 2023 19:59:54 GMT
cf-cache-status
HIT
age
2293056
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cb7a46acde0372e-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2722881580573987&correlator=3569866228096255&eid=31074405%2C31074401%2C31068367&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C356922b4-0932-42d8-8698-9fc099d8e22d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=2&adks=436184684&didk=1418515192&sfv=1-0-40&prev_scp=ti%3D02dbc854-67e2-4bf7-98a2-63650bf48fab%26chrand%3Dn%26pof%3D1%26rfi%3D30%26bsc%3D74&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1684785594060&lmt=1684785543&dlt=1684785593460&idt=494&adxs=314&adys=2344&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&frm=20&vis=1&psz=1076x116&msz=1076x116&fws=4&ohw=1100&ga_vid=579155913.1684785594&ga_sid=1684785594&ga_hid=1322753345&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYlf2vqIQxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiV_a-ohDFIAFICCGQSGQoKcHViY2lkLm9yZxiU_a-ohDFIAFICCGQSFwoIcnRiaG91c2UYlf2vqIQxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJX9r6iEMUgAUgIIZBIZCgp1aWRhcGkuY29tGJX9r6iEMUgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd061141929cf1d7afacff7f7f158d3142a1033416744a2a3cd20ebffeb06382
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
548
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		114 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2722881580573987&correlator=4206306071743567&eid=31074405%2C31074401%2C31068367&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cnative-multi%2C3d4ab4c6-6d5f-4b8c-9e83-ea0e7b3534e1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=3&adks=3368116147&didk=3429720029&sfv=1-0-40&prev_scp=ti%3D02dbc854-67e2-4bf7-98a2-63650bf48fab%26chrand%3Dn%26pof%3D1%26rfi%3D30%26bsc%3D74%26format%3Dmulti-native&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1684785594084&lmt=1684785543&dlt=1684785593460&idt=494&adxs=262&adys=504&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&frm=20&vis=1&psz=1076x0&msz=1076x0&fws=4&ohw=1076&ga_vid=579155913.1684785594&ga_sid=1684785594&ga_hid=1322753345&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYlf2vqIQxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiV_a-ohDFIAFICCGQSGQoKcHViY2lkLm9yZxiU_a-ohDFIAFICCGQSFwoIcnRiaG91c2UYlf2vqIQxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJX9r6iEMUgAUgIIZBIZCgp1aWRhcGkuY29tGJX9r6iEMUgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83aff343b62898d280d7ded2fdeb9c91629f765f9133ebd7d72aa011bc29cfad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31789
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
encrypt
esp.rtbhouse.com/ 		265 B
360 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
95f6128d23e0124cb244523380b0a2d360799c3ffb5c0c60b6bd5193ebb021b4

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
via
1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
5f5988b70e236230e9d592d1496c4f77
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
265
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://yalla-shoots.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://yalla-shoots.tv
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Mon, 22 May 2023 19:59:54 GMT
server
Google Frontend
vary
Origin
via
1.1 google
x-cloud-trace-context
13015544e48499f71fb701ae6845fe09
map
bcp.crwdcntrl.net/6/ 		60 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.67.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-67-141.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2123644f768ff687cf44fc2d1ea0e1b89dc2d38e6005857aa1947ac316a62f0b

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:54 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache
x-server
10.45.27.215
access-control-allow-credentials
true
content-length
60
expires
0
syncframe
gum.criteo.com/ Frame D12B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=yalla-shoots.tv
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 19:59:53 GMT
server
Kestrel
server-processing-duration-in-ticks
431725
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
increment
id5-sync.com/api/esp/ 		0
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://yalla-shoots.tv
date
Mon, 22 May 2023 19:59:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
sid
mug.criteo.com/ Frame D12B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=yalla-shoots.tv&sn=ChromeSyncframe&so=0&topUrl=yalla-shoots.tv&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=EAOgKHwyaTRiYWFrYnZ6SGhsazFoSXNiOCt4MkN4REtBYmVTam1QaGxKNk44V21hTVowK1c2K2U4MUs0cW1USzJuZzIzU1pYNW1WamIrMElzQnNONzdhZkQwWWQvZzZQSGQrYWREQVVVRDhVZmdzTmlMekprZUNXaXUwWj...
422 B
648 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=EAOgKHwyaTRiYWFrYnZ6SGhsazFoSXNiOCt4MkN4REtBYmVTam1QaGxKNk44V21hTVowK1c2K2U4MUs0cW1USzJuZzIzU1pYNW1WamIrMElzQnNONzdhZkQwWWQvZzZQSGQrYWREQVVVRDhVZmdzTmlMekprZUNXaXUwWjkxc3hGa3BPYitLZ2hBeURiQm5OS29zVkFZREVVWnkzOWhaVUJGc25SclA0VC9la05La1BWRDRJcEF0cGdwY24rWE1HS01QRUZwdzV6eFdGWk12eHlSOEY4QmIveERjNk5meU14bXNQeXVYa0lyclNxT08zdDMxL290WTZLbWh3Q1k4SGYycHBpalVrRDByT3FuSFppUkN6dk54VmRzT0ZuWkxkdXViOUZ0MmZoNnhSQkJ0MD18&cppv=2
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
067e4d1deda75194b90d9417e8d5298dc01e66fbee4173c4249f168d82645b51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1660281
expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:54 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=EAOgKHwyaTRiYWFrYnZ6SGhsazFoSXNiOCt4MkN4REtBYmVTam1QaGxKNk44V21hTVowK1c2K2U4MUs0cW1USzJuZzIzU1pYNW1WamIrMElzQnNONzdhZkQwWWQvZzZQSGQrYWREQVVVRDhVZmdzTmlMekprZUNXaXUwWjkxc3hGa3BPYitLZ2hBeURiQm5OS29zVkFZREVVWnkzOWhaVUJGc25SclA0VC9la05La1BWRDRJcEF0cGdwY24rWE1HS01QRUZwdzV6eFdGWk12eHlSOEY4QmIveERjNk5meU14bXNQeXVYa0lyclNxT08zdDMxL290WTZLbWh3Q1k4SGYycHBpalVrRDByT3FuSFppUkN6dk54VmRzT0ZuWkxkdXViOUZ0MmZoNnhSQkJ0MD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
291646
content-length
0
expires
0
e.js
live.demand.supply/e/ 		0
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&pdc=0.13635876178741455&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Mon, 22 May 2023 19:59:54 GMT
cf-cache-status
HIT
age
1212810
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cb7a46bbf6f372e-FRA
e.js
live.demand.supply/x/ 		0
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=da&r=yalla-shoots.tv_fluid_lb%2Bsq&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYCRJ7Z7YMGJ3EFJYC5AKSDX
date
Mon, 22 May 2023 19:59:54 GMT
cf-cache-status
HIT
age
2293056
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cb7a46bbf76372e-FRA
e.js
live.demand.supply/e/ 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_interstitial_desktop&e=nai&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Mon, 22 May 2023 19:59:54 GMT
cf-cache-status
HIT
age
1212810
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cb7a46bcf8e372e-FRA
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2722881580573987&correlator=4375370277158812&eid=31074405%2C31074401%2C31068367%2C44714449&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2Cb17090f6-08a6-4b68-a0ee-9e4e6b306a62&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=4&adks=4082428376&didk=3642258492&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D02dbc854-67e2-4bf7-98a2-63650bf48fab%26chrand%3Dn%26pof%3D1%26bsc%3D74&eri=1&sc=1&cookie=ID%3D4df5a18bc750d283%3AT%3D1684785594%3AS%3DALNI_MYJrg7PILfaPJ1Ze9hYTDWFJ4paJw&gpic=UID%3D00000c1a0e0890f2%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MY7TyVCIvnlpZjLbGc0fqBRKHTvQA&abxe=1&dt=1684785594213&lmt=1684785543&dlt=1684785593460&idt=494&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=579155913.1684785594&ga_sid=1684785594&ga_hid=1322753345&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYlf2vqIQxSABSAghkEhkKCnB1YmNpZC5vcmcY7P2vqIQxSABSAghqEhcKCHJ0YmhvdXNlGJX9r6iEMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiV_a-ohDFIAFICCGQSGQoKdWlkYXBpLmNvbRiV_a-ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMH-r6iEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
662981d7014cb44591cc12b34a726afdcf4c16316924ec84c271e38cc20da78c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
710
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/ 		0
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_sky%2Bsq&pdc=0.4692413806915283&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Mon, 22 May 2023 19:59:54 GMT
cf-cache-status
HIT
age
1212810
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cb7a46c2ff9372e-FRA
e.js
live.demand.supply/e/ 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_728x90_sticky_display_bottom&pdc=0.18778369426727295&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Mon, 22 May 2023 19:59:54 GMT
cf-cache-status
HIT
age
1212810
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cb7a46c2802372e-FRA
sdb.css
live.demand.supply/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/css/sdb.css
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GTP882AJGXJCM3VNH3JF57QN
date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
1786560
etag
W/"14c5381be186641471a926a081d90c88-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
7cb7a46c2894382e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2722881580573987&correlator=869765010343165&eid=31074405%2C31074401%2C31068367%2C44714449&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C2f5dd645-0d0d-422d-99d2-d7bef2ca8963&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=5&adks=3202367356&didk=4055989924&sfv=1-0-40&prev_scp=ti%3D02dbc854-67e2-4bf7-98a2-63650bf48fab%26chrand%3Dn%26pof%3D1%26rfi%3D30%26stt%3Dbhs%26bsc%3D74&eri=1&sc=1&cookie=ID%3D4df5a18bc750d283%3AT%3D1684785594%3AS%3DALNI_MYJrg7PILfaPJ1Ze9hYTDWFJ4paJw&gpic=UID%3D00000c1a0e0890f2%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MY7TyVCIvnlpZjLbGc0fqBRKHTvQA&abxe=1&dt=1684785594271&lmt=1684785543&dlt=1684785593460&idt=494&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=579155913.1684785594&ga_sid=1684785594&ga_hid=1322753345&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYlf2vqIQxSABSAghkEhkKCnB1YmNpZC5vcmcY7P2vqIQxSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqak5aa1dHL0dZa29KNjRuaFZPZlRvS3hoUmpUMnVwaGpOaUlSemVRbTdabmNpQ2xTRG5DaHFtNzUzWERyQzV2d0Z4YjBRcWNRZ1dNdmdkSDlvbzdjZG5VazBJa2djNzE2ZDFSaExKTDUrenJGRlFicmk2V2UvMXJtSFdTeDZIRXh0MDJ1OTkvaEhBeU1CY1Q0bWZ4QUZsMlBid3FNVUZhT2ExbHU4aUk5WDF0bnBTVG8vb3pOaWUwRGlpMmNjYWhUd1E9PRiV_6-ohDFIABIdCg5lc3AuY3JpdGVvLmNvbRiV_a-ohDFIAFICCGQSGQoKdWlkYXBpLmNvbRiV_a-ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMH-r6iEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86b7f0d269c16a4cae741fb9371e99202f9ba7df8b525ff813ae9191c990be5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11606
x-xss-protection
0
google-lineitem-id
6247069801
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138426413305
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/ 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&e=nai&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Mon, 22 May 2023 19:59:54 GMT
cf-cache-status
HIT
age
1212810
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cb7a46c4822372e-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		41 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2722881580573987&correlator=1551205168902332&eid=31074405%2C31074401%2C31068367%2C44714449&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C39a08c37-8599-49df-916b-1911d54fde51&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=6&adks=2638725796&didk=1418515192&sfv=1-0-40&prev_scp=ti%3D02dbc854-67e2-4bf7-98a2-63650bf48fab%26chrand%3Dnbs%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26rfi%3D30%26bsc%3D74&eri=1&sc=1&cookie=ID%3Deae84e00a93dafdd%3AT%3D1684785594%3AS%3DALNI_MaLOu3r-5qCThEdpZRcCs9dQi6D1g&gpic=UID%3D00000c1a0e6796ff%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MY6tH-choSXQ3Z1EhNxLdwwJiiBYQ&abxe=1&dt=1684785594284&lmt=1684785543&dlt=1684785593460&idt=494&adxs=314&adys=2344&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&frm=20&vis=1&psz=1076x116&msz=1076x116&fws=4&ohw=1100&ga_vid=579155913.1684785594&ga_sid=1684785594&ga_hid=1322753345&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYlf2vqIQxSABSAghkEhkKCnB1YmNpZC5vcmcY7P2vqIQxSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqak5aa1dHL0dZa29KNjRuaFZPZlRvS3hoUmpUMnVwaGpOaUlSemVRbTdabmNpQ2xTRG5DaHFtNzUzWERyQzV2d0Z4YjBRcWNRZ1dNdmdkSDlvbzdjZG5VazBJa2djNzE2ZDFSaExKTDUrenJGRlFicmk2V2UvMXJtSFdTeDZIRXh0MDJ1OTkvaEhBeU1CY1Q0bWZ4QUZsMlBid3FNVUZhT2ExbHU4aUk5WDF0bnBTVG8vb3pOaWUwRGlpMmNjYWhUd1E9PRiV_6-ohDFIABIdCg5lc3AuY3JpdGVvLmNvbRiV_a-ohDFIAFICCGQSGQoKdWlkYXBpLmNvbRiV_a-ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMH-r6iEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47c3023290e4186ba9c22d742dbbf9977086deba7af71beecdc1057030ccd467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14876
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		69 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2722881580573987&correlator=428975346488442&eid=31074405%2C31074401%2C31068367%2C44714449&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C7b9be0bc-7aae-4298-84dd-8d5becb2ea92&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x600&ifi=7&adks=1131662217&didk=412460673&sfv=1-0-40&prev_scp=ti%3D02dbc854-67e2-4bf7-98a2-63650bf48fab%26chrand%3Dn%26pof%3D1%26bsc%3D74&eri=1&sc=1&cookie=ID%3Deae84e00a93dafdd%3AT%3D1684785594%3AS%3DALNI_MaLOu3r-5qCThEdpZRcCs9dQi6D1g&gpic=UID%3D00000c1a0e6796ff%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MY6tH-choSXQ3Z1EhNxLdwwJiiBYQ&abxe=1&dt=1684785594291&lmt=1684785543&dlt=1684785593460&idt=494&adxs=302&adys=504&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&frm=20&vis=1&psz=1052x616&msz=1052x616&fws=4&ohw=1100&ga_vid=579155913.1684785594&ga_sid=1684785594&ga_hid=1322753345&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYlf2vqIQxSABSAghkEhkKCnB1YmNpZC5vcmcY7P2vqIQxSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqak5aa1dHL0dZa29KNjRuaFZPZlRvS3hoUmpUMnVwaGpOaUlSemVRbTdabmNpQ2xTRG5DaHFtNzUzWERyQzV2d0Z4YjBRcWNRZ1dNdmdkSDlvbzdjZG5VazBJa2djNzE2ZDFSaExKTDUrenJGRlFicmk2V2UvMXJtSFdTeDZIRXh0MDJ1OTkvaEhBeU1CY1Q0bWZ4QUZsMlBid3FNVUZhT2ExbHU4aUk5WDF0bnBTVG8vb3pOaWUwRGlpMmNjYWhUd1E9PRiV_6-ohDFIABIdCg5lc3AuY3JpdGVvLmNvbRiV_a-ohDFIAFICCGQSGQoKdWlkYXBpLmNvbRiV_a-ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMH-r6iEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
766c749ecfb32487eaa65e521cc2c52284eab1c33ac7ee7f356a514b5022aa18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17342
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		872 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2722881580573987&correlator=4042162339887834&eid=31074405%2C31074401%2C31068367%2C44714449&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C356922b4-0932-42d8-8698-9fc099d8e22d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=8&adks=3366209244&didk=1418515199&sfv=1-0-40&prev_scp=ti%3D02dbc854-67e2-4bf7-98a2-63650bf48fab%26chrand%3Dn%26pof%3D1%26rfi%3D30%26bsc%3D74&eri=1&sc=1&cookie=ID%3Deae84e00a93dafdd%3AT%3D1684785594%3AS%3DALNI_MaLOu3r-5qCThEdpZRcCs9dQi6D1g&gpic=UID%3D00000c1a0e6796ff%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MY6tH-choSXQ3Z1EhNxLdwwJiiBYQ&abxe=1&dt=1684785594299&lmt=1684785543&dlt=1684785593460&idt=494&adxs=302&adys=220&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&frm=20&vis=1&psz=1052x116&msz=1052x116&fws=4&ohw=1100&ga_vid=579155913.1684785594&ga_sid=1684785594&ga_hid=1322753345&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYlf2vqIQxSABSAghkEhkKCnB1YmNpZC5vcmcY7P2vqIQxSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqak5aa1dHL0dZa29KNjRuaFZPZlRvS3hoUmpUMnVwaGpOaUlSemVRbTdabmNpQ2xTRG5DaHFtNzUzWERyQzV2d0Z4YjBRcWNRZ1dNdmdkSDlvbzdjZG5VazBJa2djNzE2ZDFSaExKTDUrenJGRlFicmk2V2UvMXJtSFdTeDZIRXh0MDJ1OTkvaEhBeU1CY1Q0bWZ4QUZsMlBid3FNVUZhT2ExbHU4aUk5WDF0bnBTVG8vb3pOaWUwRGlpMmNjYWhUd1E9PRiV_6-ohDFIABIdCg5lc3AuY3JpdGVvLmNvbRiV_a-ohDFIAFICCGQSGQoKdWlkYXBpLmNvbRiV_a-ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMH-r6iEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5139fa858fdc6e814b180ad9e0eacea17c60f888ac20bbf346219b351afe51c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
405
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
key.php
yalla-shoots.tv/ 		158 B
769 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/key.php?kt=1684785594
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd13ec9959b5827e03afaf8886eebde77c2ec5d1ce53303a9980675de969bf9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8f1mRWOStVgW7IHQH5Iv079pQJFV%2FxROrfpGmtZnCiKWypDxDxtU2RESdju6Sk7ToRRSknq9Hqc0328Y3GzKQr9WoXiQE17TuF8e5hcEOVHaXofQyrEvSm5Y%2FdvvaCDCo4I%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=60
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
cf-ray
7cb7a46cda201d90-FRA
expires
Mon, 22 May 2023 20:00:54 GMT
get
feed.avplayer.com/backend/ 		5 KB
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://feed.avplayer.com/backend/get?cmsType=playlist&id=631a2480b3d08269680f4be2&AV_TAGID=63e0c53d06b87484dc0f3a56&pid=63e0c30829bdc76cde070e85&cid=63e0c35e9283893b7f0c04f6&AV_TEMPID=62c2a28af9382161a05f9104&AV_PUBLISHERID=63e0c30829bdc76cde070e85
Requested by
Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=63e0c53d06b87484dc0f3a56&AV_PUBLISHERID=63e0c30829bdc76cde070e85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
c0883f3b1b0e7e616c54632fbdfbe938f3fecb3ce704695073acf41ef89b6030

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
gzip
x-hw
1684785594.dop220.lo4.t,1684785594.cds275.lo4.hn,1684785594.cds088.lo4.c
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
avcplayer.js
player.avplayer.com/script/2/v/ 		251 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/v/avcplayer.js
Requested by
Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=63e0c53d06b87484dc0f3a56&AV_PUBLISHERID=63e0c30829bdc76cde070e85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 17:18:44 GMT
etag
"1646327924"
x-hw
1684785594.dop033.lo4.t,1684785594.cds296.lo4.hn,1684785594.cds043.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
61326
track
servt.modoro360.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.modoro360.com/track?pid=63e0c30829bdc76cde070e85&cid=63e0c35e9283893b7f0c04f6&cb=1684785594385&r=yalla-shoots.tv&stagid=63e0c53d06b87484dc0f3a56&stplid=62c2a28af9382161a05f9104&d35=&d65=Test1&d66=7&d74=&e=playerLoaded&cpid=631a2480b3d08269680f4be2&str=viewable
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.176.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-176-230.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
e.js
live.demand.supply/x/ 		0
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=fs&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYCRJ7Z7YMGJ3EFJYC5AKSDX
date
Mon, 22 May 2023 19:59:54 GMT
cf-cache-status
HIT
age
2293056
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cb7a46cf943372e-FRA
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305160101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0cf0d7417b104997b74b0704a0ad6195997fa1a168a749ef026f299dd1dbb373
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10996
x-xss-protection
0
A-letterbigger_Savir.png
jscdn.greeter.me/ 		945 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jscdn.greeter.me/A-letterbigger_Savir.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Sun, 10 Jul 2022 13:45:06 GMT
x-amz-request-id
tx00000000000009221f213-00646bc2b2-97329064-fra1b
etag
"f07519ec5fbc46385f386b577e6e2a1d"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1684785594.dop088.lo4.t,1684785594.cds289.lo4.hn,1684785594.cds287.lo4.c
content-type
image/png
cache-control
max-age=1800
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
945
hb_739813_17175.js
player.aplhb.adipolo.com/prebidlink/467995/ 		290 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.tvhead.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
f8aa9a880d6e487e7842722fbaee7c4c914803cef2baf4f92b76167b48df3bad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2022 12:00:43 GMT
server
nginx
etag
W/"63a0526b-48644"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Mon, 22 May 2023 20:59:54 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.tvhead.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15c00d52ad6c5e05310ac52521820021974a682bb36fc5a6690d46ea003a263b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25334
x-xss-protection
0
server
cafe
etag
298 / 19499 / m202305160101 / config-hash: 8319726746282660736
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 19:59:54 GMT
wrapper_hb_739813_17175.js
player.aplhb.adipolo.com/prebidlink/467995/ 		2 KB
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aplhb.adipolo.com/prebidlink/467995/wrapper_hb_739813_17175.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.tvhead.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
cba78783503f962e24d09c78f38add0360021817317c6972d14e37e250b52e3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2022 12:13:01 GMT
server
nginx
etag
W/"63a0554d-685"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Mon, 22 May 2023 20:59:54 GMT
gpt.js
www.googletagservices.com/tag/js/ 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.tvhead.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b5990b68c8ac4a16024919b38f2b62d931ed59566ac9dbe92c82c12ecf19a04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25334
x-xss-protection
0
server
cafe
etag
790 / 19499 / m202305160101 / config-hash: 8319726746282660736
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 19:59:54 GMT
adipolo_logo.png
adipolo.com/wp-content/uploads/2020/06/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
cf-cache-status
HIT
last-modified
Tue, 02 Jun 2020 09:04:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7543771
etag
"5ed61610-1b9c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rj%2BBcEROH%2B%2FeEAurwdMSTok8uV%2B9oJPOenz4PejnyTHOtRsqHBp4lETd380uNeG9e37sxzhWhoCD1jSGIgJAGUnVMHbtaitEV6OytsGe0O4M4j91Pg0OqdsHnrdJRw1xpW2tKYE%2BNC4oOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7cb7a46d5bf39b51-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7068
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-230085360-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 May 2023 18:35:39 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
5055
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Mon, 22 May 2023 20:35:39 GMT
A-letterbigger_Savir.png
jscdn.greeter.me/ 		945 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jscdn.greeter.me/A-letterbigger_Savir.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Sun, 10 Jul 2022 13:45:06 GMT
x-amz-request-id
tx00000000000009221f213-00646bc2b2-97329064-fra1b
etag
"f07519ec5fbc46385f386b577e6e2a1d"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1684785594.dop088.lo4.t,1684785594.cds289.lo4.hn,1684785594.cds287.lo4.c
content-type
image/png
cache-control
max-age=1800
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
945
frame.php
yalla-shoots.tv/ Frame 1264 		198 KB
72 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/frame.php?ch=p1_1&p=10&token=NmQ2YTY1MzM2YzZhNzkzMDZjNmE2NTMxNmQ3MzM0MzU3NTY4NzY3YTYxNjQ2OTc3NmQ2YTY5NzI2ZDZhNjE3OTZkNjM3MDZhNzI2NTYyMzY2ZTMyNjYzNTZlNzg3OTdhNmU2OTY2MzY2ZTczNmQ=&kt=1684785594
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc1ea1b1ba7808dc2cd11a5503deb4de8edf6894ec4d5d542d401891b63b61e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=60
cf-cache-status
DYNAMIC
cf-ray
7cb7a46d7b021d90-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 19:59:54 GMT
expires
Mon, 22 May 2023 20:00:54 GMT
feature-policy
microphone none;camera none;geolocation none;
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), microphone=(), geolocation=()
referrer-policy
strict-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qj48aZrpEOnyRO7ctjUhhYNr5NDExGsJg9MgXnZL6LWvpDIAUxA%2FS4yWqftEN0LMt27k7p8MhyLsc1jSeSRSmYJ1B8qXe6b22HkSXQ%2Bo1GIb10LC6GzYzyfRb%2F7zyvg73Fw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
container.html
0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 14EA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 19:59:54 GMT
expires
Tue, 21 May 2024 19:59:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		182 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		834 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
e.js
live.demand.supply/e/ 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=-1&r=yalla-shoots.tv_auto_728x90_sticky_display_bottom&sy=63847903-d0cb-42b5-8779-5ed181de7f64&ts=74&cd=2&pud=308&pus=c&pue=427&pid=105&pis=c&pie=533&ppd=158&pps=a&ppe=585&pcl=222&ttc=634&tti=1156&ttif=0&lca=585&lcak=ppe&lct=585&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=02dbc854-67e2-4bf7-98a2-63650bf48fab&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Mon, 22 May 2023 19:59:54 GMT
cf-cache-status
HIT
age
1212810
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cb7a46daa63372e-FRA
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 May 2023 19:59:54 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 14EA 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:36:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
293014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 May 2024 10:36:20 GMT
css
fonts.googleapis.com/ Frame 14EA 		2 KB
870 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cardo:400,700&lang=de
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
82fc44d47488df64278445c8fd1f9bbf3b97c98d19d9d4ae4976c7c28840f1d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 May 2023 19:59:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 May 2023 19:59:54 GMT
4374473173132342163
tpc.googlesyndication.com/simgad/ Frame 14EA 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4374473173132342163?
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ffdc3ac4306a19c995a12935fcbebddba0d65dce9680443e84fb04541cf43f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 21:02:32 GMT
x-content-type-options
nosniff
age
255442
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48986
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 23:06:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 18 May 2024 21:02:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 14EA 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 19:59:54 GMT
collect
www.google-analytics.com/j/ 		1 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1322753345&t=pageview&_s=1&dl=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&ul=en-us&de=UTF-8&dt=%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9%20%D9%86%D9%8A%D9%88%D9%83%D8%A7%D8%B3%D9%84%20%D9%8A%D9%88%D9%86%D8%A7%D9%8A%D8%AA%D8%AF%20%D9%88%20%D9%84%D9%8A%D8%B3%D8%AA%D8%B1%20%D8%B3%D9%8A%D8%AA%D9%8A%20-%20%D8%A7%D9%84%D8%AF%D9%88%D8%B1%D9%8A%20%D8%A7%D9%84%D8%A5%D9%86%D8%AC%D9%84%D9%8A%D8%B2%D9%8A%20%D8%A7%D9%84%D9%85%D9%85%D8%AA%D8%A7%D8%B2%20-%202023-05-22&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=104875130&gjid=467882531&cid=579155913.1684785594&tid=UA-230085360-1&_gid=107291816.1684785595&_r=1&gtm=457e35h0&jsscut=1&z=612484969
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
hbw_master_739813_17175.js
player.aplhb.adipolo.com/prebidlink/19499/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aplhb.adipolo.com/prebidlink/19499/hbw_master_739813_17175.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/wrapper_hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
a31e81b5ee962da98d89c99da3f964c57755440e8b8e0c950b6cf63f4f29b7fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2022 12:13:01 GMT
server
nginx
etag
W/"63a0554d-152fa"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Mon, 22 May 2023 20:59:54 GMT
truncated
/ 		385 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
favicon.ico
storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.139.16 , France, ASN16276 (OVH, FR),
Reverse DNS
ip16.ip-145-239-139.eu
Software
/
Resource Hash
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 19:59:54 GMT
X-Openstack-Request-Id
txf62a0410ddc34c6aa2602-00646bc9ba
Last-Modified
Sun, 31 Jan 2021 12:57:34 GMT
Etag
7bf4f6782dee3b520a65ff84286e3691
Content-Type
image/x-icon
X-Timestamp
1612097853.12655
Accept-Ranges
bytes
Content-Length
15086
X-Trans-Id
txf62a0410ddc34c6aa2602-00646bc9ba
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
e.js
live.demand.supply/e/ 		0
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_interstitial_desktop&e=nai&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Mon, 22 May 2023 19:59:54 GMT
cf-cache-status
HIT
age
1212810
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cb7a46e2b17372e-FRA
rocket-loader.min.js
yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 1264 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/frame.php?ch=p1_1&p=10&token=NmQ2YTY1MzM2YzZhNzkzMDZjNmE2NTMxNmQ3MzM0MzU3NTY4NzY3YTYxNjQ2OTc3NmQ2YTY5NzI2ZDZhNjE3OTZkNjM3MDZhNzI2NTYyMzY2ZTMyNjYzNTZlNzg3OTdhNmU2OTY2MzY2ZTczNmQ=&kt=1684785594
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 18 May 2023 12:47:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64661e57-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8207nWW6eLlGYFIlz1eO7q3aQvjZHG6gNl8wHs39l1NrYTvkspuJYAqaubDdDNteuq0Di4WbqZidilk5E8VcDM2qpu5UC%2FGrAZDqvrCSbC2KXkegk94Iki9gmZtDxgAOGRI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7cb7a46e6ca61d90-FRA
expires
Wed, 24 May 2023 19:59:54 GMT
container.html
0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DD28 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 19:59:54 GMT
expires
Tue, 21 May 2024 19:59:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&pn=-1&sn=3&pc=0.13635876178741455&ds=true&e=wdp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Mon, 22 May 2023 19:59:54 GMT
cf-cache-status
HIT
age
1212810
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cb7a46e7b86372e-FRA
e.js
live.demand.supply/e/ 		0
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=yalla-shoots.tv_fluid_lb%2Bsq&sy=63847903-d0cb-42b5-8779-5ed181de7f64&ts=74&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=02dbc854-67e2-4bf7-98a2-63650bf48fab&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Mon, 22 May 2023 19:59:54 GMT
cf-cache-status
HIT
age
1212810
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cb7a46e7b8b372e-FRA
Yamkarish.mp4
cdn-adipolo.urekamedia.com/test/a92a53cfdb1b435a8/ 		880 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn-adipolo.urekamedia.com/test/a92a53cfdb1b435a8/Yamkarish.mp4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash

