urlscan.io logo urlscan.io
SecurityTrails logo

yalla-shoots.tv Open in urlscan Pro
104.21.235.80  Public Scan

Go To Rescan Add Verdict Report
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Submission: On April 25 via manual from TN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 82 IPs in 13 countries across 72 domains to perform 382 HTTP transactions. The main IP is 104.21.235.80, located in and belongs to CLOUDFLARENET, US. The main domain is yalla-shoots.tv. The Cisco Umbrella rank of the primary domain is 867110.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 27th 2023. Valid for: a year.
This is the only time yalla-shoots.tv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 104.21.235.80 13335 (CLOUDFLAR...)
31 2606:4700::68... 13335 (CLOUDFLAR...)
5 205.185.216.42 20446 (STACKPATH...)
2 172.67.141.250 13335 (CLOUDFLAR...)
1 188.114.97.3 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.21.233.172 13335 (CLOUDFLAR...)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
41 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2600:9000:225... 16509 (AMAZON-02)
1 65.9.66.68 16509 (AMAZON-02)
19 2a02:2638:3::3 44788 (ASN-CRITE...)
9 2a00:1450:400... 15169 (GOOGLE)
2 69.16.175.42 20446 (STACKPATH...)
1 3.215.149.208 14618 (AMAZON-AES)
16 2a00:1450:400... 15169 (GOOGLE)
4 45.133.44.4 39572 (ADVANCEDH...)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 35.190.39.111 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 3.248.141.162 16509 (AMAZON-02)
3 162.19.138.117 16276 (OVH)
1 4 2a02:2638:d::d 44788 (ASN-CRITE...)
1 33 2a00:1450:400... 15169 (GOOGLE)
1 178.250.7.13 44788 (ASN-CRITE...)
1 7 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 141.95.4.204 16276 (OVH)
8 2a00:1450:400... 15169 (GOOGLE)
4 2a0c:5c81:514... 55081 (24SHELLS)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 9 51.89.9.253 16276 (OVH)
4 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a02:2638:3::7 44788 (ASN-CRITE...)
4 147.75.84.158 54825 (PACKET)
1 5 216.52.2.30 32475 (SINGLEHOP...)
4 2a00:1450:401... 15169 (GOOGLE)
2 2a02:2638:3::12 44788 (ASN-CRITE...)
13 185.53.89.19 213371 (SQUITTER-...)
2 2a02:2638:d::c 44788 (ASN-CRITE...)
1 51.77.64.70 16276 (OVH)
8 2a02:2638:d::13 44788 (ASN-CRITE...)
1 2600:1901:0:7... 15169 (GOOGLE)
14 2606:4700:20:... 13335 (CLOUDFLAR...)
2 178.250.1.6 44788 (ASN-CRITE...)
1 1 37.157.4.41 198622 (ADFORM)
1 109.232.197.110 50234 (EULERIAN-AS)
1 178.250.7.9 44788 (ASN-CRITE...)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.204.158.49 396982 (GOOGLE-CL...)
2 22 172.217.16.194 15169 (GOOGLE)
1 52.223.40.198 16509 (AMAZON-02)
1 1 31.220.27.134 39572 (ADVANCEDH...)
2 2 64.202.112.159 22075 (AS-OUTBRAIN)
1 1 54.227.251.232 14618 (AMAZON-AES)
2 174.137.133.49 27257 (WEBAIR-IN...)
3 2a02:2638:d::11 44788 (ASN-CRITE...)
1 1 151.101.130.49 54113 (FASTLY)
1 1 35.186.193.173 15169 (GOOGLE)
6 6 18.185.164.153 16509 (AMAZON-02)
2 2 35.210.53.219 19527 (GOOGLE-2)
2 2 185.64.189.115 62713 (AS-PUBMATIC)
1 54.64.201.33 16509 (AMAZON-02)
1 54.93.154.54 16509 (AMAZON-02)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 213.155.156.167 1299 (TWELVE99 ...)
1 185.86.139.104 201081 (SMARTADSE...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 23.210.125.176 16625 (AKAMAI-AS)
1 13.40.91.69 16509 (AMAZON-02)
1 18.66.147.98 16509 (AMAZON-02)
1 99.86.4.52 16509 (AMAZON-02)
1 1 185.29.132.245 30419 (MEDIAMATH...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 35.186.253.211 15169 (GOOGLE)
3 2.19.229.53 16625 (AKAMAI-AS)
1 2.19.229.140 16625 (AKAMAI-AS)
2 18.133.81.67 16509 (AMAZON-02)
1 146.75.122.132 54113 (FASTLY)
1 70.42.32.223 22075 (AS-OUTBRAIN)
1 162.19.138.119 16276 (OVH)
382 82
9    104.21.235.80 (None, )

ASN13335 (CLOUDFLARENET, US)
yalla-shoots.tv
31    2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)
live.demand.supply
5    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
jscdn.greeter.me
2    172.67.141.250 (United States)

ASN13335 (CLOUDFLARENET, US)
web-api.scorarab.com
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
live.shoot-yalla.tv
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    104.21.233.172 (None, )

ASN13335 (CLOUDFLARENET, US)
dalbouh.xyz
1    2a02:26f0:480:25::1726:6216 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
tg1.modoro360.com
41    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
12    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
googleads.g.doubleclick.net
adservice.google.de
5    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    2600:9000:2250:ac00:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net
tags.crwdcntrl.net
19    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
9    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
feed.avplayer.com
player.avplayer.com
1    3.215.149.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-149-208.compute-1.amazonaws.com
servt.modoro360.com
16    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.aplhb.adipolo.com
player.adtelligent.com
9    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
adipolo.com
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    3.248.141.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-141-162.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
3    162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
id5-sync.com
4    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
33    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
7    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
7    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    141.95.4.204 (France)

ASN16276 (OVH, FR)
PTR: ip204.ip-141-95-4.eu
storage.de.cloud.ovh.net
8    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.aplhb.adipolo.com
1    2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn-adipolo.urekamedia.com
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
5    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
4    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
4    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
4    147.75.84.158 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
5    216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
4    2a00:1450:401b:814::2003 (Ireland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
13    185.53.89.19 (Belize)

ASN213371 (SQUITTER-NETWORKS, IN)
a4.koora.cloud
2    2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
8    2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
14    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
2    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
1    37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)
a1.adform.net
1    109.232.197.110 (France)

ASN50234 (EULERIAN-AS, FR)
PTR: ml.eulerian.net
mm.melia.com
1    178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr3.eu.criteo.com
1    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
22    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
cm.g.doubleclick.net
1    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
2    64.202.112.159 (Chicago, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    54.227.251.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-251-232.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
dsp.adkernel.com
3    2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
6    18.185.164.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-164-153.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    54.64.201.33 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-201-33.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
1    54.93.154.54 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-154-54.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
us.web3-lab.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    2a05:d018:d29:3605:bd89:7cdc:b138:f023 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    213.155.156.167 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    23.210.125.176 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-125-176.deploy.static.akamaitechnologies.com
www.awin1.com
1    13.40.91.69 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-40-91-69.eu-west-2.compute.amazonaws.com
track.webgains.com
1    18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net
analytics.webgains.io
1    99.86.4.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-52.fra6.r.cloudfront.net
cdn.track.production.webgains.team
1    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    85.114.159.93 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    2.19.229.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-229-53.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
1    2.19.229.140 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-229-140.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
2    18.133.81.67 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-81-67.eu-west-2.compute.amazonaws.com
api.webgains.io
1    146.75.122.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
1    70.42.32.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
mcdp-nydc1.outbrain.com
1    162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
lb.eu-1-id5-sync.com
Apex Domain
Subdomains		 Transfer
65 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
424 KB
58 googlesyndication.com
359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
287 KB
31 demand.supply
live.demand.supply — Cisco Umbrella Rank: 32910
43 KB
30 criteo.net
static.criteo.net — Cisco Umbrella Rank: 763
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9652
csm.eu.criteo.net — Cisco Umbrella Rank: 6433
2 MB
17 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
141 KB
17 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 442
mug.criteo.com — Cisco Umbrella Rank: 1686
bidder.criteo.com — Cisco Umbrella Rank: 803
ads.eu.criteo.com — Cisco Umbrella Rank: 6413
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 13760
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 8248
cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 7993
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 12727
81 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 23943
ad4m.at — Cisco Umbrella Rank: 9478
assets.ad4m.at — Cisco Umbrella Rank: 31150
547 KB
13 koora.cloud
a4.koora.cloud — Cisco Umbrella Rank: 378356
2 MB
13 google.com
adservice.google.com — Cisco Umbrella Rank: 130
www.google.com — Cisco Umbrella Rank: 16
2 KB
9 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1124
2 KB
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
imasdk.googleapis.com — Cisco Umbrella Rank: 520
138 KB
9 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 238
414 KB
9 yalla-shoots.tv
yalla-shoots.tv — Cisco Umbrella Rank: 867110
241 KB
8 adipolo.com
player.aplhb.adipolo.com — Cisco Umbrella Rank: 59541
adipolo.com — Cisco Umbrella Rank: 54300
ghb.aplhb.adipolo.com — Cisco Umbrella Rank: 67078
128 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 427
3 KB
6 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2474
mp.4dex.io — Cisco Umbrella Rank: 2960
25 KB
6 google.de
adservice.google.de — Cisco Umbrella Rank: 5261
1 KB
5 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1744
widget-pixels.outbrain.com — Cisco Umbrella Rank: 3937
odb.outbrain.com — Cisco Umbrella Rank: 3817
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 6839
76 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 883
3 KB
5 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 474
194 KB
5 greeter.me
jscdn.greeter.me — Cisco Umbrella Rank: 71370
19 KB
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1379
296 B
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1319
id5-sync.com — Cisco Umbrella Rank: 612
19 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 15646
api.webgains.io — Cisco Umbrella Rank: 40158
32 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1248
s.tribalfusion.com — Cisco Umbrella Rank: 2774
1 KB
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 15474
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6958
651 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1341
r.turn.com — Cisco Umbrella Rank: 4617
869 B
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 1037
1 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 6677
749 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 813
1 KB
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 77547
static-de.ad4mat.net — Cisco Umbrella Rank: 111741
4 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
21 KB
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 4649
360 B
2 avplayer.com
feed.avplayer.com — Cisco Umbrella Rank: 24675
player.avplayer.com — Cisco Umbrella Rank: 14855
61 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1550
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1323
12 KB
2 modoro360.com
tg1.modoro360.com — Cisco Umbrella Rank: 66220
servt.modoro360.com — Cisco Umbrella Rank: 63931
7 KB
2 scorarab.com
web-api.scorarab.com — Cisco Umbrella Rank: 212215
16 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1293
402 B
1 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 10302
464 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1886
350 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2062
586 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 744
874 B
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 43265
15 KB
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 21883
2 KB
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1052
45 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689
715 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 4805
104 B
1 web3-lab.com
us.web3-lab.com — Cisco Umbrella Rank: 56964
725 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 777
361 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 7938
44 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 9072
233 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 50702
609 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1020
542 B
1 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 12884
233 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1009
1001 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 11316
288 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 451
265 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1223
713 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 344
5 KB
1 melia.com
mm.melia.com — Cisco Umbrella Rank: 85347
1 KB
1 adform.net
a1.adform.net — Cisco Umbrella Rank: 13039
606 B
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5096
313 B
1 urekamedia.com
cdn-adipolo.urekamedia.com — Cisco Umbrella Rank: 139300
1 ovh.net
storage.de.cloud.ovh.net — Cisco Umbrella Rank: 101748
15 KB
1 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 8265
5 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 3991
2 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 4083
2 KB
1 dalbouh.xyz
dalbouh.xyz — Cisco Umbrella Rank: 554179
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
44 KB
1 shoot-yalla.tv
live.shoot-yalla.tv — Cisco Umbrella Rank: 290277
1 KB
0 aura-dsp.com Failed
sync-dmp.aura-dsp.com Failed
382 72
Domain Requested by
41 securepubads.g.doubleclick.net live.demand.supply
securepubads.g.doubleclick.net
jscdn.greeter.me
359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
www.googletagservices.com
yalla-shoots.tv
33 tpc.googlesyndication.com 1 redirects securepubads.g.doubleclick.net
tpc.googlesyndication.com
359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
yalla-shoots.tv
31 live.demand.supply yalla-shoots.tv
live.demand.supply
client
22 cm.g.doubleclick.net 2 redirects 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
19 static.criteo.net securepubads.g.doubleclick.net
359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
ads.eu.criteo.com
cdnjs.cloudflare.com
static.criteo.net
player.aplhb.adipolo.com
16 pagead2.googlesyndication.com securepubads.g.doubleclick.net
359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
tpc.googlesyndication.com
yalla-shoots.tv
www.googletagservices.com
13 a4.koora.cloud cdn.jsdelivr.net
9 onetag-sys.com 1 redirects player.aplhb.adipolo.com
9 www.googletagservices.com jscdn.greeter.me
359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
yalla-shoots.tv
securepubads.g.doubleclick.net
9 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
9 yalla-shoots.tv yalla-shoots.tv
8 imageproxy.eu.criteo.net 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
ads.eu.criteo.com
8 www.gstatic.com yalla-shoots.tv
359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
7 fonts.googleapis.com 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
yalla-shoots.tv
7 www.google.com 1 redirects tpc.googlesyndication.com
359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
yalla-shoots.tv
6 assets.ad4m.at as.ad4m.at
6 x.bidswitch.net 6 redirects
6 adservice.google.com securepubads.g.doubleclick.net
6 adservice.google.de securepubads.g.doubleclick.net
5 ap.lijit.com 1 redirects player.aplhb.adipolo.com
5 fonts.gstatic.com fonts.googleapis.com
5 cdn.jsdelivr.net securepubads.g.doubleclick.net
yalla-shoots.tv
5 jscdn.greeter.me yalla-shoots.tv
4 ad4m.at as.ad4m.at
ad4m.at
4 as.ad4m.at yalla-shoots.tv
as.ad4m.at
ad4m.at
4 csi.gstatic.com imasdk.googleapis.com
4 prebid.a-mo.net player.aplhb.adipolo.com
4 bidder.criteo.com player.aplhb.adipolo.com
4 mp.4dex.io player.aplhb.adipolo.com
4 ghb.aplhb.adipolo.com player.aplhb.adipolo.com
4 gum.criteo.com 1 redirects static.criteo.net
player.aplhb.adipolo.com
3 csm.eu.criteo.net ads.eu.criteo.com
3 id5-sync.com cdn.id5-sync.com
player.aplhb.adipolo.com
3 player.aplhb.adipolo.com jscdn.greeter.me
player.aplhb.adipolo.com
2 api.webgains.io analytics.webgains.io
2 widgets.outbrain.com securepubads.g.doubleclick.net
widgets.outbrain.com
2 www.awin1.com as.ad4m.at
2 d5p.de17a.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 pool.admedo.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 cat.nl3.eu.criteo.com ads.eu.criteo.com
359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
2 rtb.fr3.eu.criteo.com yalla-shoots.tv
359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
2 googleads.g.doubleclick.net 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
2 ads.eu.criteo.com imasdk.googleapis.com
359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
2 script.4dex.io player.aplhb.adipolo.com
script.4dex.io
2 imasdk.googleapis.com 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 web-api.scorarab.com yalla-shoots.tv
1 lb.eu-1-id5-sync.com player.aplhb.adipolo.com
1 mcdp-nydc1.outbrain.com widgets.outbrain.com
1 odb.outbrain.com widgets.outbrain.com
1 widget-pixels.outbrain.com yalla-shoots.tv
1 tcheck.outbrainimg.com widgets.outbrain.com
1 rtb.openx.net 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
1 dsp.adfarm1.adition.com 1 redirects
1 s.tribalfusion.com
1 a.tribalfusion.com 1 redirects
1 sync.mathtag.com 1 redirects
1 cdn.track.production.webgains.team as.ad4m.at
1 analytics.webgains.io track.webgains.com
1 track.webgains.com as.ad4m.at
1 static-de.ad4mat.net as.ad4m.at
1 ssbsync.smartadserver.com 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 dclk-match.dotomi.com 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
1 r.turn.com
1 ad.turn.com 1 redirects
1 us.web3-lab.com cdn.jsdelivr.net
1 match.sharethrough.com 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
1 cc.adingo.jp 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
1 dsp.adkernel.com 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
1 gcm.ctnsnet.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 rtb2-useast.e-volution.ai 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
1 sync.srv.stackadapt.com 1 redirects
1 s.uuidksinc.net 1 redirects
1 match.adsrvr.org 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
1 um.simpli.fi 1 redirects
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 rtb.nl3.eu.criteo.com 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
1 cat.fr3.eu.criteo.com 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
1 mm.melia.com ads.eu.criteo.com
1 a1.adform.net 1 redirects
1 prod-rtb.ad4mat.net yalla-shoots.tv
1 pro.ip-api.com cdn.jsdelivr.net
1 cdn-adipolo.urekamedia.com
1 storage.de.cloud.ovh.net
1 player.adtelligent.com player.aplhb.adipolo.com
1 mug.criteo.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 adipolo.com
1 servt.modoro360.com
1 player.avplayer.com tg1.modoro360.com
1 feed.avplayer.com tg1.modoro360.com
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 tg1.modoro360.com yalla-shoots.tv
1 dalbouh.xyz yalla-shoots.tv
1 www.googletagmanager.com yalla-shoots.tv
1 live.shoot-yalla.tv yalla-shoots.tv
0 sync-dmp.aura-dsp.com Failed 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
382 105
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-27 -
2024-01-26		 a year crt.sh
demand.supply
Cloudflare Inc ECC CA-3		 2023-02-19 -
2024-02-19		 a year crt.sh
greeter.me
E1		 2023-04-15 -
2023-07-14		 3 months crt.sh
*.scorarab.com
GTS CA 1P5		 2023-03-30 -
2023-06-28		 3 months crt.sh
*.shoot-yalla.tv
GTS CA 1P5		 2023-03-27 -
2023-06-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
wl1.aniview.com
R3		 2023-02-23 -
2023-05-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-02-28 -
2023-05-29		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-02-25 -
2023-05-26		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
*.avplayer.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-08-08 -
2023-09-08		 a year crt.sh
*.adservrs.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-05-25		 3 months crt.sh
player.aplhb.adipolo.com
R3		 2023-03-21 -
2023-06-19		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-03-20 -
2023-06-18		 3 months crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
player.adtelligent.com
R3		 2023-03-22 -
2023-06-20		 3 months crt.sh
storage.de.cloud.ovh.net
Sectigo RSA Domain Validation Secure Server CA		 2023-01-25 -
2024-01-25		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
ghb.aplhb.adipolo.com
ZeroSSL ECC Domain Secure Site CA		 2023-04-06 -
2023-07-05		 3 months crt.sh
1372348363.rsc.contentproxy9.cz
R3		 2023-03-23 -
2023-06-21		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.a-mo.net
R3		 2023-04-13 -
2023-07-12		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-04 -
2023-06-04		 3 months crt.sh
a4.koora.cloud
R3		 2023-04-11 -
2023-07-10		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2023-06-25		 3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-26 -
2023-06-29		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-04-09 -
2023-07-08		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-14 -
2023-06-09		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.e-volution.ai
Sectigo RSA Domain Validation Secure Server CA		 2022-09-29 -
2023-10-30		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.adingo.jp
Amazon RSA 2048 M01		 2023-02-13 -
2023-11-11		 9 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh
*.web3-lab.com
GTS CA 1P5		 2023-04-01 -
2023-06-30		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-07-13		 5 months crt.sh
*.webgains.io
Amazon RSA 2048 M02		 2023-03-02 -
2023-09-21		 7 months crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M01		 2023-02-28 -
2023-10-28		 8 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
*.outbrainimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-02 -
2024-03-02		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh

This page contains 32 frames:

Primary Page: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Frame ID: C293979EBE6AD9D1B5AC3CA387828426
Requests: 156 HTTP requests in this frame

Frame: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EBD4EFD8574E06A5098120127EED9C7F
Requests: 1 HTTP requests in this frame

Frame: https://yalla-shoots.tv/frame.php?ch=b1_1&p=10&token=NmQ2YTY1MzM2YzZhNjU3ODZlNjMzNDc5NmQ3NDY3NzU2ZDZhNjY3MTY0Nzg2ZTZmNmQ2YTYxNzk2ZDY5NzM3OTZkNjQ2OTc3NmI2YjZjNjU3MTY4NmYzMzc5Nzg2YjMxNjQ2YTZkMzI2OTc4NmYzMTY5Nzc=&kt=1682446480
Frame ID: DB598707849613048CB58935AACB1A97
Requests: 22 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=yalla-shoots.tv
Frame ID: BBE940709662F562469E12AEF932A6B6
Requests: 2 HTTP requests in this frame

Frame: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A03612A1DBA0B5C8215AF4984C972DD3
Requests: 10 HTTP requests in this frame

Frame: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 521D9114EF0D8FF7A8A4B70C7D31C7A7
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C7011D162B063091BB8426610F7F396D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A55933DD930D310503486D58B51774ED
Requests: 2 HTTP requests in this frame

Frame: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EB283CA60D829776BF0FD6751A6C39E7
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 85C3A028CF132D3D690947DC12434E0D
Requests: 7 HTTP requests in this frame

Frame: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 429A17FBD0E2D51CB558EA72D28ADE14
Requests: 29 HTTP requests in this frame

Frame: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2AD2DCBA7B84EB3D2589771E8F3839F4
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BCBF23D57FFD056A6F5BFAAA9C470073
Requests: 2 HTTP requests in this frame

Frame: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 52BD84D55AEB0B021EB1F7B17E8150D1
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEgYkQADjiYKd7aWAAouBXbNKHorkAtbVTOURA&u=%7CnES9D%2FSP9mF5tYo1SS298VlBcqXke7diOkw%2FFjQlQlA%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkL9ENSsYQHHqzqEhpMmBS541imABqguik0SzIq4XyqVx9z2SLmEjVLCZgYdk73Za2NKURgjZ9vWIyx_E8Trl9WqCW9SI1K4R06bl3wMO2KZ3RVK9SRHQnSZ0w8sWY80HGB7eDSQAe8rpCrvRGvJ86F8spTVuFcrXq-KrXXl7PRyiPFnkB20cYAYkeOP3b6mikATbT1ROk-3G2ExR8k674IpjAbCrgjYkAF_uy-JdthUYaOHMSXYL-gYfnZHZKgahv_lTtIo9G8a9PBluZqasHCUG0ibBIeXUFQDDq8BEHX4evg-kvQnNVTEZTXAhKVIvHTNJ6-IGz_SNclL4hUIz0Tx42QCyBgPFmsnlGhRqDkEWoSryNNRhoncuHefpvhNfkQ9HCaWxvf1vBkg2-S3dLTW0KO4zwEHSBo6jgOkoP1J_YqnjqbzLle8WrbwW-JkC4_H44yFOk0loI-vnCy-26OpunndRCx_ZuFaz0zZ44FYxQrBM25wnzwdZ5Ps8ZnTm_56wVM6dNSjJDf0tw7at2JCZKX8YBiLMx_WqOtINFOT_orbv7zfU0NkIqgsrsNV2Rw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbYtxkRhIZKacDpbt3gOF3KjADMme0rFc1fbi1pMBwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAud0FNX2e7I-4AIAqAMBqgTEAk_QcG4pabimfrpfK9husQP4HXfzwRFU5B1IZk7Q9ZIlJgs7xTl2Fu59HNwBlSVvOA1UdhgCf1AX7VhFZS0ZQeoHSye3GPt5pXR_DCcuiIBrjwAQ-a2UbRHEy1NWeXozKdtgBWxadq1szBWHQylR_htFgs-XZe7en1oOJ17gphVWnvZc4XAMWGlAyPsHA74OojINC4KIsKXgwFunbjiilBHnoN7yKIRcX3GGt3g6CdoEYDdxE-jYkjoux98sSq7y6cOAa2v_5Pb_Rh0TvquhPJwbntQgJa1DiOPEyTBePqcNGkTjARBTqBHAH7h2nBTIrUAfeED4z_Q3Gw1VUx5o1jeORD7VPAhdZXMTMsOOhzfxF95hEC_Bo7nUGmIHcuCbU4bhyCPbed2v96g16r7NE6_Oo29JOkcTUZe4LOG-yk5OtH3RcuAEAYAGgauk4bfgiqQGoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1q1hzTYjNgsZozcC2ixxgjD90cbw%26client%3Dca-pub-3831894559014614%26adurl%3D
Frame ID: C6C815E80E12C199509A1BD6C21D384C
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E7A30334AF66B0A6CBE5D746AC7EDE68
Requests: 9 HTTP requests in this frame