Request headers

Referer
https://yalla-shoots.tv/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range
bytes=0-

Response headers

x-77-pop
frankfurtDE
date
Mon, 22 May 2023 19:59:54 GMT
x-cache
HIT
x-77-cache
HIT
Content-Range
bytes 0-900871/900872
x-age
103897
x-accel-date
1684681697
Content-Length
900872
x-77-nzt
AcO1rw6OD4T/2ZUBAA
x-accel-expires
@1685718497
last-modified
Tue, 06 Sep 2022 14:19:18 GMT
server
CDN77-Turbo
etag
"631756e6-dbf08"
x-77-nzt-ray
90833930e5ef8d5dbac96b6407e50d2a
content-type
video/mp4
access-control-allow-origin
*
container.html
0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8F58 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 19:59:54 GMT
expires
Tue, 21 May 2024 19:59:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=-1&r=yalla-shoots.tv_fluid_sky%2Bsq&sy=63847903-d0cb-42b5-8779-5ed181de7f64&ts=74&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=1024x600&mlbw=4g&mlcs=NaN&mltp=02dbc854-67e2-4bf7-98a2-63650bf48fab&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Mon, 22 May 2023 19:59:54 GMT
cf-cache-status
HIT
age
1212810
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cb7a46eabc4372e-FRA
container.html
0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F5FE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 19:59:54 GMT
expires
Tue, 21 May 2024 19:59:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=-1&r=yalla-shoots.tv_native_multi_native1&sy=63847903-d0cb-42b5-8779-5ed181de7f64&ts=74&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=1024x600&mlbw=4g&mlcs=NaN&mltp=02dbc854-67e2-4bf7-98a2-63650bf48fab&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Mon, 22 May 2023 19:59:54 GMT
cf-cache-status
HIT
age
1212810
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cb7a46edbe8372e-FRA
clappr-p2p-plugin.min.js
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/ Frame 1264 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/clappr-p2p-plugin.min.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a8eb7e24873bb65c9b7193534bda15761d8853b24ca4a41d7749360972504141
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 May 2023 19:59:54 GMT
x-content-type-options
nosniff
content-encoding
br
age
23101
x-jsd-version
2.7.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1198
x-served-by
cache-fra-eddf8230022-FRA
x-jsd-version-type
version
etag
W/"c19-SLjttAW8dcDjADi6J1T2hbhokWc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
p2p-engine.min.js
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/ Frame 1264 		171 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2b2df3739ad9771d92073eb7be78b4e199acaf8ca2c94eba90d21050e886edf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 May 2023 19:59:54 GMT
x-content-type-options
nosniff
content-encoding
br
age
41463
x-jsd-version
2.7.4
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
55358
x-served-by
cache-fra-eddf8230022-FRA
x-jsd-version-type
version
etag
W/"2adee-0UMfrblaUyfvjCeL8Inik5i7fxE"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
level-selector.min.js
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame 1264 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 May 2023 19:59:54 GMT
x-content-type-options
nosniff
content-encoding
br
age
37370
x-jsd-version
0.3.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
10804
x-served-by
cache-fra-eddf8230022-FRA
x-jsd-version-type
version
etag
W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
clappr.min.js
cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/ Frame 1264 		470 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ce00e20b1de71ae06025269109fb0cb9482ba6af1dbc262ba4eda319aaef9229
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 May 2023 19:59:54 GMT
x-content-type-options
nosniff
content-encoding
br
age
2315482
x-jsd-version
0.4.7
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
133477
x-served-by
cache-fra-eddf8230022-FRA
x-jsd-version-type
version
etag
W/"7569d-g/bZEgP/0XCbPxVx7RLqUXpxxzU"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
adview
securepubads.g.doubleclick.net/pagead/ Frame AED1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CEyjMuslrZLzPE_SM7_UP_NGV4APJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAnSeHjg1I7I-4AIAqAMBqgTUAk_Qn2iDFL6XhlWTRlYKGMtwunwxlyF475_TyxGQv_rVTdwdio7UcoolptcA5t9BfuYmYL7KkljbdGaZBwLe1itjqSpiLhezz7JVFihCmKUnN_6XkryQBdfBY8i6wL5OmxBgL9WrCkqPun1Abnh5raILV7-_1y6wNEFeWa4jZrbOHTWpwWNBpVt16ki0Vkmn9Z_rNITLC3AbpEQVbj3ncRXkJhjsWcmABrObQjX5JXMq3eGogIMZxrnbiyQFBgsaIs1gsX6BlLzz72U41hOYVJtH_jXIqWOE48vlZv181o37OWuagUhkUs3d2mblLcjYJ93E3lPvHLUttgEQHS77zYlrlOn1Dbt8gS5NpLCYaIqRchyV9d2vZtHqpqJfPwKTomzIMEhAsdbhFpKDrdDBpqmUGdjXpEOR6zl0uWnJKJdRERNJuqVJsZ8lqbHWWxPCqlT_MGfgBAGABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=dJk3oM2Vfyk&uach_m=[UACH]&cid=CAQSPABygQiDQ_kgGzYHn7HGio40VHSjwqFAKNeO6caalRC-PDDmtyqZHGwjl_9LHZzRL-P4gmxGquSCPmD9FRgB
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame AED1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kIqLFezZW8oH-gGdg2ICAgAAAEEzA2lt4aV-ELnJa2SEmsq2r2lRUftWAAASAAAKCkFRVUJEd0VCRHc&wp=ZGvJugAE57wIu8Z0AAVo_OcofmX5EHP05_1LDQ
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
148166
server
Kestrel
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 6B01 		48 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGvJugAE57wIu8Z0AAVo_OcofmX5EHP05_1LDQ&u=%7Cho5ubfHL4T5203Hg0SKPua5xgBoUM9p6MzjibgBseKY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4de_avzMTZocfjtZw8FbQLQ5NGzsuhL0MlZZTh7DCBPNp-Ga77_bUuzZzjKD59slFuvPKhYDTW3yyjqskM_JZ76XnTg-OuoDXik8vue5Ahb_MlkTsZyfMWw0MjGvrBHp8utAnRJapbl2e_jwaIyBLVyZdFLO7dXC20EcHbiRBr3QSuDpU53gyHM20pE93Szw8zbRDf75DO_FC4H1Ohbq2gbWhIgdBQ6ajm44Yv3sZtGq1i7Q-hzYUv8lAJ-kHQbUwyIpQ4eb96XcI7qxjZJBF7RGqAx2F_rUntNhrp6YDZ25vgOGs8lxmlSWu9gReKRl1z85MJ6-aUxavw7e8FUEs9H9O4sV9gufO-lzoof1HIPhNdkrLMeqrJYILyns7nCeCx53iovVaUkPPY_pF8VdW6imwXgCp4TyQN77fwE-3Oo9I-Nn5HywWUItChNcEx2qzby8sPV_F8tKhml-g0vEfL2bFCiqlJNe_5AURbPZw8xU3cxKvYWAjcxgpNrNEyPrXuntn_iGSAAWnKkpRJPBsbSx3CW08U95E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQUFNuslrZLzPE_SM7_UP_NGV4APJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAnSeHjg1I7I-4AIAqAMBqgTXAk_Qn2iDFL6XhlWTRlYKGMtwunwxlyF475_TyxGQv_rVTdwdio7UcoolptcA5t9BfuYmYL7KkljbdGaZBwLe1itjqSpiLhezz7JVFihCmKUnN_6XkryQBdfBY8i6wL5OmxBgL9WrCkqPun1Abnh5raILV7-_1y6wNEFeWa4jZrbOHTWpwWNBpVt16ki0Vkmn9Z_rNITLC3AbpEQVbj3ncRXkJhjsWcmABrObQjX5JXMq3eGogIMZxrnbiyQFBgsaIs1gsX6BlLzz72U41hOYVJtH_jXIqWOE48vlZv181o37OWuagUhkUs3d2mblLcjYJ93E3lPvHLUttgEQHS77zYlrlOn1Dbt8gS5NpLCYaIqRchyV9d2vZtHqpqJfPwKTomzIMEhAsdbhFpKDrdDB5Ku1i19YOFAudy3XaVRv0J5FG6VDlL3LBVcYD0NpRT_aL_57I9hAG73gBAGABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bxCh027IAFzsq9s4Lt9KSzmZkJg%26client%3Dca-pub-3831894559014614%26adurl%3D
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c583fb4900d7c56ea4bd0543fad2751dddb7820445a5296ff444241bcf7ba734
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 19:59:54 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=8Gp5uvXNZth55iqQc_I43LBeOJguEdSPn0JQv3GghksaWJXsh6To8FhaFK2KKLOLfuSJutQcnBat2cGg4fUM1zE-9zpgCKtx_St0N-N9sdCoKGP4ShB0zrIulXlGtQeJxGgEUOMqZ-wgenfw-ET7RYgpdsiqduZ_AEfu8LhdJqU1d_MxXXP8btfZdhAWgItcrH9lw16puFaQToYXlfWUvPluzbpqq0dTiGUNzz0efNT2P-HFfFBw7kx0u1Y5TciErUMeLw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
2761805
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame AED1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 13:43:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
22556
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Jun 2023 13:43:58 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D5F6 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
32141
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 11:04:13 GMT
etag
48472445140208031
expires
Tue, 23 May 2023 11:04:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame AED1 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 10:36:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
33813
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7953
x-xss-protection
0
server
cafe
etag
16153819885643670827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Jun 2023 10:36:21 GMT
l
www.google.com/ads/measurement/ Frame AED1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRGL12mynQLWkMv-2E3K53zO1TTHPYCrlb-KkTdtjfEs4nBcUvYEZ2axUc5lKz10T6BQwhkFZAvLhyEMHeff2LB7Ab6NA
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame AED1 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:36:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
293014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 May 2024 10:36:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AED1 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 19:59:54 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 14EA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvklfpJ5rLtdN6pKHmC9usx95l7NZv-VghjgLygs-rcQC4A0o4BK-vxVHWT7eqiaLSkj4Fhy74KG8ysfizvOZRK4bP-McTmdYONfLk0rcUF4L9vIcwBONDsoAyA-ZZ0mUviTLW0piYBJYNstk4MObMrimySaMyb-RkZCAU9hAm2JC15EnI2khnT_vAFYQDXtybFP6QLjfpemmTxjmzY3RHGBvnBN9cNYs4JcINA1qVeHFLjlLJTHnLPWgWKfMRnsw9-fnixQb0atFRvRlrJOfmYgLKcTVaEXcAab7BBXjI8XdmwqJJlMFhmFzQTEj-OKW5JJWq-J9LFWO8pPHdi1UAYnFPjRddpdNdvHvO7LA5brIGoXppKPCRQT0mIr9-uUdWnoY6YmRNP&sai=AMfl-YQxnT9W3-4ivnPqjxh7-oL_qSZPLRfBAnr5DfStmJph_qDLQCn1Xr6ZoF1aJbGehNiPrw5f2dN5DJjGgV1D5L4jNJNdqpO97BvT9MgzbzXVEK-WzvmZoOJ6QiP9pg&sig=Cg0ArKJSzO8wC3qK2vKOEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
wlpygwjKBV1pqhND-ZQW-WM.woff2
fonts.gstatic.com/s/cardo/v19/ Frame 14EA 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cardo/v19/wlpygwjKBV1pqhND-ZQW-WM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cardo:400,700&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f94a0b25ed421e6643ca8ae21ccd63cf5630e8db8a3b64f63a669936d068c427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 19:28:45 GMT
x-content-type-options
nosniff
age
174669
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18852
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 17:09:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 19:28:45 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 14EA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstp5GUExEg2muyt_V1diye9w4VRMXNkMb5PpYAqEeRq2onaSoaUZ_3yU_1x_i5O628fI-OTvTUVy6D9W2ZqUVPoZXCcb6rn81SW7-bKtECGmMPHqgRQbGpwYTYOdOB5yQNbykm0kL3kSK_8odG5sIjeMXTiEoBejHzXj_WSmdFnPz2gHDt1BfQnCdiR3tnZOZUT745QSogrvMQTitientRQXEXnPjGrhOIHC3NbywRu4pFjAHx9ssFQjxq44z8tD-WiTBWzdQi950JXEvzXb8VgjIxIACS9C5GQREYb6DQRfLKBr-VxnlXD7srXxMbCjyylvRKkJfg_-3qkFFzVQEOnpj8OmF6Vy06mosGhIzIf1HKWXkP2Yo1SsnHcRWjbjQvrjHAX3RHqurQ&sai=AMfl-YSxS0pSHA9zZAB3yWasCAL97IXMIT-9EpGEfG4YBDvzDZlP0xFzrDcr35scOO_Bz5wNO-RM1uRGM9nfdR07hZNzpakhuZnXSiAh1PlDsdNFiRNrjfkXjVBde54gWg&sig=Cg0ArKJSzDVRWUZIvesdEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 19:59:54 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2AD8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
15235
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 15:45:59 GMT
expires
Tue, 21 May 2024 15:45:59 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 80B0 		783 B
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1a1f8c073190935aad0a6386e5a795bf8de366a75f8f26950f6bee6e7c564690
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-A27kEHzOAi986n6puvOGdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-A27kEHzOAi986n6puvOGdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 19:59:54 GMT
expires
Mon, 22 May 2023 19:59:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ Frame 8F58 		8 KB
823 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 May 2023 19:04:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 May 2023 19:59:54 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 8F58 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.css
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 12:23:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
459405
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2883
x-xss-protection
0
last-modified
Wed, 17 May 2023 00:43:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 May 2024 12:23:09 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 8F58 		371 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 12:23:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
459405
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
130330
x-xss-protection
0
last-modified
Wed, 17 May 2023 00:43:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 May 2024 12:23:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 8F58 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 10:36:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
33813
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7953
x-xss-protection
0
server
cafe
etag
16153819885643670827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Jun 2023 10:36:21 GMT
l
www.google.com/ads/measurement/ Frame 8F58 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRxlUuQ-OVKj8Kh7sfjLuHX2wXjCW860H39zLyvIHND7JZ0UpdqXO_Kb2o_EMKKgmmSQkMhg4i8H0q5dktnztXw-yaEsw
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8F58 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:36:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
293014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 May 2024 10:36:20 GMT
ef33bde3b6f53b5d50fc677805f1b9fa.js
www.gstatic.com/mysidia/ Frame F5FE 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ef33bde3b6f53b5d50fc677805f1b9fa.js?tag=client_fast_engine_2019
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 16 May 2023 20:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
516931
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3674
x-xss-protection
0
last-modified
Tue, 16 May 2023 20:07:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 14 Aug 2023 20:24:23 GMT
0cbec9e763571b586f17fffdb0e7c8db.js
www.gstatic.com/mysidia/ Frame F5FE 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0cbec9e763571b586f17fffdb0e7c8db.js?tag=core/multiplex_design_v1
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e0b94cf96888a314b63218c371f8dbc49113b17436bdc392ec1f5c2a1f52290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 16 May 2023 21:48:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
511862
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4604
x-xss-protection
0
last-modified
Tue, 16 May 2023 20:07:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 14 Aug 2023 21:48:52 GMT
css
fonts.googleapis.com/ Frame F5FE 		4 KB
728 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 May 2023 18:08:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 May 2023 19:59:54 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame F5FE 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 10:36:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
33801
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Jun 2023 10:36:34 GMT
eeb2a7adf8655d5932316867a9074b54.js
www.gstatic.com/mysidia/ Frame F5FE 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/eeb2a7adf8655d5932316867a9074b54.js?tag=exit_2019
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
677479b38b953fb5bf0de894444a188b45d659281d720350ec653013234c6720
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 16 May 2023 21:47:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
511948
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9071
x-xss-protection
0
last-modified
Tue, 16 May 2023 20:07:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 14 Aug 2023 21:47:26 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame F5FE 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 10:36:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
33807
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8780
x-xss-protection
0
server
cafe
etag
16540081610679671253
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Jun 2023 10:36:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame F5FE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 13:43:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
22557
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Jun 2023 13:43:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame F5FE 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 10:36:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
33813
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7953
x-xss-protection
0
server
cafe
etag
16153819885643670827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Jun 2023 10:36:21 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F5FE 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:36:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
293014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 May 2024 10:36:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F5FE 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 19:59:54 GMT
e.js
live.demand.supply/e/ 		0
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&e=nai&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Mon, 22 May 2023 19:59:54 GMT
cf-cache-status
HIT
age
1212810
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cb7a46fed69372e-FRA
truncated
/ Frame 14EA 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2af9094750e977f16217fb0a7f3aacfb7c395760d8465703c0daf9c5f3d24b75

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 6B01 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGvJugAE57wIu8Z0AAVo_OcofmX5EHP05_1LDQ&u=%7Cho5ubfHL4T5203Hg0SKPua5xgBoUM9p6MzjibgBseKY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4de_avzMTZocfjtZw8FbQLQ5NGzsuhL0MlZZTh7DCBPNp-Ga77_bUuzZzjKD59slFuvPKhYDTW3yyjqskM_JZ76XnTg-OuoDXik8vue5Ahb_MlkTsZyfMWw0MjGvrBHp8utAnRJapbl2e_jwaIyBLVyZdFLO7dXC20EcHbiRBr3QSuDpU53gyHM20pE93Szw8zbRDf75DO_FC4H1Ohbq2gbWhIgdBQ6ajm44Yv3sZtGq1i7Q-hzYUv8lAJ-kHQbUwyIpQ4eb96XcI7qxjZJBF7RGqAx2F_rUntNhrp6YDZ25vgOGs8lxmlSWu9gReKRl1z85MJ6-aUxavw7e8FUEs9H9O4sV9gufO-lzoof1HIPhNdkrLMeqrJYILyns7nCeCx53iovVaUkPPY_pF8VdW6imwXgCp4TyQN77fwE-3Oo9I-Nn5HywWUItChNcEx2qzby8sPV_F8tKhml-g0vEfL2bFCiqlJNe_5AURbPZw8xU3cxKvYWAjcxgpNrNEyPrXuntn_iGSAAWnKkpRJPBsbSx3CW08U95E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQUFNuslrZLzPE_SM7_UP_NGV4APJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAnSeHjg1I7I-4AIAqAMBqgTXAk_Qn2iDFL6XhlWTRlYKGMtwunwxlyF475_TyxGQv_rVTdwdio7UcoolptcA5t9BfuYmYL7KkljbdGaZBwLe1itjqSpiLhezz7JVFihCmKUnN_6XkryQBdfBY8i6wL5OmxBgL9WrCkqPun1Abnh5raILV7-_1y6wNEFeWa4jZrbOHTWpwWNBpVt16ki0Vkmn9Z_rNITLC3AbpEQVbj3ncRXkJhjsWcmABrObQjX5JXMq3eGogIMZxrnbiyQFBgsaIs1gsX6BlLzz72U41hOYVJtH_jXIqWOE48vlZv181o37OWuagUhkUs3d2mblLcjYJ93E3lPvHLUttgEQHS77zYlrlOn1Dbt8gS5NpLCYaIqRchyV9d2vZtHqpqJfPwKTomzIMEhAsdbhFpKDrdDB5Ku1i19YOFAudy3XaVRv0J5FG6VDlL3LBVcYD0NpRT_aL_57I9hAG73gBAGABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bxCh027IAFzsq9s4Lt9KSzmZkJg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 May 2024 19:59:54 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6B01 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGvJugAE57wIu8Z0AAVo_OcofmX5EHP05_1LDQ&u=%7Cho5ubfHL4T5203Hg0SKPua5xgBoUM9p6MzjibgBseKY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4de_avzMTZocfjtZw8FbQLQ5NGzsuhL0MlZZTh7DCBPNp-Ga77_bUuzZzjKD59slFuvPKhYDTW3yyjqskM_JZ76XnTg-OuoDXik8vue5Ahb_MlkTsZyfMWw0MjGvrBHp8utAnRJapbl2e_jwaIyBLVyZdFLO7dXC20EcHbiRBr3QSuDpU53gyHM20pE93Szw8zbRDf75DO_FC4H1Ohbq2gbWhIgdBQ6ajm44Yv3sZtGq1i7Q-hzYUv8lAJ-kHQbUwyIpQ4eb96XcI7qxjZJBF7RGqAx2F_rUntNhrp6YDZ25vgOGs8lxmlSWu9gReKRl1z85MJ6-aUxavw7e8FUEs9H9O4sV9gufO-lzoof1HIPhNdkrLMeqrJYILyns7nCeCx53iovVaUkPPY_pF8VdW6imwXgCp4TyQN77fwE-3Oo9I-Nn5HywWUItChNcEx2qzby8sPV_F8tKhml-g0vEfL2bFCiqlJNe_5AURbPZw8xU3cxKvYWAjcxgpNrNEyPrXuntn_iGSAAWnKkpRJPBsbSx3CW08U95E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQUFNuslrZLzPE_SM7_UP_NGV4APJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAnSeHjg1I7I-4AIAqAMBqgTXAk_Qn2iDFL6XhlWTRlYKGMtwunwxlyF475_TyxGQv_rVTdwdio7UcoolptcA5t9BfuYmYL7KkljbdGaZBwLe1itjqSpiLhezz7JVFihCmKUnN_6XkryQBdfBY8i6wL5OmxBgL9WrCkqPun1Abnh5raILV7-_1y6wNEFeWa4jZrbOHTWpwWNBpVt16ki0Vkmn9Z_rNITLC3AbpEQVbj3ncRXkJhjsWcmABrObQjX5JXMq3eGogIMZxrnbiyQFBgsaIs1gsX6BlLzz72U41hOYVJtH_jXIqWOE48vlZv181o37OWuagUhkUs3d2mblLcjYJ93E3lPvHLUttgEQHS77zYlrlOn1Dbt8gS5NpLCYaIqRchyV9d2vZtHqpqJfPwKTomzIMEhAsdbhFpKDrdDB5Ku1i19YOFAudy3XaVRv0J5FG6VDlL3LBVcYD0NpRT_aL_57I9hAG73gBAGABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bxCh027IAFzsq9s4Lt9KSzmZkJg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 May 2024 19:59:54 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 6B01 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGvJugAE57wIu8Z0AAVo_OcofmX5EHP05_1LDQ&u=%7Cho5ubfHL4T5203Hg0SKPua5xgBoUM9p6MzjibgBseKY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4de_avzMTZocfjtZw8FbQLQ5NGzsuhL0MlZZTh7DCBPNp-Ga77_bUuzZzjKD59slFuvPKhYDTW3yyjqskM_JZ76XnTg-OuoDXik8vue5Ahb_MlkTsZyfMWw0MjGvrBHp8utAnRJapbl2e_jwaIyBLVyZdFLO7dXC20EcHbiRBr3QSuDpU53gyHM20pE93Szw8zbRDf75DO_FC4H1Ohbq2gbWhIgdBQ6ajm44Yv3sZtGq1i7Q-hzYUv8lAJ-kHQbUwyIpQ4eb96XcI7qxjZJBF7RGqAx2F_rUntNhrp6YDZ25vgOGs8lxmlSWu9gReKRl1z85MJ6-aUxavw7e8FUEs9H9O4sV9gufO-lzoof1HIPhNdkrLMeqrJYILyns7nCeCx53iovVaUkPPY_pF8VdW6imwXgCp4TyQN77fwE-3Oo9I-Nn5HywWUItChNcEx2qzby8sPV_F8tKhml-g0vEfL2bFCiqlJNe_5AURbPZw8xU3cxKvYWAjcxgpNrNEyPrXuntn_iGSAAWnKkpRJPBsbSx3CW08U95E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQUFNuslrZLzPE_SM7_UP_NGV4APJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAnSeHjg1I7I-4AIAqAMBqgTXAk_Qn2iDFL6XhlWTRlYKGMtwunwxlyF475_TyxGQv_rVTdwdio7UcoolptcA5t9BfuYmYL7KkljbdGaZBwLe1itjqSpiLhezz7JVFihCmKUnN_6XkryQBdfBY8i6wL5OmxBgL9WrCkqPun1Abnh5raILV7-_1y6wNEFeWa4jZrbOHTWpwWNBpVt16ki0Vkmn9Z_rNITLC3AbpEQVbj3ncRXkJhjsWcmABrObQjX5JXMq3eGogIMZxrnbiyQFBgsaIs1gsX6BlLzz72U41hOYVJtH_jXIqWOE48vlZv181o37OWuagUhkUs3d2mblLcjYJ93E3lPvHLUttgEQHS77zYlrlOn1Dbt8gS5NpLCYaIqRchyV9d2vZtHqpqJfPwKTomzIMEhAsdbhFpKDrdDB5Ku1i19YOFAudy3XaVRv0J5FG6VDlL3LBVcYD0NpRT_aL_57I9hAG73gBAGABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bxCh027IAFzsq9s4Lt9KSzmZkJg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 16 May 2024 19:59:54 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 6B01 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGvJugAE57wIu8Z0AAVo_OcofmX5EHP05_1LDQ&u=%7Cho5ubfHL4T5203Hg0SKPua5xgBoUM9p6MzjibgBseKY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4de_avzMTZocfjtZw8FbQLQ5NGzsuhL0MlZZTh7DCBPNp-Ga77_bUuzZzjKD59slFuvPKhYDTW3yyjqskM_JZ76XnTg-OuoDXik8vue5Ahb_MlkTsZyfMWw0MjGvrBHp8utAnRJapbl2e_jwaIyBLVyZdFLO7dXC20EcHbiRBr3QSuDpU53gyHM20pE93Szw8zbRDf75DO_FC4H1Ohbq2gbWhIgdBQ6ajm44Yv3sZtGq1i7Q-hzYUv8lAJ-kHQbUwyIpQ4eb96XcI7qxjZJBF7RGqAx2F_rUntNhrp6YDZ25vgOGs8lxmlSWu9gReKRl1z85MJ6-aUxavw7e8FUEs9H9O4sV9gufO-lzoof1HIPhNdkrLMeqrJYILyns7nCeCx53iovVaUkPPY_pF8VdW6imwXgCp4TyQN77fwE-3Oo9I-Nn5HywWUItChNcEx2qzby8sPV_F8tKhml-g0vEfL2bFCiqlJNe_5AURbPZw8xU3cxKvYWAjcxgpNrNEyPrXuntn_iGSAAWnKkpRJPBsbSx3CW08U95E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQUFNuslrZLzPE_SM7_UP_NGV4APJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAnSeHjg1I7I-4AIAqAMBqgTXAk_Qn2iDFL6XhlWTRlYKGMtwunwxlyF475_TyxGQv_rVTdwdio7UcoolptcA5t9BfuYmYL7KkljbdGaZBwLe1itjqSpiLhezz7JVFihCmKUnN_6XkryQBdfBY8i6wL5OmxBgL9WrCkqPun1Abnh5raILV7-_1y6wNEFeWa4jZrbOHTWpwWNBpVt16ki0Vkmn9Z_rNITLC3AbpEQVbj3ncRXkJhjsWcmABrObQjX5JXMq3eGogIMZxrnbiyQFBgsaIs1gsX6BlLzz72U41hOYVJtH_jXIqWOE48vlZv181o37OWuagUhkUs3d2mblLcjYJ93E3lPvHLUttgEQHS77zYlrlOn1Dbt8gS5NpLCYaIqRchyV9d2vZtHqpqJfPwKTomzIMEhAsdbhFpKDrdDB5Ku1i19YOFAudy3XaVRv0J5FG6VDlL3LBVcYD0NpRT_aL_57I9hAG73gBAGABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bxCh027IAFzsq9s4Lt9KSzmZkJg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 16 May 2024 19:59:54 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 6B01 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ZQO8fP5dVhs1toh2bOpfQ595-_mdsovCrMFGO-zIHSPetzAlz6jG-Mu4MdL8-e_ojt9HpLWrNYQXU1yqyxUwE7RDv1F5KduiQ5LQ083M2mvHp3HWFAPMALF_kEQ9edJ3dAciXfjdUvJ55Z0Fmg_oQ2pIAx_h7sKiGDfrClud4d3Ejq7kDg9fuYzmvT9rRhJSky78VzIf-exszhqevLLmqBM8iqZLdS5yO4upVy7pyhWw9Ji566k1MxiuCIZVgkk0GKrWD66hpCjmEA9DmOBrQmFJ5gJAmdlU6vs-8ijQcbvU068SJXeHaDxV9jQRB0IUip3UBhq9pMGNwG1qWvsIbkgr3oN8WnY3-7LMfEwdCiCByXgns1WXjFfKyYbzQ4ywy8UADOdCrDd9TiRIRCXnk6Cy8jYxKspSTCw6z1q_UKqRp_xg6qAxmisaR_xr1Xh6Ukv7Hg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGvJugAE57wIu8Z0AAVo_OcofmX5EHP05_1LDQ&u=%7Cho5ubfHL4T5203Hg0SKPua5xgBoUM9p6MzjibgBseKY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4de_avzMTZocfjtZw8FbQLQ5NGzsuhL0MlZZTh7DCBPNp-Ga77_bUuzZzjKD59slFuvPKhYDTW3yyjqskM_JZ76XnTg-OuoDXik8vue5Ahb_MlkTsZyfMWw0MjGvrBHp8utAnRJapbl2e_jwaIyBLVyZdFLO7dXC20EcHbiRBr3QSuDpU53gyHM20pE93Szw8zbRDf75DO_FC4H1Ohbq2gbWhIgdBQ6ajm44Yv3sZtGq1i7Q-hzYUv8lAJ-kHQbUwyIpQ4eb96XcI7qxjZJBF7RGqAx2F_rUntNhrp6YDZ25vgOGs8lxmlSWu9gReKRl1z85MJ6-aUxavw7e8FUEs9H9O4sV9gufO-lzoof1HIPhNdkrLMeqrJYILyns7nCeCx53iovVaUkPPY_pF8VdW6imwXgCp4TyQN77fwE-3Oo9I-Nn5HywWUItChNcEx2qzby8sPV_F8tKhml-g0vEfL2bFCiqlJNe_5AURbPZw8xU3cxKvYWAjcxgpNrNEyPrXuntn_iGSAAWnKkpRJPBsbSx3CW08U95E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQUFNuslrZLzPE_SM7_UP_NGV4APJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAnSeHjg1I7I-4AIAqAMBqgTXAk_Qn2iDFL6XhlWTRlYKGMtwunwxlyF475_TyxGQv_rVTdwdio7UcoolptcA5t9BfuYmYL7KkljbdGaZBwLe1itjqSpiLhezz7JVFihCmKUnN_6XkryQBdfBY8i6wL5OmxBgL9WrCkqPun1Abnh5raILV7-_1y6wNEFeWa4jZrbOHTWpwWNBpVt16ki0Vkmn9Z_rNITLC3AbpEQVbj3ncRXkJhjsWcmABrObQjX5JXMq3eGogIMZxrnbiyQFBgsaIs1gsX6BlLzz72U41hOYVJtH_jXIqWOE48vlZv181o37OWuagUhkUs3d2mblLcjYJ93E3lPvHLUttgEQHS77zYlrlOn1Dbt8gS5NpLCYaIqRchyV9d2vZtHqpqJfPwKTomzIMEhAsdbhFpKDrdDB5Ku1i19YOFAudy3XaVRv0J5FG6VDlL3LBVcYD0NpRT_aL_57I9hAG73gBAGABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bxCh027IAFzsq9s4Lt9KSzmZkJg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:54 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2863613
expires
Mon, 26 Jul 1997 05:00:00 GMT
ff50878adaf14961a47feb9c94e095f1_image_ad_970x250.gif
static.criteo.net/design/dt/98009/230518/ Frame 6B01 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/98009/230518/ff50878adaf14961a47feb9c94e095f1_image_ad_970x250.gif
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGvJugAE57wIu8Z0AAVo_OcofmX5EHP05_1LDQ&u=%7Cho5ubfHL4T5203Hg0SKPua5xgBoUM9p6MzjibgBseKY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4de_avzMTZocfjtZw8FbQLQ5NGzsuhL0MlZZTh7DCBPNp-Ga77_bUuzZzjKD59slFuvPKhYDTW3yyjqskM_JZ76XnTg-OuoDXik8vue5Ahb_MlkTsZyfMWw0MjGvrBHp8utAnRJapbl2e_jwaIyBLVyZdFLO7dXC20EcHbiRBr3QSuDpU53gyHM20pE93Szw8zbRDf75DO_FC4H1Ohbq2gbWhIgdBQ6ajm44Yv3sZtGq1i7Q-hzYUv8lAJ-kHQbUwyIpQ4eb96XcI7qxjZJBF7RGqAx2F_rUntNhrp6YDZ25vgOGs8lxmlSWu9gReKRl1z85MJ6-aUxavw7e8FUEs9H9O4sV9gufO-lzoof1HIPhNdkrLMeqrJYILyns7nCeCx53iovVaUkPPY_pF8VdW6imwXgCp4TyQN77fwE-3Oo9I-Nn5HywWUItChNcEx2qzby8sPV_F8tKhml-g0vEfL2bFCiqlJNe_5AURbPZw8xU3cxKvYWAjcxgpNrNEyPrXuntn_iGSAAWnKkpRJPBsbSx3CW08U95E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQUFNuslrZLzPE_SM7_UP_NGV4APJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAnSeHjg1I7I-4AIAqAMBqgTXAk_Qn2iDFL6XhlWTRlYKGMtwunwxlyF475_TyxGQv_rVTdwdio7UcoolptcA5t9BfuYmYL7KkljbdGaZBwLe1itjqSpiLhezz7JVFihCmKUnN_6XkryQBdfBY8i6wL5OmxBgL9WrCkqPun1Abnh5raILV7-_1y6wNEFeWa4jZrbOHTWpwWNBpVt16ki0Vkmn9Z_rNITLC3AbpEQVbj3ncRXkJhjsWcmABrObQjX5JXMq3eGogIMZxrnbiyQFBgsaIs1gsX6BlLzz72U41hOYVJtH_jXIqWOE48vlZv181o37OWuagUhkUs3d2mblLcjYJ93E3lPvHLUttgEQHS77zYlrlOn1Dbt8gS5NpLCYaIqRchyV9d2vZtHqpqJfPwKTomzIMEhAsdbhFpKDrdDB5Ku1i19YOFAudy3XaVRv0J5FG6VDlL3LBVcYD0NpRT_aL_57I9hAG73gBAGABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bxCh027IAFzsq9s4Lt9KSzmZkJg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ba3e38cb8858007f1786c9479e6b3f50c949254a363a62739bf9a55a3c704333
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 18 May 2023 17:35:24 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"646661dc-15105"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
86277
expires
Thu, 16 May 2024 19:59:54 GMT
config.json
player.adtelligent.com/exchange_rates/313490/ 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
3bd0eaf4dc1727aea18802b69673426487f6e4553eeaa5a50cf1215b42090a2e

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

expires
Wed, 24 May 2023 19:59:54 GMT
date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
gzip
last-modified
Sun, 21 May 2023 12:02:22 GMT
server
nginx
etag
W/"646a084e-2aa7"
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=172800
x-proxy-cache
HIT
e.js
live.demand.supply/x/ 		0
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=nsi&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYCRJ7Z7YMGJ3EFJYC5AKSDX
date
Mon, 22 May 2023 19:59:54 GMT
cf-cache-status
HIT
age
2293056
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cb7a4702db3372e-FRA
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		54 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2722881580573987&correlator=1732973604294695&eid=31074405%2C31074401%2C31068367%2C44714449&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Cnativefeedapl&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=9&adks=1483024627&didk=3551856684&sfv=1-0-40&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3Dc66d114f1273d4f8%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MZVcJ94Ds4K_u38iiuvSwi73-sJFA&gpic=UID%3D00000c1a0e5bb6dd%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MYKup8v-qLKvlDZnqwv2_drj7FhEw&abxe=1&dt=1684785594924&lmt=1684785543&dlt=1684785593460&idt=494&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=579155913.1684785594&ga_sid=1684785594&ga_hid=1322753345&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlf2vqIQxSABSAghkEhkKCnB1YmNpZC5vcmcY7P2vqIQxSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqak5aa1dHL0dZa29KNjRuaFZPZlRvS3hoUmpUMnVwaGpOaUlSemVRbTdabmNpQ2xTRG5DaHFtNzUzWERyQzV2d0Z4YjBRcWNRZ1dNdmdkSDlvbzdjZG5VazBJa2djNzE2ZDFSaExKTDUrenJGRlFicmk2V2UvMXJtSFdTeDZIRXh0MDJ1OTkvaEhBeU1CY1Q0bWZ4QUZsMlBid3FNVUZhT2ExbHU4aUk5WDF0bnBTVG8vb3pOaWUwRGlpMmNjYWhUd1E9PRiV_6-ohDFIABIdCg5lc3AuY3JpdGVvLmNvbRiV_a-ohDFIAFICCGQSGQoKdWlkYXBpLmNvbRiV_a-ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMH-r6iEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3bed819c4ddf472fef6085e17d59fb812e1a5e96283863a5af22aba01d30761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11448
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		577 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2722881580573987&correlator=3542066653634789&eid=31074405%2C31074401%2C31068367%2C44714449&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Canchor%2Canchortop&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=10&adks=1163496608&didk=3847343502&sfv=1-0-40&ists=1&fas=2&eri=1&sc=1&cookie=ID%3Dc66d114f1273d4f8%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MZVcJ94Ds4K_u38iiuvSwi73-sJFA&gpic=UID%3D00000c1a0e5bb6dd%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MYKup8v-qLKvlDZnqwv2_drj7FhEw&abxe=1&dt=1684785594933&lmt=1684785543&dlt=1684785593460&idt=494&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=579155913.1684785594&ga_sid=1684785594&ga_hid=1322753345&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlf2vqIQxSABSAghkEhkKCnB1YmNpZC5vcmcY7P2vqIQxSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqak5aa1dHL0dZa29KNjRuaFZPZlRvS3hoUmpUMnVwaGpOaUlSemVRbTdabmNpQ2xTRG5DaHFtNzUzWERyQzV2d0Z4YjBRcWNRZ1dNdmdkSDlvbzdjZG5VazBJa2djNzE2ZDFSaExKTDUrenJGRlFicmk2V2UvMXJtSFdTeDZIRXh0MDJ1OTkvaEhBeU1CY1Q0bWZ4QUZsMlBid3FNVUZhT2ExbHU4aUk5WDF0bnBTVG8vb3pOaWUwRGlpMmNjYWhUd1E9PRiV_6-ohDFIABIdCg5lc3AuY3JpdGVvLmNvbRiV_a-ohDFIAFICCGQSGQoKdWlkYXBpLmNvbRiV_a-ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMH-r6iEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e276654b456812c5ba8dfb62f365e0c9efbd88b93b4040be0963ae5405adfeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
236
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
731 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2722881580573987&correlator=833499348505395&eid=31074405%2C31074401%2C31068367%2C44714449&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C0d2503d0-0ba5-488d-b5c8-a33cd4dbb165&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=11&adks=382925298&didk=2510433324&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D02dbc854-67e2-4bf7-98a2-63650bf48fab%26chrand%3Dn%26pof%3D1%26bsc%3D74&eri=1&sc=1&cookie=ID%3Dc66d114f1273d4f8%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MZVcJ94Ds4K_u38iiuvSwi73-sJFA&gpic=UID%3D00000c1a0e5bb6dd%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MYKup8v-qLKvlDZnqwv2_drj7FhEw&abxe=1&dt=1684785594935&lmt=1684785543&dlt=1684785593460&idt=494&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhJx6jH-TfDWheqPNhOxNPBFqX0uAm32BTq_L2QyAddzYrfPZmESo9M_x2B8bQN49MO7JFijeMmgMFczh2YlPvK&ga_vid=579155913.1684785594&ga_sid=1684785594&ga_hid=1322753345&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlf2vqIQxSABSAghkEhkKCnB1YmNpZC5vcmcY7P2vqIQxSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqak5aa1dHL0dZa29KNjRuaFZPZlRvS3hoUmpUMnVwaGpOaUlSemVRbTdabmNpQ2xTRG5DaHFtNzUzWERyQzV2d0Z4YjBRcWNRZ1dNdmdkSDlvbzdjZG5VazBJa2djNzE2ZDFSaExKTDUrenJGRlFicmk2V2UvMXJtSFdTeDZIRXh0MDJ1OTkvaEhBeU1CY1Q0bWZ4QUZsMlBid3FNVUZhT2ExbHU4aUk5WDF0bnBTVG8vb3pOaWUwRGlpMmNjYWhUd1E9PRiV_6-ohDFIABIdCg5lc3AuY3JpdGVvLmNvbRiV_a-ohDFIAFICCGQSGQoKdWlkYXBpLmNvbRiV_a-ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMH-r6iEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa4b01cbc12c707853e2320d502633532f1238272c37065afcf009da8839824c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
702
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		41 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2722881580573987&correlator=2979981620304705&eid=31074405%2C31074401%2C31068367%2C44714449&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C39a08c37-8599-49df-916b-1911d54fde51&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=12&adks=3878595579&didk=1418515199&sfv=1-0-40&prev_scp=ti%3D02dbc854-67e2-4bf7-98a2-63650bf48fab%26chrand%3Dnbs%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26rfi%3D30%26bsc%3D74%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3Dc66d114f1273d4f8%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MZVcJ94Ds4K_u38iiuvSwi73-sJFA&gpic=UID%3D00000c1a0e5bb6dd%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MYKup8v-qLKvlDZnqwv2_drj7FhEw&abxe=1&dt=1684785594937&lmt=1684785543&dlt=1684785593460&idt=494&adxs=302&adys=220&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&frm=20&vis=1&psz=1052x116&msz=1052x116&fws=4&ohw=1100&psts=ABHeCvhJx6jH-TfDWheqPNhOxNPBFqX0uAm32BTq_L2QyAddzYrfPZmESo9M_x2B8bQN49MO7JFijeMmgMFczh2YlPvK&ga_vid=579155913.1684785594&ga_sid=1684785594&ga_hid=1322753345&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlf2vqIQxSABSAghkEhkKCnB1YmNpZC5vcmcY7P2vqIQxSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqak5aa1dHL0dZa29KNjRuaFZPZlRvS3hoUmpUMnVwaGpOaUlSemVRbTdabmNpQ2xTRG5DaHFtNzUzWERyQzV2d0Z4YjBRcWNRZ1dNdmdkSDlvbzdjZG5VazBJa2djNzE2ZDFSaExKTDUrenJGRlFicmk2V2UvMXJtSFdTeDZIRXh0MDJ1OTkvaEhBeU1CY1Q0bWZ4QUZsMlBid3FNVUZhT2ExbHU4aUk5WDF0bnBTVG8vb3pOaWUwRGlpMmNjYWhUd1E9PRiV_6-ohDFIABIdCg5lc3AuY3JpdGVvLmNvbRiV_a-ohDFIAFICCGQSGQoKdWlkYXBpLmNvbRiV_a-ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMH-r6iEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
386ccc9319f8f7ea198bdb6644e6cd73a806351601457923847ae6dbe583edc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14779
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ghb.aplhb.adipolo.com/geo/ 		170 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/geo/
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19499/hbw_master_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
beddb893cdfb0c433f36966a89491bfa046fe6f3d5a725355df1079eb22d376b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 19:59:54 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
170
tracking
ghb.aplhb.adipolo.com/adunit/ 		43 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=739813&site_id=17175&pbjsv=v6.25.4&full_page_url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&adid=z9ucxp.fa&features=81952&vpbv=N108&tte=581&lifecycle_tte=1638
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19499/hbw_master_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 19:59:54 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
localstore.js
script.4dex.io/ 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 19:59:55 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1556705
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZx03xk9chqpY3JXkbvCxH1tezA2Hnd7%2B3NpgtS%2FDZXp6hV%2BV9xN02LMdfCwjI%2FpnGonbnEDNkIWRjFDuXVIaysxSD2X0EejfGqPLzyBPDK5iX56x%2B3v7hMIDgR6Wg%2BpYbMpeWfyj1ofzF8Q"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7cb7a470fbe93668-FRA
current
dclk-match.dotomi.com/match/bounce/ Frame D5F6 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJ8EsUSKjh0ZphRuxrqvrj8&google_cver=1&google_push=ATf1kGMunpBVBNFDVGNM0vTzicqXnuLd8l0yClhw0IFT24zCGewAOwaXgESq0BJ_8oJ-gqBDNIscqtTENqrGluFW4rNNuB6oqeM
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.207.16.201 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams04-nessy-float1.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:55 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame D5F6
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEPTplNirERxNrN9rQuG4JRc&google_cver=1&google_push=ATf1kGOyP_iqWreaN7xJ0cpjnwL9OATD9J1r7JYq8PfskY6u-6X4w8gcuS75EDHVQXnzb4c8NOFGl7nK5LneMToazdehJdvXOMM
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A6418807CFD541109B096C1CE74B826C&google_push=ATf1kGOyP_iqWreaN7xJ0cpjnwL9OATD9J1r7JYq8PfskY6u-6X4w8gcuS75EDHVQXnzb4c8NOFGl7nK5LneMTo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A6418807CFD541109B096C1CE74B826C&google_push=ATf1kGOyP_iqWreaN7xJ0cpjnwL9OATD9J1r7JYq8PfskY6u-6X4w8gcuS75EDHVQXnzb4c8NOFGl7nK5LneMToazdehJdvXOMM
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 22 May 2023 19:59:55 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A6418807CFD541109B096C1CE74B826C&google_push=ATf1kGOyP_iqWreaN7xJ0cpjnwL9OATD9J1r7JYq8PfskY6u-6X4w8gcuS75EDHVQXnzb4c8NOFGl7nK5LneMToazdehJdvXOMM
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 21 May 2023 19:59:55 GMT
pixel
cm.g.doubleclick.net/ Frame D5F6
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECrb3ymtPpdY_ITfzO9Jxa8&google_cver=1&google_push=ATf1kGNltzwyKge9CTEfyaDpuJ1YQml3C_THD7oIBy1FuZDpgd5a3lL7CK7OP_7q-oBpIPc5zhEYEWZp77nUkG7ZCnzrR8m...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNltzwyKge9CTEfyaDpuJ1YQml3C_THD7oIBy1FuZDpgd5a3lL7CK7OP_7q-oBpIPc5zhEYEWZp77nUkG7ZCnzrR8mzwFA&google_hm=eS1HQnJaYkZkRTJwSGZyZk1...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNltzwyKge9CTEfyaDpuJ1YQml3C_THD7oIBy1FuZDpgd5a3lL7CK7OP_7q-oBpIPc5zhEYEWZp77nUkG7ZCnzrR8mzwFA&google_hm=eS1HQnJaYkZkRTJwSGZyZk1ydXRaRHdlZDFJcnVvNEhTaH5B
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 22 May 2023 19:59:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNltzwyKge9CTEfyaDpuJ1YQml3C_THD7oIBy1FuZDpgd5a3lL7CK7OP_7q-oBpIPc5zhEYEWZp77nUkG7ZCnzrR8mzwFA&google_hm=eS1HQnJaYkZkRTJwSGZyZk1ydXRaRHdlZDFJcnVvNEhTaH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame D5F6
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEI_9X6_y7ap5Es2nJMHJLrw&google_cver=1&google_push=ATf1kGMDCu8-KElXzHhPKlv5HK1DArK5Qvnd7Mp9Q0d4MSSSnX-7JtjNYnhEJ8PEjfCv_VwIdmRQWp2iG6zzAICNrga26zp...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEI_9X6_y7ap5Es2nJMHJLrw&google_cver=1&google_push=ATf1kGMDCu8-KElXzHhPKlv5HK1DArK5Qvnd7Mp9Q0d4MSSSnX-7JtjNYnhEJ8PEjfCv_VwIdmRQWp2iG6zzAICNrga26...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMDCu8-KElXzHhPKlv5HK1DArK5Qvnd7Mp9Q0d4MSSSnX-7JtjNYnhEJ8PEjfCv_VwIdmRQWp2iG6zzAICNrga26zp6j9g
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMDCu8-KElXzHhPKlv5HK1DArK5Qvnd7Mp9Q0d4MSSSnX-7JtjNYnhEJ8PEjfCv_VwIdmRQWp2iG6zzAICNrga26zp6j9g
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMDCu8-KElXzHhPKlv5HK1DArK5Qvnd7Mp9Q0d4MSSSnX-7JtjNYnhEJ8PEjfCv_VwIdmRQWp2iG6zzAICNrga26zp6j9g
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame D5F6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEPjbxnSfKY0KZ2mPHE6-xQ&google_cver=1&google_push=ATf1kGOqvwTwWqLwZYG8bt8yP4fAI3gtln7gRURfpvvMs-TYiAiGP1D5Uay5OgFZ0b-a-PlNrakTHqxr...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEPjbxnSfKY0KZ2mPHE6-xQ&google_cver=1&google_push=ATf1kGOqvwTwWqLwZYG8bt8yP4fAI3gtln7gRURfpvvMs-TYiAiGP1D5Uay5OgFZ0b-a-PlNrak...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzU0MDk3MjQ0NDE1NDM2MTUwMg&google_push=ATf1kGOqvwTwWqLwZYG8bt8yP4fAI3gtln7gRURfpvvMs-TYiAiGP1D5Uay5OgFZ0b-a-PlNrakTHq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzU0MDk3MjQ0NDE1NDM2MTUwMg&google_push=ATf1kGOqvwTwWqLwZYG8bt8yP4fAI3gtln7gRURfpvvMs-TYiAiGP1D5Uay5OgFZ0b-a-PlNrakTHqxrd81MKUDwJ1lKcwLv4K8
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzU0MDk3MjQ0NDE1NDM2MTUwMg&google_push=ATf1kGOqvwTwWqLwZYG8bt8yP4fAI3gtln7gRURfpvvMs-TYiAiGP1D5Uay5OgFZ0b-a-PlNrakTHqxrd81MKUDwJ1lKcwLv4K8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame D5F6
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGP5jL9XgMFDx-HNehqs9hWQ7uXFztOrig22V5D1ehB235dGOZ_9G5HTupNWx1DSicbCiMgjSExcy5Lt1Btb4G_t7nWgZZ8&redir=https%3A%2F%2Fcm.g.double...
  • https://sync.targeting.unrulymedia.com/csync/RX-74d311a8-76bc-4b36-9fa5-418158ed1cca-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGP5jL9XgMFDx-HNehqs9...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGP5jL9XgMFDx-HNehqs9hWQ7uXFztOrig22V5D1ehB235dGOZ_9G5HTupNWx1DSicbCiMgjSExcy5Lt1Btb4G_t7nWgZZ8&google_hm=A3TTEah2vEs2n6VBgVjtHMo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGP5jL9XgMFDx-HNehqs9hWQ7uXFztOrig22V5D1ehB235dGOZ_9G5HTupNWx1DSicbCiMgjSExcy5Lt1Btb4G_t7nWgZZ8&google_hm=A3TTEah2vEs2n6VBgVjtHMo
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGP5jL9XgMFDx-HNehqs9hWQ7uXFztOrig22V5D1ehB235dGOZ_9G5HTupNWx1DSicbCiMgjSExcy5Lt1Btb4G_t7nWgZZ8&google_hm=A3TTEah2vEs2n6VBgVjtHMo
date
Mon, 22 May 2023 19:59:55 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX74d311a876bc4b369fa5418158ed1cca003
content-type
text/html
0.gif
id5-sync.com/i/495/ Frame D5F6
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESELSd03MBTbcX-H9W67K4VIk&google_cver=1&google_push=ATf1kGNJP6gM_ToXcF9HLL2XvG_UHoOOa5iR-9ptKgYvizUHOb14Ic7pNbXvSJSqFo8_ste-d4IoKwshL17wEzvv1keEUM1agUbm
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGNJP6gM_ToXcF9HLL2XvG_UHoOOa5iR-9ptKgYvizUH...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGNJP6gM_ToXcF9HLL2XvG_UHoOOa5iR-9ptKgYvizUHOb14Ic7pNbXvSJSqFo8_ste-d4IoKwshL17wEzvv1keEUM1agUbm
Protocol
HTTP/1.1
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 22 May 2023 19:59:55 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

date
Mon, 22 May 2023 19:59:55 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGNJP6gM_ToXcF9HLL2XvG_UHoOOa5iR-9ptKgYvizUHOb14Ic7pNbXvSJSqFo8_ste-d4IoKwshL17wEzvv1keEUM1agUbm
x-download-options
noopen
vary
Accept
content-length
271
x-xss-protection
0
attr
cm.g.doubleclick.net/pixel/ Frame D5F6 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KhfEKicmToUCZIk8wdEcSKHL6SuUDve65u_ygS2_o_Dg3AV64kEXE2McLgGxDZwJ0ZSJW3yA
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
all
csm.eu.criteo.net/ Frame 6B01 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=8Gp5uvXNZth55iqQc_I43LBeOJguEdSPn0JQv3GghksaWJXsh6To8FhaFK2KKLOLfuSJutQcnBat2cGg4fUM1zE-9zpgCKtx_St0N-N9sdCoKGP4ShB0zrIulXlGtQeJxGgEUOMqZ-wgenfw-ET7RYgpdsiqduZ_AEfu8LhdJqU1d_MxXXP8btfZdhAWgItcrH9lw16puFaQToYXlfWUvPluzbpqq0dTiGUNzz0efNT2P-HFfFBw7kx0u1Y5TciErUMeLw&sds=2&rev=86437&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGvJugAE57wIu8Z0AAVo_OcofmX5EHP05_1LDQ&u=%7Cho5ubfHL4T5203Hg0SKPua5xgBoUM9p6MzjibgBseKY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4de_avzMTZocfjtZw8FbQLQ5NGzsuhL0MlZZTh7DCBPNp-Ga77_bUuzZzjKD59slFuvPKhYDTW3yyjqskM_JZ76XnTg-OuoDXik8vue5Ahb_MlkTsZyfMWw0MjGvrBHp8utAnRJapbl2e_jwaIyBLVyZdFLO7dXC20EcHbiRBr3QSuDpU53gyHM20pE93Szw8zbRDf75DO_FC4H1Ohbq2gbWhIgdBQ6ajm44Yv3sZtGq1i7Q-hzYUv8lAJ-kHQbUwyIpQ4eb96XcI7qxjZJBF7RGqAx2F_rUntNhrp6YDZ25vgOGs8lxmlSWu9gReKRl1z85MJ6-aUxavw7e8FUEs9H9O4sV9gufO-lzoof1HIPhNdkrLMeqrJYILyns7nCeCx53iovVaUkPPY_pF8VdW6imwXgCp4TyQN77fwE-3Oo9I-Nn5HywWUItChNcEx2qzby8sPV_F8tKhml-g0vEfL2bFCiqlJNe_5AURbPZw8xU3cxKvYWAjcxgpNrNEyPrXuntn_iGSAAWnKkpRJPBsbSx3CW08U95E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQUFNuslrZLzPE_SM7_UP_NGV4APJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAnSeHjg1I7I-4AIAqAMBqgTXAk_Qn2iDFL6XhlWTRlYKGMtwunwxlyF475_TyxGQv_rVTdwdio7UcoolptcA5t9BfuYmYL7KkljbdGaZBwLe1itjqSpiLhezz7JVFihCmKUnN_6XkryQBdfBY8i6wL5OmxBgL9WrCkqPun1Abnh5raILV7-_1y6wNEFeWa4jZrbOHTWpwWNBpVt16ki0Vkmn9Z_rNITLC3AbpEQVbj3ncRXkJhjsWcmABrObQjX5JXMq3eGogIMZxrnbiyQFBgsaIs1gsX6BlLzz72U41hOYVJtH_jXIqWOE48vlZv181o37OWuagUhkUs3d2mblLcjYJ93E3lPvHLUttgEQHS77zYlrlOn1Dbt8gS5NpLCYaIqRchyV9d2vZtHqpqJfPwKTomzIMEhAsdbhFpKDrdDB5Ku1i19YOFAudy3XaVRv0J5FG6VDlL3LBVcYD0NpRT_aL_57I9hAG73gBAGABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bxCh027IAFzsq9s4Lt9KSzmZkJg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 22 May 2023 19:59:54 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6B01 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGvJugAE57wIu8Z0AAVo_OcofmX5EHP05_1LDQ&u=%7Cho5ubfHL4T5203Hg0SKPua5xgBoUM9p6MzjibgBseKY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4de_avzMTZocfjtZw8FbQLQ5NGzsuhL0MlZZTh7DCBPNp-Ga77_bUuzZzjKD59slFuvPKhYDTW3yyjqskM_JZ76XnTg-OuoDXik8vue5Ahb_MlkTsZyfMWw0MjGvrBHp8utAnRJapbl2e_jwaIyBLVyZdFLO7dXC20EcHbiRBr3QSuDpU53gyHM20pE93Szw8zbRDf75DO_FC4H1Ohbq2gbWhIgdBQ6ajm44Yv3sZtGq1i7Q-hzYUv8lAJ-kHQbUwyIpQ4eb96XcI7qxjZJBF7RGqAx2F_rUntNhrp6YDZ25vgOGs8lxmlSWu9gReKRl1z85MJ6-aUxavw7e8FUEs9H9O4sV9gufO-lzoof1HIPhNdkrLMeqrJYILyns7nCeCx53iovVaUkPPY_pF8VdW6imwXgCp4TyQN77fwE-3Oo9I-Nn5HywWUItChNcEx2qzby8sPV_F8tKhml-g0vEfL2bFCiqlJNe_5AURbPZw8xU3cxKvYWAjcxgpNrNEyPrXuntn_iGSAAWnKkpRJPBsbSx3CW08U95E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQUFNuslrZLzPE_SM7_UP_NGV4APJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAnSeHjg1I7I-4AIAqAMBqgTXAk_Qn2iDFL6XhlWTRlYKGMtwunwxlyF475_TyxGQv_rVTdwdio7UcoolptcA5t9BfuYmYL7KkljbdGaZBwLe1itjqSpiLhezz7JVFihCmKUnN_6XkryQBdfBY8i6wL5OmxBgL9WrCkqPun1Abnh5raILV7-_1y6wNEFeWa4jZrbOHTWpwWNBpVt16ki0Vkmn9Z_rNITLC3AbpEQVbj3ncRXkJhjsWcmABrObQjX5JXMq3eGogIMZxrnbiyQFBgsaIs1gsX6BlLzz72U41hOYVJtH_jXIqWOE48vlZv181o37OWuagUhkUs3d2mblLcjYJ93E3lPvHLUttgEQHS77zYlrlOn1Dbt8gS5NpLCYaIqRchyV9d2vZtHqpqJfPwKTomzIMEhAsdbhFpKDrdDB5Ku1i19YOFAudy3XaVRv0J5FG6VDlL3LBVcYD0NpRT_aL_57I9hAG73gBAGABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bxCh027IAFzsq9s4Lt9KSzmZkJg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 May 2024 19:59:55 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 6B01 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGvJugAE57wIu8Z0AAVo_OcofmX5EHP05_1LDQ&u=%7Cho5ubfHL4T5203Hg0SKPua5xgBoUM9p6MzjibgBseKY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4de_avzMTZocfjtZw8FbQLQ5NGzsuhL0MlZZTh7DCBPNp-Ga77_bUuzZzjKD59slFuvPKhYDTW3yyjqskM_JZ76XnTg-OuoDXik8vue5Ahb_MlkTsZyfMWw0MjGvrBHp8utAnRJapbl2e_jwaIyBLVyZdFLO7dXC20EcHbiRBr3QSuDpU53gyHM20pE93Szw8zbRDf75DO_FC4H1Ohbq2gbWhIgdBQ6ajm44Yv3sZtGq1i7Q-hzYUv8lAJ-kHQbUwyIpQ4eb96XcI7qxjZJBF7RGqAx2F_rUntNhrp6YDZ25vgOGs8lxmlSWu9gReKRl1z85MJ6-aUxavw7e8FUEs9H9O4sV9gufO-lzoof1HIPhNdkrLMeqrJYILyns7nCeCx53iovVaUkPPY_pF8VdW6imwXgCp4TyQN77fwE-3Oo9I-Nn5HywWUItChNcEx2qzby8sPV_F8tKhml-g0vEfL2bFCiqlJNe_5AURbPZw8xU3cxKvYWAjcxgpNrNEyPrXuntn_iGSAAWnKkpRJPBsbSx3CW08U95E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQUFNuslrZLzPE_SM7_UP_NGV4APJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAnSeHjg1I7I-4AIAqAMBqgTXAk_Qn2iDFL6XhlWTRlYKGMtwunwxlyF475_TyxGQv_rVTdwdio7UcoolptcA5t9BfuYmYL7KkljbdGaZBwLe1itjqSpiLhezz7JVFihCmKUnN_6XkryQBdfBY8i6wL5OmxBgL9WrCkqPun1Abnh5raILV7-_1y6wNEFeWa4jZrbOHTWpwWNBpVt16ki0Vkmn9Z_rNITLC3AbpEQVbj3ncRXkJhjsWcmABrObQjX5JXMq3eGogIMZxrnbiyQFBgsaIs1gsX6BlLzz72U41hOYVJtH_jXIqWOE48vlZv181o37OWuagUhkUs3d2mblLcjYJ93E3lPvHLUttgEQHS77zYlrlOn1Dbt8gS5NpLCYaIqRchyV9d2vZtHqpqJfPwKTomzIMEhAsdbhFpKDrdDB5Ku1i19YOFAudy3XaVRv0J5FG6VDlL3LBVcYD0NpRT_aL_57I9hAG73gBAGABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bxCh027IAFzsq9s4Lt9KSzmZkJg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 May 2024 19:59:55 GMT
prebid
mp.4dex.io/ 		0
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:55 GMT
x-err
Parsing the Prebid Request. org/site not found
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7cb7a4716ceb365f-FRA
expires
0
cdb
bidder.criteo.com/ 		23 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=75898598044
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
da94075abc2b7234e95739a407fa06e2a7f28a4e95eedc47ed0bd63130d447b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yalla-shoots.tv
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10346
bid
ap.lijit.com/rtb/ 		25 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.4
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
bbba7c1dc4b2daadd92087365b475adf780943f81166a753c880d8b7f23a703a