Frame: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2536A5F363B97DDF163A4E14073736A1
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CS4iDkRhIZMCHDoSa3wOsuLyADJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAkGZOi4odLI-4AIAqAMBqgTHAk_Qo8jUg5KjOXGgwDY7PrF_J1LbDOzAMFuRB_LfH9IjzfxAGxcPnuhyeVIG_JExSih7JjQ0Ahs-QS7x2ufi-8-et5QweWMIdcfawfUH5SMboZNTmeraErJXDDVVIT8Y63YmD3f1vErGmpEJtTThtrbS_h3961CL3VhvsX2O9EKl0m4A4OYgl01DRTwYWnvSz7XS2SQays9Yxs8O1CIiNkd4wADBR-2CjPCG2ItJhjAZ_n8nttHQ77256hkfmWhap5NBZCSbGNTwUcbxVB06zM2JUGooj9wX60zDu9QwXCkgpsZ7EO_MCK5yNKzprfHVp9USAfSb3W-NR-51J77ZXVUxDQlNtVbUBb983EJ4P98FfuO1sPMdt1MevKfMzk0Vl_LDdTgMALmIjZXCMrwnpHjYGt8yK5HzcxDusZqbx_5goE0OZk6x8-AEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=rIS-h8joyc0&uach_m=[UACH]&cid=CAQSPABygQiDoilAYbduqDUtRjTQ0FXesmgPG7UUVFi0jLEU9sbwM-oBeJoV5Nsv6kYBLcv5X0g04LLp7uCVXhgB
Frame ID: 906EC2F8D40DB7F8C9CE5B9561C50E0E
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hh8mf96j6vryddcpq64t68rdy9679wgymsabprb3g5mf9tc2r00qz392t2ebwwzp88d541sjyjk1pqzf2ps9pnzcgw3z7gxvs1dq4p5p31k2yqney5wg003y6dbpsawemygz52e579tp3re82385k6r0j2kr0sjf0a87fsbps5ayv29821224688p0sxdqdxdvb67cdef5nha33jzqzgz0hxeyjetv97sdf11trqcvapmvgybmjdjf2dhxy1may6yjmvhyqpscnnz09aqzc493hmx4qcgp2771zdeenrj66f40xnga3jpthb4zx27v3w30dhd051d7n3a5enga6g8006p3m9fhyx0t2p4n6whddvz3hp16pzkcfxzeceab6ddzqh3wr6wsrkpp2qpxryrjz4kp7tvfmn2kzhmpgna6damw5xcg73zqkhdvg3zdhjvmr4hccwc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaXjDkRhIZMCHDoSa3wOsuLyADJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAkGZOi4odLI-4AIAqAMBqgTKAk_Qo8jUg5KjOXGgwDY7PrF_J1LbDOzAMFuRB_LfH9IjzfxAGxcPnuhyeVIG_JExSih7JjQ0Ahs-QS7x2ufi-8-et5QweWMIdcfawfUH5SMboZNTmeraErJXDDVVIT8Y63YmD3f1vErGmpEJtTThtrbS_h3961CL3VhvsX2O9EKl0m4A4OYgl01DRTwYWnvSz7XS2SQays9Yxs8O1CIiNkd4wADBR-2CjPCG2ItJhjAZ_n8nttHQ77256hkfmWhap5NBZCSbGNTwUcbxVB06zM2JUGooj9wX60zDu9QwXCkgpsZ7EO_MCK5yNKzprfHVp9USAfSb3W-NR-51J77ZXVUxDQlNtVbUBb983EJ4P98FfuO1sPMdt1MevKfMzk0Vl_KBdxme10APzV1Feir97eoqI8s4hpvda81uc9MJP2p-jFXbutHxO1qWCOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bX74egU4h5sO43JAKcOG4dLdfqg%26client%3Dca-pub-3831894559014614%26adurl%3D
Frame ID: 047AE76A2A5E419D50121B70ECB08355
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A2C27C1AE246511D6A6D7F993486BD18
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B49A8175781301CBA21E7CF3B52E3439
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Frame ID: 4496AAC016C9041173485718189B8521
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 1FB55896EE58F9486E3290A5605C9B74
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=e7dba04208610c5be649028871ba78b1%2F8809809848389707856&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682446482627&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzrqpezy7h76w2gq6p5wh097a8jce04vhk2sj4300erzhf1qbncnrn6vq4y878tznjxqnwvnwhz3ymnxxqfqdn8py5sba9pwy6hk87appay9tx08at3cwag2recbgzrktfrhz2njqb1b8kr0bqgmeyzt2jcjttnwh5d1ch2veefdp51z8htpm8facrztzv48vg9jcthtf1vwak4n3beqrj42jm20mep352359zt8x549tmbmngdt31yh7rbgszg752ap75en5jv4gn4by3c4qr2y8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaXjDkRhIZMCHDoSa3wOsuLyADJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAkGZOi4odLI-4AIAqAMBqgTKAk_Qo8jUg5KjOXGgwDY7PrF_J1LbDOzAMFuRB_LfH9IjzfxAGxcPnuhyeVIG_JExSih7JjQ0Ahs-QS7x2ufi-8-et5QweWMIdcfawfUH5SMboZNTmeraErJXDDVVIT8Y63YmD3f1vErGmpEJtTThtrbS_h3961CL3VhvsX2O9EKl0m4A4OYgl01DRTwYWnvSz7XS2SQays9Yxs8O1CIiNkd4wADBR-2CjPCG2ItJhjAZ_n8nttHQ77256hkfmWhap5NBZCSbGNTwUcbxVB06zM2JUGooj9wX60zDu9QwXCkgpsZ7EO_MCK5yNKzprfHVp9USAfSb3W-NR-51J77ZXVUxDQlNtVbUBb983EJ4P98FfuO1sPMdt1MevKfMzk0Vl_KBdxme10APzV1Feir97eoqI8s4hpvda81uc9MJP2p-jFXbutHxO1qWCOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bX74egU4h5sO43JAKcOG4dLdfqg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Frame ID: CC059D37F3069C37D197538AFD965747
Requests: 14 HTTP requests in this frame

Frame: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5B4EACF05C1048E8866163EAB96D29C8
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A525902FDBEEB286604510A3EDE5BFF9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Frame ID: 20DBA70FDB6D3383918A322D355549DA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstn5BTBwF-MK24l2dy-dIwvhurpNzAsmPHJ7RU7TAzp7tEm9_rASFKXGKUEvhwfv_RijN8tVbsLQeQwbIiS7BJhKH7c6vmX6e5sc24GbJ-wHtcn6YhZ5PxlgHoGOZG2bwQH2861T4Mp_dZQfK04A-SSJFhmozICWB6N3_D9loV17XKU9x5g4-lHrA6Vt1roBXh9Nj2ktYd9ljy_37Nbq5fgWboFbLg_6w_M7XPlGKQ1Ia63a3fXTUXp8gePBkvthvlZBTtBtQRIWJ6Go4qBMbom_oREMPJzPAIZVXis41S28QAWFquaKEQi1x0xsttWG5-yyedisTQXPswNKmOE&sai=AMfl-YTDPL9a9HZnLg7g-aHZg6ikuEyiBe_EH8Zq50_BWkshgkxyBNaawxLNURH5dejDwoTZv4TB0iiYeGPWvPAKYDNYVqXn74Te5qkR11ykcZ6hDl6qlgFJW_k_kpwc8C8&sig=Cg0ArKJSzLPrBCAGXIiSEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7507D0C4136C408790D1F82C7B72BB28
Requests: 9 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Frame ID: 01D9A4CD491EA67E24C982F7ABAF9E47
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1682446484888&gdpr=0
Frame ID: B9272DAA884B9D14F5F7A100CF304D15
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1682446482851&gdpr=0
Frame ID: FE2FF78F13B77F63C3F88F68D8008550
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1682446481506
Frame ID: 74F0C868FE1AABEE68062D5A75B9DA21
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

بث مباشر لمباراة جيرونا و ريال مدريد - الدوري الإسباني - 2023-04-25

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

382
Requests

94 %
HTTPS

44 %
IPv6

72
Domains

105
Subdomains

82
IPs

13
Countries

7109 kB
Transfer

12466 kB
Size

46
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=yalla-shoots.tv&sn=ChromeSyncframe&so=0&topUrl=yalla-shoots.tv&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=N2FOSXxoMzFadFB6Z0V2bFdZRUpLOVdzckMzVFgwNXpKVVRoUG9HczFiV25IM3RtdVFwWEc2Z0F1OS9YVlNuamRQZnQybVpBcGxQUXJGRXZlbHErQ3ZFd2drazNIa0NSRnc2akx1Yy82KzNFaFhjaHcxWnZQUnhTd2VDbzdsam8rRkJxekR6WU4yMzVnWXpIL3pRcXRCb2ZIcGc5UEpkcElUZExGWnJwcnVobTdtRUxnRXcwT3MzYXhuMVFMcytXVmZBYTBvZE94azB1NlhyV3lKNFVEQ3VLbDJOcVhqVGRhcnlzb05QUVBKeENaUkhzdXlEcFdDM1c0TElrK2w2bUZveXhVU1A5SlRhaUNjVXlxNEo4MFQ2S2s2cFpiZUJxNzlxdEhsSkhIcnUrMjRpdz18&cppv=2
Request Chain 208
  • https://a1.adform.net/adfserve/?bn=53543619;1x1inv=1;srctype=3;gdpr=1;;ord=6448189123ade93ff4a34afaf03b9c3d HTTP 302
  • https://mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_DE_p-criteo&ead-location=display_Prospecting_DE-1x1_de&ead-creative=DE-criteo-c_eastersale-1x1_de&ead-creativetype=1x1_de&eseg-name=campaign&eseg-item=eastersale&ead-mediaplan=DE-Prospecting&ea-rnd=5555&adfrmid=0
Request Chain 221
  • https://um.simpli.fi/gp_match?google_gid=CAESEA5sd4Ja40FXD0pgdhILKLw&google_cver=1&google_push=ATf1kGP4yhQzevzTirC09OFERua4v4_UTcDTMtVlMtaQZVfQ_rgssQDB4laLG3q9I1Wfo35_d70DGoVNSgRcnSs4wcqDdUd_rHIe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=960065FFB9FA44B4BFB6521377506F78&google_push=ATf1kGP4yhQzevzTirC09OFERua4v4_UTcDTMtVlMtaQZVfQ_rgssQDB4laLG3q9I1Wfo35_d70DGoVNSgRcnSs4wcqDdUd_rHIe
Request Chain 223
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEAAAMeB3hqhRSKneerKXDGg&c_param1=ATf1kGP-2iBTuADM0UpPmJMGxbM7Jp2_2ElXFaEk79pJxYly_e2aFMZwUe176dM3GoGaiEVd_RqgiiCe7QHZLnAREqG_Jxifilgy&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGP-2iBTuADM0UpPmJMGxbM7Jp2_2ElXFaEk79pJxYly_e2aFMZwUe176dM3GoGaiEVd_RqgiiCe7QHZLnAREqG_Jxifilgy
Request Chain 224
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEA7no7gihepBoyr9n80fryo&google_cver=1&google_push=ATf1kGPCKwmCYdNhnZ5GEnt4gw75g6CvMaDlp95CHwbRY7KyqLSTth6dNH3NwyfueB2kq5CF_C9Fr-T8GRzZtbRDQwaBv_aUCklT HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEA7no7gihepBoyr9n80fryo&google_push=ATf1kGPCKwmCYdNhnZ5GEnt4gw75g6CvMaDlp95CHwbRY7KyqLSTth6dNH3NwyfueB2kq5CF_C9Fr-T8GRzZtbRDQwaBv_aUCklT&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGPCKwmCYdNhnZ5GEnt4gw75g6CvMaDlp95CHwbRY7KyqLSTth6dNH3NwyfueB2kq5CF_C9Fr-T8GRzZtbRDQwaBv_aUCklT&google_hm=Sl9PTHN3R1o4TUhqRi1WX1ZxY24=
Request Chain 225
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEFqQ58hxAPa4J5lxak-SLg0&google_cver=1&google_push=ATf1kGOvBPF2NaWH4Pod_IW1qfzS9Hg307__Dd277uBSShh1fbepy7Cr6mrMaHEGCicLdznmHGKoeMK7wicoyMptCZti6vYpxHU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=mF3rrGL6UPlDxUqw31OCiNly2hU&google_push=ATf1kGOvBPF2NaWH4Pod_IW1qfzS9Hg307__Dd277uBSShh1fbepy7Cr6mrMaHEGCicLdznmHGKoeMK7wicoyMptCZti6vYpxHU
Request Chain 257
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 262
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFmfMx4hplvJPV9HLgum3iI&google_cver=1&google_push=ATf1kGNT5bBfpwmLqeNDA78sN_dofAbqKasBOLAIVC5ANa_wTExDjMWiLpej3CzuOF40Fpep2gX4tfwMO6QDL_fqyNvT7oqnWq6X HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFmfMx4hplvJPV9HLgum3iI&google_push=ATf1kGNT5bBfpwmLqeNDA78sN_dofAbqKasBOLAIVC5ANa_wTExDjMWiLpej3CzuOF40Fpep2gX4tfwMO6QDL_fqyNvT7oqnWq6X
Request Chain 263
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBvamQ_4AGqx3vkCcZa4U9w&google_cver=1&google_push=ATf1kGOYCsdOeTFabMQmjSMfnOosTqsWB5kMqWcZlkf3QCbm5LiuYFzBNPEnIleKnpokauelyAbulKn4sxdTB3haTTonSVUrPBX7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGOYCsdOeTFabMQmjSMfnOosTqsWB5kMqWcZlkf3QCbm5LiuYFzBNPEnIleKnpokauelyAbulKn4sxdTB3haTTonSVUrPBX7&google_hm=oD5LJR-lRR6wawPbuNZ6bBU
Request Chain 264
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJZb21_N-8ZMQy2ZKpkry5s&google_cver=1&google_push=ATf1kGOTpSK2_IPOHYuS5SRKTd0ug1vrLbyvxE6PMdfSahIw4Y8ulbSEIV7K05Anj63Bwr4lgOro6WQWYE4LSkcbUTQRYH1DW8FDzA HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJZb21_N-8ZMQy2ZKpkry5s&google_cver=1&google_push=ATf1kGOTpSK2_IPOHYuS5SRKTd0ug1vrLbyvxE6PMdfSahIw4Y8ulbSEIV7K05Anj63Bwr4lgOro6WQWYE4LSkcbUTQRYH1DW8FDzA HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=64e975dc-f15e-43db-8f20-e0e8d9dafdff HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=64e975dc-f15e-43db-8f20-e0e8d9dafdff HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=5955d501-6487-49a8-a91b-2bdf3f3d3a6d&user_group=1&ssp=google&bsw_param=64e975dc-f15e-43db-8f20-e0e8d9dafdff HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP5eSNcWap5SUU2TsQkKEYtiP1Yhbmb8i3Zhf9Nv-WvF8pWY7d3fulYPip8YWU2FHDG_WN74xL8vJrAzm4E6ZE1zIhzcQKs&google_hm=ZOl13PFeQ9uPIODo2dr9_w==
Request Chain 265
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAX9nvGHLP8S6dkJQDIQ0Jg&google_cver=1&google_push=ATf1kGMZUNFhHE039Am2bII1Iio7ilJd_2D8tvEfN4QTNG56Xc0lslnHx3eT6lkk1YizHA9O_9lywOv0Enj9eECjC37nb17Uzw-TNg HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAX9nvGHLP8S6dkJQDIQ0Jg&google_cver=1&google_push=ATf1kGMZUNFhHE039Am2bII1Iio7ilJd_2D8tvEfN4QTNG56Xc0lslnHx3eT6lkk1YizHA9O_9lywOv0Enj9eECjC37nb17Uzw-TNg&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=M5IGQBicT_2cZpD_nrXf1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMZUNFhHE039Am2bII1Iio7ilJd_2D8tvEfN4QTNG56Xc0lslnHx3eT6lkk1YizHA9O_9lywOv0Enj9eECjC37nb17Uzw-TNg
Request Chain 281
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFpN2f1Crgz2MAVHLYC_wXw&google_cver=1&google_push=ATf1kGMR1TkHgCp7IRrtKJC9dxSZRwefIVXSXIqTUQYIK3ZHmB0xA0xwJkWVmWPvSgM97o0YcqMaUcQRuoGILhsraAPAMZMSYHmT8A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzcwNjYxNTUzNTYyMTYzMjg4NA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFpN2f1Crgz2MAVHLYC_wXw&google_cver=1
Request Chain 283
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGIQ5Q5r8tyHwy5PqA1d6DA&google_cver=1&google_push=ATf1kGP5eSNcWap5SUU2TsQkKEYtiP1Yhbmb8i3Zhf9Nv-WvF8pWY7d3fulYPip8YWU2FHDG_WN74xL8vJrAzm4E6ZE1zIhzcQKs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP5eSNcWap5SUU2TsQkKEYtiP1Yhbmb8i3Zhf9Nv-WvF8pWY7d3fulYPip8YWU2FHDG_WN74xL8vJrAzm4E6ZE1zIhzcQKs&google_hm=ZOl13PFeQ9uPIODo2dr9_w==
Request Chain 284
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFhv8CCQs5xAptuQST8MSsg&google_cver=1&google_push=ATf1kGOsckPr5xmPgCs_vky5s1lnqwMVsNa2GjWJsug9wrD8-rYLNvF-X5uAlU-XaAj-60aItOA51Ez-COSDRbMBW2oM0VgPKdfwKg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOsckPr5xmPgCs_vky5s1lnqwMVsNa2GjWJsug9wrD8-rYLNvF-X5uAlU-XaAj-60aItOA51Ez-COSDRbMBW2oM0VgPKdfwKg&google_hm=eS1ESTE1aFVoRTJwR2kxdHNBV3pPQkFEaHRiSVpxVHJyOH5B
Request Chain 285
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELCME1Sso8zDXgDJbqtLchA&google_cver=1&google_push=ATf1kGMwuGrYj-vcWFHGSC1MzUbgfKue7b0atjT7NjcslwsQkRRLNucEnNJ8n1YEoiNrzug5yUSQ9V5WznTRikBCT3CkHIcyihWQdQ HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESELCME1Sso8zDXgDJbqtLchA&google_cver=1&google_push=ATf1kGMwuGrYj-vcWFHGSC1MzUbgfKue7b0atjT7NjcslwsQkRRLNucEnNJ8n1YEoiNrzug5yUSQ9V5WznTRikBCT3CkHIcyihWQdQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMwuGrYj-vcWFHGSC1MzUbgfKue7b0atjT7NjcslwsQkRRLNucEnNJ8n1YEoiNrzug5yUSQ9V5WznTRikBCT3CkHIcyihWQdQ
Request Chain 287
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEFcEZNbxYzd8OwU-lD28VqM&google_cver=1&google_push=ATf1kGPI06imCXwdhaf2z-LNCJW-G1OJuf5IYjEB17dXsMlLI1WrpNgSVubWmoE5hGLVh0wVvDeXzZSx-vq5kRJq-dEyCcvThUhlMlI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=64e975dc-f15e-43db-8f20-e0e8d9dafdff&%%GOOGLE_PUSH_PAIR%%
Request Chain 334
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
  • https://tpc.googlesyndication.com/simgad/624907996767536446
Request Chain 339
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKCY9oyAQGsOg08-FpLJCsM&google_cver=1&google_push=ATf1kGPPgKcsAMQQRLE4VPJJIVAorK6UISxOnH1ciDByN0A4OLss705uNGnFkpZNKhswcw2HQ3bvQ-ybjiUHJ1T_sstDBroP-YvWCQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPPgKcsAMQQRLE4VPJJIVAorK6UISxOnH1ciDByN0A4OLss705uNGnFkpZNKhswcw2HQ3bvQ-ybjiUHJ1T_sstDBroP-YvWCQ
Request Chain 340
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHoaFzsZ4Q3N0CL3mB2kTLg&google_cver=1&google_push=ATf1kGPAfjSYJdH4JlteJUNqb8OxABWEQJl8oZne2BdP0N_ldcGhrmvnfSTBP6CkYnacv0miuZzriKI0HT8LfGtyNiXUGul3InJ2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPAfjSYJdH4JlteJUNqb8OxABWEQJl8oZne2BdP0N_ldcGhrmvnfSTBP6CkYnacv0miuZzriKI0HT8LfGtyNiXUGul3InJ2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHoaFzsZ4Q3N0CL3mB2kTLg&google_cver=1&google_push=ATf1kGPAfjSYJdH4JlteJUNqb8OxABWEQJl8oZne2BdP0N_ldcGhrmvnfSTBP6CkYnacv0miuZzriKI0HT8LfGtyNiXUGul3InJ2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPAfjSYJdH4JlteJUNqb8OxABWEQJl8oZne2BdP0N_ldcGhrmvnfSTBP6CkYnacv0miuZzriKI0HT8LfGtyNiXUGul3InJ2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 341
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAmFnUz61qSGkFJe4VyWkak&google_cver=1&google_push=ATf1kGMVzg69ZPCd9C8qrKSnknXN9_4bymP9l0IznJHA-t_Ovq3osVfmrQ57OOiYYVrTQbh-_YnKjwz3h82Of1RzVQnk_cHucJVCGA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyNjA1MjYyMTc2MjM2MTQ4NQ%3D%3D&google_push=ATf1kGMVzg69ZPCd9C8qrKSnknXN9_4bymP9l0IznJHA-t_Ovq3osVfmrQ57OOiYYVrTQbh-_YnKjwz3h82Of1RzVQnk_cHucJVCGA
Request Chain 342
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGIQ5Q5r8tyHwy5PqA1d6DA&google_cver=1&google_push=ATf1kGMWmgtDAvpIaVK01WWzhAfYAUyXaxiuM4lALekOY7W8VXyN7QXo4lfF9rFDcYQH64nuYMYcCGJbJH10niIWnxdpwy8eLJ-Q5w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMWmgtDAvpIaVK01WWzhAfYAUyXaxiuM4lALekOY7W8VXyN7QXo4lfF9rFDcYQH64nuYMYcCGJbJH10niIWnxdpwy8eLJ-Q5w&google_hm=ZOl13PFeQ9uPIODo2dr9_w==
Request Chain 344
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL6SvCkIjHAEFvywh313btk&google_cver=1&google_push=ATf1kGNXPrxYLje0RzYo3A_phSTQoEKQj6D0TxE0JC6yxhMetFsz2t6uHanYHhSwGuvC86r1ocU-xU2oFCgkrZDRv8CmsmuQ-MyXCA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNXPrxYLje0RzYo3A_phSTQoEKQj6D0TxE0JC6yxhMetFsz2t6uHanYHhSwGuvC86r1ocU-xU2oFCgkrZDRv8CmsmuQ-MyXCA&google_hm=GioGuBZHyX1k5_yZThSm9Ehx
Request Chain 345
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDWPWn-dPyq8wdwzBqJ4jAM&google_cver=1&google_push=ATf1kGN7V8RJpUdQ3lPSOc-7o5EsC1Ix58OR9bLcUu2Arg25WK8ebPM8cCh1xkmAQHFlC3FOOBgWc8877dC55r5-gNmLFseLUmdt54Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGN7V8RJpUdQ3lPSOc-7o5EsC1Ix58OR9bLcUu2Arg25WK8ebPM8cCh1xkmAQHFlC3FOOBgWc8877dC55r5-gNmLFseLUmdt54Q HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5

382 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/ 		189 KB
61 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83b8e8dc344c9649c8addcb67428d1904ed16721b9300c7ef417ef66345a36f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=60
cf-cache-status
DYNAMIC
cf-ray
7bd891246908bb44-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 25 Apr 2023 18:14:40 GMT
expires
Tue, 25 Apr 2023 18:15:40 GMT
feature-policy
microphone none;camera none;geolocation none;
last-modified
Tue, 25 Apr 2023 18:14:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), microphone=(), geolocation=()
pragma
public
referrer-policy
strict-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ha0LsSnb83l3lHs%2FAUZ2qMojo8cMZSgUsa39iUptx6afQn8sPSoNP8p6wYPpMjIaTdv34K6%2F8bb9I4Mw%2BLpY0YT3z6vFBnSRjlR%2BMhYAdbjUQRbqFSQn8OlH0%2BBDeol8%2Bic%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
up.js
live.demand.supply/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/up.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2e618f85e4345235b90bc69e8a2fda53424f28ed251e59cd42b288106760a1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GYAHT2SN209EXQN5SXM4JVJ5
date
Tue, 25 Apr 2023 18:14:40 GMT
content-encoding
br
cf-cache-status
HIT
age
682
cf-polished
origSize=4391
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"2bcc750d9f5a6b1343fb85264ffd8b3b-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
7bd891259b683a66-FRA
link
<https://live.demand.supply/impl.v16.7.1.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/eWFsbGEtc2hvb3RzLnR2Lw==>; rel=preload; as=script
timing-allow-origin
*
A-letterbigger_Savir.png
jscdn.greeter.me/ 		945 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jscdn.greeter.me/A-letterbigger_Savir.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Sun, 10 Jul 2022 13:45:06 GMT
x-amz-request-id
tx00000000000003da33280-0064480bed-9620c93c-fra1b
etag
"f07519ec5fbc46385f386b577e6e2a1d"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1682446480.dop244.fr8.t,1682446480.cds108.fr8.hn,1682446480.cds205.fr8.c
content-type
image/png
cache-control
max-age=365
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
945
yalla-shoot.png
yalla-shoots.tv/uploads/logo/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yalla-shoots.tv/uploads/logo/yalla-shoot.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3790ed75687a3b6c3d71bcf4bd62c99f82a3dd738ae4b6b2639bd36e4f6bca29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
603532
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6352
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Sat, 23 Jul 2022 01:22:27 GMT
server
cloudflare
etag
"62db4d53-18d0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Ra8v2GTQ868UeA5HwRDSt6%2BmFMVgKMcfV8hkZzFr8UPolAOwAS2Gh4Eo%2FFtEw4WqN5LE5SE2%2BWFfLD1D%2BmhI0gU82NDD2wpIzuSI0iI%2Fgk4cGLcMb355YUPpIcGSbKQp40%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
cf-ray
7bd891253a2abb44-FRA
expires
Thu, 18 May 2023 18:35:48 GMT
truncated
/ 		451 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		944 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		248 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		460 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		500 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
NeoSansArabic.woff
yalla-shoots.tv/assets/fonts/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/assets/fonts/NeoSansArabic.woff
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Origin
https://yalla-shoots.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
603413
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
57364
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Sat, 23 Jul 2022 01:21:21 GMT
server
cloudflare
etag
"62db4d11-e014"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYhtuXygE2IXnryIi4lNxXoDb1DtZOCbMVGmz7a1H4oeZVXj2RvDZiI82G72m8yps3oV2LOhldXFPjI1frCJCn5MwrX%2BIFKkysQ1kSMGiE9zowhtroohWoqocVUNYzTt7Uo%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
cf-ray
7bd891254a3dbb44-FRA
expires
Thu, 18 May 2023 18:37:47 GMT
1600200657.png
web-api.scorarab.com/uploads/team/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-api.scorarab.com/uploads/team/1600200657.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0eaedcd2f342b29a8ce0c22294618f8885aa34d6413d580e56b8fed1d486b60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
207066
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6876
x-xss-protection
1; mode=block
last-modified
Wed, 08 Dec 2021 17:06:40 GMT
server
cloudflare
etag
"61b0e620-1adc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxf0CiD3lXRFE4%2FQFxLbWUO2hEc2bzHTCy5a13%2FZKordkTXcHGASVKTso7wo9cFh39jxyZCEkTmrK8Nhe40U8SQcQxWrg03pnYmyBxjAqT2XdETczfFIrPvpQmJzZURCMcee6uOA4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7bd89125cf643616-FRA
expires
Tue, 23 May 2023 08:43:34 GMT
1556300822.png
web-api.scorarab.com/uploads/team/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-api.scorarab.com/uploads/team/1556300822.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9c48c22b924583ec44c30b0f26f83ccc343f79a891f05b9f162187d8a3f201f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2028818
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8084
x-xss-protection
1; mode=block
last-modified
Wed, 08 Dec 2021 17:06:39 GMT
server
cloudflare
etag
"61b0e61f-1f94"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4UUMx6FJ5P2k2XziHSb79tDXVGTbMFvDQd6Pd7CAvOScA5KWgr2HfRWZlAVKLH05dLlVM7%2Fh3BBNGCc3YEl6NRV%2BAVdsWX9rCOJx6V606pp32YgCRnWD%2FyBMQBx890ICzj1F13BBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7bd89125cf673616-FRA
expires
Tue, 02 May 2023 06:41:02 GMT
rocket-loader.min.js
yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 18 Apr 2023 16:29:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"643ec584-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0QaQeXwV4o47t71zcU39flzQTIBZYFH6XHZ27N9mDcYC1ageLrwt3KjaG0dgLHA6XP5kI6pwIho3bOk0eZ7h43424OFPEZadB0eNoRWzhCf2TywKNgb9wS1Oj2APzL4x08%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7bd891257a82bb44-FRA
expires
Thu, 27 Apr 2023 18:14:40 GMT
telegram.svg
live.shoot-yalla.tv/uploads/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.shoot-yalla.tv/uploads/img/telegram.svg
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45dd60aee8728ca8786226233d74694db5f4c0110647c8e48710c49cdd5bdf41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
603558
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Fri, 03 Jun 2022 01:24:02 GMT
server
cloudflare
etag
W/"629962b2-424"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ayZT5mPYy6z0omJY2rLjRMCtdtioFz7OFvx4wwWgU7w1mnCuGXwQkEWB88lg3bOP80iix8IzjidzOg1ZGfY%2F1UssLGwQL8%2FFXJAWZfHf4GJIxD1LiDl8Eu8nb%2BDUGYvI%2BhVV%2BSVE"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
7bd89125ea1739f1-FRA
expires
Thu, 18 May 2023 18:35:21 GMT
js
www.googletagmanager.com/gtag/ 		113 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-230085360-1
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
65dba5656cf6e9151d5be35836f94834b963f2bac3bac28189cd9dfd194e373d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
45094
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 25 Apr 2023 18:14:40 GMT
lazyload.js
yalla-shoots.tv/assets/themes/yalla-shoot/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/assets/themes/yalla-shoot/js/lazyload.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1b682cb1fee45d7f80c900aba4d8ddcb18ac1016dcf38ece495801ac65eb14f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
603549
cf-polished
origSize=7249
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-bgj
minify
last-modified
Sat, 23 Jul 2022 01:24:16 GMT
server
cloudflare
etag
W/"62db4dc0-1c51"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnU3Uksx0xFN1s1%2FnevFq6weU%2FEHW4wsFmJVjeIaVuo%2Bf%2FxheCfyqnTHQvs4y4h9QosLpoaHsphC0CG2JtEnIBgmv7XwanpKLafVKTfe7i%2FNWWqe%2BPGHGXvr93R7MRM%2BBgI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
cf-ray
7bd89125cca8913c-FRA
expires
Thu, 18 May 2023 18:35:31 GMT
matche
dalbouh.xyz/api/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dalbouh.xyz/api/matche?t=1682446463
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.233.172 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
spt
tg1.modoro360.com/api/adserver/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=63e0c53d06b87484dc0f3a56&AV_PUBLISHERID=63e0c30829bdc76cde070e85
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:25::1726:6216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c247c2d28fb0abc88fa5da722273010d1855dbf7cbd5ef55d539e817118ececc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