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 19:59:55 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
c
prebid.a-mo.net/a/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Mon, 22 May 2023 19:59:54 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
truncated
/ Frame AED1 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01db5a212ba5e8b91f2e270e732b2ab3734ae23ae531eec7802059e2af7f2f23

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
img
imageproxy.eu.criteo.net/img/ Frame F5FE 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=800&m=0&partner=7450&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F7450%2F230502%2Fe151bd411b89466ba3c35bdae1b3b00b_image_1_h.jpg&ups=1&v=3&w=800&s=oMNNbyBmAkN7erVXEgYnIKP2
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dc3f0dedf77190cce9a89c31f30c90227f499b1a31bf8cb9c5e2a9561b5f8f1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
14992
expires
Fri, 26 Apr 2024 08:29:30 GMT
img
imageproxy.eu.criteo.net/img/ Frame F5FE 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=7450&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F7450%2F230502%2Ff09a34ac6cf646ce876e5960bee74850_835601077201470ea70acbbd907dc4da_logo_n_horizontal.png&v=3&w=1200&s=7pmN5krDOtKYHMXWuEo6tHy2
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cca1caf6a555495b201a19943659aa669f0d97cc34f6e52e5a36e50d1dc6cc05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
60035
expires
Fri, 26 Apr 2024 08:44:15 GMT
truncated
/ Frame F5FE 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38354e6a0119fe113356e1506a115ca148a6b9ea22cf88136baa9167d6fde794