X-Bamboo-C-SkSt
1
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
Date
Tue, 25 Apr 2023 18:14:40 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Vary
Accept-Encoding
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Content-Length
6854
Expires
Tue, 25 Apr 2023 18:19:40 GMT
yalla-shoots.tvdynamic.js
jscdn.greeter.me/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jscdn.greeter.me/yalla-shoots.tvdynamic.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
35cf75de5d617b7a8e395dc30579c7245e3001a2b8227d55f3d3ddc2e773741d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Wed, 11 Jan 2023 19:24:32 GMT
x-amz-request-id
tx00000000000003aef4908-0064480f0e-9767395a-fra1b
etag
"3cc898bc27a1b9035922667e9a7e891a"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1682446480.dop244.fr8.t,1682446480.cds108.fr8.hn,1682446480.cds321.fr8.c
content-type
text/javascript
cache-control
max-age=1166
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
7957
yalla-shoots.tvhead.js
jscdn.greeter.me/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jscdn.greeter.me/yalla-shoots.tvhead.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
c73e7fcf76232d28a1760877bd3eccada211feb797fd25ba824df3bac45b46eb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Wed, 11 Jan 2023 19:35:56 GMT
x-amz-request-id
tx00000000000003aef490b-0064480f0e-9767395a-fra1b
etag
"559fe7c18011a3e1db9adb6276cba3f6"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1682446480.dop244.fr8.t,1682446480.cds108.fr8.hn,1682446480.cds149.fr8.c
content-type
text/javascript
cache-control
max-age=1166
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
7559
jquery.min.js
yalla-shoots.tv/assets/js/ 		87 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/assets/js/jquery.min.js?t=1682446463
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7e05b68eb47f0167793018bfc04a5fd640d8a9f406b6b2c1892a97f084f6769
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 21 Sep 2022 18:59:19 GMT
server
cloudflare
etag
W/"632b5f07-15d3a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KlMQRaCEUEIb7qsMQ0pUyG%2B2%2FoS6LcmgqR5%2By%2FbsreqhLAMs2Pe3NHARE%2BGj%2BKTxl9CrL8E5%2BwCR%2F6MGMB56QVgZGo7u49Zr4oBkPChyshG%2BCAMYQd8dKfXogYc%2BgVjU50%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
cf-ray
7bd89125ccac913c-FRA
expires
Thu, 25 May 2023 18:14:37 GMT
impl.v16.7.1.js
live.demand.supply/ 		73 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/impl.v16.7.1.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbd979b253f1094192758b903dbf1258373e373ea264905849c30ca44931e1e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GYAHAQ430A5TEKDY09RNW2H8
date
Tue, 25 Apr 2023 18:14:40 GMT
content-encoding
br
cf-cache-status
HIT
age
613061
cf-polished
origSize=75202
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"af5bcf980a6a31d6010a8947169a5412-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
7bd891264c603a66-FRA
eWFsbGEtc2hvb3RzLnR2Lw==
live.demand.supply/p4/v16-2-0/ 		2 KB
915 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v16-2-0/eWFsbGEtc2hvb3RzLnR2Lw==
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f96795e5986b128c28976d4229c5be0e6c05409a94884a26414f6b9aa43010c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
7bd891264c5e3a66-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
e.js
live.demand.supply/e/ 		0
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?e=ll&d=168&cs=c&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA2NzMvODc4MjQ4L2dpcm9uYS12cy1yZWFsLW1hZHJpZC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Tue, 25 Apr 2023 18:14:40 GMT
cf-cache-status
HIT
age
1465700
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7bd891266efc3719-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
585ca35d1756a90e03e28d509d5305c416894a3cd057b4a30f39735610a01d80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24985
x-xss-protection
0
server
cafe
etag
45 / 19472 / m202304200101 / config-hash: 15247404577715201805
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 25 Apr 2023 18:14:40 GMT
eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA2NzMvODc4MjQ4L2dpcm9uYS12cy1yZWFsLW1hZHJpZC8=
live.demand.supply/p4/v16-2-0/ 		2 KB
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v16-2-0/eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA2NzMvODc4MjQ4L2dpcm9uYS12cy1yZWFsLW1hZHJpZC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
055e97048fdeb72ca41bbb1f261aea8d8f41f5a366c1d66149c9c5b69a0e551c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
7bd891264c643a66-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ds.2.html
live.demand.supply/ 		413 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GWKXNNK2Q6J4EK436CXFQ5N7
date
Tue, 25 Apr 2023 18:14:40 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
2029146
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
7bd891266efd3719-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
yalla-shoots.tv_fluid_lb+sq
live.demand.supply/cp/ 		30 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_fluid_lb+sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA2NzMvODc4MjQ4L2dpcm9uYS12cy1yZWFsLW1hZHJpZC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61da852ba9bccd86c1208f906244f578d0eedba955d4149355d19f4e21821da8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7bd891268f363719-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30
yalla-shoots.tv_native_multi_native1
live.demand.supply/cp/ 		21 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_native_multi_native1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA2NzMvODc4MjQ4L2dpcm9uYS12cy1yZWFsLW1hZHJpZC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7bd891268f383719-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21
yalla-shoots.tv_fluid_sky+sq
live.demand.supply/cp/ 		29 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_fluid_sky+sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA2NzMvODc4MjQ4L2dpcm9uYS12cy1yZWFsLW1hZHJpZC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db2ad1d92372869a972e4efdf320c025607350b54c58d39114d8cea57b4cf625

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7bd891268f393719-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29
yalla-shoots.tv_fluid_lb+sq
live.demand.supply/cp/ 		30 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_fluid_lb+sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA2NzMvODc4MjQ4L2dpcm9uYS12cy1yZWFsLW1hZHJpZC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61da852ba9bccd86c1208f906244f578d0eedba955d4149355d19f4e21821da8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7bd891269f3f3719-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30
yalla-shoots.tv_auto_728x90_sticky_display_bottom
live.demand.supply/cp/ 		29 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA2NzMvODc4MjQ4L2dpcm9uYS12cy1yZWFsLW1hZHJpZC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76d0c953ed23e810ff3182290d898f080456f25506c86c16e272d60230ca0b96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7bd89126af763719-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/ 		399 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eebca01c60b315a6937fea6c94dfaa2b2afcb61cd14cdf7e655cefec2fc32017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 11:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
22942
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126587
x-xss-protection
0
server
cafe
etag
1883905843074567667
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 24 Apr 2024 11:52:18 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		2 KB
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
272976e47a2b186641def1054de0d584af41c25eda9295804560b6f638473ab4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
557
x-xss-protection
0
expires
Tue, 25 Apr 2023 18:14:40 GMT
e.js
live.demand.supply/e/ 		0
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&pdc=0.14440861940383912&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA2NzMvODc4MjQ4L2dpcm9uYS12cy1yZWFsLW1hZHJpZC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Tue, 25 Apr 2023 18:14:40 GMT
cf-cache-status
HIT
age
1465700
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7bd89127890b3719-FRA
e.js
live.demand.supply/x/ 		0
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=da&r=yalla-shoots.tv_fluid_lb%2Bsq&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA2NzMvODc4MjQ4L2dpcm9uYS12cy1yZWFsLW1hZHJpZC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GT697DWCG03Y95C7R5741DG8
date
Tue, 25 Apr 2023 18:14:40 GMT
cf-cache-status
HIT
age
2030249
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7bd89127890d3719-FRA
e.js
live.demand.supply/e/ 		0
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_sky%2Bsq&pdc=0.4621637463569641&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA2NzMvODc4MjQ4L2dpcm9uYS12cy1yZWFsLW1hZHJpZC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Tue, 25 Apr 2023 18:14:40 GMT
cf-cache-status
HIT
age
1465700
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7bd8912799173719-FRA
e.js
live.demand.supply/e/ 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&pdc=0.14440861940383912&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA2NzMvODc4MjQ4L2dpcm9uYS12cy1yZWFsLW1hZHJpZC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Tue, 25 Apr 2023 18:14:40 GMT
cf-cache-status
HIT
age
1465700
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7bd8912799293719-FRA
e.js
live.demand.supply/x/ 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=da&r=yalla-shoots.tv_fluid_lb%2Bsq&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA2NzMvODc4MjQ4L2dpcm9uYS12cy1yZWFsLW1hZHJpZC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GT697DWCG03Y95C7R5741DG8
date
Tue, 25 Apr 2023 18:14:40 GMT
cf-cache-status
HIT
age
2030249
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7bd89127992c3719-FRA
e.js
live.demand.supply/e/ 		0
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_728x90_sticky_display_bottom&pdc=0.1781451463699341&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA2NzMvODc4MjQ4L2dpcm9uYS12cy1yZWFsLW1hZHJpZC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Tue, 25 Apr 2023 18:14:40 GMT
cf-cache-status
HIT
age
1465700
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7bd89127b95b3719-FRA
sdb.css
live.demand.supply/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/css/sdb.css
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GTP882AJGXJCM3VNH3JF57QN
date
Tue, 25 Apr 2023 18:14:40 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
1679698
etag
W/"14c5381be186641471a926a081d90c88-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
7bd89127bd579b31-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
34876
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6F%2BUlG63oTy4%2Bk2QttBLqC3LBH94%2FMPJ6O3OoIIxPp9UErxFPl4u8%2B6UTI91ZeeEu8clexdhNRLw6UXcSzyM4iq%2BjcJ4BaQik72nE1OFlAlOohE02i9sf4YDzgSDcuO8KO9XCNRtCsoEUZyfL5A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7bd891285a88381a-FRA
esp.js
cdn.id5-sync.com/api/1.0/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
5HYXHX9PK7AYJ3XS
age
852
etag
W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7bd891287a2d9106-FRA
x-amz-id-2
S6R2y7dt0TJ0tHF3dRN8FSP0T4Q58OI/Vn9tn6k1ruurUluy4rf0Kfbl+uLVEbxXwO1SEX/JYWbTZrOjCJ1sVw==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0390a205adde41148772c08262a87b8b173f4d1df61e9ce323b89069827643c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 17:49:44 GMT
via
1.1 google
age
1496
x-guploader-uploadid
ADPycdvAY6x_lHN08DKp-gl2rSv-na-lldWHAVArxMfv0IWghgHvk9mIVLImIQoDJPBq3odOuFM3b9a9xQwdy1R7f47kGA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1980
last-modified
Tue, 25 Apr 2023 13:43:05 GMT
server
UploadServer
etag
"692cc2d6f486e447021bff2a69a35f34"
x-goog-generation
1682430185162277
x-goog-hash
crc32c=dKXvLw==, md5=aSzC1vSG5EcCG/8qaaNfNA==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
1980
accept-ranges
bytes
expires
Tue, 25 Apr 2023 18:49:44 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:ac00:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 02:50:38 GMT
Via
1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Jan 2023 04:07:36 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
55443
x-amz-server-side-encryption
AES256
ETag
"aded621b17723f487b3c9d0e43cf2f94"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1859
X-Amz-Cf-Id
4CFABzA-oZFcl4lNa-9psChCnggcPIM8R3PbeW5wMvDlkNRApX5_Vg==
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 03:48:15 GMT
content-encoding
gzip
via
1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 22:36:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
51986
x-amz-server-side-encryption
AES256
etag
W/"4fd6c99ca40fed5d11cbd9e1b76a92f1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
tykfx9xCEJEDkwT6UVRWhQ8mIvOrBG1E_tz7PaU0eIkWQTYImNB6Bg==
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-9c21"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 26 Apr 2023 18:14:40 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		126 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=263317129759169&correlator=160778714784819&eid=31073385%2C31074093&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C175844fe-17b4-47e6-9355-28af1ff828c4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=1711219817&didk=1133630126&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D75aa9d70-b9f0-4707-abb8-cc5d7820b549%26chrand%3Dn%26pof%3D1%26bsc%3D69&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682446480651&lmt=1682446463&dlt=1682446480164&idt=437&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1037507575.1682446481&ga_sid=1682446481&ga_hid=309559342&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYher_zPswSABSAghkEhsKDGlkNS1zeW5jLmNvbRiF6v_M-zBIAFICCGQSGQoKcHViY2lkLm9yZxiE6v_M-zBIAFICCGQSFwoIcnRiaG91c2UYher_zPswSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGIXq_8z7MEgAUgIIZBIZCgp1aWRhcGkuY29tGIXq_8z7MEgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f4c75624f348e16a3d79e64e9192ac34f2ee4fa61a44dcf51ff9db809aa891b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34570
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=263317129759169&correlator=2815383766349486&eid=31073385%2C31074093&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C356922b4-0932-42d8-8698-9fc099d8e22d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=2&adks=3546545283&didk=1418515193&sfv=1-0-40&prev_scp=ti%3D75aa9d70-b9f0-4707-abb8-cc5d7820b549%26chrand%3Dn%26pof%3D1%26rfi%3D30%26bsc%3D69&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682446480658&lmt=1682446463&dlt=1682446480164&idt=437&adxs=302&adys=220&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&frm=20&vis=1&psz=1052x116&msz=1052x116&fws=4&ohw=1100&ga_vid=1037507575.1682446481&ga_sid=1682446481&ga_hid=309559342&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYher_zPswSABSAghkEhsKDGlkNS1zeW5jLmNvbRiF6v_M-zBIAFICCGQSGQoKcHViY2lkLm9yZxiE6v_M-zBIAFICCGQSFwoIcnRiaG91c2UYher_zPswSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGIXq_8z7MEgAUgIIZBIZCgp1aWRhcGkuY29tGIXq_8z7MEgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
258906f6f571fd93dc466499e9ea6b46751a8bd2db70ea6ee2de52b37f27f6fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
545
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		61 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=263317129759169&correlator=830526160367136&eid=31073385%2C31074093&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C7b9be0bc-7aae-4298-84dd-8d5becb2ea92&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x600&ifi=3&adks=932317976&didk=412460675&sfv=1-0-40&prev_scp=ti%3D75aa9d70-b9f0-4707-abb8-cc5d7820b549%26chrand%3Dn%26pof%3D1%26bsc%3D69&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682446480662&lmt=1682446463&dlt=1682446480164&idt=437&adxs=302&adys=504&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&frm=20&vis=1&psz=1052x616&msz=1052x616&fws=4&ohw=1100&ga_vid=1037507575.1682446481&ga_sid=1682446481&ga_hid=309559342&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYher_zPswSABSAghkEhsKDGlkNS1zeW5jLmNvbRiF6v_M-zBIAFICCGQSGQoKcHViY2lkLm9yZxiE6v_M-zBIAFICCGQSFwoIcnRiaG91c2UYher_zPswSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGIXq_8z7MEgAUgIIZBIZCgp1aWRhcGkuY29tGIXq_8z7MEgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a44e8a64318be6f675166b149cb8872c5198af02329da52fe11342db9145172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14591
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		106 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=263317129759169&correlator=1312654089268248&eid=31073385%2C31074093&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cnative-multi%2C3d4ab4c6-6d5f-4b8c-9e83-ea0e7b3534e1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=4&adks=2602376739&didk=3429720031&sfv=1-0-40&prev_scp=ti%3D75aa9d70-b9f0-4707-abb8-cc5d7820b549%26chrand%3Dn%26pof%3D1%26rfi%3D30%26bsc%3D69%26format%3Dmulti-native&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682446480665&lmt=1682446463&dlt=1682446480164&idt=437&adxs=262&adys=504&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&frm=20&vis=1&psz=1076x0&msz=1076x0&fws=4&ohw=1076&ga_vid=1037507575.1682446481&ga_sid=1682446481&ga_hid=309559342&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYher_zPswSABSAghkEhsKDGlkNS1zeW5jLmNvbRiF6v_M-zBIAFICCGQSGQoKcHViY2lkLm9yZxiE6v_M-zBIAFICCGQSFwoIcnRiaG91c2UYher_zPswSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGIXq_8z7MEgAUgIIZBIZCgp1aWRhcGkuY29tGIXq_8z7MEgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d7e500c30cac2f6b323076f17ffdd19bd120708167a5e516345f97d365bd71a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28926
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=263317129759169&correlator=2338101211561648&eid=31073385%2C31074093&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C356922b4-0932-42d8-8698-9fc099d8e22d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=5&adks=1671024393&didk=1418515198&sfv=1-0-40&prev_scp=ti%3D75aa9d70-b9f0-4707-abb8-cc5d7820b549%26chrand%3Dn%26pof%3D1%26rfi%3D30%26bsc%3D69&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682446480667&lmt=1682446463&dlt=1682446480164&idt=437&adxs=314&adys=2311&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&frm=20&vis=1&psz=1076x116&msz=1076x116&fws=4&ohw=1100&ga_vid=1037507575.1682446481&ga_sid=1682446481&ga_hid=309559342&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYher_zPswSABSAghkEhsKDGlkNS1zeW5jLmNvbRiF6v_M-zBIAFICCGQSGQoKcHViY2lkLm9yZxiE6v_M-zBIAFICCGQSFwoIcnRiaG91c2UYher_zPswSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGIXq_8z7MEgAUgIIZBIZCgp1aWRhcGkuY29tGIXq_8z7MEgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f5a556e2c1247f0f02560737cf890acb7fb3dbcb32f58ec6d8307f394e4d5d29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
550
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=263317129759169&correlator=4071260789331808&eid=31073385%2C31074093&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C2f5dd645-0d0d-422d-99d2-d7bef2ca8963&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=6&adks=3202367356&didk=4055989924&sfv=1-0-40&prev_scp=ti%3D75aa9d70-b9f0-4707-abb8-cc5d7820b549%26chrand%3Dn%26pof%3D1%26rfi%3D30%26stt%3Dbhs%26bsc%3D69&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682446480670&lmt=1682446463&dlt=1682446480164&idt=437&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1037507575.1682446481&ga_sid=1682446481&ga_hid=309559342&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYher_zPswSABSAghkEhsKDGlkNS1zeW5jLmNvbRiF6v_M-zBIAFICCGQSGQoKcHViY2lkLm9yZxiE6v_M-zBIAFICCGQSFwoIcnRiaG91c2UYher_zPswSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGIXq_8z7MEgAUgIIZBIZCgp1aWRhcGkuY29tGIXq_8z7MEgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a81f13d46c07290b0bc225a82667ad1245996f3f0d6256f962890c33ed9903d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11159
x-xss-protection
0
google-lineitem-id
6247069801
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138426413305
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EBD4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 18:14:40 GMT
expires
Wed, 24 Apr 2024 18:14:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e1070ef03510c03bf072fc9acc862eb3e3bc71cd0079472eb0dc10455e9838a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 13:24:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
17381
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11862
x-xss-protection
0
server
cafe
etag
16286120947684496633
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 24 Apr 2024 13:24:59 GMT
key.php
yalla-shoots.tv/ 		166 B
781 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/key.php?kt=1682446480
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6ee8f5847140c4b24a3fc2ad1aa458ad98aa0b2b2466c318dc1728a6c6c7c78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cF4tUPZrqdtGUueGA%2FAyNxpzWIeSh81Y2I9EmYu%2B5DICbsJ6bKuiUZR9PtH%2BZV2UgjdnL7KqP1i8JknItqppxud0wA2ZRTtdMjqqxSZJ3XQUkypuzpHUQm1ZTOhydx%2FaX58%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=60
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
cf-ray
7bd89128a9b4913c-FRA
expires
Tue, 25 Apr 2023 18:15:40 GMT
get
feed.avplayer.com/backend/ 		4 KB
813 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://feed.avplayer.com/backend/get?cmsType=playlist&id=631a2480b3d08269680f4be2&AV_TAGID=63e0c53d06b87484dc0f3a56&pid=63e0c30829bdc76cde070e85&cid=63e0c35e9283893b7f0c04f6&AV_TEMPID=62c2a28af9382161a05f9104&AV_PUBLISHERID=63e0c30829bdc76cde070e85
Requested by
Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=63e0c53d06b87484dc0f3a56&AV_PUBLISHERID=63e0c30829bdc76cde070e85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
cce1aee65b9f2093ba86119d6ef979fd5183c77b513a1f6c735e0cd56f951070

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
content-encoding
gzip
x-hw
1682446480.dop107.fr8.t,1682446480.cds250.fr8.hn,1682446480.cds205.fr8.c
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
content-length
608
avcplayer.js
player.avplayer.com/script/2/v/ 		251 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/v/avcplayer.js
Requested by
Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=63e0c53d06b87484dc0f3a56&AV_PUBLISHERID=63e0c30829bdc76cde070e85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 17:18:44 GMT
etag
"1646327924"
x-hw
1682446481.dop004.fr8.t,1682446481.cds054.fr8.hn,1682446481.cds249.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
61326
track
servt.modoro360.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.modoro360.com/track?pid=63e0c30829bdc76cde070e85&cid=63e0c35e9283893b7f0c04f6&cb=1682446480744&r=yalla-shoots.tv&stagid=63e0c53d06b87484dc0f3a56&stplid=62c2a28af9382161a05f9104&d35=&d65=Test1&d66=7&d74=&e=playerLoaded&cpid=631a2480b3d08269680f4be2&str=viewable
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.149.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-149-208.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
e.js
live.demand.supply/x/ 		0
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=fs&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA2NzMvODc4MjQ4L2dpcm9uYS12cy1yZWFsLW1hZHJpZC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GT697DWCG03Y95C7R5741DG8
date
Tue, 25 Apr 2023 18:14:40 GMT
cf-cache-status
HIT
age
2030249
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7bd89128baff3719-FRA
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304200101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14ff6990c88dc1b8612265161acb023d6cdba726bc355004cc3c7ea89deb04e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11149
x-xss-protection
0
A-letterbigger_Savir.png
jscdn.greeter.me/ 		945 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jscdn.greeter.me/A-letterbigger_Savir.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Sun, 10 Jul 2022 13:45:06 GMT
x-amz-request-id
tx00000000000003da33280-0064480bed-9620c93c-fra1b
etag
"f07519ec5fbc46385f386b577e6e2a1d"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1682446480.dop244.fr8.t,1682446480.cds108.fr8.hn,1682446480.cds205.fr8.c
content-type
image/png
cache-control
max-age=365
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
945
hb_739813_17175.js
player.aplhb.adipolo.com/prebidlink/467346/ 		290 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.tvhead.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
f8aa9a880d6e487e7842722fbaee7c4c914803cef2baf4f92b76167b48df3bad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2022 12:00:43 GMT
server
nginx
etag
W/"63a0526b-48644"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Tue, 25 Apr 2023 19:14:40 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.tvhead.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de06d2f3d217dcf4a678277e67e548d975b22b5f2dbb3bc16f0fb0009771aec1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24985
x-xss-protection
0
server
cafe
etag
579 / 19472 / m202304200101 / config-hash: 15247404577715201805
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 25 Apr 2023 18:14:40 GMT
wrapper_hb_739813_17175.js
player.aplhb.adipolo.com/prebidlink/467346/ 		2 KB
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aplhb.adipolo.com/prebidlink/467346/wrapper_hb_739813_17175.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.tvhead.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
cba78783503f962e24d09c78f38add0360021817317c6972d14e37e250b52e3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2022 12:13:01 GMT
server
nginx
etag
W/"63a0554d-685"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Tue, 25 Apr 2023 19:14:40 GMT
gpt.js
www.googletagservices.com/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.tvhead.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb1738b2b6694eebd0b856d857aa4d0438a2c8841d2ac3cf7ac3fe924bcbb366
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24986
x-xss-protection
0
server
cafe
etag
483 / 19472 / m202304200101 / config-hash: 15247404577715201805
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 25 Apr 2023 18:14:40 GMT
adipolo_logo.png
adipolo.com/wp-content/uploads/2020/06/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
cf-cache-status
HIT
last-modified
Tue, 02 Jun 2020 09:04:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5204647
etag
"5ed61610-1b9c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLVHT4FoPUxQEs1KA8Jj5VbU2z7u0CgU%2FNjFmbDtCiz4QQsdF9Hg5jX60AGWrkt%2FDYcIDGAqNgd%2FNpfQoOLL1KWXFhMZcOcMpp6nM8VKb4qUw9xbQEmsLwuFwuWbGoMVCaCww%2FTtMPhvug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7bd891292d1b2bb9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7068
encrypt
esp.rtbhouse.com/ 		265 B
360 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
fd41e389839b4455c120639c03ce0d70ae8b67bafa57b97bd2fd207f6dad7520

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
via
1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
5937e7538ec3bbdea95a5d5ae5912f13
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
265
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://yalla-shoots.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://yalla-shoots.tv
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Tue, 25 Apr 2023 18:14:40 GMT
server
Google Frontend
vary
Origin
via
1.1 google
x-cloud-trace-context
c529c1246cd2397db9efdfd59ce5265a
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-230085360-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 25 Apr 2023 16:35:44 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
5936
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Tue, 25 Apr 2023 18:35:44 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.141.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-141-162.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ed0bba0e9e5357215cdeae19956cedef3d03af5b5a293a3205d5951d1cce29d4

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:40 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache
x-server
10.45.12.172
access-control-allow-credentials
true
content-length
60
expires
0
increment
id5-sync.com/api/esp/ 		0
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://yalla-shoots.tv
date
Tue, 25 Apr 2023 18:14:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
A-letterbigger_Savir.png
jscdn.greeter.me/ 		945 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jscdn.greeter.me/A-letterbigger_Savir.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Sun, 10 Jul 2022 13:45:06 GMT
x-amz-request-id
tx00000000000003da33280-0064480bed-9620c93c-fra1b
etag
"f07519ec5fbc46385f386b577e6e2a1d"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1682446480.dop244.fr8.t,1682446480.cds108.fr8.hn,1682446480.cds205.fr8.c
content-type
image/png
cache-control
max-age=365
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
945
frame.php
yalla-shoots.tv/ Frame DB59 		198 KB
72 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/frame.php?ch=b1_1&p=10&token=NmQ2YTY1MzM2YzZhNjU3ODZlNjMzNDc5NmQ3NDY3NzU2ZDZhNjY3MTY0Nzg2ZTZmNmQ2YTYxNzk2ZDY5NzM3OTZkNjQ2OTc3NmI2YjZjNjU3MTY4NmYzMzc5Nzg2YjMxNjQ2YTZkMzI2OTc4NmYzMTY5Nzc=&kt=1682446480
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b69dffefbcf3d6d04fe11ac62bd287872e0c8033cf9fa63263f2dcd483c456b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=60
cf-cache-status
DYNAMIC
cf-ray
7bd891291a4c913c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 25 Apr 2023 18:14:40 GMT
expires
Tue, 25 Apr 2023 18:15:40 GMT
feature-policy
microphone none;camera none;geolocation none;
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), microphone=(), geolocation=()
referrer-policy
strict-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jdEbLikupkKeLtI1hDb%2BYfzMwcn28KCE%2F3IL3jqyKcQ%2BWLpx5m0%2FwluJXvNxa7Rfq6Ow8t3isXHxEfA1Jk5NDbu2ujsLQSpF7Ljq6jr%2F%2BZOVFWvOmhv4lXv%2FhQzU0cXzcZ4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
syncframe
gum.criteo.com/ Frame BBE9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=yalla-shoots.tv
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 18:14:40 GMT
server
Kestrel
server-processing-duration-in-ticks
532143
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
collect
www.google-analytics.com/j/ 		1 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=309559342&t=pageview&_s=1&dl=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&ul=en-us&de=UTF-8&dt=%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9%20%D8%AC%D9%8A%D8%B1%D9%88%D9%86%D8%A7%20%D9%88%20%D8%B1%D9%8A%D8%A7%D9%84%20%D9%85%D8%AF%D8%B1%D9%8A%D8%AF%20-%20%D8%A7%D9%84%D8%AF%D9%88%D8%B1%D9%8A%20%D8%A7%D9%84%D8%A5%D8%B3%D8%A8%D8%A7%D9%86%D9%8A%20-%202023-04-25&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=244527948&gjid=2136974763&cid=1037507575.1682446481&tid=UA-230085360-1&_gid=657089758.1682446481&_r=1&gtm=457e34j0&jsscut=1&z=1390452977
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 25 Apr 2023 18:14:40 GMT
rocket-loader.min.js
yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame DB59 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/frame.php?ch=b1_1&p=10&token=NmQ2YTY1MzM2YzZhNjU3ODZlNjMzNDc5NmQ3NDY3NzU2ZDZhNjY3MTY0Nzg2ZTZmNmQ2YTYxNzk2ZDY5NzM3OTZkNjQ2OTc3NmI2YjZjNjU3MTY4NmYzMzc5Nzg2YjMxNjQ2YTZkMzI2OTc4NmYzMTY5Nzc=&kt=1682446480
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 18 Apr 2023 16:29:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"643ec584-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yggIkCkfD3jW14BLB3N6ogDQWHcx4fPUZ11mDmPTp3QrB3Qdh2u3ksRekzusPeJwy3mLdU7xvBto%2F8eA2QomCpJ4FXhpfOV%2BF8mRuJmI6CgOBOXM3OMCblkwGTvDZnHGZy0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7bd89129bb9e913c-FRA
expires
Thu, 27 Apr 2023 18:14:40 GMT
clappr-p2p-plugin.min.js
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/ Frame DB59 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/clappr-p2p-plugin.min.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8eb7e24873bb65c9b7193534bda15761d8853b24ca4a41d7749360972504141
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
37736
x-jsd-version
2.6.5
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230036-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"c19-SLjttAW8dcDjADi6J1T2hbhokWc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gd9i9W2o3G7DGZ8RykWRiMg8VexU3NYueu7kvcG0oaPO51ExXUVXtDhzp8DI2WoytMzXF%2F42EjSQ9uQ4YcTv96Y55l96Bss4o2r4K%2BVl4n9xKdI4tDBfrplLNU8ASgkQ3rNR%2B7JrBojQ%2B9dJQ1M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7bd89129ed37381a-FRA
p2p-engine.min.js
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/ Frame DB59 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c618d0210f46e9b9c6decff2ab712bf2f64546b3ac7d25e59996d3106d7adc32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
16448
x-jsd-version
2.7.0
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230112-FRA, cache-yyz4582-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"2acf7-zjDh6eFmUFvA+lQTGAEaiWfu5tM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oKR%2FBDqGWfdfWViyqWN2oQDVWMpeBCfrH8f9aB02Hj953bSeEy4pzaiFDbA68r0Da6gbxuAXRFfby4672Q4g7H5ebBiG90u9ijBKazPxWYtE%2Bav3q16DCRRkfOqlz2v8%2FZhxP9qo0j%2FbtNVt750%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7bd89129dd34381a-FRA
level-selector.min.js
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame DB59 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
31814
x-jsd-version
0.3.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230055-FRA, cache-jnb7027-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NoK4DSdLTwkc9Nj%2BT34lH5cnsYKBq2%2B2mFzia4Pzju4dbaJZFIJyDepX%2FI8e4oMapdpSm9zOC%2FJDhPlY1wU4ewjzH5t7%2BJ2c5dAEMATkNwhDNibgADiozapsliTznWcHaN5KQn7QFyikRsSikQc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7bd89129ed38381a-FRA
clappr.min.js
cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/ Frame DB59 		470 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce00e20b1de71ae06025269109fb0cb9482ba6af1dbc262ba4eda319aaef9229
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5391541
x-jsd-version
0.4.7
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230102-FRA, cache-yyz4521-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"7569d-g/bZEgP/0XCbPxVx7RLqUXpxxzU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dpBJoTvhGXriK8KYnUaLwViLpCzIwctPsxWduukMu7m8OxZwk6uLjK7CEtMCv4O%2Bl%2FK9qRAMv9lnRyXBL58j5BANln6DtaJ%2F8to%2BKZTenNHw2CLyxCz6c1xCdbQrTFcEy0nztpgTtPYhoin9RQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7bd89129ed3c381a-FRA
sid
mug.criteo.com/ Frame BBE9
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=yalla-shoots.tv&sn=ChromeSyncframe&so=0&topUrl=yalla-shoots.tv&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=N2FOSXxoMzFadFB6Z0V2bFdZRUpLOVdzckMzVFgwNXpKVVRoUG9HczFiV25IM3RtdVFwWEc2Z0F1OS9YVlNuamRQZnQybVpBcGxQUXJGRXZlbHErQ3ZFd2drazNIa0NSRnc2akx1Yy82KzNFaFhjaHcxWnZQUnhTd2VDbz...
431 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=N2FOSXxoMzFadFB6Z0V2bFdZRUpLOVdzckMzVFgwNXpKVVRoUG9HczFiV25IM3RtdVFwWEc2Z0F1OS9YVlNuamRQZnQybVpBcGxQUXJGRXZlbHErQ3ZFd2drazNIa0NSRnc2akx1Yy82KzNFaFhjaHcxWnZQUnhTd2VDbzdsam8rRkJxekR6WU4yMzVnWXpIL3pRcXRCb2ZIcGc5UEpkcElUZExGWnJwcnVobTdtRUxnRXcwT3MzYXhuMVFMcytXVmZBYTBvZE94azB1NlhyV3lKNFVEQ3VLbDJOcVhqVGRhcnlzb05QUVBKeENaUkhzdXlEcFdDM1c0TElrK2w2bUZveXhVU1A5SlRhaUNjVXlxNEo4MFQ2S2s2cFpiZUJxNzlxdEhsSkhIcnUrMjRpdz18&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
65d67f668f50e5667a3ae6faf47ccc470f793f7aa7ef9e7a38df5ceb33b5471c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:40 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1490276
expires
0

Redirect headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:40 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=N2FOSXxoMzFadFB6Z0V2bFdZRUpLOVdzckMzVFgwNXpKVVRoUG9HczFiV25IM3RtdVFwWEc2Z0F1OS9YVlNuamRQZnQybVpBcGxQUXJGRXZlbHErQ3ZFd2drazNIa0NSRnc2akx1Yy82KzNFaFhjaHcxWnZQUnhTd2VDbzdsam8rRkJxekR6WU4yMzVnWXpIL3pRcXRCb2ZIcGc5UEpkcElUZExGWnJwcnVobTdtRUxnRXcwT3MzYXhuMVFMcytXVmZBYTBvZE94azB1NlhyV3lKNFVEQ3VLbDJOcVhqVGRhcnlzb05QUVBKeENaUkhzdXlEcFdDM1c0TElrK2w2bUZveXhVU1A5SlRhaUNjVXlxNEo4MFQ2S2s2cFpiZUJxNzlxdEhsSkhIcnUrMjRpdz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
363692
content-length
0
expires
0
e.js
live.demand.supply/e/ 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&e=nai&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA2NzMvODc4MjQ4L2dpcm9uYS12cy1yZWFsLW1hZHJpZC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Tue, 25 Apr 2023 18:14:41 GMT
cf-cache-status
HIT
age
1465701
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7bd8912a2d583719-FRA
e.js
live.demand.supply/e/ 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&e=nai&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA2NzMvODc4MjQ4L2dpcm9uYS12cy1yZWFsLW1hZHJpZC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Tue, 25 Apr 2023 18:14:41 GMT
cf-cache-status
HIT
age
1465701
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7bd8912a3d5f3719-FRA
container.html
359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A036 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 18:14:40 GMT
expires
Wed, 24 Apr 2024 18:14:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		182 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		834 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
e.js
live.demand.supply/e/ 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=-1&r=yalla-shoots.tv_auto_728x90_sticky_display_bottom&sy=921f71e4-a193-4a92-9f4c-6c06615366f9&ts=69&cd=2&pud=168&pus=c&pue=356&pid=40&pis=c&pie=396&ppd=68&pps=a&ppe=425&pcl=277&ttc=422&tti=1005&ttif=0&lca=425&lcak=ppe&lct=425&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=75aa9d70-b9f0-4707-abb8-cc5d7820b549&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA2NzMvODc4MjQ4L2dpcm9uYS12cy1yZWFsLW1hZHJpZC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Tue, 25 Apr 2023 18:14:41 GMT
cf-cache-status
HIT
age
1465701
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7bd8912a5d963719-FRA
container.html
359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 521D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 18:14:40 GMT
expires
Wed, 24 Apr 2024 18:14:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=-1&r=yalla-shoots.tv_fluid_sky%2Bsq&sy=921f71e4-a193-4a92-9f4c-6c06615366f9&ts=69&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=1024x600&mlbw=4g&mlcs=NaN&mltp=75aa9d70-b9f0-4707-abb8-cc5d7820b549&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA2NzMvODc4MjQ4L2dpcm9uYS12cy1yZWFsLW1hZHJpZC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Tue, 25 Apr 2023 18:14:41 GMT
cf-cache-status
HIT
age
1465701
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7bd8912a7dd63719-FRA
hbw_master_739813_17175.js
player.aplhb.adipolo.com/prebidlink/19472/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aplhb.adipolo.com/prebidlink/19472/hbw_master_739813_17175.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/wrapper_hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
a31e81b5ee962da98d89c99da3f964c57755440e8b8e0c950b6cf63f4f29b7fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2022 12:13:01 GMT
server
nginx
etag
W/"63a0554d-152fa"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Tue, 25 Apr 2023 19:14:41 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C701 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
870
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 18:00:11 GMT
expires
Wed, 24 Apr 2024 18:00:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A559 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7b0ca24dca02ca12ce11107abc641ee3ce3d453ae575aa4d59cfbef991bf1cdd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HCDxqVmqGUY0qtrj_zCQ-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-HCDxqVmqGUY0qtrj_zCQ-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 18:14:41 GMT
expires
Tue, 25 Apr 2023 18:14:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A036 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 15:49:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
267910
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 21 Apr 2024 15:49:31 GMT
css
fonts.googleapis.com/ Frame A036 		2 KB
539 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cardo:400,700&lang=de
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9bae94635ca8e444c83c3276ac5163e5dbaa6667e162d6f821a949e134264ce0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Apr 2023 18:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 18:14:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Apr 2023 18:14:41 GMT
4374473173132342163
tpc.googlesyndication.com/simgad/ Frame A036 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4374473173132342163?
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ffdc3ac4306a19c995a12935fcbebddba0d65dce9680443e84fb04541cf43f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 06:04:35 GMT
x-content-type-options
nosniff
age
303006
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48986
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 23:06:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 21 Apr 2024 06:04:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A036 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Apr 2023 18:14:41 GMT
container.html
359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EB28 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 18:14:40 GMT
expires
Wed, 24 Apr 2024 18:14:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=14.88&b=1&r=yalla-shoots.tv_auto_interstitial_desktop&sy=921f71e4-a193-4a92-9f4c-6c06615366f9&ts=69&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=75aa9d70-b9f0-4707-abb8-cc5d7820b549&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA2NzMvODc4MjQ4L2dpcm9uYS12cy1yZWFsLW1hZHJpZC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Tue, 25 Apr 2023 18:14:41 GMT
cf-cache-status
HIT
age
1465701
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7bd8912ade9a3719-FRA
css
fonts.googleapis.com/ Frame 521D 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
66c84fd2e855f7f8795d82db9f5aacc7b3752200f492850aac5cda6eddad7fd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Apr 2023 18:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 17:34:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Apr 2023 18:14:41 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/ Frame 521D 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.css
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c317a678c440afae34736fd8d13a0a28f7f21fdfb351a94f33c7f2abb2560ed8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 20:46:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
250079
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2819
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 20:21:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 20:46:42 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/ Frame 521D 		379 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
231de18b8d42e355897c3c550df71a0e4c19593ba51070a130ee9f307a70c441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 05:45:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
476970
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132560
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 20:21:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Apr 2024 05:45:11 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 521D 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 12:11:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
21790
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8104
x-xss-protection
0
server
cafe
etag
11444945707709536616
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 12:11:31 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 521D 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 15:49:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
267910
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 21 Apr 2024 15:49:31 GMT
config.json
player.adtelligent.com/exchange_rates/313490/ 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
3c73a368f2adbcd75df31d3560480583bc7593ab82220a4ac6c45dfb3a93c700

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

expires
Thu, 27 Apr 2023 18:14:41 GMT
date
Tue, 25 Apr 2023 18:14:41 GMT
content-encoding
gzip
last-modified
Mon, 24 Apr 2023 12:02:18 GMT
server
nginx
etag
W/"64466fca-2abe"
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=172800
x-proxy-cache
HIT
e.js
live.demand.supply/x/ 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=nsi&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA2NzMvODc4MjQ4L2dpcm9uYS12cy1yZWFsLW1hZHJpZC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GT697DWCG03Y95C7R5741DG8
date
Tue, 25 Apr 2023 18:14:41 GMT
cf-cache-status
HIT
age
2030250
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7bd8912b4f5f3719-FRA
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		378 B
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=263317129759169&correlator=3919439524471583&eid=31073385%2C31074093&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Cnativefeedapl&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=7&adks=1483024627&didk=3551856684&sfv=1-0-40&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3Df0f53039cbece2f0%3AT%3D1682446480%3AS%3DALNI_MZgUN7wgKgt20UEKbmR5y1_4h7s2w&gpic=UID%3D00000befaf2f21b1%3AT%3D1682446480%3ART%3D1682446480%3AS%3DALNI_MYxPs1Tu6VcwVnnLonUEsaUZKRKlA&abxe=1&dt=1682446481172&lmt=1682446463&dlt=1682446480164&idt=437&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1037507575.1682446481&ga_sid=1682446481&ga_hid=309559342&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYher_zPswSABSAghkEhkKCnB1YmNpZC5vcmcY_ur_zPswSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqakRHUVJxc09YUkpONTJkdkpNUFFDMThxQWZ5Q2tkUkVJRkZwVmtORmJhbDBKQXZPdzZqUzNSWldPU1liNW0zLzVaWDlpejBxaUFtZFUxUmZTOEtjcCtFbkFTTUltU25veTZ0bnh1Y1lPZmpybndobGhJaEN5T0d5TEhxV3ZNNlFXT0dqM3JDZnIyR0JLSGZrdnhRRWEzcGlyYVBKV2pmbTluY1NOYzFWS3NxZE45S3E3aEhxT09BaUxSaXlsL2wwbXc9PRiK7P_M-zBIABIdCg5lc3AuY3JpdGVvLmNvbRiF6v_M-zBIAFICCGQSGQoKdWlkYXBpLmNvbRiF6v_M-zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNDr_8z7MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49f8b5d3e66d4a8de21ad2a864dfff04420a44770d5c808e61d10e0fed8ff6b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		119 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=263317129759169&correlator=3865423734536666&eid=31073385%2C31074093&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Canchor%2Canchortop&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=8&adks=1163496608&didk=3847343502&sfv=1-0-40&ists=1&fas=2&eri=1&sc=1&cookie=ID%3Df0f53039cbece2f0%3AT%3D1682446480%3AS%3DALNI_MZgUN7wgKgt20UEKbmR5y1_4h7s2w&gpic=UID%3D00000befaf2f21b1%3AT%3D1682446480%3ART%3D1682446480%3AS%3DALNI_MYxPs1Tu6VcwVnnLonUEsaUZKRKlA&abxe=1&dt=1682446481174&lmt=1682446463&dlt=1682446480164&idt=437&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1037507575.1682446481&ga_sid=1682446481&ga_hid=309559342&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYher_zPswSABSAghkEhkKCnB1YmNpZC5vcmcY_ur_zPswSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqakRHUVJxc09YUkpONTJkdkpNUFFDMThxQWZ5Q2tkUkVJRkZwVmtORmJhbDBKQXZPdzZqUzNSWldPU1liNW0zLzVaWDlpejBxaUFtZFUxUmZTOEtjcCtFbkFTTUltU25veTZ0bnh1Y1lPZmpybndobGhJaEN5T0d5TEhxV3ZNNlFXT0dqM3JDZnIyR0JLSGZrdnhRRWEzcGlyYVBKV2pmbTluY1NOYzFWS3NxZE45S3E3aEhxT09BaUxSaXlsL2wwbXc9PRiK7P_M-zBIABIdCg5lc3AuY3JpdGVvLmNvbRiF6v_M-zBIAFICCGQSGQoKdWlkYXBpLmNvbRiF6v_M-zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNDr_8z7MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5bf50991cae7569e67094261c94f48092482ea44c8ff6386997190e44d846123
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38785
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		35 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=263317129759169&correlator=1719822691211256&eid=31073385%2C31074093&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C39a08c37-8599-49df-916b-1911d54fde51&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=9&adks=637267363&didk=1418515198&sfv=1-0-40&prev_scp=ti%3D75aa9d70-b9f0-4707-abb8-cc5d7820b549%26chrand%3Dnbs%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26rfi%3D30%26bsc%3D69%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3Df0f53039cbece2f0%3AT%3D1682446480%3AS%3DALNI_MZgUN7wgKgt20UEKbmR5y1_4h7s2w&gpic=UID%3D00000befaf2f21b1%3AT%3D1682446480%3ART%3D1682446480%3AS%3DALNI_MYxPs1Tu6VcwVnnLonUEsaUZKRKlA&abxe=1&dt=1682446481176&lmt=1682446463&dlt=1682446480164&idt=437&adxs=314&adys=2311&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&frm=20&vis=1&psz=1076x116&msz=1076x116&fws=4&ohw=1100&psts=ABHeCvgqm9kLN_ApWgGyyr48GmRlgW8bJLFI2R9V5IlDBMoTBjRqjevEAqMVYQe3hjesBvjDaMUa3Js0DnKc-uRtd-CI&ga_vid=1037507575.1682446481&ga_sid=1682446481&ga_hid=309559342&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYher_zPswSABSAghkEhkKCnB1YmNpZC5vcmcY_ur_zPswSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqakRHUVJxc09YUkpONTJkdkpNUFFDMThxQWZ5Q2tkUkVJRkZwVmtORmJhbDBKQXZPdzZqUzNSWldPU1liNW0zLzVaWDlpejBxaUFtZFUxUmZTOEtjcCtFbkFTTUltU25veTZ0bnh1Y1lPZmpybndobGhJaEN5T0d5TEhxV3ZNNlFXT0dqM3JDZnIyR0JLSGZrdnhRRWEzcGlyYVBKV2pmbTluY1NOYzFWS3NxZE45S3E3aEhxT09BaUxSaXlsL2wwbXc9PRiK7P_M-zBIABIdCg5lc3AuY3JpdGVvLmNvbRiF6v_M-zBIAFICCGQSGQoKdWlkYXBpLmNvbRiF6v_M-zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNDr_8z7MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc1001110e06487c436dfbfae5af000ccc073d324bdfa65d3669e996c4b26ddd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13560
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=263317129759169&correlator=3404278311890898&eid=31073385%2C31074093&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C39a08c37-8599-49df-916b-1911d54fde51&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=10&adks=2230020544&didk=1418515193&sfv=1-0-40&prev_scp=ti%3D75aa9d70-b9f0-4707-abb8-cc5d7820b549%26chrand%3Dnbs%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26rfi%3D30%26bsc%3D69%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3Df0f53039cbece2f0%3AT%3D1682446480%3AS%3DALNI_MZgUN7wgKgt20UEKbmR5y1_4h7s2w&gpic=UID%3D00000befaf2f21b1%3AT%3D1682446480%3ART%3D1682446480%3AS%3DALNI_MYxPs1Tu6VcwVnnLonUEsaUZKRKlA&abxe=1&dt=1682446481178&lmt=1682446463&dlt=1682446480164&idt=437&adxs=302&adys=220&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&frm=20&vis=1&psz=1052x116&msz=1052x116&fws=4&ohw=1100&psts=ABHeCvgqm9kLN_ApWgGyyr48GmRlgW8bJLFI2R9V5IlDBMoTBjRqjevEAqMVYQe3hjesBvjDaMUa3Js0DnKc-uRtd-CI&ga_vid=1037507575.1682446481&ga_sid=1682446481&ga_hid=309559342&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYher_zPswSABSAghkEhkKCnB1YmNpZC5vcmcY_ur_zPswSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqakRHUVJxc09YUkpONTJkdkpNUFFDMThxQWZ5Q2tkUkVJRkZwVmtORmJhbDBKQXZPdzZqUzNSWldPU1liNW0zLzVaWDlpejBxaUFtZFUxUmZTOEtjcCtFbkFTTUltU25veTZ0bnh1Y1lPZmpybndobGhJaEN5T0d5TEhxV3ZNNlFXT0dqM3JDZnIyR0JLSGZrdnhRRWEzcGlyYVBKV2pmbTluY1NOYzFWS3NxZE45S3E3aEhxT09BaUxSaXlsL2wwbXc9PRiK7P_M-zBIABIdCg5lc3AuY3JpdGVvLmNvbRiF6v_M-zBIAFICCGQSGQoKdWlkYXBpLmNvbRiF6v_M-zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNDr_8z7MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab186efaeb0fa73eb90dea037fed5107187b8adaf16c1e91860953dac12fcc48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12569
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		385 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
favicon.ico
storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.95.4.204 , France, ASN16276 (OVH, FR),
Reverse DNS
ip204.ip-141-95-4.eu
Software
/
Resource Hash
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 18:14:41 GMT
X-Openstack-Request-Id
tx16d2999d10144b238fa77-0064481891
Last-Modified
Sun, 31 Jan 2021 12:57:34 GMT
Etag
7bf4f6782dee3b520a65ff84286e3691
Content-Type
image/x-icon
X-Timestamp
1612097853.12655
Accept-Ranges
bytes
Content-Length
15086
X-Trans-Id
tx16d2999d10144b238fa77-0064481891
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
css2
fonts.googleapis.com/ Frame EB28 		5 KB
732 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Apr 2023 18:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 17:13:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Apr 2023 18:14:41 GMT
css
fonts.googleapis.com/ Frame 85C3 		9 KB
994 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Apr 2023 18:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 17:11:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Apr 2023 18:14:41 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 85C3 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 12:11:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
21788
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 12:11:33 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame 85C3 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite_fy2021.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 14:56:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
11912
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8535
x-xss-protection
0
server
cafe
etag
13968503839060854674
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 14:56:09 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 85C3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 16:19:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
6896
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 16:19:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 85C3 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 12:11:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
21790
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8104
x-xss-protection
0
server
cafe
etag
11444945707709536616
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 12:11:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 85C3 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Apr 2023 18:14:41 GMT
f8970ecc2196f374e9d99027c476dd6b.js
www.gstatic.com/mysidia/ Frame 85C3 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 12:11:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13747
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 20:22:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 24 Jul 2023 12:11:51 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/elements/html/ Frame EB28 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 21:35:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
74361
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8167
x-xss-protection
0
server
cafe
etag
3140062999518874537
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 May 2023 21:35:20 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EB28 		205 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 17:10:30 GMT
x-content-type-options
nosniff
age
3851
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 24 Apr 2024 17:10:30 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EB28 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 14:54:16 GMT
x-content-type-options
nosniff
age
12025
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 24 Apr 2024 14:54:16 GMT
/
ghb.aplhb.adipolo.com/geo/ 		143 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/geo/
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19472/hbw_master_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
ec24ef47fe7e6d57063ab95cae40f760d0c8bf48e36db346f0670706c2d4af3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 18:14:41 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
143
tracking
ghb.aplhb.adipolo.com/adunit/ 		43 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=739813&site_id=17175&pbjsv=v6.25.4&full_page_url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&adid=wl7188.iv&features=81952&vpbv=N108&tte=533&lifecycle_tte=1294
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19472/hbw_master_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 18:14:41 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
Yamkarish.mp4
cdn-adipolo.urekamedia.com/test/a92a53cfdb1b435a8/ 		384 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn-adipolo.urekamedia.com/test/a92a53cfdb1b435a8/Yamkarish.mp4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash