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
img
imageproxy.eu.criteo.net/img/ Frame F5FE 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=87930&q=80&r=0&u=https%3A%2F%2Fwww.11teamsports.com%2Fde-de%2FData%2FImages%2FBig%2Fadidas-predator-accuracy-3-ll-fg-schwarz-weiss-gw4597-fussballschuh_right_out.jpg&ups=1&v=3&w=800&s=9eB-08P5KbtfiCCKCKvZhyRp
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8b28181f8f6dea59f91e6ff7f007ebc8e84ef87cbe248a60721a71a4a873af22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
29260
expires
Mon, 15 Apr 2024 12:29:43 GMT
img
imageproxy.eu.criteo.net/img/ Frame F5FE 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=87930&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F87930%2F221205%2Fa598dd089dcf4240a7a55c9071884fdb_download.png&v=3&w=1200&s=_9km8MipXSjAY3dAg9DOCeXh
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2fc194c6bf65df7e6f2bceb5eccf395b368e6cc7a803429ad8086240c5c69fc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
11220
expires
Tue, 16 Apr 2024 15:44:44 GMT
csi
csi.gstatic.com/ Frame 8F58 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lhz9ud3y&c=5252556666727&slotId=2626278333363.5&qqid=CNjh_rbbif8CFZnEuwgdgMILPA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8F58 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 17:04:15 GMT
x-content-type-options
nosniff
age
183340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 17:04:15 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8F58 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:06:17 GMT
x-content-type-options
nosniff
age
323618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 May 2024 02:06:17 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F58 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CcXRBuslrZNicFZmJ7_UPgIWv4APJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQWpAlfonX50IrI-4AIAqAMByAMCqgTSAk_QB0LrgUfhImop76ZAB02BTh8OVtZLl3Tk7SUsxLtB9M6lODipwbA6g3RVdMjthZwXVm0yRiGMuf5Mo_DTc7tBculVTx6hF0knPMNobaEXgMNcraO9Cy_97pN7VK5A2wLombUg69MxxkwOukAKWD4LNChlzXsvU_hzT-p10qx1aTyfUHbBL2DvC6CEhx-n0XNw_rHhqwNYmaUaDPIySBxVZJY-dxOQwkVUoDFwBfPIuXgFTMk9dbJIbuhBaxAyOE7S8Mo9-iSAHmwwSzHrMakUk5NQ6avqdodE9KiT8sAV28ICofD_mf_-pmSreA3kJ1zkIOKhBD4rE9AFJYZOWzMP8tjMKvWgIikqQuC6NF0tuCFkcobzEh1SMm8OnAKNrj1iXeLRrcy2AA6mMa3_Nbr2qT3hMx2lbumoDw4axgV1ekJfRlw97TOa6_3L9gdJHq-T4AQBgAa7n_SKj_XNgBmgBiqoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE&eventType=clickstring&clientTime=1684785595183&ai=CcXRBuslrZNicFZmJ7_UPgIWv4APJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQWpAlfonX50IrI-4AIAqAMByAMCqgTSAk_QB0LrgUfhImop76ZAB02BTh8OVtZLl3Tk7SUsxLtB9M6lODipwbA6g3RVdMjthZwXVm0yRiGMuf5Mo_DTc7tBculVTx6hF0knPMNobaEXgMNcraO9Cy_97pN7VK5A2wLombUg69MxxkwOukAKWD4LNChlzXsvU_hzT-p10qx1aTyfUHbBL2DvC6CEhx-n0XNw_rHhqwNYmaUaDPIySBxVZJY-dxOQwkVUoDFwBfPIuXgFTMk9dbJIbuhBaxAyOE7S8Mo9-iSAHmwwSzHrMakUk5NQ6avqdodE9KiT8sAV28ICofD_mf_-pmSreA3kJ1zkIOKhBD4rE9AFJYZOWzMP8tjMKvWgIikqQuC6NF0tuCFkcobzEh1SMm8OnAKNrj1iXeLRrcy2AA6mMa3_Nbr2qT3hMx2lbumoDw4axgV1ekJfRlw97TOa6_3L9gdJHq-T4AQBgAa7n_SKj_XNgBmgBiqoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 8F58 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lhz9ud69&c=5252556666727&slotId=2626278333363.5&qqid=CNjh_rbbif8CFZnEuwgdgMILPA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.p7&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast.php
ads.eu.criteo.com/delivery/r/0.1/ Frame 8F58 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/0.1/vast.php?z=ZGvJugAFTlgIu8SZAAvCgKSZe26Oy6XvPhOrwA&u=%7Cho5ubfHL4T5ow4ioZGPXzJLNf1wF%2FNQYX2hxSrM73Cc%3D%7C&c1=VEd5MTeK-DXZ_xpexaO2-wxlS2DUgGPfXWVrYbJzZ55jt4qyGxtRA7c9UukFOu2Aot239WU7fJJg6iGNSG_8G9HPb4TJWJNA7zn566DeoK1NuLnWVdK_1eg-lXIcIE_kJ5uodVvlo2CD_yIHcAxf6BnUI1rBtgpwQaF7jgTnWenj-0BuT7cfJ5EPElUURrOFxoK08_BoXpkJhXBAj8lrsuZrSC9eN3it2L24BJetwUB_jDX0Pmsb3fADD8F0Y2qLn55gNIO3LkkYU0fPAOT7zhPoW1sSLtvE32D87ancQkyXPS-89eSNZKLd_4mOavV4BiyegcxClVX0Ip5_wFz-WCsDVKiL92ngXw6OSpPP3Yzv0HO5zOnoKrET36fobCIMuVe6epedmkK9kqHRS_8FFo2wXtPr7byM26e5WSsqoYXq_4gEmxstKL1sra5mmQUFovOLRSqLX1I1udIKzjkfjI2WZtocxBqGGgvV0hABnRMKRzYFdF-B-H-JhFsNJqXZAQ21edlQUhx0kyKg7-nnJjuXIHariXV_yiCoOT37r4EAW9zXcr8OowRtM-MZewuq1uwQI69rkh_dOrQ97Zroz57uPXVXHGNpsyZ4qGUYAGI&ct0=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcXRBuslrZNicFZmJ7_UPgIWv4APJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQWpAlfonX50IrI-4AIAqAMByAMCqgTSAk_QB0LrgUfhImop76ZAB02BTh8OVtZLl3Tk7SUsxLtB9M6lODipwbA6g3RVdMjthZwXVm0yRiGMuf5Mo_DTc7tBculVTx6hF0knPMNobaEXgMNcraO9Cy_97pN7VK5A2wLombUg69MxxkwOukAKWD4LNChlzXsvU_hzT-p10qx1aTyfUHbBL2DvC6CEhx-n0XNw_rHhqwNYmaUaDPIySBxVZJY-dxOQwkVUoDFwBfPIuXgFTMk9dbJIbuhBaxAyOE7S8Mo9-iSAHmwwSzHrMakUk5NQ6avqdodE9KiT8sAV28ICofD_mf_-pmSreA3kJ1zkIOKhBD4rE9AFJYZOWzMP8tjMKvWgIikqQuC6NF0tuCFkcobzEh1SMm8OnAKNrj1iXeLRrcy2AA6mMa3_Nbr2qT3hMx2lbumoDw4axgV1ekJfRlw97TOa6_3L9gdJHq-T4AQBgAa7n_SKj_XNgBmgBiqoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UI2aN8HqFtiiOW_nUyuKeZnuBSw%26client%3Dca-pub-3831894559014614%26adurl%3D
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e5c4a9ab1e795b0f499303814c5f200fa5b2199139e648edc17bdff629466991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
p3p
CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
5265434
pragma
no-cache
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/xml
access-control-allow-origin
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
expires
Mon, 26 Jul 1997 05:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 80B0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305160101&jk=2722881580573987&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
lgn.php
cat.fr3.eu.criteo.com/delivery/ Frame F5FE 		43 B
348 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cat.fr3.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=3r-Ce0bcymtyvnu6SiNqCpm6Ms4s_2CzNb_KgACe4UxKVpOmBsOlb7AFh2ESazW9EGeUKoY4e3e_mKBCG8tFaIZoBsh15WU0EULQdrLUelrsUbEQy93Ds7VHN7HkLXFFAq2Rkmu6mLMsolZzbylMqqavtQ3MvI5nJR2bRqAkhfGPzrAr1SaUXSu85V0mQxCMXz9w8m1zBtup1oCukZ6o_c1QYm4oVSSzSnxz2-aBmAV8IwbpqH2-_igm3Oxu8xF1d3F0MbrdDG4qQk4ua9ld1H3r8HQJOuVr7gOY2pxVoREnjT4H0s7ULMNxRHbmEvVGNSUTFuvkRl6mDOdakMsBY5pFbgWU181Gx5Giu2cl_spQdpxfFJ4AocYPeuwxYmqymvxWt4JKy0akmeriXXtNwPlX119Odlthjr6phFaBQiMWYWYbnr9Ij8XwZNh0dJJfQNNmD5qtQfvz3JhDcCYI4Y7tk-H04wbSyCRoLRAqPkysC-qhYtXx6Relmn6GQWZcPtMg0Q&z=ZGvJugACEP0Iu9CqAAR-04GoDrkmfv8JzHoldg
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:55 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2569186
expires
Mon, 26 Jul 1997 05:00:00 GMT
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame F5FE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kpvhFvHZWwAAnYNiAgIAAABBMwNpbeGlfgcGddEQuclrZI1i9yBeb_zD4NcAABIDAQoKQVFVRER3RUJEdw&wp=ZGvJugACEP0Iu9CqAAR-04GoDrkmfv8JzHoldg
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:55 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
165539
server
Kestrel
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame F5FE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CEitjuslrZP2hCKqh7_UP0_2R8AXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAh5slzvzILI-4AIAqAMBqgS_Ak_QsrSwXO7ssJq-WrN5HdMB5yjVnEyn6y1OzNyPs7o-GdjoS1lC4-975yGACjivYXeDgw2JMU0ESHEIRPYuDg91LCOeVacEdsW5ZkVsMM6qHZWPaTOJfAOcjRvPfSYvO4LSIF5odnYvjlGcWVMMarjp68fuwvgqoxjUEpGJhoBfvC0TR16VHvKdXrjdhIbmpiXKAX2HbkWNyM71sjDWxBbjtktAZl_5MjRHpihUYYu9OmIW7rfQ7EPY3JHPY3TH9tj9mRqpx1gSflzec1HrtZBSkxug1WjU0rM2T5lezlHma505MutWwGA9AuV0olgo0MPlyPJ67mR5POXYxSaXCChOmNbV0nbFsx-sxvZGCl9iaqc9drkzXRYDUO-aXoqKnDpjUdD6C6zpWt_25bKCX2svEJTAGkXX6N5cx5gFUJDgBAGABuTYj-_tzvnlGaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=xAnS2YMU9OE&uach_m=[UACH]&cid=CAQSTABygQiDa6Kn-u6P1tFm2kxoSHO-MUwh6dU8hqnyqvBUjJIVyUM36UgPAu6cIFqruOtNRK6jkbj4w9VaN-AAo2h9ouXuQL1eHXNd8CkYAQ&vt=10
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
e.js
live.demand.supply/e/ 		0
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_interstitial_desktop&e=nai&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Mon, 22 May 2023 19:59:55 GMT
cf-cache-status
HIT
age
1212811
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cb7a472a950372e-FRA
adview
securepubads.g.doubleclick.net/pagead/ Frame 8F58 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CeJWUuslrZNicFZmJ7_UPgIWv4APJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQWpAlfonX50IrI-4AIAqAMBqgTPAk_QB0LrgUfhImop76ZAB02BTh8OVtZLl3Tk7SUsxLtB9M6lODipwbA6g3RVdMjthZwXVm0yRiGMuf5Mo_DTc7tBculVTx6hF0knPMNobaEXgMNcraO9Cy_97pN7VK5A2wLombUg69MxxkwOukAKWD4LNChlzXsvU_hzT-p10qx1aTyfUHbBL2DvC6CEhx-n0XNw_rHhqwNYmaUaDPIySBxVZJY-dxOQwkVUoDFwBfPIuXgFTMk9dbJIbuhBaxAyOE7S8Mo9-iSAHmwwSzHrMakUk5NQ6avqdodE9KiT8sAV28ICofD_mf_-pmSreA3kJ1zkIOKhBD4rE9AFJYZOWzMP8tjMKvWgIikqQuC6NF0tuCFkcobzEh1SMm8OnAKNrj1iXeLRrcy2AEykED94uiblFqH1kM2YyBGhGwSszCtt-PaXe_rPUi2283hhchT24AQBgAa7n_SKj_XNgBmgBiqoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=USI4CEuo_8A&uach_m=[UACH]&cid=CAQSPABygQiDdhmypxU35UAVPH6sSmYtcjQsW6bi8bsRmAgQQkeQI3YPc1zTybIwxeh3KEuaTsEWXjbN-m1hyRgB&vt=10
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 142A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
32142
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 11:04:13 GMT
etag
48472445140208031
expires
Tue, 23 May 2023 11:04:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ABD0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 19:59:54 GMT
expires
Tue, 21 May 2024 19:59:54 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&pn=-1&sn=3&pc=0.13635876178741455&ds=true&e=wdp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Mon, 22 May 2023 19:59:55 GMT
cf-cache-status
HIT
age
1212811
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cb7a472f9c9372e-FRA
e.js
live.demand.supply/e/ 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=yalla-shoots.tv_fluid_lb%2Bsq&sy=63847903-d0cb-42b5-8779-5ed181de7f64&ts=74&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=02dbc854-67e2-4bf7-98a2-63650bf48fab&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA5OTgvODY4MzExL25ld2Nhc3RsZS11bml0ZWQtdnMtbGVpY2VzdGVyLWNpdHkv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Mon, 22 May 2023 19:59:55 GMT
cf-cache-status
HIT
age
1212811
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cb7a472f9cf372e-FRA
csi
csi.gstatic.com/ Frame 8F58 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lhz9ud6s&c=5252556666727&slotId=2626278333363.5&qqid=CNjh_rbbif8CFZnEuwgdgMILPA&fb=outstream-lima&vast_v=3.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=AdChoices&icdi=15x19&vmfc=1&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 8F58 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88aa0e2a86b67f0383f72c0c15920d5342b5821c0b3bcc88ce1d71437a0df36f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 8F58 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 May 2024 19:59:55 GMT
lgn.php
cat.nl3.eu.criteo.com/delivery/ Frame F5FE 		43 B
347 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cat.nl3.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=-WQiIg5Zh4dRN84VKjJSmokVn835y1pfqM7MHWXumcI73HfGTF5wyUqQK55Q_gKBs6MqsmCZSDbMGvSDgVOEFfbJUletIHUejxrTOy3BmRnTMu03Rsns_2SUWvNlOgfL-U-woB8d9SWRwOU2n7LDzhXAuJKcFisqIORm1d8ev73CxafZjrmN7JeqQjfiZJ3hlRum7nO2J2DjeesWkuUg6gkjI8hHBOtm8ETxw1ZiAwz0-4E0ijAVgQa4HJPwYjUF3zXBJnXrZh0fnlgWfke2qZ2wT4bJxfut01YNCsp9iPBzrwX8GE-oIUJv84c4oGQ1EqGHQVaNbCL5-a0tN6kQgAzz3hihxEoOInWK_ckJbu-V0pYULvVKniTA9yaYFLIv0PvYi-ZOyTd6Cn0u2L044Em1e1B8H-KmAxHBr7wA-94p8kwWT3vS1hhW4Mo-wtquR8zKBbnul3IyMdi-tMbPqrWfy1CtT0IsBQiB4OqbfaBkpE1-&z=ZGvJugACEQMIu9CqAAR-0-8oeOG8BLUJf_u_OA
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:55 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2720349
expires
Mon, 26 Jul 1997 05:00:00 GMT
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame F5FE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kvL6FfHZWwAAnYNiAgIAAABBMwNpbeGlfgcGddEQuclrZHW2OqUlNmQ67lsAABIDAQoKQVFVQkFRRUJBUQ&wp=ZGvJugACEQMIu9CqAAR-0-8oeOG8BLUJf_u_OA
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
176362
server
Kestrel
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame F5FE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CsYuiuslrZIOiCKqh7_UP0_2R8AXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAh5slzvzILI-4AIAqAMBqgS_Ak_QfRFw8pApAxHjtRarNnJCXw7tJHWjBgGfSfYNaG-xK_RmU7T5W4pLe-UewLSnuZ0wFr87YDpUx3MrXW1nbBgeVAbrxVrUD7YV0L8jtQZKWyuk1jamHYtGlOVZvxTFK5IHdC4pQhx9wOxROSI-O_yhNFQDg8P_0KtlH_7tK1w6AG-18dfjHiYBYRZBdRpQfb4Cau86f_xMqLXphIdDW3IS-78Ph16eVYaqgQKkULFTMp0o9h_K36NXkeCsh_3Pu_0HcG7FrgYmpqHSc4Z3geiL0VVJuhe3bAG01l_rHq541CQbMdttPv5rRZzWs3jkp92cAlFRTYvSdMCc2fV7OqFgHIuG-dUWNY1rUqn8Szn9m4xd4ylxchMf7su4y2dXu9ovAGMvDGXPz-38yrgYIGW_TjOONgOvWOuF02ATI6_gBAGABruCjoSXzrrIugGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=B82CsUu5cRQ&uach_m=[UACH]&cid=CAQSTABygQiDa6Kn-u6P1tFm2kxoSHO-MUwh6dU8hqnyqvBUjJIVyUM36UgPAu6cIFqruOtNRK6jkbj4w9VaN-AAo2h9ouXuQL1eHXNd8CkYAQ&vt=10
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame F5FE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C9POjuslrZP2hCKqh7_UP0_2R8AXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAh5slzvzILI-4AIAqAMByAMCqgS_Ak_QsrSwXO7ssJq-WrN5HdMB5yjVnEyn6y1OzNyPs7o-GdjoS1lC4-975yGACjivYXeDgw2JMU0ESHEIRPYuDg91LCOeVacEdsW5ZkVsMM6qHZWPaTOJfAOcjRvPfSYvO4LSIF5odnYvjlGcWVMMarjp68fuwvgqoxjUEpGJhoBfvC0TR16VHvKdXrjdhIbmpiXKAX2HbkWNyM71sjDWxBbjtktAZl_5MjRHpihUYYu9OmIW7rfQ7EPY3JHPY3TH9tj9mRqpx1gSflzec1HrtZBSkxug1WjU0rM2T5lezlHma505MutWwGA9AuV0olgo0MPlyPJ67mR5POXYxSaXCChOmNbV0nbFsx-sxvZGCl9iaqc9drkzXRYDUO-aXoqKnDpjUdD6C6zpWt_25bKCX2svEJTAGkXX6N5cx5gFUJDgBAGABuTYj-_tzvnlGaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=8bzV9-aqyE0&uach_m=[UACH]&cid=CAQSTABygQiDa6Kn-u6P1tFm2kxoSHO-MUwh6dU8hqnyqvBUjJIVyUM36UgPAu6cIFqruOtNRK6jkbj4w9VaN-AAo2h9ouXuQL1eHXNd8CkYAQ
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame F5FE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C46rOuslrZIOiCKqh7_UP0_2R8AXJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAh5slzvzILI-4AIAqAMByAMCqgS_Ak_QfRFw8pApAxHjtRarNnJCXw7tJHWjBgGfSfYNaG-xK_RmU7T5W4pLe-UewLSnuZ0wFr87YDpUx3MrXW1nbBgeVAbrxVrUD7YV0L8jtQZKWyuk1jamHYtGlOVZvxTFK5IHdC4pQhx9wOxROSI-O_yhNFQDg8P_0KtlH_7tK1w6AG-18dfjHiYBYRZBdRpQfb4Cau86f_xMqLXphIdDW3IS-78Ph16eVYaqgQKkULFTMp0o9h_K36NXkeCsh_3Pu_0HcG7FrgYmpqHSc4Z3geiL0VVJuhe3bAG01l_rHq541CQbMdttPv5rRZzWs3jkp92cAlFRTYvSdMCc2fV7OqFgHIuG-dUWNY1rUqn8Szn9m4xd4ylxchMf7su4y2dXu9ovAGMvDGXPz-38yrgYIGW_TjOONgOvWOuF02ATI6_gBAGABruCjoSXzrrIugGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=zgngKNifcYI&uach_m=[UACH]&cid=CAQSTABygQiDa6Kn-u6P1tFm2kxoSHO-MUwh6dU8hqnyqvBUjJIVyUM36UgPAu6cIFqruOtNRK6jkbj4w9VaN-AAo2h9ouXuQL1eHXNd8CkYAQ
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 19:59:55 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1056048
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aiy9c1nKvpCm5EgVpN2AB2kDBTRY4vld2Z2Hdt%2F5%2FfZJW7MCW2kbAITGam9BQNt3MyX81JjoT2Zs%2BOmgzJFLUxxSCaMkxxRmVJVofd2VY%2F3fk3%2BekewhtRppuKCN3F6bC1wnw0qVsutpU9%2Fa"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7cb7a473ab05bbcb-FRA
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame 2AD8 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 13:43:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
22557
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 13:43:58 GMT
df027c60227147658701cb3f10f4a8b3_bestellvideo_criteo_2022.mp4
static.criteo.net/design/dt/72638/220614/ Frame 8F58 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/72638/220614/df027c60227147658701cb3f10f4a8b3_bestellvideo_criteo_2022.mp4
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f6b7b8e144513617d397e119706408bd71c4ecd887697f1f9cbc63e34c528db9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 22 May 2023 19:59:55 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 14 Jun 2022 08:23:23 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62a8457b-29c591"
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-2737552/2737553
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
2737553
expires
Thu, 16 May 2024 19:59:55 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 80A3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CZoWGuslrZMK2POGClQeDhbSQA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakCdJ4eODUjsj7gAgCoAwGqBM4CT9AoYpZnAuOdbXbeJqlzZJj80qpcvah8UWnm64JcAMo3H0bothnEMXZvU6ynNYvvQoNJcCMWOGmLLwF2G_BR0F1MOlBcm4u3Iqknzp_nrl72EnASRntW_aV3u0OVZ40BTPoSuslJZzmKom0QnV0eStLzpIZXbQGeyg1U0dpX69jz9aIdPuqZwKQXjNaOiroVflZcON5L2STq5ubvVpdrvCKbLpmbmO9BygEmFmyPgR6gTlJskfzFCxM7Nmq_T1r1vCOHKDKj7Whjz7bRqYTjvPR8mXzJsXd6wvyjmJoh7aa77PUV44UMCHyT2dntPkYIFXjY-D_yKxZeeteIpKNUWa9GLHk4YXEfxLm4eiEGBZ6dRtGbxQQgmge08vk_Ml1DOFJQY-uM5ujcd9awEtJsvJHPnN2oFU9bLQxKGAFDvR86AWZPZUKVk_ReqA8M3eAEAYAG7Oilpufy97mNAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=pTIa_GwHS1I&uach_m=[UACH]&cid=CAQSPABygQiDF8J079xDIih7hVye8PrpZ0cgaD7BQNmaHKazJ-CF1Yy_mtmz49ZZox6TaWuGnnx0X3sbY1DTFRgB
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 80A3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kIqLFezZW8oH-gGdg2ICAgAAAEEzA2lt4aV-ELrJa2RxDSo_sLPNd5SbAAASAAAKCkFRVUJEd0VCRHc&wp=ZGvJugAPG0IK5UFhAA0Cg77PzOa8Mx6RDkG6oQ
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:54 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
204002
server
Kestrel
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame BA83 		53 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGvJugAPG0IK5UFhAA0Cg77PzOa8Mx6RDkG6oQ&u=%7CPGctIPx%2BGtEQWYV32X7c0JUbCul4VJ8S65A80%2B6xiIc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4de_avzMTZocx0wFoOLS-9l59lwraN85AwASH-J7Ri_iUblhavnIKdtLdQPrLG_si49RCoMep427cUbL8g_d1TNZSZcMij4Pyjob1Y-yoTIusiDVeVgGBgKLcVrPbaNxHU73I173pjn581l2wxgPP7V28w_2-jkqgO3ZdssgcIAV1vwHIp0wGnlgdfKIJ0Cq6aXYG9dqrY-Hgq2KWBHKpAkBBrsg-BEmgK_8ErBpHqUp2RQ8Vb1xtYVPL9UZRqgsGoArTdTuJRsUVO01iFsAAtBKCTi2hBfqbVGJt_AS0p0GTjjwhkj1-A-m18MmX7QR78RzEBFItAXTtbsGVwkpWvZ9zi8Y4SmRp1LvWRbgYuRYd08LsWYe-xYaVuuiWB3VsFmAZLtlR-4ijuzZsLcay5MA6pQZhVhklOV-9XcGTmvktNEwWaWu8KUjUn-AvddHKBiKzENzT3FlF9NbN7v85oagimydbs8v02rvyLMa2O9DYmPCfnJ37mFLAmLXEXcuBnBwQ4BVLU5s0w32VT-F7K-hd0aXDf3ySUEGf4CouN_0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCACs7uslrZMK2POGClQeDhbSQA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakCdJ4eODUjsj7gAgCoAwGqBNECT9AoYpZnAuOdbXbeJqlzZJj80qpcvah8UWnm64JcAMo3H0bothnEMXZvU6ynNYvvQoNJcCMWOGmLLwF2G_BR0F1MOlBcm4u3Iqknzp_nrl72EnASRntW_aV3u0OVZ40BTPoSuslJZzmKom0QnV0eStLzpIZXbQGeyg1U0dpX69jz9aIdPuqZwKQXjNaOiroVflZcON5L2STq5ubvVpdrvCKbLpmbmO9BygEmFmyPgR6gTlJskfzFCxM7Nmq_T1r1vCOHKDKj7Whjz7bRqYTjvPR8mXzJsXd6wvyjmJoh7aa77PUV44UMCHyT2dntPkYIFXjY-D_yKxZeeteIpKNUWa9GLHk4YXEfxLm4eiEGBZ6dRtGbxQQgmge08vk_Ml1DOFJQY-uM5uiedfcilV3wry5TiH54KOmjJBhArgttpZ2OyVvpl_2Lv-zbAosfYsEN5uAEAYAG7Oilpufy97mNAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dajZiZohqjyyiYinbTaZNMRiACA%26client%3Dca-pub-3831894559014614%26adurl%3D
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0838cd9c7f7e4553dbc6c4a0392165794f64e930eaa5278b0cda7182fc46618b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 19:59:55 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ZBoOTfXNZth55iqQPtIxJMa4DtWV9lP8QZiu-WRCCcY5cTPd7RIVg8RVHhKgNLxxdiR80C8mX_uahiBks7480jOhLGQUbTqL6Gly570w4LCqTpuBdrrXO6Z1W8EYnHHKxyd_sUMy8XXE59xuqu5L1Bojk8KeejW12l7gODGFrZe8yofWsuPw_gRtnL54jR1zlRnYNaDY_DM5V_JlEjtrYr-POVH_vxm0Q0qs2PVkZ7Fj0A7UZiy6C--xEraqkotA_7jslw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
3243899
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 80A3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 13:43:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
22557
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Jun 2023 13:43:58 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 810C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
32142
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 11:04:13 GMT
etag
48472445140208031
expires
Tue, 23 May 2023 11:04:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 80A3 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 10:36:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
33814
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7953
x-xss-protection
0
server
cafe
etag
16153819885643670827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Jun 2023 10:36:21 GMT
l
www.google.com/ads/measurement/ Frame 80A3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQXv6C4srAAPXKABuVKVGbzbZsDDQutDR1BSQu3zvUF_xq_u_dKkl83xxqOP_YCO5BAsXbZMay8POUnlihWUfoEZahjKg
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 80A3 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:36:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
293015
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 May 2024 10:36:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 80A3 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 19:59:55 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2722881580573987&correlator=3728122277014350&eid=31074405%2C31074401%2C31068367%2C44714449&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Ccube&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=13&adks=323800357&didk=2675907389&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-1%26hb_r_id%3D21958ea482cb2c6%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_adid%3D205b54adf0d31557%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10998%252F868311%252Fnewcastle-united-vs-leicester-city%252F&sc=1&cookie=ID%3Dc66d114f1273d4f8%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MZVcJ94Ds4K_u38iiuvSwi73-sJFA&gpic=UID%3D00000c1a0e5bb6dd%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MYKup8v-qLKvlDZnqwv2_drj7FhEw&abxe=1&dt=1684785595658&lmt=1684785543&dlt=1684785593460&idt=494&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvgi7T38ipNuAuaoC3S71LSIt2U53GfdX_lyqjgYDUwT&ga_vid=579155913.1684785594&ga_sid=1684785594&ga_hid=1322753345&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlf2vqIQxSABSAghkEhkKCnB1YmNpZC5vcmcY7P2vqIQxSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqak5aa1dHL0dZa29KNjRuaFZPZlRvS3hoUmpUMnVwaGpOaUlSemVRbTdabmNpQ2xTRG5DaHFtNzUzWERyQzV2d0Z4YjBRcWNRZ1dNdmdkSDlvbzdjZG5VazBJa2djNzE2ZDFSaExKTDUrenJGRlFicmk2V2UvMXJtSFdTeDZIRXh0MDJ1OTkvaEhBeU1CY1Q0bWZ4QUZsMlBid3FNVUZhT2ExbHU4aUk5WDF0bnBTVG8vb3pOaWUwRGlpMmNjYWhUd1E9PRiV_6-ohDFIABIdCg5lc3AuY3JpdGVvLmNvbRiV_a-ohDFIAFICCGQSGQoKdWlkYXBpLmNvbRiV_a-ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMH-r6iEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4aab10125e53b1860f897120bc96fc3cfd1048fcf31f16aa7322ec9eb953ddff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11022
x-xss-protection
0
google-lineitem-id
5818019657
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374037624
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2722881580573987&correlator=3728122277014350&eid=31074405%2C31074401%2C31068367%2C44714449&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Ccube2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=14&adks=2685385890&didk=2675907388&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-2%26hb_r_id%3D300568875431c43%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_adid%3D209e4ca88732232e%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10998%252F868311%252Fnewcastle-united-vs-leicester-city%252F&sc=1&cookie=ID%3Dc66d114f1273d4f8%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MZVcJ94Ds4K_u38iiuvSwi73-sJFA&gpic=UID%3D00000c1a0e5bb6dd%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MYKup8v-qLKvlDZnqwv2_drj7FhEw&abxe=1&dt=1684785595661&lmt=1684785543&dlt=1684785593460&idt=494&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvgi7T38ipNuAuaoC3S71LSIt2U53GfdX_lyqjgYDUwT&ga_vid=579155913.1684785594&ga_sid=1684785594&ga_hid=1322753345&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlf2vqIQxSABSAghkEhkKCnB1YmNpZC5vcmcY7P2vqIQxSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqak5aa1dHL0dZa29KNjRuaFZPZlRvS3hoUmpUMnVwaGpOaUlSemVRbTdabmNpQ2xTRG5DaHFtNzUzWERyQzV2d0Z4YjBRcWNRZ1dNdmdkSDlvbzdjZG5VazBJa2djNzE2ZDFSaExKTDUrenJGRlFicmk2V2UvMXJtSFdTeDZIRXh0MDJ1OTkvaEhBeU1CY1Q0bWZ4QUZsMlBid3FNVUZhT2ExbHU4aUk5WDF0bnBTVG8vb3pOaWUwRGlpMmNjYWhUd1E9PRiV_6-ohDFIABIdCg5lc3AuY3JpdGVvLmNvbRiV_a-ohDFIAFICCGQSGQoKdWlkYXBpLmNvbRiV_a-ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMH-r6iEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42c211fc2691b40582e19d35bc2478c33a3873b7965688e0817798b79f1a82cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11007
x-xss-protection
0
google-lineitem-id
5818019657
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374037645
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		382 B
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2722881580573987&correlator=3728122277014350&eid=31074405%2C31074401%2C31068367%2C44714449&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Ccube3&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=15&adks=1315967423&didk=2675907387&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-3%26hb_r_id%3D39ebaafda7db6f1%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_adid%3D21261847c97ca95d%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10998%252F868311%252Fnewcastle-united-vs-leicester-city%252F&sc=1&cookie=ID%3Dc66d114f1273d4f8%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MZVcJ94Ds4K_u38iiuvSwi73-sJFA&gpic=UID%3D00000c1a0e5bb6dd%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MYKup8v-qLKvlDZnqwv2_drj7FhEw&abxe=1&dt=1684785595663&lmt=1684785543&dlt=1684785593460&idt=494&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=f&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvgi7T38ipNuAuaoC3S71LSIt2U53GfdX_lyqjgYDUwT&ga_vid=579155913.1684785594&ga_sid=1684785594&ga_hid=1322753345&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlf2vqIQxSABSAghkEhkKCnB1YmNpZC5vcmcY7P2vqIQxSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqak5aa1dHL0dZa29KNjRuaFZPZlRvS3hoUmpUMnVwaGpOaUlSemVRbTdabmNpQ2xTRG5DaHFtNzUzWERyQzV2d0Z4YjBRcWNRZ1dNdmdkSDlvbzdjZG5VazBJa2djNzE2ZDFSaExKTDUrenJGRlFicmk2V2UvMXJtSFdTeDZIRXh0MDJ1OTkvaEhBeU1CY1Q0bWZ4QUZsMlBid3FNVUZhT2ExbHU4aUk5WDF0bnBTVG8vb3pOaWUwRGlpMmNjYWhUd1E9PRiV_6-ohDFIABIdCg5lc3AuY3JpdGVvLmNvbRiV_a-ohDFIAFICCGQSGQoKdWlkYXBpLmNvbRiV_a-ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMH-r6iEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c007ad67659489a71c7ce7cd2e0131508bd7d854e766df0f83df5b6f8b14f0f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		380 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2722881580573987&correlator=3728122277014350&eid=31074405%2C31074401%2C31068367%2C44714449&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Crich&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C320x50%7C320x100&ifi=16&adks=4183778&didk=2675907386&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-4%26hb_r_id%3D48b1c193708bf98%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_adid%3D207b11c05887b182%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10998%252F868311%252Fnewcastle-united-vs-leicester-city%252F&sc=1&cookie=ID%3Dc66d114f1273d4f8%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MZVcJ94Ds4K_u38iiuvSwi73-sJFA&gpic=UID%3D00000c1a0e5bb6dd%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MYKup8v-qLKvlDZnqwv2_drj7FhEw&abxe=1&dt=1684785595666&lmt=1684785543&dlt=1684785593460&idt=494&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=g&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvgi7T38ipNuAuaoC3S71LSIt2U53GfdX_lyqjgYDUwT&ga_vid=579155913.1684785594&ga_sid=1684785594&ga_hid=1322753345&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlf2vqIQxSABSAghkEhkKCnB1YmNpZC5vcmcY7P2vqIQxSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqak5aa1dHL0dZa29KNjRuaFZPZlRvS3hoUmpUMnVwaGpOaUlSemVRbTdabmNpQ2xTRG5DaHFtNzUzWERyQzV2d0Z4YjBRcWNRZ1dNdmdkSDlvbzdjZG5VazBJa2djNzE2ZDFSaExKTDUrenJGRlFicmk2V2UvMXJtSFdTeDZIRXh0MDJ1OTkvaEhBeU1CY1Q0bWZ4QUZsMlBid3FNVUZhT2ExbHU4aUk5WDF0bnBTVG8vb3pOaWUwRGlpMmNjYWhUd1E9PRiV_6-ohDFIABIdCg5lc3AuY3JpdGVvLmNvbRiV_a-ohDFIAFICCGQSGQoKdWlkYXBpLmNvbRiV_a-ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMH-r6iEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81fa12dd9f0fd584798b8b7b78675e07dee991304f525ce78b961aabb3cac62a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
130
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		381 B
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2722881580573987&correlator=3728122277014350&eid=31074405%2C31074401%2C31068367%2C44714449&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Crich2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C320x50%7C320x100&ifi=17&adks=861436630&didk=2675907385&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-5%26hb_r_id%3D57af054678c32d3%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_adid%3D215159fe028ce62f%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10998%252F868311%252Fnewcastle-united-vs-leicester-city%252F&sc=1&cookie=ID%3Dc66d114f1273d4f8%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MZVcJ94Ds4K_u38iiuvSwi73-sJFA&gpic=UID%3D00000c1a0e5bb6dd%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MYKup8v-qLKvlDZnqwv2_drj7FhEw&abxe=1&dt=1684785595668&lmt=1684785543&dlt=1684785593460&idt=494&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=h&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvgi7T38ipNuAuaoC3S71LSIt2U53GfdX_lyqjgYDUwT&ga_vid=579155913.1684785594&ga_sid=1684785594&ga_hid=1322753345&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlf2vqIQxSABSAghkEhkKCnB1YmNpZC5vcmcY7P2vqIQxSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqak5aa1dHL0dZa29KNjRuaFZPZlRvS3hoUmpUMnVwaGpOaUlSemVRbTdabmNpQ2xTRG5DaHFtNzUzWERyQzV2d0Z4YjBRcWNRZ1dNdmdkSDlvbzdjZG5VazBJa2djNzE2ZDFSaExKTDUrenJGRlFicmk2V2UvMXJtSFdTeDZIRXh0MDJ1OTkvaEhBeU1CY1Q0bWZ4QUZsMlBid3FNVUZhT2ExbHU4aUk5WDF0bnBTVG8vb3pOaWUwRGlpMmNjYWhUd1E9PRiV_6-ohDFIABIdCg5lc3AuY3JpdGVvLmNvbRiV_a-ohDFIAFICCGQSGQoKdWlkYXBpLmNvbRiV_a-ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMH-r6iEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad0bf921fc00a2498ed6f08ea89b90cbcf42e11982c5958ff8c0793b28b618e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2722881580573987&correlator=3728122277014350&eid=31074405%2C31074401%2C31068367%2C44714449&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Csky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=120x600%7C160x600%7C300x600&ifi=18&adks=2501595801&didk=2675907384&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-6%26hb_r_id%3D66608ac1168cccf%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_adid%3D210f8ddd8e0a1dda%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10998%252F868311%252Fnewcastle-united-vs-leicester-city%252F&sc=1&cookie=ID%3Dc66d114f1273d4f8%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MZVcJ94Ds4K_u38iiuvSwi73-sJFA&gpic=UID%3D00000c1a0e5bb6dd%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MYKup8v-qLKvlDZnqwv2_drj7FhEw&abxe=1&dt=1684785595670&lmt=1684785543&dlt=1684785593460&idt=494&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=i&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvgi7T38ipNuAuaoC3S71LSIt2U53GfdX_lyqjgYDUwT&ga_vid=579155913.1684785594&ga_sid=1684785594&ga_hid=1322753345&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlf2vqIQxSABSAghkEhkKCnB1YmNpZC5vcmcY7P2vqIQxSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqak5aa1dHL0dZa29KNjRuaFZPZlRvS3hoUmpUMnVwaGpOaUlSemVRbTdabmNpQ2xTRG5DaHFtNzUzWERyQzV2d0Z4YjBRcWNRZ1dNdmdkSDlvbzdjZG5VazBJa2djNzE2ZDFSaExKTDUrenJGRlFicmk2V2UvMXJtSFdTeDZIRXh0MDJ1OTkvaEhBeU1CY1Q0bWZ4QUZsMlBid3FNVUZhT2ExbHU4aUk5WDF0bnBTVG8vb3pOaWUwRGlpMmNjYWhUd1E9PRiV_6-ohDFIABIdCg5lc3AuY3JpdGVvLmNvbRiV_a-ohDFIAFICCGQSGQoKdWlkYXBpLmNvbRiV_a-ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMH-r6iEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
952f31e484d668c69debec13ba2a3b498cfb8201a72d63fa066296a1a74c844b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10995
x-xss-protection
0
google-lineitem-id
5850403633
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374029776
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2722881580573987&correlator=3728122277014350&eid=31074405%2C31074401%2C31068367%2C44714449&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cresponsive&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=19&adks=656180126&didk=2675907335&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-7%26hb_r_id%3D75b46bc5aee86fb%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_adid%3D206c06b6c308cd8e%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10998%252F868311%252Fnewcastle-united-vs-leicester-city%252F&sc=1&cookie=ID%3Dc66d114f1273d4f8%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MZVcJ94Ds4K_u38iiuvSwi73-sJFA&gpic=UID%3D00000c1a0e5bb6dd%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MYKup8v-qLKvlDZnqwv2_drj7FhEw&abxe=1&dt=1684785595673&lmt=1684785543&dlt=1684785593460&idt=494&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=j&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvgi7T38ipNuAuaoC3S71LSIt2U53GfdX_lyqjgYDUwT&ga_vid=579155913.1684785594&ga_sid=1684785594&ga_hid=1322753345&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlf2vqIQxSABSAghkEhkKCnB1YmNpZC5vcmcY7P2vqIQxSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqak5aa1dHL0dZa29KNjRuaFZPZlRvS3hoUmpUMnVwaGpOaUlSemVRbTdabmNpQ2xTRG5DaHFtNzUzWERyQzV2d0Z4YjBRcWNRZ1dNdmdkSDlvbzdjZG5VazBJa2djNzE2ZDFSaExKTDUrenJGRlFicmk2V2UvMXJtSFdTeDZIRXh0MDJ1OTkvaEhBeU1CY1Q0bWZ4QUZsMlBid3FNVUZhT2ExbHU4aUk5WDF0bnBTVG8vb3pOaWUwRGlpMmNjYWhUd1E9PRiV_6-ohDFIABIdCg5lc3AuY3JpdGVvLmNvbRiV_a-ohDFIAFICCGQSGQoKdWlkYXBpLmNvbRiV_a-ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMH-r6iEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf8da55e8d8b22877e09f4003ea59cf3ea5d20cc88aff5a4e73903801e3250ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11024
x-xss-protection
0
google-lineitem-id
5818019657
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374438803
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		36 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2722881580573987&correlator=3728122277014350&eid=31074405%2C31074401%2C31068367%2C44714449&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cresponsive3&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=20&adks=1041763575&didk=2675907334&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-8%26hb_r_id%3D844b4d5f84997e7%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_adid%3D21305df1d6dcf87c%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10998%252F868311%252Fnewcastle-united-vs-leicester-city%252F&sc=1&cookie=ID%3Dc66d114f1273d4f8%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MZVcJ94Ds4K_u38iiuvSwi73-sJFA&gpic=UID%3D00000c1a0e5bb6dd%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MYKup8v-qLKvlDZnqwv2_drj7FhEw&abxe=1&dt=1684785595676&lmt=1684785543&dlt=1684785593460&idt=494&adxs=1018&adys=635&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=k&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&frm=20&vis=1&psz=1076x293&msz=1076x0&fws=4&ohw=1076&psts=ABHeCvgi7T38ipNuAuaoC3S71LSIt2U53GfdX_lyqjgYDUwT&ga_vid=579155913.1684785594&ga_sid=1684785594&ga_hid=1322753345&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlf2vqIQxSABSAghkEhkKCnB1YmNpZC5vcmcY7P2vqIQxSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqak5aa1dHL0dZa29KNjRuaFZPZlRvS3hoUmpUMnVwaGpOaUlSemVRbTdabmNpQ2xTRG5DaHFtNzUzWERyQzV2d0Z4YjBRcWNRZ1dNdmdkSDlvbzdjZG5VazBJa2djNzE2ZDFSaExKTDUrenJGRlFicmk2V2UvMXJtSFdTeDZIRXh0MDJ1OTkvaEhBeU1CY1Q0bWZ4QUZsMlBid3FNVUZhT2ExbHU4aUk5WDF0bnBTVG8vb3pOaWUwRGlpMmNjYWhUd1E9PRiV_6-ohDFIABIdCg5lc3AuY3JpdGVvLmNvbRiV_a-ohDFIAFICCGQSGQoKdWlkYXBpLmNvbRiV_a-ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMH-r6iEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38ba36311cf0c2d97f8ad76c0310f9005631343768d81a382ed3281259d123e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14592
x-xss-protection
0
google-lineitem-id
6289866909
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138432157906
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2722881580573987&correlator=3728122277014350&eid=31074405%2C31074401%2C31068367%2C44714449&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cresponsive4&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=21&adks=2149091243&didk=2675907333&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-9%26hb_r_id%3D9392722ffdd8197%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_adid%3D211d2bcfb9d574a7%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10998%252F868311%252Fnewcastle-united-vs-leicester-city%252F&sc=1&cookie=ID%3Dc66d114f1273d4f8%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MZVcJ94Ds4K_u38iiuvSwi73-sJFA&gpic=UID%3D00000c1a0e5bb6dd%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MYKup8v-qLKvlDZnqwv2_drj7FhEw&abxe=1&dt=1684785595680&lmt=1684785543&dlt=1684785593460&idt=494&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=l&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvgi7T38ipNuAuaoC3S71LSIt2U53GfdX_lyqjgYDUwT&ga_vid=579155913.1684785594&ga_sid=1684785594&ga_hid=1322753345&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlf2vqIQxSABSAghkEhkKCnB1YmNpZC5vcmcY7P2vqIQxSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqak5aa1dHL0dZa29KNjRuaFZPZlRvS3hoUmpUMnVwaGpOaUlSemVRbTdabmNpQ2xTRG5DaHFtNzUzWERyQzV2d0Z4YjBRcWNRZ1dNdmdkSDlvbzdjZG5VazBJa2djNzE2ZDFSaExKTDUrenJGRlFicmk2V2UvMXJtSFdTeDZIRXh0MDJ1OTkvaEhBeU1CY1Q0bWZ4QUZsMlBid3FNVUZhT2ExbHU4aUk5WDF0bnBTVG8vb3pOaWUwRGlpMmNjYWhUd1E9PRiV_6-ohDFIABIdCg5lc3AuY3JpdGVvLmNvbRiV_a-ohDFIAFICCGQSGQoKdWlkYXBpLmNvbRiV_a-ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMH-r6iEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ce9a4b8cfbc74ade210dffb43e3956669663d73e48f847b7f0f02ebe28a5181
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11017
x-xss-protection
0
google-lineitem-id
5818019657
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374033787
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		387 B
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2722881580573987&correlator=3728122277014350&eid=31074405%2C31074401%2C31068367%2C44714449&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cresponsive5&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=22&adks=2023909493&didk=1220294050&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-10%26hb_r_id%3D102a6125d7028045%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_adid%3D2140427ccc0f93e2%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10998%252F868311%252Fnewcastle-united-vs-leicester-city%252F&sc=1&cookie=ID%3Dc66d114f1273d4f8%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MZVcJ94Ds4K_u38iiuvSwi73-sJFA&gpic=UID%3D00000c1a0e5bb6dd%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MYKup8v-qLKvlDZnqwv2_drj7FhEw&abxe=1&dt=1684785595686&lmt=1684785543&dlt=1684785593460&idt=494&adxs=1018&adys=4117&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=m&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&frm=20&vis=1&psz=1076x2627&msz=1076x0&fws=4&ohw=1100&psts=ABHeCvgi7T38ipNuAuaoC3S71LSIt2U53GfdX_lyqjgYDUwT&ga_vid=579155913.1684785594&ga_sid=1684785594&ga_hid=1322753345&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlf2vqIQxSABSAghkEhkKCnB1YmNpZC5vcmcY7P2vqIQxSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqak5aa1dHL0dZa29KNjRuaFZPZlRvS3hoUmpUMnVwaGpOaUlSemVRbTdabmNpQ2xTRG5DaHFtNzUzWERyQzV2d0Z4YjBRcWNRZ1dNdmdkSDlvbzdjZG5VazBJa2djNzE2ZDFSaExKTDUrenJGRlFicmk2V2UvMXJtSFdTeDZIRXh0MDJ1OTkvaEhBeU1CY1Q0bWZ4QUZsMlBid3FNVUZhT2ExbHU4aUk5WDF0bnBTVG8vb3pOaWUwRGlpMmNjYWhUd1E9PRiV_6-ohDFIABIdCg5lc3AuY3JpdGVvLmNvbRiV_a-ohDFIAFICCGQSGQoKdWlkYXBpLmNvbRiV_a-ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMH-r6iEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5497aa1141d2340bbe83721acabaa6152f26b9530d7e88c2c37016dc5c964db6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		382 B
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2722881580573987&correlator=3728122277014350&eid=31074405%2C31074401%2C31068367%2C44714449&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90&ifi=23&adks=3539973942&didk=1959687422&sfv=1-0-40&prev_scp=test%3Drefresh%26hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Dstick%26hb_r_id%3D11192e01bf7915b2%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_adid%3D2086c47fa3a61562%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10998%252F868311%252Fnewcastle-united-vs-leicester-city%252F&sc=1&cookie=ID%3Dc66d114f1273d4f8%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MZVcJ94Ds4K_u38iiuvSwi73-sJFA&gpic=UID%3D00000c1a0e5bb6dd%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MYKup8v-qLKvlDZnqwv2_drj7FhEw&abxe=1&dt=1684785595690&lmt=1684785543&dlt=1684785593460&idt=494&adxs=315&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=n&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&psts=ABHeCvgi7T38ipNuAuaoC3S71LSIt2U53GfdX_lyqjgYDUwT&ga_vid=579155913.1684785594&ga_sid=1684785594&ga_hid=1322753345&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlf2vqIQxSABSAghkEhkKCnB1YmNpZC5vcmcY7P2vqIQxSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqak5aa1dHL0dZa29KNjRuaFZPZlRvS3hoUmpUMnVwaGpOaUlSemVRbTdabmNpQ2xTRG5DaHFtNzUzWERyQzV2d0Z4YjBRcWNRZ1dNdmdkSDlvbzdjZG5VazBJa2djNzE2ZDFSaExKTDUrenJGRlFicmk2V2UvMXJtSFdTeDZIRXh0MDJ1OTkvaEhBeU1CY1Q0bWZ4QUZsMlBid3FNVUZhT2ExbHU4aUk5WDF0bnBTVG8vb3pOaWUwRGlpMmNjYWhUd1E9PRiV_6-ohDFIABIdCg5lc3AuY3JpdGVvLmNvbRiV_a-ohDFIAFICCGQSGQoKdWlkYXBpLmNvbRiV_a-ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMH-r6iEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
567663be809ba9debc224878e9f74c079942b7c4de158a18578e4c61d509ecc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame F5FE 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7c58c4debe8dc6c436a804824914fd7ce50c0c10274749d47eeabae3c41cfdab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
i.match
s.tribalfusion.com/z/ Frame 142A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEEgPMgflAJ0iazQMgzhtokw&google_cver=1&google_push=ATf1kGO3Le_Q-Bjk8gF6IOyi4lgZdDmmlCG7iFqfNc67c_a0QYe1kYzgUWAPvt4Ka0wH04jqGDzyDB6GgN7Cgw-pooT-hszx-HSY&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEgPMgflAJ0iazQMgzhtokw&google_cver=1&google_push=ATf1kGO3Le_Q-Bjk8gF6IOyi4lgZdDmmlCG7iFqfNc67c_a0QYe1kYzgUWAPvt4Ka0wH04jqGDzyDB6GgN7Cgw-pooT-hszx-HS...
43 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEgPMgflAJ0iazQMgzhtokw&google_cver=1&google_push=ATf1kGO3Le_Q-Bjk8gF6IOyi4lgZdDmmlCG7iFqfNc67c_a0QYe1kYzgUWAPvt4Ka0wH04jqGDzyDB6GgN7Cgw-pooT-hszx-HSY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGO3Le_Q-Bjk8gF6IOyi4lgZdDmmlCG7iFqfNc67c_a0QYe1kYzgUWAPvt4Ka0wH04jqGDzyDB6GgN7Cgw-pooT-hszx-HSY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:56 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7cb7a47808553673-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:56 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
123
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEgPMgflAJ0iazQMgzhtokw&google_cver=1&google_push=ATf1kGO3Le_Q-Bjk8gF6IOyi4lgZdDmmlCG7iFqfNc67c_a0QYe1kYzgUWAPvt4Ka0wH04jqGDzyDB6GgN7Cgw-pooT-hszx-HSY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGO3Le_Q-Bjk8gF6IOyi4lgZdDmmlCG7iFqfNc67c_a0QYe1kYzgUWAPvt4Ka0wH04jqGDzyDB6GgN7Cgw-pooT-hszx-HSY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7cb7a4762e773673-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 142A
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEN7j1spONgXT5tg6lZYXEeM&google_cver=1&google_push=ATf1kGMevhStS-AxzGPllSTjno_mVtumlqRzI6ZAUo7QJ7iCIpeV8myuDTNjZhCgkigc7JAsqDiUpgFdXSz...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGMevhStS-AxzGPllSTjno_mVtumlqRzI6ZAUo7QJ7iCIpeV8myuDTNjZhCgkigc7JAsqDiUpgFdXSzvaGVpNj_GIpYFjJsY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGMevhStS-AxzGPllSTjno_mVtumlqRzI6ZAUo7QJ7iCIpeV8myuDTNjZhCgkigc7JAsqDiUpgFdXSzvaGVpNj_GIpYFjJsY
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGMevhStS-AxzGPllSTjno_mVtumlqRzI6ZAUo7QJ7iCIpeV8myuDTNjZhCgkigc7JAsqDiUpgFdXSzvaGVpNj_GIpYFjJsY
Date
Mon, 22 May 2023 19:59:57 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixel
cm.g.doubleclick.net/ Frame 142A
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESECnhlaHH8pfrrkivUbTbsMg&google_cver=1&google_push=ATf1kGOeBCV7UM9AtF6zxZl6q6AzzmC6UDrp95nmLHMqjxQDDVGFdlTCzNVU6K1XHmWQnnXgn_CdsiPWrge3zk5iFoT1ZSQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGOeBCV7UM9AtF6zxZl6q6AzzmC6UDrp95nmLHMqjxQDDVGFdlTCzNVU6K1XHmWQnnXgn_CdsiPWrge3zk5iFoT1ZSQxiXXYHA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGOeBCV7UM9AtF6zxZl6q6AzzmC6UDrp95nmLHMqjxQDDVGFdlTCzNVU6K1XHmWQnnXgn_CdsiPWrge3zk5iFoT1ZSQxiXXYHA
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGOeBCV7UM9AtF6zxZl6q6AzzmC6UDrp95nmLHMqjxQDDVGFdlTCzNVU6K1XHmWQnnXgn_CdsiPWrge3zk5iFoT1ZSQxiXXYHA
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 142A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBiOn9UXB5nu_uLP_GB3DFw&google_cver=1&google_push=ATf1kGO5kC88gv-slZ6QgvmUtpAVwbJMOY0v855OpxboZ6ShrU3anwHXdH9UJ82R7zzlGHEL0jZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhaOVVEUTgtMVktNVJHSA==&google_push=ATf1kGO5kC88gv-slZ6QgvmUtpAVwbJMOY0v855OpxboZ6ShrU3anwHXdH9UJ82R7zzlGHEL0jZBhUsRs5P5TlrhBuR2Ad6_Dh6n
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhaOVVEUTgtMVktNVJHSA==&google_push=ATf1kGO5kC88gv-slZ6QgvmUtpAVwbJMOY0v855OpxboZ6ShrU3anwHXdH9UJ82R7zzlGHEL0jZBhUsRs5P5TlrhBuR2Ad6_Dh6n
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhaOVVEUTgtMVktNVJHSA==&google_push=ATf1kGO5kC88gv-slZ6QgvmUtpAVwbJMOY0v855OpxboZ6ShrU3anwHXdH9UJ82R7zzlGHEL0jZBhUsRs5P5TlrhBuR2Ad6_Dh6n
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
us
sync.go.sonobi.com/ Frame 142A 		0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DATf1kGNpcB9nC_AkHcLn3C1Rvfg8Wh3LafcH_uDzpcVT3q8iHXEWJyCVlRTfK2X1dlvIw9xfufBWfWnsz-xCOIGs3ML00LQmEZj2%26google_hm%3D%5BUID%5D&google_gid=CAESEDb9E80xQ9dy4mbh8wwtanY&google_cver=1
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 19:59:56 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-96
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 142A
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJF0ooD4pVHW5AicLHQTUyg&google_cver=1&google_push=ATf1kGOzwEezcu0iOeBpEwxsR0KeurLbAaks5XSOmreV3COdvHOsXDbFAQYn1pY2NVhR3kcIQ4SbDwfKN8MmcyvTP...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOzwEezcu0iOeBpEwxsR0KeurLbAaks5XSOmreV3COdvHOsXDbFAQYn1pY2NVhR3kcIQ4SbDwfKN8MmcyvTPZz1pp_MGKmK_Q&google_hm=GsJPqBZHxMC6eVg7SFS0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOzwEezcu0iOeBpEwxsR0KeurLbAaks5XSOmreV3COdvHOsXDbFAQYn1pY2NVhR3kcIQ4SbDwfKN8MmcyvTPZz1pp_MGKmK_Q&google_hm=GsJPqBZHxMC6eVg7SFS0w3Dt
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 19:59:55 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOzwEezcu0iOeBpEwxsR0KeurLbAaks5XSOmreV3COdvHOsXDbFAQYn1pY2NVhR3kcIQ4SbDwfKN8MmcyvTPZz1pp_MGKmK_Q&google_hm=GsJPqBZHxMC6eVg7SFS0w3Dt
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 142A
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHzAPznrGwNyFWjMPkUbF6Q&google_cver=1&google_push=ATf1kGPAq8eWNVdhwCYU6hA9R5qQiIh66ywjIxaDr7loiwSBpNCDT5kZdvHfp922nVF7lXROAwiKZgD5fcqvMMv8...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGPAq8eWNVdhwCYU6hA9R5qQiIh66ywjIxaDr7loiwSBpNCDT5kZdvHfp922nVF7lXROAwiKZgD5fcqvMMv81alooNFe6GbdsA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGPAq8eWNVdhwCYU6hA9R5qQiIh66ywjIxaDr7loiwSBpNCDT5kZdvHfp922nVF7lXROAwiKZgD5fcqvMMv81alooNFe6GbdsA
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 22 May 2023 19:59:55 GMT
via
1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGPAq8eWNVdhwCYU6hA9R5qQiIh66ywjIxaDr7loiwSBpNCDT5kZdvHfp922nVF7lXROAwiKZgD5fcqvMMv81alooNFe6GbdsA
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
zBppiqBL4xYok8miYamwo6Zii1WSJfkHbbNq2oD6ucuUmb8hNUcC-g==
attr
cm.g.doubleclick.net/pixel/ Frame 142A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LrQb8I3B51b0MMfjDBN2PRqTOY5LV0hvi9K6Ib73JV3Dp8US3M4F3UzSEG1OSVpOpbUQ3V
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
privacy_small.svg
static.criteo.net/flash/icon/ Frame BA83 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGvJugAPG0IK5UFhAA0Cg77PzOa8Mx6RDkG6oQ&u=%7CPGctIPx%2BGtEQWYV32X7c0JUbCul4VJ8S65A80%2B6xiIc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4de_avzMTZocx0wFoOLS-9l59lwraN85AwASH-J7Ri_iUblhavnIKdtLdQPrLG_si49RCoMep427cUbL8g_d1TNZSZcMij4Pyjob1Y-yoTIusiDVeVgGBgKLcVrPbaNxHU73I173pjn581l2wxgPP7V28w_2-jkqgO3ZdssgcIAV1vwHIp0wGnlgdfKIJ0Cq6aXYG9dqrY-Hgq2KWBHKpAkBBrsg-BEmgK_8ErBpHqUp2RQ8Vb1xtYVPL9UZRqgsGoArTdTuJRsUVO01iFsAAtBKCTi2hBfqbVGJt_AS0p0GTjjwhkj1-A-m18MmX7QR78RzEBFItAXTtbsGVwkpWvZ9zi8Y4SmRp1LvWRbgYuRYd08LsWYe-xYaVuuiWB3VsFmAZLtlR-4ijuzZsLcay5MA6pQZhVhklOV-9XcGTmvktNEwWaWu8KUjUn-AvddHKBiKzENzT3FlF9NbN7v85oagimydbs8v02rvyLMa2O9DYmPCfnJ37mFLAmLXEXcuBnBwQ4BVLU5s0w32VT-F7K-hd0aXDf3ySUEGf4CouN_0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCACs7uslrZMK2POGClQeDhbSQA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakCdJ4eODUjsj7gAgCoAwGqBNECT9AoYpZnAuOdbXbeJqlzZJj80qpcvah8UWnm64JcAMo3H0bothnEMXZvU6ynNYvvQoNJcCMWOGmLLwF2G_BR0F1MOlBcm4u3Iqknzp_nrl72EnASRntW_aV3u0OVZ40BTPoSuslJZzmKom0QnV0eStLzpIZXbQGeyg1U0dpX69jz9aIdPuqZwKQXjNaOiroVflZcON5L2STq5ubvVpdrvCKbLpmbmO9BygEmFmyPgR6gTlJskfzFCxM7Nmq_T1r1vCOHKDKj7Whjz7bRqYTjvPR8mXzJsXd6wvyjmJoh7aa77PUV44UMCHyT2dntPkYIFXjY-D_yKxZeeteIpKNUWa9GLHk4YXEfxLm4eiEGBZ6dRtGbxQQgmge08vk_Ml1DOFJQY-uM5uiedfcilV3wry5TiH54KOmjJBhArgttpZ2OyVvpl_2Lv-zbAosfYsEN5uAEAYAG7Oilpufy97mNAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dajZiZohqjyyiYinbTaZNMRiACA%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 May 2024 19:59:55 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame BA83 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGvJugAPG0IK5UFhAA0Cg77PzOa8Mx6RDkG6oQ&u=%7CPGctIPx%2BGtEQWYV32X7c0JUbCul4VJ8S65A80%2B6xiIc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4de_avzMTZocx0wFoOLS-9l59lwraN85AwASH-J7Ri_iUblhavnIKdtLdQPrLG_si49RCoMep427cUbL8g_d1TNZSZcMij4Pyjob1Y-yoTIusiDVeVgGBgKLcVrPbaNxHU73I173pjn581l2wxgPP7V28w_2-jkqgO3ZdssgcIAV1vwHIp0wGnlgdfKIJ0Cq6aXYG9dqrY-Hgq2KWBHKpAkBBrsg-BEmgK_8ErBpHqUp2RQ8Vb1xtYVPL9UZRqgsGoArTdTuJRsUVO01iFsAAtBKCTi2hBfqbVGJt_AS0p0GTjjwhkj1-A-m18MmX7QR78RzEBFItAXTtbsGVwkpWvZ9zi8Y4SmRp1LvWRbgYuRYd08LsWYe-xYaVuuiWB3VsFmAZLtlR-4ijuzZsLcay5MA6pQZhVhklOV-9XcGTmvktNEwWaWu8KUjUn-AvddHKBiKzENzT3FlF9NbN7v85oagimydbs8v02rvyLMa2O9DYmPCfnJ37mFLAmLXEXcuBnBwQ4BVLU5s0w32VT-F7K-hd0aXDf3ySUEGf4CouN_0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCACs7uslrZMK2POGClQeDhbSQA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakCdJ4eODUjsj7gAgCoAwGqBNECT9AoYpZnAuOdbXbeJqlzZJj80qpcvah8UWnm64JcAMo3H0bothnEMXZvU6ynNYvvQoNJcCMWOGmLLwF2G_BR0F1MOlBcm4u3Iqknzp_nrl72EnASRntW_aV3u0OVZ40BTPoSuslJZzmKom0QnV0eStLzpIZXbQGeyg1U0dpX69jz9aIdPuqZwKQXjNaOiroVflZcON5L2STq5ubvVpdrvCKbLpmbmO9BygEmFmyPgR6gTlJskfzFCxM7Nmq_T1r1vCOHKDKj7Whjz7bRqYTjvPR8mXzJsXd6wvyjmJoh7aa77PUV44UMCHyT2dntPkYIFXjY-D_yKxZeeteIpKNUWa9GLHk4YXEfxLm4eiEGBZ6dRtGbxQQgmge08vk_Ml1DOFJQY-uM5uiedfcilV3wry5TiH54KOmjJBhArgttpZ2OyVvpl_2Lv-zbAosfYsEN5uAEAYAG7Oilpufy97mNAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dajZiZohqjyyiYinbTaZNMRiACA%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 May 2024 19:59:55 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame BA83 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGvJugAPG0IK5UFhAA0Cg77PzOa8Mx6RDkG6oQ&u=%7CPGctIPx%2BGtEQWYV32X7c0JUbCul4VJ8S65A80%2B6xiIc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4de_avzMTZocx0wFoOLS-9l59lwraN85AwASH-J7Ri_iUblhavnIKdtLdQPrLG_si49RCoMep427cUbL8g_d1TNZSZcMij4Pyjob1Y-yoTIusiDVeVgGBgKLcVrPbaNxHU73I173pjn581l2wxgPP7V28w_2-jkqgO3ZdssgcIAV1vwHIp0wGnlgdfKIJ0Cq6aXYG9dqrY-Hgq2KWBHKpAkBBrsg-BEmgK_8ErBpHqUp2RQ8Vb1xtYVPL9UZRqgsGoArTdTuJRsUVO01iFsAAtBKCTi2hBfqbVGJt_AS0p0GTjjwhkj1-A-m18MmX7QR78RzEBFItAXTtbsGVwkpWvZ9zi8Y4SmRp1LvWRbgYuRYd08LsWYe-xYaVuuiWB3VsFmAZLtlR-4ijuzZsLcay5MA6pQZhVhklOV-9XcGTmvktNEwWaWu8KUjUn-AvddHKBiKzENzT3FlF9NbN7v85oagimydbs8v02rvyLMa2O9DYmPCfnJ37mFLAmLXEXcuBnBwQ4BVLU5s0w32VT-F7K-hd0aXDf3ySUEGf4CouN_0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCACs7uslrZMK2POGClQeDhbSQA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakCdJ4eODUjsj7gAgCoAwGqBNECT9AoYpZnAuOdbXbeJqlzZJj80qpcvah8UWnm64JcAMo3H0bothnEMXZvU6ynNYvvQoNJcCMWOGmLLwF2G_BR0F1MOlBcm4u3Iqknzp_nrl72EnASRntW_aV3u0OVZ40BTPoSuslJZzmKom0QnV0eStLzpIZXbQGeyg1U0dpX69jz9aIdPuqZwKQXjNaOiroVflZcON5L2STq5ubvVpdrvCKbLpmbmO9BygEmFmyPgR6gTlJskfzFCxM7Nmq_T1r1vCOHKDKj7Whjz7bRqYTjvPR8mXzJsXd6wvyjmJoh7aa77PUV44UMCHyT2dntPkYIFXjY-D_yKxZeeteIpKNUWa9GLHk4YXEfxLm4eiEGBZ6dRtGbxQQgmge08vk_Ml1DOFJQY-uM5uiedfcilV3wry5TiH54KOmjJBhArgttpZ2OyVvpl_2Lv-zbAosfYsEN5uAEAYAG7Oilpufy97mNAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dajZiZohqjyyiYinbTaZNMRiACA%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:55 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 16 May 2024 19:59:55 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame BA83 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGvJugAPG0IK5UFhAA0Cg77PzOa8Mx6RDkG6oQ&u=%7CPGctIPx%2BGtEQWYV32X7c0JUbCul4VJ8S65A80%2B6xiIc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4de_avzMTZocx0wFoOLS-9l59lwraN85AwASH-J7Ri_iUblhavnIKdtLdQPrLG_si49RCoMep427cUbL8g_d1TNZSZcMij4Pyjob1Y-yoTIusiDVeVgGBgKLcVrPbaNxHU73I173pjn581l2wxgPP7V28w_2-jkqgO3ZdssgcIAV1vwHIp0wGnlgdfKIJ0Cq6aXYG9dqrY-Hgq2KWBHKpAkBBrsg-BEmgK_8ErBpHqUp2RQ8Vb1xtYVPL9UZRqgsGoArTdTuJRsUVO01iFsAAtBKCTi2hBfqbVGJt_AS0p0GTjjwhkj1-A-m18MmX7QR78RzEBFItAXTtbsGVwkpWvZ9zi8Y4SmRp1LvWRbgYuRYd08LsWYe-xYaVuuiWB3VsFmAZLtlR-4ijuzZsLcay5MA6pQZhVhklOV-9XcGTmvktNEwWaWu8KUjUn-AvddHKBiKzENzT3FlF9NbN7v85oagimydbs8v02rvyLMa2O9DYmPCfnJ37mFLAmLXEXcuBnBwQ4BVLU5s0w32VT-F7K-hd0aXDf3ySUEGf4CouN_0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCACs7uslrZMK2POGClQeDhbSQA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakCdJ4eODUjsj7gAgCoAwGqBNECT9AoYpZnAuOdbXbeJqlzZJj80qpcvah8UWnm64JcAMo3H0bothnEMXZvU6ynNYvvQoNJcCMWOGmLLwF2G_BR0F1MOlBcm4u3Iqknzp_nrl72EnASRntW_aV3u0OVZ40BTPoSuslJZzmKom0QnV0eStLzpIZXbQGeyg1U0dpX69jz9aIdPuqZwKQXjNaOiroVflZcON5L2STq5ubvVpdrvCKbLpmbmO9BygEmFmyPgR6gTlJskfzFCxM7Nmq_T1r1vCOHKDKj7Whjz7bRqYTjvPR8mXzJsXd6wvyjmJoh7aa77PUV44UMCHyT2dntPkYIFXjY-D_yKxZeeteIpKNUWa9GLHk4YXEfxLm4eiEGBZ6dRtGbxQQgmge08vk_Ml1DOFJQY-uM5uiedfcilV3wry5TiH54KOmjJBhArgttpZ2OyVvpl_2Lv-zbAosfYsEN5uAEAYAG7Oilpufy97mNAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dajZiZohqjyyiYinbTaZNMRiACA%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:55 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 16 May 2024 19:59:55 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame BA83 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=UChw7_5dVhs1toh2bOpfQ595-_lDjVbvsHANAgs1ECUaX__C5Fs9X52ws4OmaUBUSMolvSCdITa1-bKh1sPTNS0aClD7A9pqMSUu_hVKGdIN3b0oxHxjDsU2jafq5ATWnFyPTTlDeT6WuxKoGJir9Y3IU9DhlnJeiEgsJzOttsWWdXf87dE3fWFTyW41Gx8rl27Z7haUBdvouDWn5DFbSzH9x2hYcwTVrF58pPcGpJao-xe-6WvsSsxjSMlGyNLxK7DC4Ye4rwfE3cUzTBGdHZDlpd7f15Ja9zD6M12ywsAYthhCw3w-SzuXAIn_IoWte9UmJyy4SxbrvYWUKJ8lVM9lsDnBEFL8YVi1G6wTnnP7k3hiL59g_M3vE02LtAfnghdinKcU8ilcokbfokpTMgIBKvgwVJK7NVUqbOuDheOA5YOSZ3J_OA1-R77PdABoYraURw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGvJugAPG0IK5UFhAA0Cg77PzOa8Mx6RDkG6oQ&u=%7CPGctIPx%2BGtEQWYV32X7c0JUbCul4VJ8S65A80%2B6xiIc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4de_avzMTZocx0wFoOLS-9l59lwraN85AwASH-J7Ri_iUblhavnIKdtLdQPrLG_si49RCoMep427cUbL8g_d1TNZSZcMij4Pyjob1Y-yoTIusiDVeVgGBgKLcVrPbaNxHU73I173pjn581l2wxgPP7V28w_2-jkqgO3ZdssgcIAV1vwHIp0wGnlgdfKIJ0Cq6aXYG9dqrY-Hgq2KWBHKpAkBBrsg-BEmgK_8ErBpHqUp2RQ8Vb1xtYVPL9UZRqgsGoArTdTuJRsUVO01iFsAAtBKCTi2hBfqbVGJt_AS0p0GTjjwhkj1-A-m18MmX7QR78RzEBFItAXTtbsGVwkpWvZ9zi8Y4SmRp1LvWRbgYuRYd08LsWYe-xYaVuuiWB3VsFmAZLtlR-4ijuzZsLcay5MA6pQZhVhklOV-9XcGTmvktNEwWaWu8KUjUn-AvddHKBiKzENzT3FlF9NbN7v85oagimydbs8v02rvyLMa2O9DYmPCfnJ37mFLAmLXEXcuBnBwQ4BVLU5s0w32VT-F7K-hd0aXDf3ySUEGf4CouN_0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCACs7uslrZMK2POGClQeDhbSQA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakCdJ4eODUjsj7gAgCoAwGqBNECT9AoYpZnAuOdbXbeJqlzZJj80qpcvah8UWnm64JcAMo3H0bothnEMXZvU6ynNYvvQoNJcCMWOGmLLwF2G_BR0F1MOlBcm4u3Iqknzp_nrl72EnASRntW_aV3u0OVZ40BTPoSuslJZzmKom0QnV0eStLzpIZXbQGeyg1U0dpX69jz9aIdPuqZwKQXjNaOiroVflZcON5L2STq5ubvVpdrvCKbLpmbmO9BygEmFmyPgR6gTlJskfzFCxM7Nmq_T1r1vCOHKDKj7Whjz7bRqYTjvPR8mXzJsXd6wvyjmJoh7aa77PUV44UMCHyT2dntPkYIFXjY-D_yKxZeeteIpKNUWa9GLHk4YXEfxLm4eiEGBZ6dRtGbxQQgmge08vk_Ml1DOFJQY-uM5uiedfcilV3wry5TiH54KOmjJBhArgttpZ2OyVvpl_2Lv-zbAosfYsEN5uAEAYAG7Oilpufy97mNAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dajZiZohqjyyiYinbTaZNMRiACA%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:55 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2606399
expires
Mon, 26 Jul 1997 05:00:00 GMT
ff50878adaf14961a47feb9c94e095f1_image_ad_970x250.gif
static.criteo.net/design/dt/98009/230518/ Frame BA83 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/98009/230518/ff50878adaf14961a47feb9c94e095f1_image_ad_970x250.gif
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGvJugAPG0IK5UFhAA0Cg77PzOa8Mx6RDkG6oQ&u=%7CPGctIPx%2BGtEQWYV32X7c0JUbCul4VJ8S65A80%2B6xiIc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4de_avzMTZocx0wFoOLS-9l59lwraN85AwASH-J7Ri_iUblhavnIKdtLdQPrLG_si49RCoMep427cUbL8g_d1TNZSZcMij4Pyjob1Y-yoTIusiDVeVgGBgKLcVrPbaNxHU73I173pjn581l2wxgPP7V28w_2-jkqgO3ZdssgcIAV1vwHIp0wGnlgdfKIJ0Cq6aXYG9dqrY-Hgq2KWBHKpAkBBrsg-BEmgK_8ErBpHqUp2RQ8Vb1xtYVPL9UZRqgsGoArTdTuJRsUVO01iFsAAtBKCTi2hBfqbVGJt_AS0p0GTjjwhkj1-A-m18MmX7QR78RzEBFItAXTtbsGVwkpWvZ9zi8Y4SmRp1LvWRbgYuRYd08LsWYe-xYaVuuiWB3VsFmAZLtlR-4ijuzZsLcay5MA6pQZhVhklOV-9XcGTmvktNEwWaWu8KUjUn-AvddHKBiKzENzT3FlF9NbN7v85oagimydbs8v02rvyLMa2O9DYmPCfnJ37mFLAmLXEXcuBnBwQ4BVLU5s0w32VT-F7K-hd0aXDf3ySUEGf4CouN_0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCACs7uslrZMK2POGClQeDhbSQA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakCdJ4eODUjsj7gAgCoAwGqBNECT9AoYpZnAuOdbXbeJqlzZJj80qpcvah8UWnm64JcAMo3H0bothnEMXZvU6ynNYvvQoNJcCMWOGmLLwF2G_BR0F1MOlBcm4u3Iqknzp_nrl72EnASRntW_aV3u0OVZ40BTPoSuslJZzmKom0QnV0eStLzpIZXbQGeyg1U0dpX69jz9aIdPuqZwKQXjNaOiroVflZcON5L2STq5ubvVpdrvCKbLpmbmO9BygEmFmyPgR6gTlJskfzFCxM7Nmq_T1r1vCOHKDKj7Whjz7bRqYTjvPR8mXzJsXd6wvyjmJoh7aa77PUV44UMCHyT2dntPkYIFXjY-D_yKxZeeteIpKNUWa9GLHk4YXEfxLm4eiEGBZ6dRtGbxQQgmge08vk_Ml1DOFJQY-uM5uiedfcilV3wry5TiH54KOmjJBhArgttpZ2OyVvpl_2Lv-zbAosfYsEN5uAEAYAG7Oilpufy97mNAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dajZiZohqjyyiYinbTaZNMRiACA%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ba3e38cb8858007f1786c9479e6b3f50c949254a363a62739bf9a55a3c704333
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:55 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 18 May 2023 17:35:24 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"646661dc-15105"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
86277
expires
Thu, 16 May 2024 19:59:55 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F5FE 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 21:03:36 GMT
x-content-type-options
nosniff
age
168979
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 21:03:36 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 14EA 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsty1KECR4UJHIvtQ4oa3HEEebexi3zP1MjAE0hFm59kSDuyoikFs8Gq3a3G4UABe3g5bERS0dJE6DGIxcuALClZIgtOAOXe7IDSnyr2rQbRDR8lqPFJ&sig=Cg0ArKJSzJ_wou_3hJAwEAE&id=lidar2&mcvt=1081&p=1111,437,1199,1163&mtos=1081,1081,1081,1081,1081&tos=1081,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=3202367356&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684785594486&rpt=337&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 810C 		35 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBlofzwBbAvloamX4Q4dXy4&google_cver=1&google_push=ATf1kGMEOuz-frunTGepBGGknAst0aSnhfL5w1uXj6BtLNpyJh1vGVnyCica_uiaSb9qwtN-aDu2FQ15FiszbMmdhghBztHnbow
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:56 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 810C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEONVis8_kfRvlFsU0nr6Kl0&google_cver=1&google_push=ATf1kGO7MOgHktYSHG7FShB2WlWAUy00FTwA3iQXuenlQGmtsAv-yQOCrMWGU7ItNNTRF3J5UDDRxV5SjSM4v-XX...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGO7MOgHktYSHG7FShB2WlWAUy00FTwA3iQXuenlQGmtsAv-yQOCrMWGU7ItNNTRF3J5UDDRxV5SjSM4v-XXl_7OsJysPw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGO7MOgHktYSHG7FShB2WlWAUy00FTwA3iQXuenlQGmtsAv-yQOCrMWGU7ItNNTRF3J5UDDRxV5SjSM4v-XXl_7OsJysPw
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 19:59:56 GMT
Server
MT3 851 9bd98ae master zrh-pixel-x4 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGO7MOgHktYSHG7FShB2WlWAUy00FTwA3iQXuenlQGmtsAv-yQOCrMWGU7ItNNTRF3J5UDDRxV5SjSM4v-XXl_7OsJysPw
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 22 May 2023 19:59:55 GMT
pixel
cm.g.doubleclick.net/ Frame 810C
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEO0AeMkkY_BS0nLqMOO-2P4&google_cver=1&google_push=ATf1kGNWCDN3f-drriW7nARAPMJG9Z8WjEV8784h5KushlKb9yUqibB4INR_UpBI4VIzr1HzFS29OpDvU11gXLOjoHBmmBA-v9Y
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A6418807CFD541109B096C1CE74B826C&google_push=ATf1kGNWCDN3f-drriW7nARAPMJG9Z8WjEV8784h5KushlKb9yUqibB4INR_UpBI4VIzr1HzFS29OpDvU11gXLO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A6418807CFD541109B096C1CE74B826C&google_push=ATf1kGNWCDN3f-drriW7nARAPMJG9Z8WjEV8784h5KushlKb9yUqibB4INR_UpBI4VIzr1HzFS29OpDvU11gXLOjoHBmmBA-v9Y
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 22 May 2023 19:59:55 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A6418807CFD541109B096C1CE74B826C&google_push=ATf1kGNWCDN3f-drriW7nARAPMJG9Z8WjEV8784h5KushlKb9yUqibB4INR_UpBI4VIzr1HzFS29OpDvU11gXLOjoHBmmBA-v9Y
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 21 May 2023 19:59:55 GMT
pixel
cm.g.doubleclick.net/ Frame 810C
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEC79Kw33z2UgTFN2P4O5Aec&google_cver=1&google_push=ATf1kGPbEjo1ZNNRaj5N1GgHYJtXtmnTJ3hEJVkttaEAXV80G3InXsgSUT3AdHDFgL6KeTjT5-_uYH7csx3bUp8QX...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPbEjo1ZNNRaj5N1GgHYJtXtmnTJ3hEJVkttaEAXV80G3InXsgSUT3AdHDFgL6KeTjT5-_uYH7csx3bUp8QXJy4Hg_I-A&google_hm=GsJPqBZHxMC6eVg7SFS0w3Dt
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPbEjo1ZNNRaj5N1GgHYJtXtmnTJ3hEJVkttaEAXV80G3InXsgSUT3AdHDFgL6KeTjT5-_uYH7csx3bUp8QXJy4Hg_I-A&google_hm=GsJPqBZHxMC6eVg7SFS0w3Dt
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 19:59:55 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPbEjo1ZNNRaj5N1GgHYJtXtmnTJ3hEJVkttaEAXV80G3InXsgSUT3AdHDFgL6KeTjT5-_uYH7csx3bUp8QXJy4Hg_I-A&google_hm=GsJPqBZHxMC6eVg7SFS0w3Dt
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
/
cc.adingo.jp/adx/push/ Frame 810C 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEMKvnINb-q70pU3qSOjse0s&google_cver=1&google_push=ATf1kGNy_GTDlhqiS7OmiEd3tUA7oSnXcjct9aMCXU0TmnDsG4Sywfl1lON9f5lYzGkdXsoW2N7wBArSyJVKK4_M6cLDliEAJRo
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.180.74.73 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-180-74-73.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:56 GMT
server
awselb/2.0
pixel
cm.g.doubleclick.net/ Frame 810C
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEFd1YuNo-twn9hz3Rmat3g0&google_cver=1&google_push=ATf1kGMIlZCGsCF1vCcFVsTYNb3BBia2-2xIDQBJpFJWa9VJ7nlN30U3hrrmv2Kr1PDq6xkcmOUEB9OdW5IV86Dfe5EwHUO...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ATf1kGMIlZCGsCF1vCcFVsTYNb3BBia2-2xIDQBJpFJWa9VJ7nlN30U3hrrmv2Kr1PDq6xkcmOUEB9OdW5IV86Dfe5EwHUOb_smt&google_hm=NDcwMDgyMTM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ATf1kGMIlZCGsCF1vCcFVsTYNb3BBia2-2xIDQBJpFJWa9VJ7nlN30U3hrrmv2Kr1PDq6xkcmOUEB9OdW5IV86Dfe5EwHUOb_smt&google_hm=NDcwMDgyMTMxNjgyNDQ1MDU0MQ==
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ATf1kGMIlZCGsCF1vCcFVsTYNb3BBia2-2xIDQBJpFJWa9VJ7nlN30U3hrrmv2Kr1PDq6xkcmOUEB9OdW5IV86Dfe5EwHUOb_smt&google_hm=NDcwMDgyMTMxNjgyNDQ1MDU0MQ==
Date
Mon, 22 May 2023 19:59:56 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 810C
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHsNC0Oc1kISfv4nnFJQFSU&google_cver=1&google_push=ATf1kGOIc-lGCYXn1uJXBotw-Wb5wy0vWQNCBKyJmQvQiQIMqZpYaTbPBSAArLmy_sUqPRGn0s_BS-f_eGz...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOIc-lGCYXn1uJXBotw-Wb5wy0vWQNCBKyJmQvQiQIMqZpYaTbPBSAArLmy_sUqPRGn0s_BS-f_eGzbcCJw6VtdAgZk5OA
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 810C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KqwHX-KdtDGD7U29MyK3OxQjudFBA1432_BOhKFafU1H3O8G8oyZIt3wikgb-KOpFXx1fi1gY
Requested by
Host: 0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
URL: https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
all
csm.eu.criteo.net/ Frame BA83 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=ZBoOTfXNZth55iqQPtIxJMa4DtWV9lP8QZiu-WRCCcY5cTPd7RIVg8RVHhKgNLxxdiR80C8mX_uahiBks7480jOhLGQUbTqL6Gly570w4LCqTpuBdrrXO6Z1W8EYnHHKxyd_sUMy8XXE59xuqu5L1Bojk8KeejW12l7gODGFrZe8yofWsuPw_gRtnL54jR1zlRnYNaDY_DM5V_JlEjtrYr-POVH_vxm0Q0qs2PVkZ7Fj0A7UZiy6C--xEraqkotA_7jslw&sds=2&rev=86437&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGvJugAPG0IK5UFhAA0Cg77PzOa8Mx6RDkG6oQ&u=%7CPGctIPx%2BGtEQWYV32X7c0JUbCul4VJ8S65A80%2B6xiIc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4de_avzMTZocx0wFoOLS-9l59lwraN85AwASH-J7Ri_iUblhavnIKdtLdQPrLG_si49RCoMep427cUbL8g_d1TNZSZcMij4Pyjob1Y-yoTIusiDVeVgGBgKLcVrPbaNxHU73I173pjn581l2wxgPP7V28w_2-jkqgO3ZdssgcIAV1vwHIp0wGnlgdfKIJ0Cq6aXYG9dqrY-Hgq2KWBHKpAkBBrsg-BEmgK_8ErBpHqUp2RQ8Vb1xtYVPL9UZRqgsGoArTdTuJRsUVO01iFsAAtBKCTi2hBfqbVGJt_AS0p0GTjjwhkj1-A-m18MmX7QR78RzEBFItAXTtbsGVwkpWvZ9zi8Y4SmRp1LvWRbgYuRYd08LsWYe-xYaVuuiWB3VsFmAZLtlR-4ijuzZsLcay5MA6pQZhVhklOV-9XcGTmvktNEwWaWu8KUjUn-AvddHKBiKzENzT3FlF9NbN7v85oagimydbs8v02rvyLMa2O9DYmPCfnJ37mFLAmLXEXcuBnBwQ4BVLU5s0w32VT-F7K-hd0aXDf3ySUEGf4CouN_0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCACs7uslrZMK2POGClQeDhbSQA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakCdJ4eODUjsj7gAgCoAwGqBNECT9AoYpZnAuOdbXbeJqlzZJj80qpcvah8UWnm64JcAMo3H0bothnEMXZvU6ynNYvvQoNJcCMWOGmLLwF2G_BR0F1MOlBcm4u3Iqknzp_nrl72EnASRntW_aV3u0OVZ40BTPoSuslJZzmKom0QnV0eStLzpIZXbQGeyg1U0dpX69jz9aIdPuqZwKQXjNaOiroVflZcON5L2STq5ubvVpdrvCKbLpmbmO9BygEmFmyPgR6gTlJskfzFCxM7Nmq_T1r1vCOHKDKj7Whjz7bRqYTjvPR8mXzJsXd6wvyjmJoh7aa77PUV44UMCHyT2dntPkYIFXjY-D_yKxZeeteIpKNUWa9GLHk4YXEfxLm4eiEGBZ6dRtGbxQQgmge08vk_Ml1DOFJQY-uM5uiedfcilV3wry5TiH54KOmjJBhArgttpZ2OyVvpl_2Lv-zbAosfYsEN5uAEAYAG7Oilpufy97mNAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dajZiZohqjyyiYinbTaZNMRiACA%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 22 May 2023 19:59:55 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame BA83 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGvJugAPG0IK5UFhAA0Cg77PzOa8Mx6RDkG6oQ&u=%7CPGctIPx%2BGtEQWYV32X7c0JUbCul4VJ8S65A80%2B6xiIc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4de_avzMTZocx0wFoOLS-9l59lwraN85AwASH-J7Ri_iUblhavnIKdtLdQPrLG_si49RCoMep427cUbL8g_d1TNZSZcMij4Pyjob1Y-yoTIusiDVeVgGBgKLcVrPbaNxHU73I173pjn581l2wxgPP7V28w_2-jkqgO3ZdssgcIAV1vwHIp0wGnlgdfKIJ0Cq6aXYG9dqrY-Hgq2KWBHKpAkBBrsg-BEmgK_8ErBpHqUp2RQ8Vb1xtYVPL9UZRqgsGoArTdTuJRsUVO01iFsAAtBKCTi2hBfqbVGJt_AS0p0GTjjwhkj1-A-m18MmX7QR78RzEBFItAXTtbsGVwkpWvZ9zi8Y4SmRp1LvWRbgYuRYd08LsWYe-xYaVuuiWB3VsFmAZLtlR-4ijuzZsLcay5MA6pQZhVhklOV-9XcGTmvktNEwWaWu8KUjUn-AvddHKBiKzENzT3FlF9NbN7v85oagimydbs8v02rvyLMa2O9DYmPCfnJ37mFLAmLXEXcuBnBwQ4BVLU5s0w32VT-F7K-hd0aXDf3ySUEGf4CouN_0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCACs7uslrZMK2POGClQeDhbSQA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakCdJ4eODUjsj7gAgCoAwGqBNECT9AoYpZnAuOdbXbeJqlzZJj80qpcvah8UWnm64JcAMo3H0bothnEMXZvU6ynNYvvQoNJcCMWOGmLLwF2G_BR0F1MOlBcm4u3Iqknzp_nrl72EnASRntW_aV3u0OVZ40BTPoSuslJZzmKom0QnV0eStLzpIZXbQGeyg1U0dpX69jz9aIdPuqZwKQXjNaOiroVflZcON5L2STq5ubvVpdrvCKbLpmbmO9BygEmFmyPgR6gTlJskfzFCxM7Nmq_T1r1vCOHKDKj7Whjz7bRqYTjvPR8mXzJsXd6wvyjmJoh7aa77PUV44UMCHyT2dntPkYIFXjY-D_yKxZeeteIpKNUWa9GLHk4YXEfxLm4eiEGBZ6dRtGbxQQgmge08vk_Ml1DOFJQY-uM5uiedfcilV3wry5TiH54KOmjJBhArgttpZ2OyVvpl_2Lv-zbAosfYsEN5uAEAYAG7Oilpufy97mNAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dajZiZohqjyyiYinbTaZNMRiACA%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 May 2024 19:59:55 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame BA83 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGvJugAPG0IK5UFhAA0Cg77PzOa8Mx6RDkG6oQ&u=%7CPGctIPx%2BGtEQWYV32X7c0JUbCul4VJ8S65A80%2B6xiIc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4de_avzMTZocx0wFoOLS-9l59lwraN85AwASH-J7Ri_iUblhavnIKdtLdQPrLG_si49RCoMep427cUbL8g_d1TNZSZcMij4Pyjob1Y-yoTIusiDVeVgGBgKLcVrPbaNxHU73I173pjn581l2wxgPP7V28w_2-jkqgO3ZdssgcIAV1vwHIp0wGnlgdfKIJ0Cq6aXYG9dqrY-Hgq2KWBHKpAkBBrsg-BEmgK_8ErBpHqUp2RQ8Vb1xtYVPL9UZRqgsGoArTdTuJRsUVO01iFsAAtBKCTi2hBfqbVGJt_AS0p0GTjjwhkj1-A-m18MmX7QR78RzEBFItAXTtbsGVwkpWvZ9zi8Y4SmRp1LvWRbgYuRYd08LsWYe-xYaVuuiWB3VsFmAZLtlR-4ijuzZsLcay5MA6pQZhVhklOV-9XcGTmvktNEwWaWu8KUjUn-AvddHKBiKzENzT3FlF9NbN7v85oagimydbs8v02rvyLMa2O9DYmPCfnJ37mFLAmLXEXcuBnBwQ4BVLU5s0w32VT-F7K-hd0aXDf3ySUEGf4CouN_0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCACs7uslrZMK2POGClQeDhbSQA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakCdJ4eODUjsj7gAgCoAwGqBNECT9AoYpZnAuOdbXbeJqlzZJj80qpcvah8UWnm64JcAMo3H0bothnEMXZvU6ynNYvvQoNJcCMWOGmLLwF2G_BR0F1MOlBcm4u3Iqknzp_nrl72EnASRntW_aV3u0OVZ40BTPoSuslJZzmKom0QnV0eStLzpIZXbQGeyg1U0dpX69jz9aIdPuqZwKQXjNaOiroVflZcON5L2STq5ubvVpdrvCKbLpmbmO9BygEmFmyPgR6gTlJskfzFCxM7Nmq_T1r1vCOHKDKj7Whjz7bRqYTjvPR8mXzJsXd6wvyjmJoh7aa77PUV44UMCHyT2dntPkYIFXjY-D_yKxZeeteIpKNUWa9GLHk4YXEfxLm4eiEGBZ6dRtGbxQQgmge08vk_Ml1DOFJQY-uM5uiedfcilV3wry5TiH54KOmjJBhArgttpZ2OyVvpl_2Lv-zbAosfYsEN5uAEAYAG7Oilpufy97mNAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dajZiZohqjyyiYinbTaZNMRiACA%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 May 2024 19:59:55 GMT
p1_1.m3u8
a6.koora.cloud/watch/XyAXEgxzEAkffa-8RshNBA/1684788940/1684789194/1/ Frame 1264 		341 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a6.koora.cloud/watch/XyAXEgxzEAkffa-8RshNBA/1684788940/1684789194/1/p1_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.84.217.72 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
nginx /
Resource Hash
2ca2ecb6061086aeb90f6e21ba6a8a71ead177244a295f7502e5e95eab62c0e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 19:59:56 GMT
Last-Modified
Mon, 22 May 2023 19:59:54 GMT
Server
nginx
ETag
"646bc9ba-155"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
341
truncated
/ Frame 80A3 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae0eddeb2cacbd7d258f7e37826b9af07069db93c4a122095ec2bf2a718e17bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
p1_1.m3u8
a6.koora.cloud/watch/XyAXEgxzEAkffa-8RshNBA/1684788940/1684789194/1/ Frame 1264 		341 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a6.koora.cloud/watch/XyAXEgxzEAkffa-8RshNBA/1684788940/1684789194/1/p1_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.84.217.72 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
nginx /
Resource Hash
2ca2ecb6061086aeb90f6e21ba6a8a71ead177244a295f7502e5e95eab62c0e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 19:59:56 GMT
Last-Modified
Mon, 22 May 2023 19:59:54 GMT
Server
nginx
ETag
"646bc9ba-155"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
341
p1_1-31963.key
a6.koora.cloud/watch/XyAXEgxzEAkffa-8RshNBA/1684788940/1684789194/1/keys/ Frame 1264 		16 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a6.koora.cloud/watch/XyAXEgxzEAkffa-8RshNBA/1684788940/1684789194/1/keys/p1_1-31963.key
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.84.217.72 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
nginx /
Resource Hash
e579b9f156aeaa618c8ff41fcf1f70630466e4c254d9c64a6890ee9b3426638b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 19:59:56 GMT
Last-Modified
Mon, 22 May 2023 19:59:49 GMT
Server
nginx
ETag
"646bc9b5-10"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16
json
pro.ip-api.com/ Frame 1264 		146 B
302 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json?fields=2181826&key=XOpiansRgYxGTho
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
034758e6f2334011605373850cfc2f12a0fdde54278c8cdfa050f23c4cc9c878