Request headers

Referer
https://yalla-shoots.tv/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

x-77-pop
frankfurtDE
date
Tue, 25 Apr 2023 18:14:41 GMT
x-cache
HIT
x-77-cache
HIT
Content-Range
bytes 0-900871/900872
x-age
875193
x-accel-date
1681571288
Content-Length
900872
x-77-nzt
AcO1rw5vknD/uVoNAA
x-accel-expires
@1682608088
last-modified
Tue, 06 Sep 2022 14:19:18 GMT
server
CDN77-Turbo
etag
"631756e6-dbf08"
x-77-nzt-ray
90833930055633fe91184864c6f15e20
content-type
video/mp4
access-control-allow-origin
*
localstore.js
script.4dex.io/ 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 18:14:41 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
432256
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d0SN27nFmaL7wR4xhLCFXMJBrEV9aBoWFDj%2BR%2BL%2FKjzS5RY%2FJ7m01DHMXNyhpAuop3K4KI7f1280CovcWRWo3PTjklw0T5C6bSNTa7HV97MxsTIFE%2FdPEWRT5t51CzKZ%2BHe2PjVPz9ZzHQ8A"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7bd8912c9b27926e-FRA
view
securepubads.g.doubleclick.net/pcs/ Frame A036 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst79ssxCR6GtSm_9LwoqZUFNSLgkfV0nLo63SqEbGsVpajLHQGF7nyZGNuwxpX7oSt6ipW5ftEx4O8Pr3nWnmRm9cQO1l37F09ebJiE8OykAS94CsbZWPWEnbjRlN8lqHK2zcU4NitT52C6JX-1DQNPPF0NyX77OSO4ee6WKjIysyoQz3dKuBZ6zZxwzenP3a-1uGajFYbdrLjfcISw0hZym0ABwUp41pGbWhrLguAZ0BoyX5jxf4f6U9SeQKZ548Gf6s6WZoJXC51nPqyKGzcvgB8mdVgY9iUYC4rl-Kp7O2nWEQ0XLV60knqxib3mZwHGrm7IvO_Vh1JxU5amRvHxC0k8x_SvPthmOZ-QmcUua5_B7DPFdz9vm5FvFaHDS0CffZFCaGed&sai=AMfl-YT1HT0gsqG1SSmU1E4Vly5kE3zq2jwE1-cQ39xbd1AaTsyhlqGFg0xnBJ7Ey2NJasOkTBbCpVgj0tdJ-fUSVOe6DEuKdpTIMYQAW2n04_2DYTclI7jR132cZTXllyE5xJYXmvkpOSsUax54ozs&sig=Cg0ArKJSzLVX6kWuR-OZEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 25 Apr 2023 18:14:41 GMT
wlpygwjKBV1pqhND-ZQW-WM.woff2
fonts.gstatic.com/s/cardo/v19/ Frame A036 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cardo/v19/wlpygwjKBV1pqhND-ZQW-WM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cardo:400,700&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f94a0b25ed421e6643ca8ae21ccd63cf5630e8db8a3b64f63a669936d068c427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 17:27:19 GMT
x-content-type-options
nosniff
age
262042
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18852
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 17:09:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 17:27:19 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A036 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEZTRgboye3HYrSUseGZwuiE44aoDAvHGLENqjpsc_j1U38HM85SYFLAZKLWTS34-JkI0rZ6PqeU0g61iVlv6p9p0MGL5g-AMrkLzxl3T47YvLEmPUGCNW1XUuWRgXW4I_S7LtyZ98dU26vkoi0cie6sbcHZbgBOzGj_ch59bFlF5zm9j4DgdQHvHAMY7ArnSc0X0yh0aHs_Pm6JNpvawKkXRN25dfb8GxN-SymYmk4o9EDBuvh5nI6en1na-UGsbXSsN99UsphLOViOhv6LIpxwctW5eK54m-ZPnsjNGk0h7m3np31WDUGvcW5W_g_tOKF-p_ln4UXF2yK0GkBohRCRFZIOlkZQAiI_L7pvf0a6OFoa3HhbV-PKdXiBVeoYda-I4J1M3Ky0g&sai=AMfl-YSCh7oxlJQExmXvMHs8C_xAzX_hSntQZXLSQZRhRQWkDloGJA8MpEmlJ6hODmrqp_dI_Dg-dkhNlxH_u4QQUVKcbbBNruhQj40e2Ut_GiGb9zwXNNTU-f1gqPigfbL5emDMbafIlneGjhu0BS8&sig=Cg0ArKJSzHY3gb1KFoqZEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 25 Apr 2023 18:14:41 GMT
container.html
359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 429A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 18:14:40 GMT
expires
Wed, 24 Apr 2024 18:14:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=-1&r=yalla-shoots.tv_native_multi_native1&sy=921f71e4-a193-4a92-9f4c-6c06615366f9&ts=69&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=1024x600&mlbw=4g&mlcs=NaN&mltp=75aa9d70-b9f0-4707-abb8-cc5d7820b549&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA2NzMvODc4MjQ4L2dpcm9uYS12cy1yZWFsLW1hZHJpZC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Tue, 25 Apr 2023 18:14:41 GMT
cf-cache-status
HIT
age
1465701
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7bd8912c99af3719-FRA
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
mp.4dex.io/ 		0
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:41 GMT
x-err
Parsing the Prebid Request. org/site not found
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7bd8912d2c549110-FRA
expires
0
cdb
bidder.criteo.com/ 		23 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=92238304997
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
6ed189deb10c01729abdd99de6612b09f5de8015e74ba82ed87a0aeccdbe568e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yalla-shoots.tv
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10369
c
prebid.a-mo.net/a/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Tue, 25 Apr 2023 18:14:41 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
bid
ap.lijit.com/rtb/ 		25 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.4
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
106ae5d15a9bdfc78cca111d24c73e5c0a3fd8ab51ab0fb9446c8decea428a37

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 25 Apr 2023 18:14:41 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
truncated
/ Frame A036 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
471f22e34b9ce2b646d3833ca88a30d7dfa095c22e33dea2ddcd4243df30e029

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame 521D 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lgwl71fn&c=34310919892&slotId=17155459946&qqid=CIL82MbRxf4CFQ7QdwodYocC0w&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C45401791%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:814::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:41 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 521D 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 06:22:44 GMT
x-content-type-options
nosniff
age
301917
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 06:22:44 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 521D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 06:10:15 GMT
x-content-type-options
nosniff
age
302666
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 06:10:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 521D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C7eqUkBhIZIL0K46g3wPijoqYDcme0rFchf6X93DAjbcBEAEgAGCVypmCrAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBBakCQZk6Lih0sj7gAgCoAwHIAwKqBMUCT9BQ2FO1ENXxOWnxnnvR_1K3vW71UfCYYdHZq57XeINcgjyK9fGcUnrDVCba9qbXhxdzQ4Ksrb3ulhbKhNnAzeI8au78zi0HkLmjbAI4V9DXrmxhRqAl85776ns2jTpveyZ99QC5aMuct1hJd4dxVff0o4F72BltCV2tu-X6lIBLW2F3UnDRwDorImyHZT8fxbdFaJAaOVDFa7Utn7-5Xs8rhBCceOLLA_e-6wxjFzmgzJqpFhh0NFnWhpczcALwljaqGWdOAZ2zbhseFqQ1ZSrjSxxNUg_Mmq3M85IIRejQa__BE-2SBLKsCYtuBIkPIDVvK2xWAfW-XzHrraoU05RI94V1jdf7G2eZ-wHToawN01xfMCHLyksmNUkcfffGPj6YvYi-YHQNkJhsD_nN_i40lc5QzDqOgPt9nLH3PWbEalp36eAEAYAG2LSo1PSRzsw0oAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB&eventType=clickstring&clientTime=1682446481419&ai=C7eqUkBhIZIL0K46g3wPijoqYDcme0rFchf6X93DAjbcBEAEgAGCVypmCrAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBBakCQZk6Lih0sj7gAgCoAwHIAwKqBMUCT9BQ2FO1ENXxOWnxnnvR_1K3vW71UfCYYdHZq57XeINcgjyK9fGcUnrDVCba9qbXhxdzQ4Ksrb3ulhbKhNnAzeI8au78zi0HkLmjbAI4V9DXrmxhRqAl85776ns2jTpveyZ99QC5aMuct1hJd4dxVff0o4F72BltCV2tu-X6lIBLW2F3UnDRwDorImyHZT8fxbdFaJAaOVDFa7Utn7-5Xs8rhBCceOLLA_e-6wxjFzmgzJqpFhh0NFnWhpczcALwljaqGWdOAZ2zbhseFqQ1ZSrjSxxNUg_Mmq3M85IIRejQa__BE-2SBLKsCYtuBIkPIDVvK2xWAfW-XzHrraoU05RI94V1jdf7G2eZ-wHToawN01xfMCHLyksmNUkcfffGPj6YvYi-YHQNkJhsD_nN_i40lc5QzDqOgPt9nLH3PWbEalp36eAEAYAG2LSo1PSRzsw0oAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 521D 		0
225 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lgwl71fw&c=34310919892&slotId=17155459946&qqid=CIL82MbRxf4CFQ7QdwodYocC0w&fb=outstream-lima&ulv=1&cll=0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:814::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:41 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast.php
ads.eu.criteo.com/delivery/r/0.1/ Frame 521D 		11 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/0.1/vast.php?z=ZEgYkAAK-gIKd9AOAAKHYjwwSBM0xpRDgxxeKQ&u=%7C8W30cFf8yh5mW9RGkE8O5rfppnjQ%2FcjmehmbuspeuOA%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5jSfwMInGQwVgkAr581akMSiH_fr7BMm_BzTo8qWaUW82kg8KaPIh8hVvMBfCvircm2xtzSUTTMNV6bT4xc4lIC6BEV32jDeYB9sdoaOZbWzQXPTpjzUGgoP0IE6PW7nrpjOfn3zlo7soBFbQZR5zHFGsPO6yzedRiFnkGXzCna7cXn4SxNSIp2_ot_mlMenhEypYbVndDMsYRcpXrtkGNPOC4RWIKmUajl7p6ktxhC5ieFZ7jCm-23NFa_D8lSdrMc2AJp5t3y85_JQc0xPyyuI7dYgGNmw7gzclQbY-59YUVs6bnqdFJtsG2ODv4LqDZ_qNK-kRFO_jFcyEVT_Uo9DWEq3mNH7D7IiEoyi1NWf0Nq2AUUpco2Hr0JYnl6qz2p-YR4IMa2y7I0AYqLbz6yuDMKeohlU8u4IK8eariwx7MbZN-bOvep2HMISFDkhSbIMGbhUsyxFMDAtV_fOvc3VGRwWPZ5y_UY46ffpy7vv_BSBuihdnrnBRjUnZ2UMOlQ22vGJBVbqRxBjuywG7rwpzW_5Hk9ROlX1rc_hESaPr0v0eakJAUdx55L9UUG2-hcHepvBKYQdXtUkJ_zUE0hk-h9gHFtzSw&ct0=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7eqUkBhIZIL0K46g3wPijoqYDcme0rFchf6X93DAjbcBEAEgAGCVypmCrAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBBakCQZk6Lih0sj7gAgCoAwHIAwKqBMUCT9BQ2FO1ENXxOWnxnnvR_1K3vW71UfCYYdHZq57XeINcgjyK9fGcUnrDVCba9qbXhxdzQ4Ksrb3ulhbKhNnAzeI8au78zi0HkLmjbAI4V9DXrmxhRqAl85776ns2jTpveyZ99QC5aMuct1hJd4dxVff0o4F72BltCV2tu-X6lIBLW2F3UnDRwDorImyHZT8fxbdFaJAaOVDFa7Utn7-5Xs8rhBCceOLLA_e-6wxjFzmgzJqpFhh0NFnWhpczcALwljaqGWdOAZ2zbhseFqQ1ZSrjSxxNUg_Mmq3M85IIRejQa__BE-2SBLKsCYtuBIkPIDVvK2xWAfW-XzHrraoU05RI94V1jdf7G2eZ-wHToawN01xfMCHLyksmNUkcfffGPj6YvYi-YHQNkJhsD_nN_i40lc5QzDqOgPt9nLH3PWbEalp36eAEAYAG2LSo1PSRzsw0oAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2_y3ucFkj0ccAH4DMDG3BVQth6Sw%26client%3Dca-pub-3831894559014614%26adurl%3D
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1e5f72435fd80ae68dc20f7e3a81d4ab60bbad56f635dee225a7e3b7b9a13b09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
p3p
CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4205015
pragma
no-cache
server
Kestrel
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/xml
access-control-allow-origin
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
access-control-max-age
1000
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
expires
Mon, 26 Jul 1997 05:00:00 GMT
b1_1.m3u8
a4.koora.cloud/watch/rubrPQYS_DhSP9iR6nBWzg/1682449826/1682450080/1/ Frame DB59 		521 B
1019 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4.koora.cloud/watch/rubrPQYS_DhSP9iR6nBWzg/1682449826/1682450080/1/b1_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.89.19 , Belize, ASN213371 (SQUITTER-NETWORKS, IN),
Reverse DNS
Software
amazon /
Resource Hash
c6888a47441fe1d98cdee30223a7f4763b628e3df8a6e682fb4e393c17bf9ed0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 18:14:41 GMT
Last-Modified
Tue, 25 Apr 2023 18:14:36 GMT
Server
amazon
ETag
"6448188c-209"
X-Cache-Status
HIT
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
521
Expires
Tue, 25 Apr 2023 18:14:40 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A559 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304200101&jk=263317129759169&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
pagead2.googlesyndication.com/bg/ Frame C701 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 16:19:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
6896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14215
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Apr 2024 16:19:45 GMT
container.html
359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2AD2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 18:14:40 GMT
expires
Wed, 24 Apr 2024 18:14:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&pn=-1&sn=3&pc=0.14440861940383912&ds=true&e=wdp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA2NzMvODc4MjQ4L2dpcm9uYS12cy1yZWFsLW1hZHJpZC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Tue, 25 Apr 2023 18:14:41 GMT
cf-cache-status
HIT
age
1465701
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7bd8912d4b0a3719-FRA
e.js
live.demand.supply/e/ 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=yalla-shoots.tv_fluid_lb%2Bsq&sy=921f71e4-a193-4a92-9f4c-6c06615366f9&ts=69&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=75aa9d70-b9f0-4707-abb8-cc5d7820b549&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA2NzMvODc4MjQ4L2dpcm9uYS12cy1yZWFsLW1hZHJpZC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Tue, 25 Apr 2023 18:14:41 GMT
cf-cache-status
HIT
age
1465701
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7bd8912d5b103719-FRA
adview
securepubads.g.doubleclick.net/pagead/ Frame 521D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C2e2jkBhIZIL0K46g3wPijoqYDcme0rFchf6X93DAjbcBEAEgAGCVypmCrAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBBakCQZk6Lih0sj7gAgCoAwGqBMICT9BQ2FO1ENXxOWnxnnvR_1K3vW71UfCYYdHZq57XeINcgjyK9fGcUnrDVCba9qbXhxdzQ4Ksrb3ulhbKhNnAzeI8au78zi0HkLmjbAI4V9DXrmxhRqAl85776ns2jTpveyZ99QC5aMuct1hJd4dxVff0o4F72BltCV2tu-X6lIBLW2F3UnDRwDorImyHZT8fxbdFaJAaOVDFa7Utn7-5Xs8rhBCceOLLA_e-6wxjFzmgzJqpFhh0NFnWhpczcALwljaqGWdOAZ2zbhseFqQ1ZSrjSxxNUg_Mmq3M85IIRejQa__BE-2SBLKsCYtuBIkPIDVvK2xWAfW-XzHrraoU05RI94V1jdf7G2eZ-wHToawN01xfMCHLyksmNUlef9ZUubEErjcidNfdrT6UBu3HSCQajUzkBAcockRjsKlyl-LX1eAEAYAG2LSo1PSRzsw0oAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=Ghoq4W6R2b8&uach_m=[UACH]&cid=CAQSSwBygQiD5fV9VGOKNSV6chlsHVubwl7WhklwE_Co0GNOkAz9LNipdcHWbieMyzNY1cYj2BC8kwlRMX91QWfxZzGkRdANK4oTF3BJthgB&vt=10
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
8e3adedd6f76ceb5825dd9d6f211c14b.js
www.gstatic.com/mysidia/ Frame 429A 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8e3adedd6f76ceb5825dd9d6f211c14b.js?tag=client_fast_engine_2019
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af3db37cd37f8c6425e168cdde71e01053db2350a26ce758c1393820a2497453
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 12:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3832
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 20:22:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 24 Jul 2023 12:11:48 GMT
8e30a12d301378a49311b81f35e513f7.js
www.gstatic.com/mysidia/ Frame 429A 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8e30a12d301378a49311b81f35e513f7.js?tag=core/multiplex_design_v1
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5bec9890db3b39400b4353537c731939cb2fcf758edb1efae15ca4a6ae3dfc2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 05:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
305301
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4751
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 02:08:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 21 Jul 2023 05:26:20 GMT
css
fonts.googleapis.com/ Frame 429A 		4 KB
645 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3018c5284222e82380ec1570f914f544c35e062c4ff9c64e46fdc01695b2b274
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Apr 2023 18:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 17:03:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Apr 2023 18:14:41 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 429A 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 12:11:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
21788
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 12:11:33 GMT
cb349790961166df65fd283867cb26aa.js
www.gstatic.com/mysidia/ Frame 429A 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/cb349790961166df65fd283867cb26aa.js?tag=exit_2019
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d919c65fe953b72f59d9dccc6d0ea816512e7bea96f63e17366c1fb5b6b00ef0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 05:28:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
305157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9250
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 02:08:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 21 Jul 2023 05:28:44 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame 429A 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite_fy2021.js
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 14:56:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
11912
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8535
x-xss-protection
0
server
cafe
etag
13968503839060854674
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 14:56:09 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 429A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 16:19:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
6896
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 16:19:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 429A 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 12:11:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
21790
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8104
x-xss-protection
0
server
cafe
etag
11444945707709536616
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 12:11:31 GMT
l
www.google.com/ads/measurement/ Frame 429A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSMsx6NNrI9Yj1OqtGjJg1G8dv4qiwS-zjRIGxKgabkErEDOReLybPF8-fh4A7m4xihs86Oot3pL68MKvGxA2hlKHQZhA
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 429A 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 15:49:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
267910
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 21 Apr 2024 15:49:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 429A 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Apr 2023 18:14:41 GMT
truncated
/ Frame 521D 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed6e2f7777351bda0cbf8dfc104174391c9ece5f2aa0fc8a1983f67be3949712

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame BCBF 		143 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1082
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 17:56:39 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
container.html
359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 52BD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 18:14:40 GMT
expires
Wed, 24 Apr 2024 18:14:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&pn=-1&sn=3&pc=0.14440861940383912&ds=true&e=wdp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA2NzMvODc4MjQ4L2dpcm9uYS12cy1yZWFsLW1hZHJpZC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Tue, 25 Apr 2023 18:14:41 GMT
cf-cache-status
HIT
age
1465701
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7bd8912dbba43719-FRA
e.js
live.demand.supply/e/ 		0
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=yalla-shoots.tv_fluid_lb%2Bsq&sy=921f71e4-a193-4a92-9f4c-6c06615366f9&ts=69&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=75aa9d70-b9f0-4707-abb8-cc5d7820b549&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA2NzMvODc4MjQ4L2dpcm9uYS12cy1yZWFsLW1hZHJpZC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Tue, 25 Apr 2023 18:14:41 GMT
cf-cache-status
HIT
age
1465701
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7bd8912dbba83719-FRA
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 18:14:41 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2224904
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z1Z9i4Pv4e6ivBS7HgqCm3WTEhcYjfGo3%2BSm6uhr5OcoMP6d438uMOBipzCJCUREBqp1Fg%2F6guJlfXBLdCC2mHlihTv0ND7x9CimsSg0NW3Mg7IvxIIrVjn8DeaFthuZavt39PXYFgRiAGQP"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7bd8912e08492c32-FRA
adview
securepubads.g.doubleclick.net/pagead/ Frame 2AD2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CMuSHkRhIZKacDpbt3gOF3KjADMme0rFc1fbi1pMBwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAud0FNX2e7I-4AIAqAMBqgTBAk_QcG4pabimfrpfK9husQP4HXfzwRFU5B1IZk7Q9ZIlJgs7xTl2Fu59HNwBlSVvOA1UdhgCf1AX7VhFZS0ZQeoHSye3GPt5pXR_DCcuiIBrjwAQ-a2UbRHEy1NWeXozKdtgBWxadq1szBWHQylR_htFgs-XZe7en1oOJ17gphVWnvZc4XAMWGlAyPsHA74OojINC4KIsKXgwFunbjiilBHnoN7yKIRcX3GGt3g6CdoEYDdxE-jYkjoux98sSq7y6cOAa2v_5Pb_Rh0TvquhPJwbntQgJa1DiOPEyTBePqcNGkTjARBTqBHAH7h2nBTIrUAfeED4z_Q3Gw1VUx5o1jeORD7VPAhdZXMTMsOOhzfxF95hEC_Bo7nUGmJFcMEJ1Al925xHbX5_yg7N46rHpaXgu-398nq1oyimAPk7YMpdC-AEAYAGgauk4bfgiqQGoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=EXEqX_NKJEg&uach_m=[UACH]&cid=CAQSPABygQiDJD0dfEL_3_daR6d8ZK9roh4sAKp1nqWpPBMT_VlaJn4N91VT_b6NOqdSdBBMFgHEB8KcK3AzWBgB
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 2AD2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kNaZEuzZW4AImAKdg2ICAgAAAHobFO5qgn2yEJAYSGQXIU8nhHopAVAbAAASAAAKCkFRVUJEd0VCRHc&wp=ZEgYkQADjiYKd7aWAAouBXbNKHorkAtbVTOURA
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
177682
server
Kestrel
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame C6C8 		151 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEgYkQADjiYKd7aWAAouBXbNKHorkAtbVTOURA&u=%7CnES9D%2FSP9mF5tYo1SS298VlBcqXke7diOkw%2FFjQlQlA%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkL9ENSsYQHHqzqEhpMmBS541imABqguik0SzIq4XyqVx9z2SLmEjVLCZgYdk73Za2NKURgjZ9vWIyx_E8Trl9WqCW9SI1K4R06bl3wMO2KZ3RVK9SRHQnSZ0w8sWY80HGB7eDSQAe8rpCrvRGvJ86F8spTVuFcrXq-KrXXl7PRyiPFnkB20cYAYkeOP3b6mikATbT1ROk-3G2ExR8k674IpjAbCrgjYkAF_uy-JdthUYaOHMSXYL-gYfnZHZKgahv_lTtIo9G8a9PBluZqasHCUG0ibBIeXUFQDDq8BEHX4evg-kvQnNVTEZTXAhKVIvHTNJ6-IGz_SNclL4hUIz0Tx42QCyBgPFmsnlGhRqDkEWoSryNNRhoncuHefpvhNfkQ9HCaWxvf1vBkg2-S3dLTW0KO4zwEHSBo6jgOkoP1J_YqnjqbzLle8WrbwW-JkC4_H44yFOk0loI-vnCy-26OpunndRCx_ZuFaz0zZ44FYxQrBM25wnzwdZ5Ps8ZnTm_56wVM6dNSjJDf0tw7at2JCZKX8YBiLMx_WqOtINFOT_orbv7zfU0NkIqgsrsNV2Rw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbYtxkRhIZKacDpbt3gOF3KjADMme0rFc1fbi1pMBwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAud0FNX2e7I-4AIAqAMBqgTEAk_QcG4pabimfrpfK9husQP4HXfzwRFU5B1IZk7Q9ZIlJgs7xTl2Fu59HNwBlSVvOA1UdhgCf1AX7VhFZS0ZQeoHSye3GPt5pXR_DCcuiIBrjwAQ-a2UbRHEy1NWeXozKdtgBWxadq1szBWHQylR_htFgs-XZe7en1oOJ17gphVWnvZc4XAMWGlAyPsHA74OojINC4KIsKXgwFunbjiilBHnoN7yKIRcX3GGt3g6CdoEYDdxE-jYkjoux98sSq7y6cOAa2v_5Pb_Rh0TvquhPJwbntQgJa1DiOPEyTBePqcNGkTjARBTqBHAH7h2nBTIrUAfeED4z_Q3Gw1VUx5o1jeORD7VPAhdZXMTMsOOhzfxF95hEC_Bo7nUGmIHcuCbU4bhyCPbed2v96g16r7NE6_Oo29JOkcTUZe4LOG-yk5OtH3RcuAEAYAGgauk4bfgiqQGoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1q1hzTYjNgsZozcC2ixxgjD90cbw%26client%3Dca-pub-3831894559014614%26adurl%3D
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9cb3101b86834feb430c14bcd8495b145e54eec4db6d3f8b12a5c1b979072664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 18:14:41 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ypvAjxt3IATpFnInaA4lfqXBbwzA8-4H36CuKPR7TABm1wga2FX4IxiDg_OtzIRwZJOntLO9tI7Wf-AP4K-cnoycm4SG4SVNpIAQaMCS2p3r2m5TnVT7IkQ2F_P8EPs-ghiYarTuUIGTBTXbunc0iUHrzNDpUBa7pFpu8d_zb20rivJ0w9OXB65muh9eL_JusWwAbpbiMt0D3WfUDoAQVMaekufgF9MsrFBf1FfVBENfE1x1IPI2GWnILeLpszI06rNfVQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
38643067
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 2AD2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 16:19:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
6896
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 16:19:45 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E7A3 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21769
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 12:11:52 GMT
etag
48472445140208031
expires
Wed, 26 Apr 2023 12:11:52 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 2AD2 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 12:11:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
21790
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8104
x-xss-protection
0
server
cafe
etag
11444945707709536616
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 12:11:31 GMT
l
www.google.com/ads/measurement/ Frame 2AD2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQajTSr1lhXBooVV-xLdLL4QQ-T6YIwRAUmON9ANoZExhRmNJCJOG-1eevn0SeYYzpln0aka-PsondNtji5JB7ydxyQvw
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2AD2 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 15:49:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
267910
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 21 Apr 2024 15:49:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2AD2 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Apr 2023 18:14:41 GMT
b1_1.m3u8
a4.koora.cloud/watch/rubrPQYS_DhSP9iR6nBWzg/1682449826/1682450080/1/ Frame DB59 		521 B
1019 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4.koora.cloud/watch/rubrPQYS_DhSP9iR6nBWzg/1682449826/1682450080/1/b1_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.89.19 , Belize, ASN213371 (SQUITTER-NETWORKS, IN),
Reverse DNS
Software
amazon /
Resource Hash
c6888a47441fe1d98cdee30223a7f4763b628e3df8a6e682fb4e393c17bf9ed0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 18:14:41 GMT
Last-Modified
Tue, 25 Apr 2023 18:14:36 GMT
Server
amazon
ETag
"6448188c-209"
X-Cache-Status
HIT
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
521
Expires
Tue, 25 Apr 2023 18:14:40 GMT
b1_1-950.key
a4.koora.cloud/watch/rubrPQYS_DhSP9iR6nBWzg/1682449826/1682450080/1/keys/ Frame DB59 		16 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4.koora.cloud/watch/rubrPQYS_DhSP9iR6nBWzg/1682449826/1682450080/1/keys/b1_1-950.key
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.89.19 , Belize, ASN213371 (SQUITTER-NETWORKS, IN),
Reverse DNS
Software
amazon /
Resource Hash
1f494b3a6cc1372a74ad008aaf2abd294cd93426de602ff7fd8084342308d717