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 22 May 2023 19:59:56 GMT
Content-Length
146
Content-Type
application/json; charset=utf-8
p1_1-31967.ts
a6.koora.cloud/watch/XyAXEgxzEAkffa-8RshNBA/1684788940/1684789194/1/ Frame 1264 		581 KB
582 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a6.koora.cloud/watch/XyAXEgxzEAkffa-8RshNBA/1684788940/1684789194/1/p1_1-31967.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.84.217.72 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
nginx /
Resource Hash
67f360fe8d804dfad092d76d7b17348d886cbe73302b099a92d8876162faba74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 19:59:56 GMT
Last-Modified
Mon, 22 May 2023 19:59:32 GMT
Server
nginx
ETag
"646bc9a4-915d0"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
595408
4890e7dc-11b0-4051-912a-efc22815b40d
https://yalla-shoots.tv/ Frame 1264 		62 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://yalla-shoots.tv/4890e7dc-11b0-4051-912a-efc22815b40d
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2e2ee124a92ca6673a9ce2508260ac228832de36594217daffcbce988758fc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length
63763
Content-Type
text/javascript
channel
us.web3-lab.com/v1/ Frame 1264 		422 B
705 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us.web3-lab.com:8443/v1/channel
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9b89fce3091c5241ece531b9f779cdb90d3cd62671d4a9e686ad9aa5341b754

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 22 May 2023 19:59:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SL42%2BORvVz3JkbnyfZrQDg2sNq98pObsGcmATpyeO2NlloBtvwcvOleXvMRf1km1b%2FRxPZdBvTotdnYp%2FoHESo83XZKKgExJujz5MAgq4Z9Ok29F2x9yt3PKRn0EZ5230xCk3lmLdqBaH%2FXVshrTFRaBBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
7cb7a4793df78fd4-FRA
alt-svc
h3=":8443"; ma=86400, h3-29=":8443"; ma=86400
generate_204
tpc.googlesyndication.com/ Frame 2AD8 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?EnKRtQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:56 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=1355842048
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
f5d362233582656338daed8b7dea3db8d472f1e8d38b2133651064c1477fcbd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 May 2023 19:59:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yalla-shoots.tv
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1620
c
prebid.a-mo.net/a/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Mon, 22 May 2023 19:59:55 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
prebid
mp.4dex.io/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:56 GMT
x-err
Parsing the Prebid Request. org/site not found
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7cb7a47a08bc365f-FRA
expires
0
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid
ap.lijit.com/rtb/ 		25 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.4
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
9c15848c88db9441afd08f2617a41c56192536bae3b125adb928c1ba9d1b153c

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 19:59:56 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		384 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2722881580573987&correlator=213758232567475&eid=31074405%2C31074401%2C31068367%2C44714449&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=160x600&ifi=24&adks=664707632&didk=3843884744&sfv=1-0-40&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-1684785596423-0%26hb_r_id%3D235aaa7eeec806ee%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_adid%3D251053910435283b%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10998%252F868311%252Fnewcastle-united-vs-leicester-city%252F&sc=1&cookie=ID%3Dc66d114f1273d4f8%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MZVcJ94Ds4K_u38iiuvSwi73-sJFA&gpic=UID%3D00000c1a0e5bb6dd%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MYKup8v-qLKvlDZnqwv2_drj7FhEw&abxe=1&dt=1684785596552&lmt=1684785543&dlt=1684785593460&idt=494&adxs=-160&adys=310&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=o&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=160&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhaW4Q43qWDLKGO1X4qQY5_v7o_GODX-Tkh2fxqSj2UPW2wjuT_h7uyskvszKxEd0V8Mn-Ul_wmRdxJ4lRIh9HvpqM%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvgi7T38ipNuAuaoC3S71LSIt2U53GfdX_lyqjgYDUwT&ga_vid=579155913.1684785594&ga_sid=1684785594&ga_hid=1322753345&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlf2vqIQxSABSAghkEhkKCnB1YmNpZC5vcmcY7P2vqIQxSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqak5aa1dHL0dZa29KNjRuaFZPZlRvS3hoUmpUMnVwaGpOaUlSemVRbTdabmNpQ2xTRG5DaHFtNzUzWERyQzV2d0Z4YjBRcWNRZ1dNdmdkSDlvbzdjZG5VazBJa2djNzE2ZDFSaExKTDUrenJGRlFicmk2V2UvMXJtSFdTeDZIRXh0MDJ1OTkvaEhBeU1CY1Q0bWZ4QUZsMlBid3FNVUZhT2ExbHU4aUk5WDF0bnBTVG8vb3pOaWUwRGlpMmNjYWhUd1E9PRiV_6-ohDFIABIdCg5lc3AuY3JpdGVvLmNvbRiV_a-ohDFIAFICCGQSGQoKdWlkYXBpLmNvbRiV_a-ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMH-r6iEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
89f6ce85ea25b3fe5830b6a519b8b8fe5f842185a050dc8397227356024d93b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
p1_1-31967.ts
a6.koora.cloud/watch/XyAXEgxzEAkffa-8RshNBA/1684788940/1684789194/1/ Frame 1264 		1 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a6.koora.cloud/watch/XyAXEgxzEAkffa-8RshNBA/1684788940/1684789194/1/p1_1-31967.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.84.217.72 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
nginx /
Resource Hash
b7d25296e7bc6a6bf66da09b1c5ed273d99e3a9fc6d43e46ccb8b358fa13d4e9

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range
bytes=0-0

Response headers

Date
Mon, 22 May 2023 19:59:56 GMT
Last-Modified
Mon, 22 May 2023 19:59:32 GMT
Server
nginx
ETag
"646bc9a4-915d0"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Content-Range
bytes 0-0/595408
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1
p1_1-31968.ts
a6.koora.cloud/watch/XyAXEgxzEAkffa-8RshNBA/1684788940/1684789194/1/ Frame 1264 		508 KB
508 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a6.koora.cloud/watch/XyAXEgxzEAkffa-8RshNBA/1684788940/1684789194/1/p1_1-31968.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.84.217.72 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
nginx /
Resource Hash
93f561fc7727d6b2a6ddaad78dc5323706ce711eb9e002ccba56fa63a93d7dae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 19:59:56 GMT
Last-Modified
Mon, 22 May 2023 19:59:36 GMT
Server
nginx
ETag
"646bc9a8-7ef50"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
520016
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305160101&jk=2722881580573987&bg=!DwylDFjNAAZ8_aWmXP07ADkAdvg8WstvhbR7_qHeTiZ9YSyAJw9Rk62Au6iHwXJKMC88W7DP82nRwttU-sKBnO6AkyRpVq7V7kUCAAACKVIAAAACaAEHCgCPj49bqmhaeqHgzBScgR3YrMipaY3H97xtQct6d17oQU1le7w-JpxU7qUMZyO0RE2dieVZVgCt9lRKgLNii3G_KzDMfApZkERFQ8dciv5X5HAKg78hNjQzSZgMA8Fw6Hj04sxXw05y5E-tAh5aBicsm25ByP3n5-a0f_499WxtNtGQr_xn9AALI1Nd8dQydQmZApvsxEOSzP1asHlYvgbgTfNfkVrTbHXHEseuwx8LJ9HYH7hLy_pPW-qUAaKVCNjZMHljPsWj38pyQwuRQsWpiajSmHvqyUbFIPEWxdT42ahhblVNKUDbdVn0M-TtGcJbmqiZnvTZ5-tapjBkeAwoLnUWjfEL_PTBw_OzXwX9YbxcqegmZmr7fVFzaORF6prmTGPqsolc9T_G7QBmiE-g3uW2h2WsGuKG62bWRpq3Ygdqn0G4-zeYy8O6Ea-QHp8agSrqi07DNf6spF0VvE_n7woUH7gWGGIcB2j51O5kQt2RoYP4Vv5H7uhnVQI5xP7idgFcffSLT8z6NWiWf7vNFu997-3gaoRFsPJX--1KnbACcNmJdCIVTRSwOW76_TkjY_zkrRSUzrACA5twNa3g6-w5J6cyShMz-bDfHtCqcOwTYy-F6C6yIAVnYXLBfTUo6788hG8EFnsz9zsJOnsS2utUOiqltGugJzjjpvcNmRQUPaE5bcJJhQTizfseLQ44aSGtILF2F-_ZcZmC4lhFuW5NhWTcx8CMqEFhKD7bsabHizqvhQtfx-2W_lMKjf0NaFNk5AAjvAx77zojdX0ThkRz1xOMFUrDVdQOz2SRAZ0_5mYQVFYy9OEtSUZEKJxB15hJFoJ2TgX4g-csuRaEP36Mm6PgZVzKc-nEz1uwj2xD5r-L_O14HPhNmeEkKp_B8OpS9pS7zfRl7tyZjamp1N5hC9DfTSYi5m7nZHB9EQQ3Kd2QGbUjAfuC0Xv3OzOzfQEAQjWGL8vraTu_YgutQjmiixllXY2LhAz8Zo5nRUhA9G_KEsdXOVfQU95tMLqlFfQQJXftbsFO0fzwQNFwNFgBsJRAiT166S2NccvVmDQyW4TiQnXb2nuWaoDj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
p1_1-31969.ts
a6.koora.cloud/watch/XyAXEgxzEAkffa-8RshNBA/1684788940/1684789194/1/ Frame 1264 		517 KB
518 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a6.koora.cloud/watch/XyAXEgxzEAkffa-8RshNBA/1684788940/1684789194/1/p1_1-31969.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.84.217.72 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
nginx /
Resource Hash
bf4d8afc1c1682f54a7847d9d3cae84f5ded16a74c52b281c0c1ff950aaee861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 19:59:57 GMT
Last-Modified
Mon, 22 May 2023 19:59:40 GMT
Server
nginx
ETag
"646bc9ac-81580"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
529792
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:13:32 GMT
server
nginx
etag
W/"642e8d3c-15c1d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 23 May 2023 19:59:57 GMT
p1_1-31970.ts
a6.koora.cloud/watch/XyAXEgxzEAkffa-8RshNBA/1684788940/1684789194/1/ Frame 1264 		572 KB
572 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a6.koora.cloud/watch/XyAXEgxzEAkffa-8RshNBA/1684788940/1684789194/1/p1_1-31970.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.84.217.72 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
nginx /
Resource Hash
7bc396cc7c17163147cf37f58b76b16c7524d6f473203e48020f159487ea25a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 19:59:57 GMT
Last-Modified
Mon, 22 May 2023 19:59:45 GMT
Server
nginx
ETag
"646bc9b1-8eee0"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
585440
activeview
pagead2.googlesyndication.com/pcs/ Frame F5FE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBzztgQDTmndhF2SM38AU4pAuJCuy5T9McYTHUR-nyi_QrhZ7leJ0plN8pqBh5vgOOiYHYTEZPHZ3aFGDmK1Z1nzI&sig=Cg0ArKJSzOe3CGA7vc_kEAE&id=lidar2&mcvt=1000&p=30,272,248,533.5&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3368116147&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684785594682&rpt=1330&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F5FE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZv3TRKiqkJ429pWfzZxDtlMMkDpwmi1BGmRe3TsuvfnpQgBVzJVUVbA4q47hEzPiU-CQEp_x02fuacwv3Hn5sJz8&sig=Cg0ArKJSzC_yAlOyER18EAE&id=lidar2&mcvt=1005&p=710,263,928,524.5&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3368116147&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684785594682&rpt=1326&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 80A3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZMtazMUIIFLJVOdDdgGjkLB7ewqREzkl8JRNbj4T5HAF1Ad0DRkKwdNd2P9qF2XNg6UssVXoEJ-3HGXXugDL8mDA&sig=Cg0ArKJSzMNDbTJMAH9aEAE&id=lidar2&mcvt=1007&p=0,0,250,970&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3878595579&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684785595551&rpt=503&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame BA83 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=ZBoOTfXNZth55iqQPtIxJMa4DtWV9lP8QZiu-WRCCcY5cTPd7RIVg8RVHhKgNLxxdiR80C8mX_uahiBks7480jOhLGQUbTqL6Gly570w4LCqTpuBdrrXO6Z1W8EYnHHKxyd_sUMy8XXE59xuqu5L1Bojk8KeejW12l7gODGFrZe8yofWsuPw_gRtnL54jR1zlRnYNaDY_DM5V_JlEjtrYr-POVH_vxm0Q0qs2PVkZ7Fj0A7UZiy6C--xEraqkotA_7jslw&sds=2&rev=86437&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGvJugAPG0IK5UFhAA0Cg77PzOa8Mx6RDkG6oQ&u=%7CPGctIPx%2BGtEQWYV32X7c0JUbCul4VJ8S65A80%2B6xiIc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4de_avzMTZocx0wFoOLS-9l59lwraN85AwASH-J7Ri_iUblhavnIKdtLdQPrLG_si49RCoMep427cUbL8g_d1TNZSZcMij4Pyjob1Y-yoTIusiDVeVgGBgKLcVrPbaNxHU73I173pjn581l2wxgPP7V28w_2-jkqgO3ZdssgcIAV1vwHIp0wGnlgdfKIJ0Cq6aXYG9dqrY-Hgq2KWBHKpAkBBrsg-BEmgK_8ErBpHqUp2RQ8Vb1xtYVPL9UZRqgsGoArTdTuJRsUVO01iFsAAtBKCTi2hBfqbVGJt_AS0p0GTjjwhkj1-A-m18MmX7QR78RzEBFItAXTtbsGVwkpWvZ9zi8Y4SmRp1LvWRbgYuRYd08LsWYe-xYaVuuiWB3VsFmAZLtlR-4ijuzZsLcay5MA6pQZhVhklOV-9XcGTmvktNEwWaWu8KUjUn-AvddHKBiKzENzT3FlF9NbN7v85oagimydbs8v02rvyLMa2O9DYmPCfnJ37mFLAmLXEXcuBnBwQ4BVLU5s0w32VT-F7K-hd0aXDf3ySUEGf4CouN_0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCACs7uslrZMK2POGClQeDhbSQA8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakCdJ4eODUjsj7gAgCoAwGqBNECT9AoYpZnAuOdbXbeJqlzZJj80qpcvah8UWnm64JcAMo3H0bothnEMXZvU6ynNYvvQoNJcCMWOGmLLwF2G_BR0F1MOlBcm4u3Iqknzp_nrl72EnASRntW_aV3u0OVZ40BTPoSuslJZzmKom0QnV0eStLzpIZXbQGeyg1U0dpX69jz9aIdPuqZwKQXjNaOiroVflZcON5L2STq5ubvVpdrvCKbLpmbmO9BygEmFmyPgR6gTlJskfzFCxM7Nmq_T1r1vCOHKDKj7Whjz7bRqYTjvPR8mXzJsXd6wvyjmJoh7aa77PUV44UMCHyT2dntPkYIFXjY-D_yKxZeeteIpKNUWa9GLHk4YXEfxLm4eiEGBZ6dRtGbxQQgmge08vk_Ml1DOFJQY-uM5uiedfcilV3wry5TiH54KOmjJBhArgttpZ2OyVvpl_2Lv-zbAosfYsEN5uAEAYAG7Oilpufy97mNAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0dajZiZohqjyyiYinbTaZNMRiACA%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 22 May 2023 19:59:56 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
csi
csi.gstatic.com/ Frame 8F58 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lhz9udb9&c=5252556666727&slotId=2626278333363.5&qqid=CNjh_rbbif8CFZnEuwgdgMILPA&fb=outstream-lima&gpm_i=1&gpm_c=1&gpm_a=1&smb=1000&mt=video%2Fmp4&vs=720x406&msm=1&aits=0&webm=0&vp9=0&vamt=video%2Fmp4&hvmf=false&vms=1&bit=0&met.4=arp_a_e.tw&umsem=0&ape=1&ple=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:57 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C3AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuajXi9R0BlD8JIUQH-Vxg5vqVgeIeaVHYl_uSWv4kHgsatOann7P0U5lditQzG2Z3ggKOTFjob_zB3fhNeN4D6UMCoO5kWi7EtABBP4oaTMh2YRtdWCravWLjAjzha0RexUok1_FF8POT1UZDR-gAEqSW3pSxeNCPaRCYgH9hg-2w9CI-I7tdNVi6bj6GfHB4myAUIqCFXCEnBth-hvyOxnDtMIKumE2HC3nkph2sS-bWpfC5RAeFMXNU8nZ0RVprNo5ZVRTv2wt1k2na2DekeVHhtA4_v1cQRSY1LABv7ahJLBd8B0bp7lNgpuX4Msa2aGjh8Ykl9guxw&sai=AMfl-YTG5AbQPeRQVygKeFUBVHwb4I627KL9Wu2tb1FGHJdfpoCxaf2g2dKPohifVcYJw1zR_xkYdwZLWUEE0ALuozW_I3WEeg4wPS9A1xygbyJ3MTgwQ12useuaeXLF3uM&sig=Cg0ArKJSzLMh2FscVkIbEAE&uach_m=[UACH]&adurl=
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame C3AB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 13:43:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
22559
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Jun 2023 13:43:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C3AB 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 19:59:57 GMT
9435626213016058057
tpc.googlesyndication.com/simgad/ Frame C3AB 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9435626213016058057
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87908b945abe19921ae8b3f2029a593d083cd298f67b6bebddc6a849cc7ad784
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 13:00:00 GMT
x-content-type-options
nosniff
age
197997
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72379
x-xss-protection
0
last-modified
Tue, 02 May 2023 08:46:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 19 May 2024 13:00:00 GMT
l
www.google.com/ads/measurement/ Frame C3AB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRrIZNr7rtRBrWl2rgLMYBfK2tKS1SQz794aS5Lisrfe2FfGmnWQh8V9pTD2CtqCMBQC01_JiNDxj3Lxavnr49Rj1yu5Q
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
truncated
/ Frame C3AB 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bd8d84806bfb785f052b945d6d9108ddc9ea68056d868839085585de61adf5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame C3AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFQYeS0iklvRLxqplwDQBnEQDWrnE2apaU6fxEpRZJ2YcGT7xe2OsIWZKA7oAJ6RQ1ap6TTr3_eD-lGnWgpnFQvah1POrLBYnuBsegd4KJTPMXBxIOvXgcnaBiGUd2UV8m8NHoh37zt0bknWIf46bc3tojTmE-AJt7EtgKMG2S6SJ_Y4qSnu4HqhL8bWIvEYbgzWQFw5ZiJX6mB3FGxuOFLAMdD_neB1vtuC5x7nCn_xZOlP-y186eokaPJSeYW_4I7tH54YLdmeO-PNljuw6oPX-PsrYf_sF9gho9kbQXCEbFt9oa5S2fI3XijRQvak7XDo0MutGy_OucGgg&sai=AMfl-YTyPLQ2h1KADVAiRELJ7MBFo07AywnwPAQdj4OhqYVXqVV4rDDtO7lZg9gZXs7r-yt-m6V8Hml5a9AKF35zXPaDrznyTnZfRPD-RQY09KknxSSOMpIG6GqFL9Isiew&sig=Cg0ArKJSzLte09jq9C9TEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 19:59:57 GMT
prebid
mp.4dex.io/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:58 GMT
x-err
Parsing the Prebid Request. org/site not found
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7cb7a4862992365f-FRA
expires
0
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid
ap.lijit.com/rtb/ 		24 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.4
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
6706993262e50363f4adb4653f611e5a0b7d15103d8693148f4dab29d7b6f0e5