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 18:14:41 GMT
Last-Modified
Tue, 25 Apr 2023 18:14:16 GMT
Server
amazon
ETag
"64481878-10"
X-Cache-Status
HIT
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16
json
pro.ip-api.com/ Frame DB59 		157 B
313 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json?fields=2181826&key=XOpiansRgYxGTho
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
f730c61e14f8499025f7f27686374e8fd4486930d3cad3ae07eb9fe93c9f33a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 25 Apr 2023 18:14:41 GMT
Content-Length
157
Content-Type
application/json; charset=utf-8
csi
csi.gstatic.com/ Frame 521D 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lgwl71gj&c=34310919892&slotId=17155459946&qqid=CIL82MbRxf4CFQ7QdwodYocC0w&fb=outstream-lima&vast_v=3.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=AdChoices&icdi=15x19&vmfc=1&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:814::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:41 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 521D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 19 Apr 2024 18:14:41 GMT
container.html
359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2536 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 18:14:40 GMT
expires
Wed, 24 Apr 2024 18:14:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
img
imageproxy.eu.criteo.net/img/ Frame 429A 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=800&m=0&partner=25852&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F25852%2F230403%2Ff545899181694f838734e99be3c15936_v5.jpg&ups=1&v=3&w=800&s=E1k_FVl5SzUdLjDJF8H9fcF8
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
eeea83cc9fede5617cbdb79cf37fba31f3080e90ba0243868d8a7c1d1fa0166e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
31074
expires
Sat, 30 Mar 2024 13:24:30 GMT
img
imageproxy.eu.criteo.net/img/ Frame 429A 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=25852&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F25852%2F230403%2F07d25657c1634796bd1a56b51b987fdf_de_wkda_white_bkg_rgb-03.jpg&v=3&w=1200&s=uL8RwrY-e9EYoy9gfD8CwOiC
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
76424403ed6780c256db2267a1ac06230a2dd60963b361e9fdce1430bd6ab806
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
10104
expires
Sat, 30 Mar 2024 13:24:30 GMT
truncated
/ Frame 429A 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38354e6a0119fe113356e1506a115ca148a6b9ea22cf88136baa9167d6fde794

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
img
imageproxy.eu.criteo.net/img/ Frame 429A 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=18240&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Fi%2FMDM%2F0-Euro-BN_Snoopy_VS&ups=1&v=3&w=800&s=hGDx4bWYGmQjsXVxP6kmHUsw
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f268f7d22ab75ff200d8554fd1bec7c63dd8b4ec8107513f8fefee902be16c48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=1800
content-length
91910
expires
Tue, 25 Apr 2023 18:24:30 GMT
img
imageproxy.eu.criteo.net/img/ Frame 429A 		814 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=18240&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F18240%2F150217%2F837651.jpg&v=3&w=1200&s=uXYLZ0bt8H1wCLdS9Idu6-Ss
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
36e48b9c355752e1949ed933ac0a137a729a08174646b2bc705d6a97b9208078
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
814
expires
Sun, 14 Apr 2024 05:44:51 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 906E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CS4iDkRhIZMCHDoSa3wOsuLyADJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAkGZOi4odLI-4AIAqAMBqgTHAk_Qo8jUg5KjOXGgwDY7PrF_J1LbDOzAMFuRB_LfH9IjzfxAGxcPnuhyeVIG_JExSih7JjQ0Ahs-QS7x2ufi-8-et5QweWMIdcfawfUH5SMboZNTmeraErJXDDVVIT8Y63YmD3f1vErGmpEJtTThtrbS_h3961CL3VhvsX2O9EKl0m4A4OYgl01DRTwYWnvSz7XS2SQays9Yxs8O1CIiNkd4wADBR-2CjPCG2ItJhjAZ_n8nttHQ77256hkfmWhap5NBZCSbGNTwUcbxVB06zM2JUGooj9wX60zDu9QwXCkgpsZ7EO_MCK5yNKzprfHVp9USAfSb3W-NR-51J77ZXVUxDQlNtVbUBb983EJ4P98FfuO1sPMdt1MevKfMzk0Vl_LDdTgMALmIjZXCMrwnpHjYGt8yK5HzcxDusZqbx_5goE0OZk6x8-AEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=rIS-h8joyc0&uach_m=[UACH]&cid=CAQSPABygQiDoilAYbduqDUtRjTQ0FXesmgPG7UUVFi0jLEU9sbwM-oBeJoV5Nsv6kYBLcv5X0g04LLp7uCVXhgB
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 906E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1g3r8rqa1b13atra4pfm8baxxfktdxyc3w8z2pkkw5vmz64h7y2e4mz69geeg83nt5b1xyzft770f172td6sx3h3w0577p3m9m3w8334y31feb68dtv73ckgn6r5qanjw22vdg8hsypc4n1n394mz4vqf0mb36qknad56ermjyftqcb7yjrkvxc00mhmny1j97dmqfq2e32f3pef3ajxgprhcsda17wnkkmj0yjnkcpwk9axy1vtxfxds6fezdabq6e1awg9mz7886tdzk0mf6y3jwa5cqy2npvycy79px16k9e4ypypefsqtxqnb0a4tgq153cyx9bf7g57cs5w438p3s572g0p6qh5wxp48ttdezynkdme83mggjyrgfr9zbkb5hdx6sb7e114&b=ZEgYkQADg8AKd80EAA8cLIxtG4vEO0__eZuf-g
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 25 Apr 2023 18:14:41 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 047A 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hh8mf96j6vryddcpq64t68rdy9679wgymsabprb3g5mf9tc2r00qz392t2ebwwzp88d541sjyjk1pqzf2ps9pnzcgw3z7gxvs1dq4p5p31k2yqney5wg003y6dbpsawemygz52e579tp3re82385k6r0j2kr0sjf0a87fsbps5ayv29821224688p0sxdqdxdvb67cdef5nha33jzqzgz0hxeyjetv97sdf11trqcvapmvgybmjdjf2dhxy1may6yjmvhyqpscnnz09aqzc493hmx4qcgp2771zdeenrj66f40xnga3jpthb4zx27v3w30dhd051d7n3a5enga6g8006p3m9fhyx0t2p4n6whddvz3hp16pzkcfxzeceab6ddzqh3wr6wsrkpp2qpxryrjz4kp7tvfmn2kzhmpgna6damw5xcg73zqkhdvg3zdhjvmr4hccwc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaXjDkRhIZMCHDoSa3wOsuLyADJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAkGZOi4odLI-4AIAqAMBqgTKAk_Qo8jUg5KjOXGgwDY7PrF_J1LbDOzAMFuRB_LfH9IjzfxAGxcPnuhyeVIG_JExSih7JjQ0Ahs-QS7x2ufi-8-et5QweWMIdcfawfUH5SMboZNTmeraErJXDDVVIT8Y63YmD3f1vErGmpEJtTThtrbS_h3961CL3VhvsX2O9EKl0m4A4OYgl01DRTwYWnvSz7XS2SQays9Yxs8O1CIiNkd4wADBR-2CjPCG2ItJhjAZ_n8nttHQ77256hkfmWhap5NBZCSbGNTwUcbxVB06zM2JUGooj9wX60zDu9QwXCkgpsZ7EO_MCK5yNKzprfHVp9USAfSb3W-NR-51J77ZXVUxDQlNtVbUBb983EJ4P98FfuO1sPMdt1MevKfMzk0Vl_KBdxme10APzV1Feir97eoqI8s4hpvda81uc9MJP2p-jFXbutHxO1qWCOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bX74egU4h5sO43JAKcOG4dLdfqg%26client%3Dca-pub-3831894559014614%26adurl%3D
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b59cdde4a3635530ad7a792d5006193b256ae5ba1b5cb40605b6750b21837f6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7bd8913089349bf4-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 18:14:42 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 906E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 16:19:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
6896
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 16:19:45 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A2C2 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21769
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 12:11:52 GMT
etag
48472445140208031
expires
Wed, 26 Apr 2023 12:11:52 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 906E 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 12:11:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
21790
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8104
x-xss-protection
0
server
cafe
etag
11444945707709536616
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 12:11:31 GMT
l
www.google.com/ads/measurement/ Frame 906E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRl32RPMLV6yK3aFSFs5t2bTc-gW3xwQzfT-jhk6bbg0Wjk11CxP93vl7auP7pA93rFSTrPG6N6aFwQkbea9CXV5en2jQ
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 906E 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 15:49:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
267910
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 21 Apr 2024 15:49:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 906E 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Apr 2023 18:14:41 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame C6C8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEgYkQADjiYKd7aWAAouBXbNKHorkAtbVTOURA&u=%7CnES9D%2FSP9mF5tYo1SS298VlBcqXke7diOkw%2FFjQlQlA%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkL9ENSsYQHHqzqEhpMmBS541imABqguik0SzIq4XyqVx9z2SLmEjVLCZgYdk73Za2NKURgjZ9vWIyx_E8Trl9WqCW9SI1K4R06bl3wMO2KZ3RVK9SRHQnSZ0w8sWY80HGB7eDSQAe8rpCrvRGvJ86F8spTVuFcrXq-KrXXl7PRyiPFnkB20cYAYkeOP3b6mikATbT1ROk-3G2ExR8k674IpjAbCrgjYkAF_uy-JdthUYaOHMSXYL-gYfnZHZKgahv_lTtIo9G8a9PBluZqasHCUG0ibBIeXUFQDDq8BEHX4evg-kvQnNVTEZTXAhKVIvHTNJ6-IGz_SNclL4hUIz0Tx42QCyBgPFmsnlGhRqDkEWoSryNNRhoncuHefpvhNfkQ9HCaWxvf1vBkg2-S3dLTW0KO4zwEHSBo6jgOkoP1J_YqnjqbzLle8WrbwW-JkC4_H44yFOk0loI-vnCy-26OpunndRCx_ZuFaz0zZ44FYxQrBM25wnzwdZ5Ps8ZnTm_56wVM6dNSjJDf0tw7at2JCZKX8YBiLMx_WqOtINFOT_orbv7zfU0NkIqgsrsNV2Rw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbYtxkRhIZKacDpbt3gOF3KjADMme0rFc1fbi1pMBwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAud0FNX2e7I-4AIAqAMBqgTEAk_QcG4pabimfrpfK9husQP4HXfzwRFU5B1IZk7Q9ZIlJgs7xTl2Fu59HNwBlSVvOA1UdhgCf1AX7VhFZS0ZQeoHSye3GPt5pXR_DCcuiIBrjwAQ-a2UbRHEy1NWeXozKdtgBWxadq1szBWHQylR_htFgs-XZe7en1oOJ17gphVWnvZc4XAMWGlAyPsHA74OojINC4KIsKXgwFunbjiilBHnoN7yKIRcX3GGt3g6CdoEYDdxE-jYkjoux98sSq7y6cOAa2v_5Pb_Rh0TvquhPJwbntQgJa1DiOPEyTBePqcNGkTjARBTqBHAH7h2nBTIrUAfeED4z_Q3Gw1VUx5o1jeORD7VPAhdZXMTMsOOhzfxF95hEC_Bo7nUGmIHcuCbU4bhyCPbed2v96g16r7NE6_Oo29JOkcTUZe4LOG-yk5OtH3RcuAEAYAGgauk4bfgiqQGoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1q1hzTYjNgsZozcC2ixxgjD90cbw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 19 Apr 2024 18:14:41 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame C6C8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEgYkQADjiYKd7aWAAouBXbNKHorkAtbVTOURA&u=%7CnES9D%2FSP9mF5tYo1SS298VlBcqXke7diOkw%2FFjQlQlA%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkL9ENSsYQHHqzqEhpMmBS541imABqguik0SzIq4XyqVx9z2SLmEjVLCZgYdk73Za2NKURgjZ9vWIyx_E8Trl9WqCW9SI1K4R06bl3wMO2KZ3RVK9SRHQnSZ0w8sWY80HGB7eDSQAe8rpCrvRGvJ86F8spTVuFcrXq-KrXXl7PRyiPFnkB20cYAYkeOP3b6mikATbT1ROk-3G2ExR8k674IpjAbCrgjYkAF_uy-JdthUYaOHMSXYL-gYfnZHZKgahv_lTtIo9G8a9PBluZqasHCUG0ibBIeXUFQDDq8BEHX4evg-kvQnNVTEZTXAhKVIvHTNJ6-IGz_SNclL4hUIz0Tx42QCyBgPFmsnlGhRqDkEWoSryNNRhoncuHefpvhNfkQ9HCaWxvf1vBkg2-S3dLTW0KO4zwEHSBo6jgOkoP1J_YqnjqbzLle8WrbwW-JkC4_H44yFOk0loI-vnCy-26OpunndRCx_ZuFaz0zZ44FYxQrBM25wnzwdZ5Ps8ZnTm_56wVM6dNSjJDf0tw7at2JCZKX8YBiLMx_WqOtINFOT_orbv7zfU0NkIqgsrsNV2Rw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbYtxkRhIZKacDpbt3gOF3KjADMme0rFc1fbi1pMBwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAud0FNX2e7I-4AIAqAMBqgTEAk_QcG4pabimfrpfK9husQP4HXfzwRFU5B1IZk7Q9ZIlJgs7xTl2Fu59HNwBlSVvOA1UdhgCf1AX7VhFZS0ZQeoHSye3GPt5pXR_DCcuiIBrjwAQ-a2UbRHEy1NWeXozKdtgBWxadq1szBWHQylR_htFgs-XZe7en1oOJ17gphVWnvZc4XAMWGlAyPsHA74OojINC4KIsKXgwFunbjiilBHnoN7yKIRcX3GGt3g6CdoEYDdxE-jYkjoux98sSq7y6cOAa2v_5Pb_Rh0TvquhPJwbntQgJa1DiOPEyTBePqcNGkTjARBTqBHAH7h2nBTIrUAfeED4z_Q3Gw1VUx5o1jeORD7VPAhdZXMTMsOOhzfxF95hEC_Bo7nUGmIHcuCbU4bhyCPbed2v96g16r7NE6_Oo29JOkcTUZe4LOG-yk5OtH3RcuAEAYAGgauk4bfgiqQGoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1q1hzTYjNgsZozcC2ixxgjD90cbw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 19 Apr 2024 18:14:41 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame C6C8 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEgYkQADjiYKd7aWAAouBXbNKHorkAtbVTOURA&u=%7CnES9D%2FSP9mF5tYo1SS298VlBcqXke7diOkw%2FFjQlQlA%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkL9ENSsYQHHqzqEhpMmBS541imABqguik0SzIq4XyqVx9z2SLmEjVLCZgYdk73Za2NKURgjZ9vWIyx_E8Trl9WqCW9SI1K4R06bl3wMO2KZ3RVK9SRHQnSZ0w8sWY80HGB7eDSQAe8rpCrvRGvJ86F8spTVuFcrXq-KrXXl7PRyiPFnkB20cYAYkeOP3b6mikATbT1ROk-3G2ExR8k674IpjAbCrgjYkAF_uy-JdthUYaOHMSXYL-gYfnZHZKgahv_lTtIo9G8a9PBluZqasHCUG0ibBIeXUFQDDq8BEHX4evg-kvQnNVTEZTXAhKVIvHTNJ6-IGz_SNclL4hUIz0Tx42QCyBgPFmsnlGhRqDkEWoSryNNRhoncuHefpvhNfkQ9HCaWxvf1vBkg2-S3dLTW0KO4zwEHSBo6jgOkoP1J_YqnjqbzLle8WrbwW-JkC4_H44yFOk0loI-vnCy-26OpunndRCx_ZuFaz0zZ44FYxQrBM25wnzwdZ5Ps8ZnTm_56wVM6dNSjJDf0tw7at2JCZKX8YBiLMx_WqOtINFOT_orbv7zfU0NkIqgsrsNV2Rw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbYtxkRhIZKacDpbt3gOF3KjADMme0rFc1fbi1pMBwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAud0FNX2e7I-4AIAqAMBqgTEAk_QcG4pabimfrpfK9husQP4HXfzwRFU5B1IZk7Q9ZIlJgs7xTl2Fu59HNwBlSVvOA1UdhgCf1AX7VhFZS0ZQeoHSye3GPt5pXR_DCcuiIBrjwAQ-a2UbRHEy1NWeXozKdtgBWxadq1szBWHQylR_htFgs-XZe7en1oOJ17gphVWnvZc4XAMWGlAyPsHA74OojINC4KIsKXgwFunbjiilBHnoN7yKIRcX3GGt3g6CdoEYDdxE-jYkjoux98sSq7y6cOAa2v_5Pb_Rh0TvquhPJwbntQgJa1DiOPEyTBePqcNGkTjARBTqBHAH7h2nBTIrUAfeED4z_Q3Gw1VUx5o1jeORD7VPAhdZXMTMsOOhzfxF95hEC_Bo7nUGmIHcuCbU4bhyCPbed2v96g16r7NE6_Oo29JOkcTUZe4LOG-yk5OtH3RcuAEAYAGgauk4bfgiqQGoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1q1hzTYjNgsZozcC2ixxgjD90cbw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 19 Apr 2024 18:14:41 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame C6C8 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEgYkQADjiYKd7aWAAouBXbNKHorkAtbVTOURA&u=%7CnES9D%2FSP9mF5tYo1SS298VlBcqXke7diOkw%2FFjQlQlA%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkL9ENSsYQHHqzqEhpMmBS541imABqguik0SzIq4XyqVx9z2SLmEjVLCZgYdk73Za2NKURgjZ9vWIyx_E8Trl9WqCW9SI1K4R06bl3wMO2KZ3RVK9SRHQnSZ0w8sWY80HGB7eDSQAe8rpCrvRGvJ86F8spTVuFcrXq-KrXXl7PRyiPFnkB20cYAYkeOP3b6mikATbT1ROk-3G2ExR8k674IpjAbCrgjYkAF_uy-JdthUYaOHMSXYL-gYfnZHZKgahv_lTtIo9G8a9PBluZqasHCUG0ibBIeXUFQDDq8BEHX4evg-kvQnNVTEZTXAhKVIvHTNJ6-IGz_SNclL4hUIz0Tx42QCyBgPFmsnlGhRqDkEWoSryNNRhoncuHefpvhNfkQ9HCaWxvf1vBkg2-S3dLTW0KO4zwEHSBo6jgOkoP1J_YqnjqbzLle8WrbwW-JkC4_H44yFOk0loI-vnCy-26OpunndRCx_ZuFaz0zZ44FYxQrBM25wnzwdZ5Ps8ZnTm_56wVM6dNSjJDf0tw7at2JCZKX8YBiLMx_WqOtINFOT_orbv7zfU0NkIqgsrsNV2Rw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbYtxkRhIZKacDpbt3gOF3KjADMme0rFc1fbi1pMBwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAud0FNX2e7I-4AIAqAMBqgTEAk_QcG4pabimfrpfK9husQP4HXfzwRFU5B1IZk7Q9ZIlJgs7xTl2Fu59HNwBlSVvOA1UdhgCf1AX7VhFZS0ZQeoHSye3GPt5pXR_DCcuiIBrjwAQ-a2UbRHEy1NWeXozKdtgBWxadq1szBWHQylR_htFgs-XZe7en1oOJ17gphVWnvZc4XAMWGlAyPsHA74OojINC4KIsKXgwFunbjiilBHnoN7yKIRcX3GGt3g6CdoEYDdxE-jYkjoux98sSq7y6cOAa2v_5Pb_Rh0TvquhPJwbntQgJa1DiOPEyTBePqcNGkTjARBTqBHAH7h2nBTIrUAfeED4z_Q3Gw1VUx5o1jeORD7VPAhdZXMTMsOOhzfxF95hEC_Bo7nUGmIHcuCbU4bhyCPbed2v96g16r7NE6_Oo29JOkcTUZe4LOG-yk5OtH3RcuAEAYAGgauk4bfgiqQGoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1q1hzTYjNgsZozcC2ixxgjD90cbw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 19 Apr 2024 18:14:41 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame C6C8 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=uQMKRqmDkSlJCtKvUs8Jmlet6Z-T4IuDXvNuTpReXToZ-SxTIjMpuRtCyLX_appCoPaBlVkwYpVTvoFZ3O_hu7Ihf8hwLvTHxvlwEXobIG_Ej9aBgTIINpeYb3Q5hsH3NUZo6fi7l2JXVmjc52TGDq38SZQ_549J_XfKePMBYrmpQ8Jbx5tpErZIYdg1SxNFlJavOIjKSgWvxECLFicOZtckY_V4NJyaebV_q7LqItLPMALAuXOHvD5m6b_lqxx-NrruZx0Ed3PUmVKXmiDTZyh-gQte3M_K0t5tQExo_99BVDDMB5EQfiOsh6nqtXRTukUE7eelsGstAQzO8YRUluGXcjjMoDYE1OZCggOxMpI7LN3crFjYs2_OmBBU-wY48Nkronexs22ONHl2iFIFAfDNsOCawmkhUkqfk-iaJGwiuI6vrsuaHZn44uGBgwJMotOGKg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEgYkQADjiYKd7aWAAouBXbNKHorkAtbVTOURA&u=%7CnES9D%2FSP9mF5tYo1SS298VlBcqXke7diOkw%2FFjQlQlA%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkL9ENSsYQHHqzqEhpMmBS541imABqguik0SzIq4XyqVx9z2SLmEjVLCZgYdk73Za2NKURgjZ9vWIyx_E8Trl9WqCW9SI1K4R06bl3wMO2KZ3RVK9SRHQnSZ0w8sWY80HGB7eDSQAe8rpCrvRGvJ86F8spTVuFcrXq-KrXXl7PRyiPFnkB20cYAYkeOP3b6mikATbT1ROk-3G2ExR8k674IpjAbCrgjYkAF_uy-JdthUYaOHMSXYL-gYfnZHZKgahv_lTtIo9G8a9PBluZqasHCUG0ibBIeXUFQDDq8BEHX4evg-kvQnNVTEZTXAhKVIvHTNJ6-IGz_SNclL4hUIz0Tx42QCyBgPFmsnlGhRqDkEWoSryNNRhoncuHefpvhNfkQ9HCaWxvf1vBkg2-S3dLTW0KO4zwEHSBo6jgOkoP1J_YqnjqbzLle8WrbwW-JkC4_H44yFOk0loI-vnCy-26OpunndRCx_ZuFaz0zZ44FYxQrBM25wnzwdZ5Ps8ZnTm_56wVM6dNSjJDf0tw7at2JCZKX8YBiLMx_WqOtINFOT_orbv7zfU0NkIqgsrsNV2Rw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbYtxkRhIZKacDpbt3gOF3KjADMme0rFc1fbi1pMBwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAud0FNX2e7I-4AIAqAMBqgTEAk_QcG4pabimfrpfK9husQP4HXfzwRFU5B1IZk7Q9ZIlJgs7xTl2Fu59HNwBlSVvOA1UdhgCf1AX7VhFZS0ZQeoHSye3GPt5pXR_DCcuiIBrjwAQ-a2UbRHEy1NWeXozKdtgBWxadq1szBWHQylR_htFgs-XZe7en1oOJ17gphVWnvZc4XAMWGlAyPsHA74OojINC4KIsKXgwFunbjiilBHnoN7yKIRcX3GGt3g6CdoEYDdxE-jYkjoux98sSq7y6cOAa2v_5Pb_Rh0TvquhPJwbntQgJa1DiOPEyTBePqcNGkTjARBTqBHAH7h2nBTIrUAfeED4z_Q3Gw1VUx5o1jeORD7VPAhdZXMTMsOOhzfxF95hEC_Bo7nUGmIHcuCbU4bhyCPbed2v96g16r7NE6_Oo29JOkcTUZe4LOG-yk5OtH3RcuAEAYAGgauk4bfgiqQGoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1q1hzTYjNgsZozcC2ixxgjD90cbw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2719663
expires
Mon, 26 Jul 1997 05:00:00 GMT
1x1.b
mm.melia.com/dynview/melia-com/ Frame C6C8
Redirect Chain
  • https://a1.adform.net/adfserve/?bn=53543619;1x1inv=1;srctype=3;gdpr=1;;ord=6448189123ade93ff4a34afaf03b9c3d
  • https://mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_DE_p-criteo&ead-location=display_Prospecting_DE-1x1_de&ead-creative=DE-criteo-c_eastersale-1x1_de&ead-creative...
111 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_DE_p-criteo&ead-location=display_Prospecting_DE-1x1_de&ead-creative=DE-criteo-c_eastersale-1x1_de&ead-creativetype=1x1_de&eseg-name=campaign&eseg-item=eastersale&ead-mediaplan=DE-Prospecting&ea-rnd=5555&adfrmid=0
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEgYkQADjiYKd7aWAAouBXbNKHorkAtbVTOURA&u=%7CnES9D%2FSP9mF5tYo1SS298VlBcqXke7diOkw%2FFjQlQlA%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkL9ENSsYQHHqzqEhpMmBS541imABqguik0SzIq4XyqVx9z2SLmEjVLCZgYdk73Za2NKURgjZ9vWIyx_E8Trl9WqCW9SI1K4R06bl3wMO2KZ3RVK9SRHQnSZ0w8sWY80HGB7eDSQAe8rpCrvRGvJ86F8spTVuFcrXq-KrXXl7PRyiPFnkB20cYAYkeOP3b6mikATbT1ROk-3G2ExR8k674IpjAbCrgjYkAF_uy-JdthUYaOHMSXYL-gYfnZHZKgahv_lTtIo9G8a9PBluZqasHCUG0ibBIeXUFQDDq8BEHX4evg-kvQnNVTEZTXAhKVIvHTNJ6-IGz_SNclL4hUIz0Tx42QCyBgPFmsnlGhRqDkEWoSryNNRhoncuHefpvhNfkQ9HCaWxvf1vBkg2-S3dLTW0KO4zwEHSBo6jgOkoP1J_YqnjqbzLle8WrbwW-JkC4_H44yFOk0loI-vnCy-26OpunndRCx_ZuFaz0zZ44FYxQrBM25wnzwdZ5Ps8ZnTm_56wVM6dNSjJDf0tw7at2JCZKX8YBiLMx_WqOtINFOT_orbv7zfU0NkIqgsrsNV2Rw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbYtxkRhIZKacDpbt3gOF3KjADMme0rFc1fbi1pMBwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAud0FNX2e7I-4AIAqAMBqgTEAk_QcG4pabimfrpfK9husQP4HXfzwRFU5B1IZk7Q9ZIlJgs7xTl2Fu59HNwBlSVvOA1UdhgCf1AX7VhFZS0ZQeoHSye3GPt5pXR_DCcuiIBrjwAQ-a2UbRHEy1NWeXozKdtgBWxadq1szBWHQylR_htFgs-XZe7en1oOJ17gphVWnvZc4XAMWGlAyPsHA74OojINC4KIsKXgwFunbjiilBHnoN7yKIRcX3GGt3g6CdoEYDdxE-jYkjoux98sSq7y6cOAa2v_5Pb_Rh0TvquhPJwbntQgJa1DiOPEyTBePqcNGkTjARBTqBHAH7h2nBTIrUAfeED4z_Q3Gw1VUx5o1jeORD7VPAhdZXMTMsOOhzfxF95hEC_Bo7nUGmIHcuCbU4bhyCPbed2v96g16r7NE6_Oo29JOkcTUZe4LOG-yk5OtH3RcuAEAYAGgauk4bfgiqQGoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1q1hzTYjNgsZozcC2ixxgjD90cbw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
HTTP/1.1
Server
109.232.197.110 , France, ASN50234 (EULERIAN-AS, FR),
Reverse DNS
ml.eulerian.net
Software
EWS /
Resource Hash
0609b70c35eab974a2c2d99d6da5d84d95b97f9fe3d28828710d04835153cb20
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Date
Tue, 25 Apr 2023 18:14:42 GMT
Strict-Transport-Security
max-age=604800
X-Content-Type-Options
nosniff
Server
EWS
Content-Type
image/png
Cache-Control
max-age=0, private
Connection
Close
Accept-Ranges
none
X-Robots-Tag
noindex
Content-Length
111
X-XSS-Protection
0