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 19:59:58 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=53935298080
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
9e5490e7625546fa27f18da099f7700f9e7a7fccc49682425724706ab44e3a72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 May 2023 19:59:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yalla-shoots.tv
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1627
c
prebid.a-mo.net/a/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Mon, 22 May 2023 19:59:58 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
p1_1.m3u8
a6.koora.cloud/watch/XyAXEgxzEAkffa-8RshNBA/1684788940/1684789194/1/ Frame 1264 		431 B
786 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a6.koora.cloud/watch/XyAXEgxzEAkffa-8RshNBA/1684788940/1684789194/1/p1_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.84.217.72 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
nginx /
Resource Hash
00d0e654c6beafa45e24a2254311049aaed01b9b76970005f74e8334dcf6829e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 19:59:58 GMT
Last-Modified
Mon, 22 May 2023 19:59:58 GMT
Server
nginx
ETag
"646bc9be-1af"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
431
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fyalla-shoots.tv%2F&domain=yalla-shoots.tv&bundle=tYTwGl9Md0pTS3RqRlo3aUQzWDhOc3J2RlRkQjFnZkhtZ3d4SSUyQnA5c3JMdklZQVB3a1ZuUG5qSjd0UXduSTFuMk5LVjdsdmNKTTc1VnRDbkxOeTN4U1g3JTJCJTJCOGR1T0RuWFBhdU5ud3EydjNvZXM1ZVhQSkNFbTNUZFJVVzZra2p1UjlUblhjWnhJRFlSS2dMdWhHcDVPYTlvTUElM0QlM0Q&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://yalla-shoots.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 22 May 2023 19:59:57 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
310183
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fyalla-shoots.tv%2F&domain=yalla-shoots.tv&bundle=tYTwGl9Md0pTS3RqRlo3aUQzWDhOc3J2RlRkQjFnZkhtZ3d4SSUyQnA5c3JMdklZQVB3a1ZuUG5qSjd0UXduSTFuMk5LVjdsdmNKTTc1VnRDbkxOeTN4U1g3JTJCJTJCOGR1T0RuWFBhdU5ud3EydjNvZXM1ZVhQSkNFbTNUZFJVVzZra2p1UjlUblhjWnhJRFlSS2dMdWhHcDVPYTlvTUElM0QlM0Q&cw=1&pbt=1&lsw=1
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:58 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
323448
expires
0
prebid
id5-sync.com/api/config/ 		135 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://yalla-shoots.tv
date
Mon, 22 May 2023 19:59:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
/
onetag-sys.com/usync/ Frame 8E04 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1684785595177
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame ED53 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1684785596499&gdpr=0
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
a273fdef96db190ef7c8714554c160344c3fb15fedefd2032894a864b6bc6846
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://yalla-shoots.tv
date
Mon, 22 May 2023 19:59:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
692.json
id5-sync.com/g/v2/ 		241 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
bb06e1f25d1922f0f21b8fa99e782e5be1d46d08e5b8d990cf27213676b0f3a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://yalla-shoots.tv
date
Mon, 22 May 2023 19:59:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		384 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2722881580573987&correlator=806430345170624&eid=31074405%2C31074401%2C31068367%2C44714449&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=160x600&ifi=25&adks=1618554462&didk=3685384028&sfv=1-0-40&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-1684785598390-0%26hb_r_id%3D2715feebab2ab2dd%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_adid%3D27944692eb19020e%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10998%252F868311%252Fnewcastle-united-vs-leicester-city%252F&sc=1&cookie=ID%3Dc66d114f1273d4f8%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MZVcJ94Ds4K_u38iiuvSwi73-sJFA&gpic=UID%3D00000c1a0e5bb6dd%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MYKup8v-qLKvlDZnqwv2_drj7FhEw&abxe=1&dt=1684785598507&lmt=1684785543&dlt=1684785593460&idt=494&adxs=-160&adys=910&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=p&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=640&ohw=0&psts=ABHeCvhf-NaeTP1DkUNl_6AFk6cAAWDpJOZKMQzNx-2VXvjYUuO-XG7cce6x2LBi7OoU_0imv1AYixZbQMo2mS8HOoIxOSo%2CABHeCvh0cr9x0WC-iwFkPMUIBsQ3q1LfIai7H9If2uJ5yqRqVzcBoy6Q9pNGjf_oy4pTwhguheJDAw1048Pd9jYj2VNqetg%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvik0gqhbZ_h4mArbDkwuYWjLrmuDhtodAoNrBvm-c2clgk-bsZq4Fj67ZRv2dBtOV2SM-KsiMrtly4sbX17IzHdT-c%2CABHeCvhaW4Q43qWDLKGO1X4qQY5_v7o_GODX-Tkh2fxqSj2UPW2wjuT_h7uyskvszKxEd0V8Mn-Ul_wmRdxJ4lRIh9HvpqM%2CABHeCvjLCROKZoX4MSz24_4QjpTzmFjd-TnWKJZ7kMa7uFCLsp-lih50KDJN7Wb3Nvzm1RHIRtaSUwoa323EG62-Bv5wMUg%2CABHeCvig24Zkj1AIPQyQ-kKg7TC_FLGn077xuPS9pOj8DzEr65YM1ArdGE8LVXgK9jbKbMtkoPUL9qv0_tnxMYuSUXPODWo%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvgi7T38ipNuAuaoC3S71LSIt2U53GfdX_lyqjgYDUwT%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=579155913.1684785594&ga_sid=1684785594&ga_hid=1322753345&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlf2vqIQxSABSAghkEhkKCnB1YmNpZC5vcmcY7P2vqIQxSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqak5aa1dHL0dZa29KNjRuaFZPZlRvS3hoUmpUMnVwaGpOaUlSemVRbTdabmNpQ2xTRG5DaHFtNzUzWERyQzV2d0Z4YjBRcWNRZ1dNdmdkSDlvbzdjZG5VazBJa2djNzE2ZDFSaExKTDUrenJGRlFicmk2V2UvMXJtSFdTeDZIRXh0MDJ1OTkvaEhBeU1CY1Q0bWZ4QUZsMlBid3FNVUZhT2ExbHU4aUk5WDF0bnBTVG8vb3pOaWUwRGlpMmNjYWhUd1E9PRiV_6-ohDFIABIdCg5lc3AuY3JpdGVvLmNvbRiV_a-ohDFIAFICCGQSGQoKdWlkYXBpLmNvbRiV_a-ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMH-r6iEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9043aa29dd985e4bb11527f3cc211483314139728600100b68870e32621d6eee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:59:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C3AB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8Xtq3bAqVguAOTmcXahUZX7CpVaSWezrIOl_nX_YIVda0QaglurvpPzUVCeUSVn-5IwHH3Zo6m_BMv5aF6SQc1PI53bLgYiZ4_byE9IBxteGqZVK5&sig=Cg0ArKJSzGEKjIDC7BQdEAE&id=lidar2&mcvt=1000&p=647,1038,897,1338&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1041763575&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684785597811&rpt=61&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 19:59:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
multitracking
ghb.aplhb.adipolo.com/adunit/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19499/hbw_master_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://yalla-shoots.tv
Date
Mon, 22 May 2023 19:59:59 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
p1_1.m3u8
a6.koora.cloud/watch/XyAXEgxzEAkffa-8RshNBA/1684788940/1684789194/1/ Frame 1264 		431 B
786 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a6.koora.cloud/watch/XyAXEgxzEAkffa-8RshNBA/1684788940/1684789194/1/p1_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.84.217.72 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
nginx /
Resource Hash
00d0e654c6beafa45e24a2254311049aaed01b9b76970005f74e8334dcf6829e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 20:00:00 GMT
Last-Modified
Mon, 22 May 2023 19:59:58 GMT
Server
nginx
ETag
"646bc9be-1af"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
431
prebid
mp.4dex.io/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 20:00:01 GMT
x-err
Parsing the Prebid Request. org/site not found
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7cb7a4975b2d365f-FRA
expires
0
c
prebid.a-mo.net/a/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Mon, 22 May 2023 20:00:00 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=65528064733
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
1dfa1ed221957add572359c84b0f199fd119edda5ef3fdc5ee721f9f32c447ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 May 2023 20:00:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yalla-shoots.tv
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1642
bid
ap.lijit.com/rtb/ 		25 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.4
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467995/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
c3725edfb3655f5bccc8a736f0fc8a99280d16f0e685f126679c3117b6af98bd

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 20:00:01 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:00:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:00:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		384 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2722881580573987&correlator=2338947647537714&eid=31074405%2C31074401%2C31068367%2C44714449&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=160x600&ifi=26&adks=621106401&didk=233879154&sfv=1-0-40&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-1684785601138-0%26hb_r_id%3D2965a3e910e89545%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_adid%3D305858a288b5f677%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10998%252F868311%252Fnewcastle-united-vs-leicester-city%252F&sc=1&cookie=ID%3Dc66d114f1273d4f8%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MZVcJ94Ds4K_u38iiuvSwi73-sJFA&gpic=UID%3D00000c1a0e5bb6dd%3AT%3D1684785594%3ART%3D1684785594%3AS%3DALNI_MYKup8v-qLKvlDZnqwv2_drj7FhEw&abxe=1&dt=1684785601264&lmt=1684785543&dlt=1684785593460&idt=494&adxs=-160&adys=1510&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=q&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10998%2F868311%2Fnewcastle-united-vs-leicester-city%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=640&ohw=0&psts=ABHeCvhf-NaeTP1DkUNl_6AFk6cAAWDpJOZKMQzNx-2VXvjYUuO-XG7cce6x2LBi7OoU_0imv1AYixZbQMo2mS8HOoIxOSo%2CABHeCvh0cr9x0WC-iwFkPMUIBsQ3q1LfIai7H9If2uJ5yqRqVzcBoy6Q9pNGjf_oy4pTwhguheJDAw1048Pd9jYj2VNqetg%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvik0gqhbZ_h4mArbDkwuYWjLrmuDhtodAoNrBvm-c2clgk-bsZq4Fj67ZRv2dBtOV2SM-KsiMrtly4sbX17IzHdT-c%2CABHeCvhaW4Q43qWDLKGO1X4qQY5_v7o_GODX-Tkh2fxqSj2UPW2wjuT_h7uyskvszKxEd0V8Mn-Ul_wmRdxJ4lRIh9HvpqM%2CABHeCvjLCROKZoX4MSz24_4QjpTzmFjd-TnWKJZ7kMa7uFCLsp-lih50KDJN7Wb3Nvzm1RHIRtaSUwoa323EG62-Bv5wMUg%2CABHeCvig24Zkj1AIPQyQ-kKg7TC_FLGn077xuPS9pOj8DzEr65YM1ArdGE8LVXgK9jbKbMtkoPUL9qv0_tnxMYuSUXPODWo%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvgi7T38ipNuAuaoC3S71LSIt2U53GfdX_lyqjgYDUwT%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=579155913.1684785594&ga_sid=1684785594&ga_hid=1322753345&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlf2vqIQxSABSAghkEhkKCnB1YmNpZC5vcmcY7P2vqIQxSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqak5aa1dHL0dZa29KNjRuaFZPZlRvS3hoUmpUMnVwaGpOaUlSemVRbTdabmNpQ2xTRG5DaHFtNzUzWERyQzV2d0Z4YjBRcWNRZ1dNdmdkSDlvbzdjZG5VazBJa2djNzE2ZDFSaExKTDUrenJGRlFicmk2V2UvMXJtSFdTeDZIRXh0MDJ1OTkvaEhBeU1CY1Q0bWZ4QUZsMlBid3FNVUZhT2ExbHU4aUk5WDF0bnBTVG8vb3pOaWUwRGlpMmNjYWhUd1E9PRiV_6-ohDFIABIdCg5lc3AuY3JpdGVvLmNvbRiV_a-ohDFIAFICCGQSGQoKdWlkYXBpLmNvbRiV_a-ohDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMH-r6iEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb383f13e2431eef21b89fa3131d62374fbb1999fd31b258eac9b4d2eb77f42a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:00:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
multitracking
ghb.aplhb.adipolo.com/adunit/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19499/hbw_master_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://yalla-shoots.tv
Date
Mon, 22 May 2023 20:00:02 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
p1_1.m3u8
a6.koora.cloud/watch/XyAXEgxzEAkffa-8RshNBA/1684788940/1684789194/1/ Frame 1264 		431 B
786 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a6.koora.cloud/watch/XyAXEgxzEAkffa-8RshNBA/1684788940/1684789194/1/p1_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.84.217.72 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
nginx /
Resource Hash
00d0e654c6beafa45e24a2254311049aaed01b9b76970005f74e8334dcf6829e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 20:00:02 GMT
Last-Modified
Mon, 22 May 2023 19:59:58 GMT
Server
nginx
ETag
"646bc9be-1af"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
431
p1_1.m3u8
a6.koora.cloud/watch/XyAXEgxzEAkffa-8RshNBA/1684788940/1684789194/1/ Frame 1264 		431 B
786 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a6.koora.cloud/watch/XyAXEgxzEAkffa-8RshNBA/1684788940/1684789194/1/p1_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.84.217.72 Valencia, Spain, ASN212411 (MYWEB, BZ),
Reverse DNS
Software
nginx /
Resource Hash
00d0e654c6beafa45e24a2254311049aaed01b9b76970005f74e8334dcf6829e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 20:00:02 GMT
Last-Modified
Mon, 22 May 2023 19:59:58 GMT
Server
nginx
ETag
"646bc9be-1af"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
431

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 boolean| credentialless object| __cfQR string| demandSupplySc string| demandSupplyCr number| demandSupplySr object| houseAdCampaigns string| demandSupplyTi object| demandSupplyTc object| demandSupplyTcI number| demandSupplyPDI number| demandSupplyDFSS object| demandSupply object| googletag object| zg object| dspbjs string| demandSupplyFS object| _app object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| signal_decrypted object| pbjs function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| __uid2SecureSignalProvider object| __uid2 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_135 object| Criteo object| Criteo_identitytag_135 function| setImmediate function| clearImmediate string| currentUrl string| mainURL function| _0x480a function| _0x47df function| decrypt function| $ function| jQuery function| removeCustomBanner undefined| customBannerCountdownInterval number| p object| matche string| u_key string| k_url function| update_frame function| _0x17035d function| _0x1bbb function| _0x144026 function| _0x516788 object| divChannels object| rowChannel function| _0xef9dd0 function| _0x12aaab object| channels function| _0x599d function| _0x19cc99 object| channel0 object| aniplayerPos function| rdmode function| HqyLazyload function| gtag object| dataLayer boolean| __cfRLUnblockHandlers object| google_tag_manager object| gptAdSlots undefined| interstitialSlot undefined| staticSlot object| anchorSlot object| vmpbjs object| vpb object| adipolo string| GoogleAnalyticsObject function| ga object| GoogleGcLKhOms object| gaplugins object| gaData object| com function| _avcp object| vmpbjsChunk object| ADAGIO object| sas object| apntag object| _ADAGIO object| ONFOCUS object| google_image_requests

37 Cookies

Domain/Path Name / Value
live.demand.supply/ Name: demandSupplyTi
Value: 02dbc854-67e2-4bf7-98a2-63650bf48fab
.demand.supply/ Name: __cf_bm
Value: qrT.c6BYXRvNF1Cnag.pqPdqhQP0Vv8dNqJ1QkyTeSU-1684785593-0-AceP5OcGEPTL0pW3Hhe5UZulYBUy1xAqbRoRQcLlVIS00KtAc7ZYG0Q3o/1XFaB2BuhNIs4MNv8i/qHacH49hxs=
.criteo.com/ Name: uid
Value: a887f5de-42e0-4a96-b0b7-d4a5c845e17c
.yalla-shoots.tv/ Name: cto_bundle
Value: tYTwGl9Md0pTS3RqRlo3aUQzWDhOc3J2RlRkQjFnZkhtZ3d4SSUyQnA5c3JMdklZQVB3a1ZuUG5qSjd0UXduSTFuMk5LVjdsdmNKTTc1VnRDbkxOeTN4U1g3JTJCJTJCOGR1T0RuWFBhdU5ud3EydjNvZXM1ZVhQSkNFbTNUZFJVVzZra2p1UjlUblhjWnhJRFlSS2dMdWhHcDVPYTlvTUElM0QlM0Q
.yalla-shoots.tv/ Name: _ga
Value: GA1.2.579155913.1684785594
.yalla-shoots.tv/ Name: _gid
Value: GA1.2.107291816.1684785595
.yalla-shoots.tv/ Name: _gat_gtag_UA_230085360_1
Value: 1
.yalla-shoots.tv/ Name: __gads
Value: ID=c66d114f1273d4f8:T=1684785594:RT=1684785594:S=ALNI_MZVcJ94Ds4K_u38iiuvSwi73-sJFA
.yalla-shoots.tv/ Name: __gpi
Value: UID=00000c1a0e5bb6dd:T=1684785594:RT=1684785594:S=ALNI_MYKup8v-qLKvlDZnqwv2_drj7FhEw
.doubleclick.net/ Name: IDE
Value: AHWqTUnuvdsZquN7gFu6yQiJe8PP3pjtm6zfisyEXPJMkd6rx-LHK3LjM9lUZ8gM12A
yalla-shoots.tv/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.yalla-shoots.tv/ Name: _pubcid
Value: 022136db-37df-4fe9-b78b-bd613ecc1300
.de17a.com/ Name: guid
Value: 1.3648242883583501553
.adform.net/ Name: C
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBLvJa2QCEMncfQogzBkefGMbu4neWVwFEgEBAQEbbWR1ZAAAAAAA_eMAAA&S=AQAAAtpZGyCgs9dxi2A0uvp2enc
.lijit.com/ Name: ljt_reader
Value: GsJPqBZHxMC6eVg7SFS0w3Dt
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-74d311a8-76bc-4b36-9fa5-418158ed1cca-003%22%7D
.simpli.fi/ Name: suid
Value: A6418807CFD541109B096C1CE74B826C
.adform.net/ Name: uid
Value: 3540972444154361502
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-74d311a8-76bc-4b36-9fa5-418158ed1cca-003%22%7D
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.quantserve.com/ Name: d
Value: EDcBCQGGKYEA
.quantserve.com/ Name: mc
Value: 646bc9bc-09505-f086d-32ddb
.mathtag.com/ Name: uuid
Value: 36c8646b-c9bb-4d00-8d47-fd7407b3146a
.mathtag.com/ Name: mt_mop
Value: 4:1684785595
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjE3MLAwMjQ2NLMwMjExNTA1MRTiM9QtMsr1K80s8isuCwoHAI3sdEolAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA12dUsxjCz1y9ctKc-zzKgyDspNLDFONwAA06QIHx4AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjE3MLAwMjQ2NLMwMjExNTA1MRTiM9QtMsr1K80s8isuCwoHAI3sdEolAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA12dUsxjCz1y9ctKc-zzKgyDspNLDFONwjiNTSzMDG3MDW1NDMwM3nFiMoHADDvk7I9AAAA
.go.sonobi.com/ Name: HAPLB8S
Value: s8596|ZGvJv
.tribalfusion.com/ Name: ANON_ID
Value: ahnsIHm5ab6AyuoCUkE1vWASbjBx1I3iZcWSHTbZadotwvfx2rpoWorpbi8L4eKVtsknHyKQP9FMytZbrJFr7mn2Pog
.adsby.bidtheatre.com/ Name: __kuid
Value: fd87bb1e-35b2-4281-96c2-e52542a138f8.453999597

11 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: microphone, camera, geolocation. Values defined in Permissions-Policy header will be used.
other warning URL: https://yalla-shoots.tv/live/10998/868311/newcastle-united-vs-leicester-city/(Line 412)
Message:
<link rel=preload> must have a valid `as` value
network error URL: https://dalbouh.xyz/api/matche?t=1684785543
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: microphone, camera, geolocation. Values defined in Permissions-Policy header will be used.
other warning
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0882a58f77de92a0649cbac718619fa7.safeframe.googlesyndication.com
a.rfihub.com
a.tribalfusion.com
a6.koora.cloud
adipolo.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
ap.lijit.com
bcp.crwdcntrl.net
bidder.criteo.com
c1.adform.net
cat.fr3.eu.criteo.com
cat.nl3.eu.criteo.com
cc.adingo.jp
cdn-adipolo.urekamedia.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
csm.eu.criteo.net
d5p.de17a.com
dalbouh.xyz
dclk-match.dotomi.com
esp.rtbhouse.com
feed.avplayer.com
fonts.googleapis.com
fonts.gstatic.com
ghb.aplhb.adipolo.com
gum.criteo.com
id5-sync.com
imageproxy.eu.criteo.net
imasdk.googleapis.com
invstatic101.creativecdn.com
jscdn.greeter.me
lb.eu-1-id5-sync.com
live.demand.supply
live.shoot-yalla.tv
lives.shoot-yalla.tv
match.adsby.bidtheatre.com
mp.4dex.io
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
player.adtelligent.com
player.aplhb.adipolo.com
player.avplayer.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
pro.ip-api.com
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
s.ad.smaato.net
s.tribalfusion.com
script.4dex.io
securepubads.g.doubleclick.net
servt.modoro360.com
static.criteo.net
storage.de.cloud.ovh.net
sync.1rx.io
sync.go.sonobi.com
sync.inmobi.com
sync.mathtag.com
sync.targeting.unrulymedia.com
tags.crwdcntrl.net
tg1.modoro360.com
tpc.googlesyndication.com
um.simpli.fi
us.web3-lab.com
web-api.scorarab.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
yalla-shoots.tv
104.21.233.171
104.21.235.80
134.122.57.34
141.95.33.111
142.250.185.226
145.239.139.16
147.75.84.158
162.19.138.118
172.67.141.250
178.250.1.6
178.250.7.13
178.250.7.9
18.180.74.73
185.29.132.241
188.114.96.3
193.0.160.131
20.127.253.7
205.185.216.42
213.155.156.185
213.19.147.44
216.239.32.3
216.52.2.6
2600:9000:211e:1200:1b:5138:8a40:93a1
2600:9000:2250:4400:a:e047:753:be1
2606:4700:10::6816:3556
2606:4700:20::681a:9a9
2606:4700::6810:8516
2606:4700::6812:18ad
2606:4700::6812:272
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:803::2004
2a00:1450:4001:809::2001
2a00:1450:4001:809::2003
2a00:1450:4001:809::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:3::c
2a02:2638:d::13
2a02:2638:d::a
2a02:2638:d::c
2a02:26f0:3500:c::5c7b:682a
2a02:6ea0:c700::10
2a04:4e42::485
2a05:d018:d29:3601:ec79:c227:a0d8:f76e
2a06:98c1:3120::3
2a06:98c1:3121::3
2a0c:5c81:5142::2
34.192.176.230
34.91.62.186
34.96.70.87
35.190.39.111
37.157.6.233
45.133.44.3
45.84.217.72
51.77.64.70
51.89.9.251
54.154.67.141
65.9.66.68
69.16.175.10
69.16.175.42
69.166.1.12
69.173.144.165
89.207.16.201
00d0e654c6beafa45e24a2254311049aaed01b9b76970005f74e8334dcf6829e
01db5a212ba5e8b91f2e270e732b2ab3734ae23ae531eec7802059e2af7f2f23
034758e6f2334011605373850cfc2f12a0fdde54278c8cdfa050f23c4cc9c878
067e4d1deda75194b90d9417e8d5298dc01e66fbee4173c4249f168d82645b51
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0838cd9c7f7e4553dbc6c4a0392165794f64e930eaa5278b0cda7182fc46618b
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0cf0d7417b104997b74b0704a0ad6195997fa1a168a749ef026f299dd1dbb373
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
15c00d52ad6c5e05310ac52521820021974a682bb36fc5a6690d46ea003a263b
169aac0703d536d967e93f2100881b77e51a6b2823995dd0d9c61f30b38ad90f
16ca0e8d4d895d76d015c2012050b66aa757cf1ea73bcf011c4aab292b6e842f
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
1a1f8c073190935aad0a6386e5a795bf8de366a75f8f26950f6bee6e7c564690
1dfa1ed221957add572359c84b0f199fd119edda5ef3fdc5ee721f9f32c447ae
2123644f768ff687cf44fc2d1ea0e1b89dc2d38e6005857aa1947ac316a62f0b
2af9094750e977f16217fb0a7f3aacfb7c395760d8465703c0daf9c5f3d24b75
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c
2b2df3739ad9771d92073eb7be78b4e199acaf8ca2c94eba90d21050e886edf2
2ca2ecb6061086aeb90f6e21ba6a8a71ead177244a295f7502e5e95eab62c0e9
2ce9a4b8cfbc74ade210dffb43e3956669663d73e48f847b7f0f02ebe28a5181
2d8066657064e86b4001d77e4e086a8c8c9bc03f905045c0ae8ff51e48db5dfd
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e276654b456812c5ba8dfb62f365e0c9efbd88b93b4040be0963ae5405adfeb
2fbdc7885087f0d5ae6543c7ac88a88b5e9c08271fd8b2ebaf9cff3259ebf677
2fc194c6bf65df7e6f2bceb5eccf395b368e6cc7a803429ad8086240c5c69fc6
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35cf75de5d617b7a8e395dc30579c7245e3001a2b8227d55f3d3ddc2e773741d
3790ed75687a3b6c3d71bcf4bd62c99f82a3dd738ae4b6b2639bd36e4f6bca29
38354e6a0119fe113356e1506a115ca148a6b9ea22cf88136baa9167d6fde794
386ccc9319f8f7ea198bdb6644e6cd73a806351601457923847ae6dbe583edc0
38ba36311cf0c2d97f8ad76c0310f9005631343768d81a382ed3281259d123e6
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3bd0eaf4dc1727aea18802b69673426487f6e4553eeaa5a50cf1215b42090a2e
3e0b94cf96888a314b63218c371f8dbc49113b17436bdc392ec1f5c2a1f52290
42c211fc2691b40582e19d35bc2478c33a3873b7965688e0817798b79f1a82cb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
45dd60aee8728ca8786226233d74694db5f4c0110647c8e48710c49cdd5bdf41
464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
47c3023290e4186ba9c22d742dbbf9977086deba7af71beecdc1057030ccd467
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
4aab10125e53b1860f897120bc96fc3cfd1048fcf31f16aa7322ec9eb953ddff
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
5497aa1141d2340bbe83721acabaa6152f26b9530d7e88c2c37016dc5c964db6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
567663be809ba9debc224878e9f74c079942b7c4de158a18578e4c61d509ecc0
5ffdc3ac4306a19c995a12935fcbebddba0d65dce9680443e84fb04541cf43f3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
662981d7014cb44591cc12b34a726afdcf4c16316924ec84c271e38cc20da78c
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6706993262e50363f4adb4653f611e5a0b7d15103d8693148f4dab29d7b6f0e5
677479b38b953fb5bf0de894444a188b45d659281d720350ec653013234c6720
67f360fe8d804dfad092d76d7b17348d886cbe73302b099a92d8876162faba74
6b5990b68c8ac4a16024919b38f2b62d931ed59566ac9dbe92c82c12ecf19a04
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd6632a78536ac110f45dba520723c75f13dc78865cfa899331df5ab6c472df
6bd8d84806bfb785f052b945d6d9108ddc9ea68056d868839085585de61adf5d
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
766c749ecfb32487eaa65e521cc2c52284eab1c33ac7ee7f356a514b5022aa18
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
7bc396cc7c17163147cf37f58b76b16c7524d6f473203e48020f159487ea25a4
7c58c4debe8dc6c436a804824914fd7ce50c0c10274749d47eeabae3c41cfdab
7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6
8029665c0154234ddf67e798de4c9a5cad358071f988aa1c1f84bbae930ed8cb
81fa12dd9f0fd584798b8b7b78675e07dee991304f525ce78b961aabb3cac62a
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
82fc44d47488df64278445c8fd1f9bbf3b97c98d19d9d4ae4976c7c28840f1d3
83aff343b62898d280d7ded2fdeb9c91629f765f9133ebd7d72aa011bc29cfad
86b7f0d269c16a4cae741fb9371e99202f9ba7df8b525ff813ae9191c990be5b
87908b945abe19921ae8b3f2029a593d083cd298f67b6bebddc6a849cc7ad784
88aa0e2a86b67f0383f72c0c15920d5342b5821c0b3bcc88ce1d71437a0df36f
89f6ce85ea25b3fe5830b6a519b8b8fe5f842185a050dc8397227356024d93b5
8b28181f8f6dea59f91e6ff7f007ebc8e84ef87cbe248a60721a71a4a873af22
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ee327743ca88bb95d1de12d383f6834f568fba609a87144d769a2fcabdf7f23
9043aa29dd985e4bb11527f3cc211483314139728600100b68870e32621d6eee
9322b3a9c02a4482661e3ccc121cf25a085655b12e06bb3a857a6055f12b43de
93f561fc7727d6b2a6ddaad78dc5323706ce711eb9e002ccba56fa63a93d7dae
952f31e484d668c69debec13ba2a3b498cfb8201a72d63fa066296a1a74c844b
95f6128d23e0124cb244523380b0a2d360799c3ffb5c0c60b6bd5193ebb021b4
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
98f98f6a86576bf9f43af401cd6ddda17a124bc0ee441abec887b5cd30cfbfac
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c15848c88db9441afd08f2617a41c56192536bae3b125adb928c1ba9d1b153c
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
9e5490e7625546fa27f18da099f7700f9e7a7fccc49682425724706ab44e3a72
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a273fdef96db190ef7c8714554c160344c3fb15fedefd2032894a864b6bc6846
a31e81b5ee962da98d89c99da3f964c57755440e8b8e0c950b6cf63f4f29b7fa
a31f11e928816c87b61e97071e559129be986ec3a4711aa92dec6de6c88aaff7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8eb7e24873bb65c9b7193534bda15761d8853b24ca4a41d7749360972504141
a9b89fce3091c5241ece531b9f779cdb90d3cd62671d4a9e686ad9aa5341b754
aa4b01cbc12c707853e2320d502633532f1238272c37065afcf009da8839824c
ad0bf921fc00a2498ed6f08ea89b90cbcf42e11982c5958ff8c0793b28b618e7
ae0eddeb2cacbd7d258f7e37826b9af07069db93c4a122095ec2bf2a718e17bb
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1b682cb1fee45d7f80c900aba4d8ddcb18ac1016dcf38ece495801ac65eb14f
b7d25296e7bc6a6bf66da09b1c5ed273d99e3a9fc6d43e46ccb8b358fa13d4e9
b8bf45887c36f2b86282ddb82be321a331550be5c3a87a626053de2db118aeaf
ba3e38cb8858007f1786c9479e6b3f50c949254a363a62739bf9a55a3c704333
bb06e1f25d1922f0f21b8fa99e782e5be1d46d08e5b8d990cf27213676b0f3a3
bbba7c1dc4b2daadd92087365b475adf780943f81166a753c880d8b7f23a703a
bc1ea1b1ba7808dc2cd11a5503deb4de8edf6894ec4d5d542d401891b63b61e0
bc49b8fa6a37ba37475285dfbcb7a73324607a245021a86f84356ea0d3599dce
bd061141929cf1d7afacff7f7f158d3142a1033416744a2a3cd20ebffeb06382
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
beddb893cdfb0c433f36966a89491bfa046fe6f3d5a725355df1079eb22d376b
bf4d8afc1c1682f54a7847d9d3cae84f5ded16a74c52b281c0c1ff950aaee861
bf8da55e8d8b22877e09f4003ea59cf3ea5d20cc88aff5a4e73903801e3250ef
bfb8cf57daf495b41dfcde00091feab4113176b19b367625fc229e6bf2dbe41f
c007ad67659489a71c7ce7cd2e0131508bd7d854e766df0f83df5b6f8b14f0f4
c0308ee320c8fdbdddc9a94170d11a8d724d637acd5f4880d0b6d6883b10832b
c0883f3b1b0e7e616c54632fbdfbe938f3fecb3ce704695073acf41ef89b6030
c3725edfb3655f5bccc8a736f0fc8a99280d16f0e685f126679c3117b6af98bd
c3bed819c4ddf472fef6085e17d59fb812e1a5e96283863a5af22aba01d30761
c5139fa858fdc6e814b180ad9e0eacea17c60f888ac20bbf346219b351afe51c
c583fb4900d7c56ea4bd0543fad2751dddb7820445a5296ff444241bcf7ba734
c73e7fcf76232d28a1760877bd3eccada211feb797fd25ba824df3bac45b46eb
c7e05b68eb47f0167793018bfc04a5fd640d8a9f406b6b2c1892a97f084f6769
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c909c28a92bf7b48807218b7eb333d2e6700bd123064a9625b63e36764ae3d91
cba78783503f962e24d09c78f38add0360021817317c6972d14e37e250b52e3b
cca1caf6a555495b201a19943659aa669f0d97cc34f6e52e5a36e50d1dc6cc05
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdeda8658c3f891c883f5a83c5f2b5e20a18c2fa65658d77a1522fe440b6d0e0
ce00e20b1de71ae06025269109fb0cb9482ba6af1dbc262ba4eda319aaef9229
d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee
d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
da94075abc2b7234e95739a407fa06e2a7f28a4e95eedc47ed0bd63130d447b8
dc3f0dedf77190cce9a89c31f30c90227f499b1a31bf8cb9c5e2a9561b5f8f1f
dd13ec9959b5827e03afaf8886eebde77c2ec5d1ce53303a9980675de969bf9b
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
e2e2ee124a92ca6673a9ce2508260ac228832de36594217daffcbce988758fc5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e579b9f156aeaa618c8ff41fcf1f70630466e4c254d9c64a6890ee9b3426638b
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5c4a9ab1e795b0f499303814c5f200fa5b2199139e648edc17bdff629466991
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5ca67e74a9935ca04b01e7bb9f0e903311f44653d645e8e5447da918b0329ab
f5d362233582656338daed8b7dea3db8d472f1e8d38b2133651064c1477fcbd6
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6b7b8e144513617d397e119706408bd71c4ecd887697f1f9cbc63e34c528db9
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f8aa9a880d6e487e7842722fbaee7c4c914803cef2baf4f92b76167b48df3bad
f94a0b25ed421e6643ca8ae21ccd63cf5630e8db8a3b64f63a669936d068c427
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8
fb383f13e2431eef21b89fa3131d62374fbb1999fd31b258eac9b4d2eb77f42a