Redirect headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
text/html; charset=utf-8
location
https://mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_DE_p-criteo&ead-location=display_Prospecting_DE-1x1_de&ead-creative=DE-criteo-c_eastersale-1x1_de&ead-creativetype=1x1_de&eseg-name=campaign&eseg-item=eastersale&ead-mediaplan=DE-Prospecting&ea-rnd=5555&adfrmid=0
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
lgn.php
cat.fr3.eu.criteo.com/delivery/ Frame 429A 		43 B
348 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cat.fr3.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=Sqb7AUCm5MjMn2b58RRbz6H-nDCt1p_osg3WI14QlgMLyAJmjU_1PRCUteCMIskuUoutNJFm618VatfvaI0OicCr4U9YeOBag4i18V_OA_RT3KZW7UYizWCxClxs0cZSRIfQOMICf08wlVBDnqhJLzDFpieTGCmS_gQSDr7zkT5rzHjbw5IisEIsQ6fYTs4L7OEbLh5SQXdi4eYadTunF6XUMzxumNQyIHOkg_WHbJHo-66mRV-fu6yEHVMcznzm0dxw0Vd7KeW2GcPD4tFHBFqRbP6sdiot-YRe2mtRdW6tjwxUHfY19GfFFddIpF3ONLWuJKjeTQmWab8J7RmtxCOGVWOt0Ya3uAsGyBqkhb5pNqs32m9y6xghpyE9gIcIs1afmXh9qk0gYc2k-2kHpV9PxPJ9r-BMbB0IFrfbRKMmuRBevLgnWotbGSkVGjtDwHWlJgnzKcm64Fnp0661v6f1ckNpgAZGobNpir4DdoJKIrrM&z=ZEgYkAALIocKd58PAAhKSWBPCqYZXdlyPQSXow
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2266280
expires
Mon, 26 Jul 1997 05:00:00 GMT
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 429A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kqLpFPHZWwAAnYNiAgIAAAB6GxTuaoJ9sgcGddEQkBhIZIUxia4iGT8ghl0AABIDAQoKQVFVQkR3RUJEdw&wp=ZEgYkAALIocKd58PAAhKSWBPCqYZXdlyPQSXow
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
157683
server
Kestrel
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 429A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CJwh4kBhIZIfFLI--3gPJlKGoB8me0rFc1Z2R93DAjbcBEAEgAGCVypmCrAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC53QU1fZ7sj7gAgCoAwGqBLICT9CYK0aPA4DhtJhQp91sYWQwyr-jKpzrcp5WkFKYRaCOBDkzSVBqVmwhj3Ph9VwpPD90cA-Ed18s90N91o4m38pPunuDmnPXazg9KlCW0R0jNejCTc6Iq23uGO15yIYBv5hn-3gLhDvnonbho6rRwKkoqswQ2fIVk9vqBQADDwfiZcyi7dDx9tFwvv9YKJUAKe5dCunxZkd6-Dz927tzG83gmlCKbeQ2WIGFiQdmWgtnfpcUyydbiRVtkmbeyTwYEBu-lb_YnBNYLZek6vSHGZcLhkz5wfQDWKMYWg4SANOnwL8IJloD6GbusQfDt1P1rUr2rUMXzIzD9q83RWIaU0f0o8lTQYiGTKUSBMh53fe-EoCmM1elKnL9EDR_Z6YQHKePo37bqPhZwUfu7LxrHAYE4AQBgAbN2JPsxZ_27yugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=1wJO2seuNy8&uach_m=[UACH]&cid=CAQSPwBygQiDCuGN-YOrutzRerMt0W_Q9N36dA5fI9Rwp9X4etgfz5xy8zATNStMV6-17KZA6fSkNE-uqLl2uPYLvBgB&vt=10
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
lgn.php
cat.nl3.eu.criteo.com/delivery/ Frame 429A 		43 B
347 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cat.nl3.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=vuspx2Bi4TlTh7aQFfUfuDkJ1CxfnAO99GhWlTR7Ykhh5ERMRkg9MBPc8XmW1vrpYK09C05ySEowpxMIK_sEKCd4NSqHEaOWaE4uLGIADeS8FkpxoRq81ZMvR0qg8gSgSgTje2jgCBCxgCI9zgIs-cf4DIx7ZZzKIIA_XCGSd3oo6pHJ7aPIckWExrKmYMYvCnu1k8kYOsPmeF5TnQtLOb0VYZuXDcwTbJKydQss_5-VuS7xBqH3wQS7GCH9nQd9ZKheYV0DsyJ4sH1-zgjSAlV0HZS_2uy7nVRLHzN9iSnGUqf2jSg-S2j-AjSI6uS0vKh7B67aZS66AJQXqeMJAnSy-oBfpAHoDqsxGZCC_II8sAjhopdawo8DyBni9rdPMhuIHtfn43z7JRMGBT8ioXzgYh-h4C8Vz1OBnA25OXLmbBzUPWfyn0M3k-KL5pXPtPxflZC0m4-z6Pz_YegjSq0yXI_RM6BvFsP7XbyigjK42j4L&z=ZEgYkAALIosKd58PAAhKSWMOuSt9SWAG7yjJqQ
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2722108
expires
Mon, 26 Jul 1997 05:00:00 GMT
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 429A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=ktnGEvHZWwAAnYNiAgIAAAB6GxTuaoJ9sgcGddEQkBhIZLgGSWCIHcBpid8AABIDAQoKQVFVQkFRRUJBUQ&wp=ZEgYkAALIosKd58PAAhKSWMOuSt9SWAG7yjJqQ
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
140944
server
Kestrel
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 429A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cj5LnkBhIZIvFLI--3gPJlKGoB8me0rFc1Z2R93DAjbcBEAEgAGCVypmCrAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC53QU1fZ7sj7gAgCoAwGqBLICT9BYWtFlhmCGrTqx3yuAwtDCFMnGdk1POs6S1D4l5F3Wwn88YUn6cjdeKs9ApkmW0iiVGKU7IdsUL5snv9TutGCZCo5b3fnyYaJJyaOsae0goSoL2H1kmstNoYWNB0U3bIzNNbpEOYEZT0HICxK6lg3NCdBv8d1Nb63R-f-aTgYADwdS37vqFXznMupH7dKo-CwnD8UNi_MeeR2tzaBqX4kzO9JlVKb8uRO56skXTINEtadS1gmteDaAoVzFZAdjPUpw65qEgOHPTncpQOecO0-CChZNsD7hG3ZSKQ21UbCPapsg7snN2W3w7EGbxb9KpOoSoPSA2-D8ZTusFzIm3icg9iMQKTaoU2a3RAfhJod7ey4TEQ3WxCqy87BsgqANKdinUjKCx7hlAJ5H-r26NZbZ4AQBgAaC5vnI56TV1DSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=nKmkLQSGLIc&uach_m=[UACH]&cid=CAQSPwBygQiDCuGN-YOrutzRerMt0W_Q9N36dA5fI9Rwp9X4etgfz5xy8zATNStMV6-17KZA6fSkNE-uqLl2uPYLvBgB&vt=10
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 429A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cme9NkBhIZIfFLI--3gPJlKGoB8me0rFc1Z2R93DAjbcBEAEgAGCVypmCrAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC53QU1fZ7sj7gAgCoAwHIAwKqBLICT9CYK0aPA4DhtJhQp91sYWQwyr-jKpzrcp5WkFKYRaCOBDkzSVBqVmwhj3Ph9VwpPD90cA-Ed18s90N91o4m38pPunuDmnPXazg9KlCW0R0jNejCTc6Iq23uGO15yIYBv5hn-3gLhDvnonbho6rRwKkoqswQ2fIVk9vqBQADDwfiZcyi7dDx9tFwvv9YKJUAKe5dCunxZkd6-Dz927tzG83gmlCKbeQ2WIGFiQdmWgtnfpcUyydbiRVtkmbeyTwYEBu-lb_YnBNYLZek6vSHGZcLhkz5wfQDWKMYWg4SANOnwL8IJloD6GbusQfDt1P1rUr2rUMXzIzD9q83RWIaU0f0o8lTQYiGTKUSBMh53fe-EoCmM1elKnL9EDR_Z6YQHKePo37bqPhZwUfu7LxrHAYE4AQBgAbN2JPsxZ_27yugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=0uaoU_jXTTI&uach_m=[UACH]&cid=CAQSPwBygQiDCuGN-YOrutzRerMt0W_Q9N36dA5fI9Rwp9X4etgfz5xy8zATNStMV6-17KZA6fSkNE-uqLl2uPYLvBgB
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 429A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDzl4kBhIZIvFLI--3gPJlKGoB8me0rFc1Z2R93DAjbcBEAEgAGCVypmCrAeCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC53QU1fZ7sj7gAgCoAwHIAwKqBLICT9BYWtFlhmCGrTqx3yuAwtDCFMnGdk1POs6S1D4l5F3Wwn88YUn6cjdeKs9ApkmW0iiVGKU7IdsUL5snv9TutGCZCo5b3fnyYaJJyaOsae0goSoL2H1kmstNoYWNB0U3bIzNNbpEOYEZT0HICxK6lg3NCdBv8d1Nb63R-f-aTgYADwdS37vqFXznMupH7dKo-CwnD8UNi_MeeR2tzaBqX4kzO9JlVKb8uRO56skXTINEtadS1gmteDaAoVzFZAdjPUpw65qEgOHPTncpQOecO0-CChZNsD7hG3ZSKQ21UbCPapsg7snN2W3w7EGbxb9KpOoSoPSA2-D8ZTusFzIm3icg9iMQKTaoU2a3RAfhJod7ey4TEQ3WxCqy87BsgqANKdinUjKCx7hlAJ5H-r26NZbZ4AQBgAaC5vnI56TV1DSgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=Xz0bVN9SAEw&uach_m=[UACH]&cid=CAQSPwBygQiDCuGN-YOrutzRerMt0W_Q9N36dA5fI9Rwp9X4etgfz5xy8zATNStMV6-17KZA6fSkNE-uqLl2uPYLvBgB
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
ac81f3548a5e4f35a5789fe64b48bd89_unisex_16-9.mp4
static.criteo.net/design/dt/48044/230330/ Frame 521D 		261 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/48044/230330/ac81f3548a5e4f35a5789fe64b48bd89_unisex_16-9.mp4
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Mar 2023 13:11:38 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"64258a8a-1e5017"
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-1986582/1986583
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
1986583
expires
Fri, 19 Apr 2024 18:14:41 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame C6C8 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEgYkQADjiYKd7aWAAouBXbNKHorkAtbVTOURA&u=%7CnES9D%2FSP9mF5tYo1SS298VlBcqXke7diOkw%2FFjQlQlA%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkL9ENSsYQHHqzqEhpMmBS541imABqguik0SzIq4XyqVx9z2SLmEjVLCZgYdk73Za2NKURgjZ9vWIyx_E8Trl9WqCW9SI1K4R06bl3wMO2KZ3RVK9SRHQnSZ0w8sWY80HGB7eDSQAe8rpCrvRGvJ86F8spTVuFcrXq-KrXXl7PRyiPFnkB20cYAYkeOP3b6mikATbT1ROk-3G2ExR8k674IpjAbCrgjYkAF_uy-JdthUYaOHMSXYL-gYfnZHZKgahv_lTtIo9G8a9PBluZqasHCUG0ibBIeXUFQDDq8BEHX4evg-kvQnNVTEZTXAhKVIvHTNJ6-IGz_SNclL4hUIz0Tx42QCyBgPFmsnlGhRqDkEWoSryNNRhoncuHefpvhNfkQ9HCaWxvf1vBkg2-S3dLTW0KO4zwEHSBo6jgOkoP1J_YqnjqbzLle8WrbwW-JkC4_H44yFOk0loI-vnCy-26OpunndRCx_ZuFaz0zZ44FYxQrBM25wnzwdZ5Ps8ZnTm_56wVM6dNSjJDf0tw7at2JCZKX8YBiLMx_WqOtINFOT_orbv7zfU0NkIqgsrsNV2Rw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbYtxkRhIZKacDpbt3gOF3KjADMme0rFc1fbi1pMBwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAud0FNX2e7I-4AIAqAMBqgTEAk_QcG4pabimfrpfK9husQP4HXfzwRFU5B1IZk7Q9ZIlJgs7xTl2Fu59HNwBlSVvOA1UdhgCf1AX7VhFZS0ZQeoHSye3GPt5pXR_DCcuiIBrjwAQ-a2UbRHEy1NWeXozKdtgBWxadq1szBWHQylR_htFgs-XZe7en1oOJ17gphVWnvZc4XAMWGlAyPsHA74OojINC4KIsKXgwFunbjiilBHnoN7yKIRcX3GGt3g6CdoEYDdxE-jYkjoux98sSq7y6cOAa2v_5Pb_Rh0TvquhPJwbntQgJa1DiOPEyTBePqcNGkTjARBTqBHAH7h2nBTIrUAfeED4z_Q3Gw1VUx5o1jeORD7VPAhdZXMTMsOOhzfxF95hEC_Bo7nUGmIHcuCbU4bhyCPbed2v96g16r7NE6_Oo29JOkcTUZe4LOG-yk5OtH3RcuAEAYAGgauk4bfgiqQGoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1q1hzTYjNgsZozcC2ixxgjD90cbw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
573149
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JH%2FsIt1RwzKpKC8EuZifj2ap0b7fgxaZnakIvthdSKkFm8w%2Fkfj6Q6Z2U8bf8W%2FsHx0uQf2RSPMkc82WO9YAZ7FJnvVR0nxBdAD7iJF6eNRx2%2BTBWxFY8cVkHeIFXxrOD6lOGJqeGInCmTFBl0%2FJI4Kx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7bd89130bc1d90e6-FRA
expires
Sun, 14 Apr 2024 18:14:42 GMT
animejs.js
static.criteo.net/animejs/ Frame C6C8 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEgYkQADjiYKd7aWAAouBXbNKHorkAtbVTOURA&u=%7CnES9D%2FSP9mF5tYo1SS298VlBcqXke7diOkw%2FFjQlQlA%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkL9ENSsYQHHqzqEhpMmBS541imABqguik0SzIq4XyqVx9z2SLmEjVLCZgYdk73Za2NKURgjZ9vWIyx_E8Trl9WqCW9SI1K4R06bl3wMO2KZ3RVK9SRHQnSZ0w8sWY80HGB7eDSQAe8rpCrvRGvJ86F8spTVuFcrXq-KrXXl7PRyiPFnkB20cYAYkeOP3b6mikATbT1ROk-3G2ExR8k674IpjAbCrgjYkAF_uy-JdthUYaOHMSXYL-gYfnZHZKgahv_lTtIo9G8a9PBluZqasHCUG0ibBIeXUFQDDq8BEHX4evg-kvQnNVTEZTXAhKVIvHTNJ6-IGz_SNclL4hUIz0Tx42QCyBgPFmsnlGhRqDkEWoSryNNRhoncuHefpvhNfkQ9HCaWxvf1vBkg2-S3dLTW0KO4zwEHSBo6jgOkoP1J_YqnjqbzLle8WrbwW-JkC4_H44yFOk0loI-vnCy-26OpunndRCx_ZuFaz0zZ44FYxQrBM25wnzwdZ5Ps8ZnTm_56wVM6dNSjJDf0tw7at2JCZKX8YBiLMx_WqOtINFOT_orbv7zfU0NkIqgsrsNV2Rw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbYtxkRhIZKacDpbt3gOF3KjADMme0rFc1fbi1pMBwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAud0FNX2e7I-4AIAqAMBqgTEAk_QcG4pabimfrpfK9husQP4HXfzwRFU5B1IZk7Q9ZIlJgs7xTl2Fu59HNwBlSVvOA1UdhgCf1AX7VhFZS0ZQeoHSye3GPt5pXR_DCcuiIBrjwAQ-a2UbRHEy1NWeXozKdtgBWxadq1szBWHQylR_htFgs-XZe7en1oOJ17gphVWnvZc4XAMWGlAyPsHA74OojINC4KIsKXgwFunbjiilBHnoN7yKIRcX3GGt3g6CdoEYDdxE-jYkjoux98sSq7y6cOAa2v_5Pb_Rh0TvquhPJwbntQgJa1DiOPEyTBePqcNGkTjARBTqBHAH7h2nBTIrUAfeED4z_Q3Gw1VUx5o1jeORD7VPAhdZXMTMsOOhzfxF95hEC_Bo7nUGmIHcuCbU4bhyCPbed2v96g16r7NE6_Oo29JOkcTUZe4LOG-yk5OtH3RcuAEAYAGgauk4bfgiqQGoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1q1hzTYjNgsZozcC2ixxgjD90cbw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 19 Apr 2024 18:14:41 GMT
truncated
/ Frame 429A 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a4f601a875eb2b913819f5daec97504ed7644f6e450dbf32a70705c00189d60

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame E7A3
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEA5sd4Ja40FXD0pgdhILKLw&google_cver=1&google_push=ATf1kGP4yhQzevzTirC09OFERua4v4_UTcDTMtVlMtaQZVfQ_rgssQDB4laLG3q9I1Wfo35_d70DGoVNSgRcnSs4wcqDdUd_rHIe
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=960065FFB9FA44B4BFB6521377506F78&google_push=ATf1kGP4yhQzevzTirC09OFERua4v4_UTcDTMtVlMtaQZVfQ_rgssQDB4laLG3q9I1Wfo35_d70DGoVNSgRcnSs...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=960065FFB9FA44B4BFB6521377506F78&google_push=ATf1kGP4yhQzevzTirC09OFERua4v4_UTcDTMtVlMtaQZVfQ_rgssQDB4laLG3q9I1Wfo35_d70DGoVNSgRcnSs4wcqDdUd_rHIe
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 25 Apr 2023 18:14:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=960065FFB9FA44B4BFB6521377506F78&google_push=ATf1kGP4yhQzevzTirC09OFERua4v4_UTcDTMtVlMtaQZVfQ_rgssQDB4laLG3q9I1Wfo35_d70DGoVNSgRcnSs4wcqDdUd_rHIe
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 24 Apr 2023 18:14:42 GMT
google
match.adsrvr.org/track/cmf/ Frame E7A3 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJoywGio9Rjv8yMTgbJ9vkI&google_cver=1&google_push=ATf1kGP5f4ZD8txPz84gt3G4oh_tOMhL8hXbCsaylgZ1Hp_Chw6xZXNOBKrHwp13UXJq-M-Kxt6NmbqVs8PjgnAaaMBLdd6rhSdf
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 25 Apr 2023 18:14:42 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame E7A3
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEAAAMeB3hqhRSKneerKXDGg&c_param1=ATf1kGP-2iBTuADM0UpPmJMGxbM7Jp2_2ElXFaEk79pJxYly_e2aFMZwUe176dM3GoGaiEVd_RqgiiCe7QHZLnAREqG_Jxifilgy&gdpr=%%GDPR%%&...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGP-2iBTuADM0UpPmJMGxbM7Jp2_2ElXFaEk79pJxYly_e2aFMZwUe176dM3GoGaiEVd_RqgiiCe7QHZLnAREqG_Jxifilgy
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGP-2iBTuADM0UpPmJMGxbM7Jp2_2ElXFaEk79pJxYly_e2aFMZwUe176dM3GoGaiEVd_RqgiiCe7QHZLnAREqG_Jxifilgy
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGP-2iBTuADM0UpPmJMGxbM7Jp2_2ElXFaEk79pJxYly_e2aFMZwUe176dM3GoGaiEVd_RqgiiCe7QHZLnAREqG_Jxifilgy
date
Tue, 25 Apr 2023 18:14:42 GMT
server
nginx/1.23.2
content-length
0
pixel
cm.g.doubleclick.net/ Frame E7A3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEA7no7gihepBoyr9n80fryo&google_cver=1&google_push=ATf1kGPCKwmCYdNhnZ5GEnt4gw75g6CvMaDlp95CHwbRY7KyqLSTth6dNH3NwyfueB2kq5CF_C9Fr-T8GRzZt...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEA7no7gihepBoyr9n80fryo&google_push=ATf1kGPCKwmCYdNhnZ5GEnt4gw75g6CvMaDlp95CHwbRY7KyqLSTth6dNH3NwyfueB2kq5CF_C9Fr-T8GRzZt...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGPCKwmCYdNhnZ5GEnt4gw75g6CvMaDlp95CHwbRY7KyqLSTth6dNH3NwyfueB2kq5CF_C9Fr-T8GRzZtbRDQwaBv_aUCklT&google_hm=Sl9PTHN3R1o4TUhqRi1W...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGPCKwmCYdNhnZ5GEnt4gw75g6CvMaDlp95CHwbRY7KyqLSTth6dNH3NwyfueB2kq5CF_C9Fr-T8GRzZtbRDQwaBv_aUCklT&google_hm=Sl9PTHN3R1o4TUhqRi1WX1ZxY24=
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 25 Apr 2023 18:14:42 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGPCKwmCYdNhnZ5GEnt4gw75g6CvMaDlp95CHwbRY7KyqLSTth6dNH3NwyfueB2kq5CF_C9Fr-T8GRzZtbRDQwaBv_aUCklT&google_hm=Sl9PTHN3R1o4TUhqRi1WX1ZxY24=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E7A3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEFqQ58hxAPa4J5lxak-SLg0&google_cver=1&google_push=ATf1kGOvBPF2NaWH4Pod_IW1qfzS9Hg307__Dd277uBSShh1fbepy7Cr6mrMaHEGCicLdznmHGKoeMK7wicoyMp...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=mF3rrGL6UPlDxUqw31OCiNly2hU&google_push=ATf1kGOvBPF2NaWH4Pod_IW1qfzS9Hg307__Dd277uBSShh1fbepy7Cr6mrMaHEGCicLdznmHGKoeMK7wicoyM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=mF3rrGL6UPlDxUqw31OCiNly2hU&google_push=ATf1kGOvBPF2NaWH4Pod_IW1qfzS9Hg307__Dd277uBSShh1fbepy7Cr6mrMaHEGCicLdznmHGKoeMK7wicoyMptCZti6vYpxHU
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=mF3rrGL6UPlDxUqw31OCiNly2hU&google_push=ATf1kGOvBPF2NaWH4Pod_IW1qfzS9Hg307__Dd277uBSShh1fbepy7Cr6mrMaHEGCicLdznmHGKoeMK7wicoyMptCZti6vYpxHU
Date
Tue, 25 Apr 2023 18:14:42 GMT
Connection
keep-alive
Content-Length
241
Content-Type
text/html; charset=utf-8
sync
rtb2-useast.e-volution.ai/ Frame E7A3 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEJXFj_FChHnXe65STw2foMg&google_cver=1&google_push=ATf1kGPo-6PPw8_HkCGvKwp1D8hModwmYVrDNkKJwKX3kd_BQWoTBHMMXK-HJ8qx-ddfFOEDJ5YOY9UzV6SN9yBfrP5I2nuSmuEOBg
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Apr 2023 18:14:42 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
google
sync-dmp.aura-dsp.com/match/ Frame E7A3 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame E7A3 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LWwcwHo-X4BznF9HwMILjyy9UF_Zjnkm1j0d3_FelXHSLa3D2Zemi2fXycz1GP9AWo0WzTfmQ
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
css
fonts.googleapis.com/ Frame 2536 		4 KB
646 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3018c5284222e82380ec1570f914f544c35e062c4ff9c64e46fdc01695b2b274
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Apr 2023 18:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 17:46:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Apr 2023 18:14:42 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 2536 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 12:11:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
21789
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 12:11:33 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame 2536 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite_fy2021.js
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 14:56:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
11913
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8535
x-xss-protection
0
server
cafe
etag
13968503839060854674
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 14:56:09 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 2536 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 16:19:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
6897
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 16:19:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 2536 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 12:11:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
21791
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8104
x-xss-protection
0
server
cafe
etag
11444945707709536616
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 12:11:31 GMT
l
www.google.com/ads/measurement/ Frame 2536 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTwiNHTbrNxGWdDTcOMXtIraUwt1wnOq5dWaSeZoJTOEfAUlyA_xnguArzMq_xB6jNwtfOGIPsHgBzvlesGbW1y6Iij8Q
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2536 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Apr 2023 18:14:42 GMT
f8970ecc2196f374e9d99027c476dd6b.js
www.gstatic.com/mysidia/ Frame 2536 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 12:11:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21771
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13747
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 20:22:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 24 Jul 2023 12:11:51 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=263317129759169&correlator=2979560958077747&eid=31073385%2C31074093&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Ccube&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=11&adks=323800357&didk=2675907389&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-1%26hb_r_id%3D3393ed759a089f4%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.06%26hb_adid%3D2056a381fa2caf7d%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10673%252F878248%252Fgirona-vs-real-madrid%252F&sc=1&cookie=ID%3Dd63755abbe95516f-229a3c7baddd004c%3AT%3D1682446480%3AS%3DALNI_MYRpzP03Ys_rEAIRiVJXrNhV1qWhA&gpic=UID%3D00000befae92e8fe%3AT%3D1682446480%3ART%3D1682446480%3AS%3DALNI_Mb434xwexQHonekkg6izdHYivHpnQ&abxe=1&dt=1682446482085&lmt=1682446463&dlt=1682446480164&idt=437&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1037507575.1682446481&ga_sid=1682446481&ga_hid=309559342&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYher_zPswSABSAghkEhkKCnB1YmNpZC5vcmcY_ur_zPswSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqakRHUVJxc09YUkpONTJkdkpNUFFDMThxQWZ5Q2tkUkVJRkZwVmtORmJhbDBKQXZPdzZqUzNSWldPU1liNW0zLzVaWDlpejBxaUFtZFUxUmZTOEtjcCtFbkFTTUltU25veTZ0bnh1Y1lPZmpybndobGhJaEN5T0d5TEhxV3ZNNlFXT0dqM3JDZnIyR0JLSGZrdnhRRWEzcGlyYVBKV2pmbTluY1NOYzFWS3NxZE45S3E3aEhxT09BaUxSaXlsL2wwbXc9PRiK7P_M-zBIABIdCg5lc3AuY3JpdGVvLmNvbRiF6v_M-zBIAFICCGQSGQoKdWlkYXBpLmNvbRiF6v_M-zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNDr_8z7MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aaf66d61241e134af54f637377aea34e26cf61a7cf186f6cd50666eba849fd93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9565
x-xss-protection
0
google-lineitem-id
5818019657
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374037624
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=263317129759169&correlator=2979560958077747&eid=31073385%2C31074093&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Ccube2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=12&adks=2685385890&didk=2675907388&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-2%26hb_r_id%3D428eddd59edf6e4%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.04%26hb_adid%3D2094afb7067a6431%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10673%252F878248%252Fgirona-vs-real-madrid%252F&sc=1&cookie=ID%3Dd63755abbe95516f-229a3c7baddd004c%3AT%3D1682446480%3AS%3DALNI_MYRpzP03Ys_rEAIRiVJXrNhV1qWhA&gpic=UID%3D00000befae92e8fe%3AT%3D1682446480%3ART%3D1682446480%3AS%3DALNI_Mb434xwexQHonekkg6izdHYivHpnQ&abxe=1&dt=1682446482089&lmt=1682446463&dlt=1682446480164&idt=437&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1037507575.1682446481&ga_sid=1682446481&ga_hid=309559342&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYher_zPswSABSAghkEhkKCnB1YmNpZC5vcmcY_ur_zPswSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqakRHUVJxc09YUkpONTJkdkpNUFFDMThxQWZ5Q2tkUkVJRkZwVmtORmJhbDBKQXZPdzZqUzNSWldPU1liNW0zLzVaWDlpejBxaUFtZFUxUmZTOEtjcCtFbkFTTUltU25veTZ0bnh1Y1lPZmpybndobGhJaEN5T0d5TEhxV3ZNNlFXT0dqM3JDZnIyR0JLSGZrdnhRRWEzcGlyYVBKV2pmbTluY1NOYzFWS3NxZE45S3E3aEhxT09BaUxSaXlsL2wwbXc9PRiK7P_M-zBIABIdCg5lc3AuY3JpdGVvLmNvbRiF6v_M-zBIAFICCGQSGQoKdWlkYXBpLmNvbRiF6v_M-zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNDr_8z7MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c1a8a075f616501584f5d4f615bc375196e68fcf9934ce46358c34043130463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9593
x-xss-protection
0
google-lineitem-id
5818019657
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374438803
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=263317129759169&correlator=2979560958077747&eid=31073385%2C31074093&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Ccube3&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=13&adks=1315967423&didk=2675907387&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-3%26hb_r_id%3D5158a831965dcdb%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.05%26hb_adid%3D2127f300c7d2ace5%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10673%252F878248%252Fgirona-vs-real-madrid%252F&sc=1&cookie=ID%3Dd63755abbe95516f-229a3c7baddd004c%3AT%3D1682446480%3AS%3DALNI_MYRpzP03Ys_rEAIRiVJXrNhV1qWhA&gpic=UID%3D00000befae92e8fe%3AT%3D1682446480%3ART%3D1682446480%3AS%3DALNI_Mb434xwexQHonekkg6izdHYivHpnQ&abxe=1&dt=1682446482091&lmt=1682446463&dlt=1682446480164&idt=437&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1037507575.1682446481&ga_sid=1682446481&ga_hid=309559342&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYher_zPswSABSAghkEhkKCnB1YmNpZC5vcmcY_ur_zPswSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqakRHUVJxc09YUkpONTJkdkpNUFFDMThxQWZ5Q2tkUkVJRkZwVmtORmJhbDBKQXZPdzZqUzNSWldPU1liNW0zLzVaWDlpejBxaUFtZFUxUmZTOEtjcCtFbkFTTUltU25veTZ0bnh1Y1lPZmpybndobGhJaEN5T0d5TEhxV3ZNNlFXT0dqM3JDZnIyR0JLSGZrdnhRRWEzcGlyYVBKV2pmbTluY1NOYzFWS3NxZE45S3E3aEhxT09BaUxSaXlsL2wwbXc9PRiK7P_M-zBIABIdCg5lc3AuY3JpdGVvLmNvbRiF6v_M-zBIAFICCGQSGQoKdWlkYXBpLmNvbRiF6v_M-zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNDr_8z7MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43cab9eb043537bb9f4986951aba3110de339aa5d2c4a7d1456a06e87ca69ac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9583
x-xss-protection
0
google-lineitem-id
5818019657
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374037645
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		380 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=263317129759169&correlator=2979560958077747&eid=31073385%2C31074093&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Crich&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C320x50%7C320x100&ifi=14&adks=4183778&didk=2675907386&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-4%26hb_r_id%3D607e6be17e05a3%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.06%26hb_adid%3D207b41a989c60ebb%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10673%252F878248%252Fgirona-vs-real-madrid%252F&sc=1&cookie=ID%3Dd63755abbe95516f-229a3c7baddd004c%3AT%3D1682446480%3AS%3DALNI_MYRpzP03Ys_rEAIRiVJXrNhV1qWhA&gpic=UID%3D00000befae92e8fe%3AT%3D1682446480%3ART%3D1682446480%3AS%3DALNI_Mb434xwexQHonekkg6izdHYivHpnQ&abxe=1&dt=1682446482092&lmt=1682446463&dlt=1682446480164&idt=437&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1037507575.1682446481&ga_sid=1682446481&ga_hid=309559342&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYher_zPswSABSAghkEhkKCnB1YmNpZC5vcmcY_ur_zPswSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqakRHUVJxc09YUkpONTJkdkpNUFFDMThxQWZ5Q2tkUkVJRkZwVmtORmJhbDBKQXZPdzZqUzNSWldPU1liNW0zLzVaWDlpejBxaUFtZFUxUmZTOEtjcCtFbkFTTUltU25veTZ0bnh1Y1lPZmpybndobGhJaEN5T0d5TEhxV3ZNNlFXT0dqM3JDZnIyR0JLSGZrdnhRRWEzcGlyYVBKV2pmbTluY1NOYzFWS3NxZE45S3E3aEhxT09BaUxSaXlsL2wwbXc9PRiK7P_M-zBIABIdCg5lc3AuY3JpdGVvLmNvbRiF6v_M-zBIAFICCGQSGQoKdWlkYXBpLmNvbRiF6v_M-zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNDr_8z7MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e103a42492ad6e21528f709a1fa97d5645b540f15570589a039059d44d1842ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		381 B
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=263317129759169&correlator=2979560958077747&eid=31073385%2C31074093&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Crich2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C320x50%7C320x100&ifi=15&adks=861436630&didk=2675907385&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-5%26hb_r_id%3D69ed762b1b88e48%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.05%26hb_adid%3D2150297d86d20002%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10673%252F878248%252Fgirona-vs-real-madrid%252F&sc=1&cookie=ID%3Dd63755abbe95516f-229a3c7baddd004c%3AT%3D1682446480%3AS%3DALNI_MYRpzP03Ys_rEAIRiVJXrNhV1qWhA&gpic=UID%3D00000befae92e8fe%3AT%3D1682446480%3ART%3D1682446480%3AS%3DALNI_Mb434xwexQHonekkg6izdHYivHpnQ&abxe=1&dt=1682446482096&lmt=1682446463&dlt=1682446480164&idt=437&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=f&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1037507575.1682446481&ga_sid=1682446481&ga_hid=309559342&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYher_zPswSABSAghkEhkKCnB1YmNpZC5vcmcY_ur_zPswSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqakRHUVJxc09YUkpONTJkdkpNUFFDMThxQWZ5Q2tkUkVJRkZwVmtORmJhbDBKQXZPdzZqUzNSWldPU1liNW0zLzVaWDlpejBxaUFtZFUxUmZTOEtjcCtFbkFTTUltU25veTZ0bnh1Y1lPZmpybndobGhJaEN5T0d5TEhxV3ZNNlFXT0dqM3JDZnIyR0JLSGZrdnhRRWEzcGlyYVBKV2pmbTluY1NOYzFWS3NxZE45S3E3aEhxT09BaUxSaXlsL2wwbXc9PRiK7P_M-zBIABIdCg5lc3AuY3JpdGVvLmNvbRiF6v_M-zBIAFICCGQSGQoKdWlkYXBpLmNvbRiF6v_M-zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNDr_8z7MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ac2614f0cf797d0dc5e1d7c89fca178117cdfe1e367395561cf6a2b572dce31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=263317129759169&correlator=2979560958077747&eid=31073385%2C31074093&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Csky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=120x600%7C160x600%7C300x600&ifi=16&adks=2501595801&didk=2675907384&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-6%26hb_r_id%3D78b0dc50a3e2455%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.05%26hb_adid%3D2104ce26996575fa%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10673%252F878248%252Fgirona-vs-real-madrid%252F&sc=1&cookie=ID%3Dd63755abbe95516f-229a3c7baddd004c%3AT%3D1682446480%3AS%3DALNI_MYRpzP03Ys_rEAIRiVJXrNhV1qWhA&gpic=UID%3D00000befae92e8fe%3AT%3D1682446480%3ART%3D1682446480%3AS%3DALNI_Mb434xwexQHonekkg6izdHYivHpnQ&abxe=1&dt=1682446482098&lmt=1682446463&dlt=1682446480164&idt=437&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=g&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1037507575.1682446481&ga_sid=1682446481&ga_hid=309559342&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYher_zPswSABSAghkEhkKCnB1YmNpZC5vcmcY_ur_zPswSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqakRHUVJxc09YUkpONTJkdkpNUFFDMThxQWZ5Q2tkUkVJRkZwVmtORmJhbDBKQXZPdzZqUzNSWldPU1liNW0zLzVaWDlpejBxaUFtZFUxUmZTOEtjcCtFbkFTTUltU25veTZ0bnh1Y1lPZmpybndobGhJaEN5T0d5TEhxV3ZNNlFXT0dqM3JDZnIyR0JLSGZrdnhRRWEzcGlyYVBKV2pmbTluY1NOYzFWS3NxZE45S3E3aEhxT09BaUxSaXlsL2wwbXc9PRiK7P_M-zBIABIdCg5lc3AuY3JpdGVvLmNvbRiF6v_M-zBIAFICCGQSGQoKdWlkYXBpLmNvbRiF6v_M-zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNDr_8z7MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
255ae330ac3e1f559f481df2ba9c695f5856ae11f348ed6818fd7c140dc42e06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9561
x-xss-protection
0
google-lineitem-id
5850403633
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374029776
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		386 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=263317129759169&correlator=2979560958077747&eid=31073385%2C31074093&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cresponsive&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=17&adks=656180126&didk=2675907335&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-7%26hb_r_id%3D871b2e5a0a20b96%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.08%26hb_adid%3D20690128fd37c1ff%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10673%252F878248%252Fgirona-vs-real-madrid%252F&sc=1&cookie=ID%3Dd63755abbe95516f-229a3c7baddd004c%3AT%3D1682446480%3AS%3DALNI_MYRpzP03Ys_rEAIRiVJXrNhV1qWhA&gpic=UID%3D00000befae92e8fe%3AT%3D1682446480%3ART%3D1682446480%3AS%3DALNI_Mb434xwexQHonekkg6izdHYivHpnQ&abxe=1&dt=1682446482100&lmt=1682446463&dlt=1682446480164&idt=437&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=h&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1037507575.1682446481&ga_sid=1682446481&ga_hid=309559342&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYher_zPswSABSAghkEhkKCnB1YmNpZC5vcmcY_ur_zPswSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqakRHUVJxc09YUkpONTJkdkpNUFFDMThxQWZ5Q2tkUkVJRkZwVmtORmJhbDBKQXZPdzZqUzNSWldPU1liNW0zLzVaWDlpejBxaUFtZFUxUmZTOEtjcCtFbkFTTUltU25veTZ0bnh1Y1lPZmpybndobGhJaEN5T0d5TEhxV3ZNNlFXT0dqM3JDZnIyR0JLSGZrdnhRRWEzcGlyYVBKV2pmbTluY1NOYzFWS3NxZE45S3E3aEhxT09BaUxSaXlsL2wwbXc9PRiK7P_M-zBIABIdCg5lc3AuY3JpdGVvLmNvbRiF6v_M-zBIAFICCGQSGQoKdWlkYXBpLmNvbRiF6v_M-zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNDr_8z7MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
da2d372b44ac98dfac76f5557216a9d5d406feb6bc877e0ccd3284abf8e4187e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		104 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=263317129759169&correlator=2979560958077747&eid=31073385%2C31074093&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cresponsive3&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=18&adks=1041763575&didk=2675907334&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-8%26hb_r_id%3D96b243cc56ace12%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.05%26hb_adid%3D2130200dae0ef9b5%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10673%252F878248%252Fgirona-vs-real-madrid%252F&sc=1&cookie=ID%3Dd63755abbe95516f-229a3c7baddd004c%3AT%3D1682446480%3AS%3DALNI_MYRpzP03Ys_rEAIRiVJXrNhV1qWhA&gpic=UID%3D00000befae92e8fe%3AT%3D1682446480%3ART%3D1682446480%3AS%3DALNI_Mb434xwexQHonekkg6izdHYivHpnQ&abxe=1&dt=1682446482102&lmt=1682446463&dlt=1682446480164&idt=437&adxs=1018&adys=635&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=i&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&frm=20&vis=1&psz=1076x293&msz=1076x0&fws=4&ohw=1076&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1037507575.1682446481&ga_sid=1682446481&ga_hid=309559342&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYher_zPswSABSAghkEhkKCnB1YmNpZC5vcmcY_ur_zPswSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqakRHUVJxc09YUkpONTJkdkpNUFFDMThxQWZ5Q2tkUkVJRkZwVmtORmJhbDBKQXZPdzZqUzNSWldPU1liNW0zLzVaWDlpejBxaUFtZFUxUmZTOEtjcCtFbkFTTUltU25veTZ0bnh1Y1lPZmpybndobGhJaEN5T0d5TEhxV3ZNNlFXT0dqM3JDZnIyR0JLSGZrdnhRRWEzcGlyYVBKV2pmbTluY1NOYzFWS3NxZE45S3E3aEhxT09BaUxSaXlsL2wwbXc9PRiK7P_M-zBIABIdCg5lc3AuY3JpdGVvLmNvbRiF6v_M-zBIAFICCGQSGQoKdWlkYXBpLmNvbRiF6v_M-zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNDr_8z7MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e53c943c63c9e8aff1243225da791659acbf40ea9d7f88d698744e93fb011de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34838
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		387 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=263317129759169&correlator=2979560958077747&eid=31073385%2C31074093&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cresponsive4&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=19&adks=2149091243&didk=2675907333&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-9%26hb_r_id%3D105d0725324283d2%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.06%26hb_adid%3D2110d472216bc71f%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10673%252F878248%252Fgirona-vs-real-madrid%252F&sc=1&cookie=ID%3Dd63755abbe95516f-229a3c7baddd004c%3AT%3D1682446480%3AS%3DALNI_MYRpzP03Ys_rEAIRiVJXrNhV1qWhA&gpic=UID%3D00000befae92e8fe%3AT%3D1682446480%3ART%3D1682446480%3AS%3DALNI_Mb434xwexQHonekkg6izdHYivHpnQ&abxe=1&dt=1682446482104&lmt=1682446463&dlt=1682446480164&idt=437&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=j&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1037507575.1682446481&ga_sid=1682446481&ga_hid=309559342&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYher_zPswSABSAghkEhkKCnB1YmNpZC5vcmcY_ur_zPswSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqakRHUVJxc09YUkpONTJkdkpNUFFDMThxQWZ5Q2tkUkVJRkZwVmtORmJhbDBKQXZPdzZqUzNSWldPU1liNW0zLzVaWDlpejBxaUFtZFUxUmZTOEtjcCtFbkFTTUltU25veTZ0bnh1Y1lPZmpybndobGhJaEN5T0d5TEhxV3ZNNlFXT0dqM3JDZnIyR0JLSGZrdnhRRWEzcGlyYVBKV2pmbTluY1NOYzFWS3NxZE45S3E3aEhxT09BaUxSaXlsL2wwbXc9PRiK7P_M-zBIABIdCg5lc3AuY3JpdGVvLmNvbRiF6v_M-zBIAFICCGQSGQoKdWlkYXBpLmNvbRiF6v_M-zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNDr_8z7MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb806e0cae8e3282c5caee51eaf4ae5629654a74302f7e137ca5f3798dd79ea2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=263317129759169&correlator=2979560958077747&eid=31073385%2C31074093&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cresponsive5&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=20&adks=2023909493&didk=1220294050&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-10%26hb_r_id%3D114e8a5bc77ea438%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.05%26hb_adid%3D214360718966fe12%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10673%252F878248%252Fgirona-vs-real-madrid%252F&sc=1&cookie=ID%3Dd63755abbe95516f-229a3c7baddd004c%3AT%3D1682446480%3AS%3DALNI_MYRpzP03Ys_rEAIRiVJXrNhV1qWhA&gpic=UID%3D00000befae92e8fe%3AT%3D1682446480%3ART%3D1682446480%3AS%3DALNI_Mb434xwexQHonekkg6izdHYivHpnQ&abxe=1&dt=1682446482105&lmt=1682446463&dlt=1682446480164&idt=437&adxs=1018&adys=4084&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=k&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&frm=20&vis=1&psz=1076x2594&msz=1076x0&fws=4&ohw=1100&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1037507575.1682446481&ga_sid=1682446481&ga_hid=309559342&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYher_zPswSABSAghkEhkKCnB1YmNpZC5vcmcY_ur_zPswSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqakRHUVJxc09YUkpONTJkdkpNUFFDMThxQWZ5Q2tkUkVJRkZwVmtORmJhbDBKQXZPdzZqUzNSWldPU1liNW0zLzVaWDlpejBxaUFtZFUxUmZTOEtjcCtFbkFTTUltU25veTZ0bnh1Y1lPZmpybndobGhJaEN5T0d5TEhxV3ZNNlFXT0dqM3JDZnIyR0JLSGZrdnhRRWEzcGlyYVBKV2pmbTluY1NOYzFWS3NxZE45S3E3aEhxT09BaUxSaXlsL2wwbXc9PRiK7P_M-zBIABIdCg5lc3AuY3JpdGVvLmNvbRiF6v_M-zBIAFICCGQSGQoKdWlkYXBpLmNvbRiF6v_M-zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNDr_8z7MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df8c0be0f45554e3ff28c88b772a342b15de276033c114c401e655adf2505ea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9575
x-xss-protection
0
google-lineitem-id
5818019657
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374033787
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		382 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=263317129759169&correlator=2979560958077747&eid=31073385%2C31074093&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90&ifi=21&adks=3539973942&didk=1959687422&sfv=1-0-40&prev_scp=test%3Drefresh%26hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Dstick%26hb_r_id%3D1231851485446ae4%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.05%26hb_adid%3D208cd32f5d275e16%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10673%252F878248%252Fgirona-vs-real-madrid%252F&sc=1&cookie=ID%3Dd63755abbe95516f-229a3c7baddd004c%3AT%3D1682446480%3AS%3DALNI_MYRpzP03Ys_rEAIRiVJXrNhV1qWhA&gpic=UID%3D00000befae92e8fe%3AT%3D1682446480%3ART%3D1682446480%3AS%3DALNI_Mb434xwexQHonekkg6izdHYivHpnQ&abxe=1&dt=1682446482107&lmt=1682446463&dlt=1682446480164&idt=437&adxs=315&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=l&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1037507575.1682446481&ga_sid=1682446481&ga_hid=309559342&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYher_zPswSABSAghkEhkKCnB1YmNpZC5vcmcY_ur_zPswSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqakRHUVJxc09YUkpONTJkdkpNUFFDMThxQWZ5Q2tkUkVJRkZwVmtORmJhbDBKQXZPdzZqUzNSWldPU1liNW0zLzVaWDlpejBxaUFtZFUxUmZTOEtjcCtFbkFTTUltU25veTZ0bnh1Y1lPZmpybndobGhJaEN5T0d5TEhxV3ZNNlFXT0dqM3JDZnIyR0JLSGZrdnhRRWEzcGlyYVBKV2pmbTluY1NOYzFWS3NxZE45S3E3aEhxT09BaUxSaXlsL2wwbXc9PRiK7P_M-zBIABIdCg5lc3AuY3JpdGVvLmNvbRiF6v_M-zBIAFICCGQSGQoKdWlkYXBpLmNvbRiF6v_M-zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNDr_8z7MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc62326ee9c9dee876f7dad3f875ab571f5b0f52feff0b695fb8c580c8d0b3d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
imageproxy.eu.criteo.net/img/ Frame C6C8 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=9740&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F9740%2F190729%2F911d318c85c44e0487b874c28703ae51_the_main_hotel_brand_gray.png&v=3&w=196&s=7YrtUu5vwDqW7jviOp8lJ3P6
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEgYkQADjiYKd7aWAAouBXbNKHorkAtbVTOURA&u=%7CnES9D%2FSP9mF5tYo1SS298VlBcqXke7diOkw%2FFjQlQlA%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkL9ENSsYQHHqzqEhpMmBS541imABqguik0SzIq4XyqVx9z2SLmEjVLCZgYdk73Za2NKURgjZ9vWIyx_E8Trl9WqCW9SI1K4R06bl3wMO2KZ3RVK9SRHQnSZ0w8sWY80HGB7eDSQAe8rpCrvRGvJ86F8spTVuFcrXq-KrXXl7PRyiPFnkB20cYAYkeOP3b6mikATbT1ROk-3G2ExR8k674IpjAbCrgjYkAF_uy-JdthUYaOHMSXYL-gYfnZHZKgahv_lTtIo9G8a9PBluZqasHCUG0ibBIeXUFQDDq8BEHX4evg-kvQnNVTEZTXAhKVIvHTNJ6-IGz_SNclL4hUIz0Tx42QCyBgPFmsnlGhRqDkEWoSryNNRhoncuHefpvhNfkQ9HCaWxvf1vBkg2-S3dLTW0KO4zwEHSBo6jgOkoP1J_YqnjqbzLle8WrbwW-JkC4_H44yFOk0loI-vnCy-26OpunndRCx_ZuFaz0zZ44FYxQrBM25wnzwdZ5Ps8ZnTm_56wVM6dNSjJDf0tw7at2JCZKX8YBiLMx_WqOtINFOT_orbv7zfU0NkIqgsrsNV2Rw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbYtxkRhIZKacDpbt3gOF3KjADMme0rFc1fbi1pMBwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAud0FNX2e7I-4AIAqAMBqgTEAk_QcG4pabimfrpfK9husQP4HXfzwRFU5B1IZk7Q9ZIlJgs7xTl2Fu59HNwBlSVvOA1UdhgCf1AX7VhFZS0ZQeoHSye3GPt5pXR_DCcuiIBrjwAQ-a2UbRHEy1NWeXozKdtgBWxadq1szBWHQylR_htFgs-XZe7en1oOJ17gphVWnvZc4XAMWGlAyPsHA74OojINC4KIsKXgwFunbjiilBHnoN7yKIRcX3GGt3g6CdoEYDdxE-jYkjoux98sSq7y6cOAa2v_5Pb_Rh0TvquhPJwbntQgJa1DiOPEyTBePqcNGkTjARBTqBHAH7h2nBTIrUAfeED4z_Q3Gw1VUx5o1jeORD7VPAhdZXMTMsOOhzfxF95hEC_Bo7nUGmIHcuCbU4bhyCPbed2v96g16r7NE6_Oo29JOkcTUZe4LOG-yk5OtH3RcuAEAYAGgauk4bfgiqQGoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1q1hzTYjNgsZozcC2ixxgjD90cbw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cc1dee19479920553d30ee41e247efb0f35ab2682b262d0ed70360e645a12c1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
10938
expires
Mon, 15 Apr 2024 14:52:56 GMT
img
imageproxy.eu.criteo.net/img/ Frame C6C8 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9740&q=80&r=2&u=https%3A%2F%2Fdam.melia.com%2Fmelia%2Faccounts%2Ff8%2F4000018%2Fprojects%2F127%2Fassets%2F2f%2F33699%2F27492b0712cf645cf903b73e9fa638c5-1600708630.jpg%3Fim%3DRegionOfInterestCrop%3D%28800%2C800%29%2CregionOfInterest%3D%281181.0%2C1139.5%29&v=3&w=800&s=qE4lV5PuekdEIVZNeO8z7UEU&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEgYkQADjiYKd7aWAAouBXbNKHorkAtbVTOURA&u=%7CnES9D%2FSP9mF5tYo1SS298VlBcqXke7diOkw%2FFjQlQlA%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkL9ENSsYQHHqzqEhpMmBS541imABqguik0SzIq4XyqVx9z2SLmEjVLCZgYdk73Za2NKURgjZ9vWIyx_E8Trl9WqCW9SI1K4R06bl3wMO2KZ3RVK9SRHQnSZ0w8sWY80HGB7eDSQAe8rpCrvRGvJ86F8spTVuFcrXq-KrXXl7PRyiPFnkB20cYAYkeOP3b6mikATbT1ROk-3G2ExR8k674IpjAbCrgjYkAF_uy-JdthUYaOHMSXYL-gYfnZHZKgahv_lTtIo9G8a9PBluZqasHCUG0ibBIeXUFQDDq8BEHX4evg-kvQnNVTEZTXAhKVIvHTNJ6-IGz_SNclL4hUIz0Tx42QCyBgPFmsnlGhRqDkEWoSryNNRhoncuHefpvhNfkQ9HCaWxvf1vBkg2-S3dLTW0KO4zwEHSBo6jgOkoP1J_YqnjqbzLle8WrbwW-JkC4_H44yFOk0loI-vnCy-26OpunndRCx_ZuFaz0zZ44FYxQrBM25wnzwdZ5Ps8ZnTm_56wVM6dNSjJDf0tw7at2JCZKX8YBiLMx_WqOtINFOT_orbv7zfU0NkIqgsrsNV2Rw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbYtxkRhIZKacDpbt3gOF3KjADMme0rFc1fbi1pMBwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAud0FNX2e7I-4AIAqAMBqgTEAk_QcG4pabimfrpfK9husQP4HXfzwRFU5B1IZk7Q9ZIlJgs7xTl2Fu59HNwBlSVvOA1UdhgCf1AX7VhFZS0ZQeoHSye3GPt5pXR_DCcuiIBrjwAQ-a2UbRHEy1NWeXozKdtgBWxadq1szBWHQylR_htFgs-XZe7en1oOJ17gphVWnvZc4XAMWGlAyPsHA74OojINC4KIsKXgwFunbjiilBHnoN7yKIRcX3GGt3g6CdoEYDdxE-jYkjoux98sSq7y6cOAa2v_5Pb_Rh0TvquhPJwbntQgJa1DiOPEyTBePqcNGkTjARBTqBHAH7h2nBTIrUAfeED4z_Q3Gw1VUx5o1jeORD7VPAhdZXMTMsOOhzfxF95hEC_Bo7nUGmIHcuCbU4bhyCPbed2v96g16r7NE6_Oo29JOkcTUZe4LOG-yk5OtH3RcuAEAYAGgauk4bfgiqQGoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1q1hzTYjNgsZozcC2ixxgjD90cbw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a2691bd6b15ba97b282d9d1e5e6ee305bbc2b6a6706328b3aeb1a2e2ddfcd869
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
64340
expires
Wed, 17 Apr 2024 07:01:39 GMT
img
imageproxy.eu.criteo.net/img/ Frame C6C8 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9740&q=80&r=2&u=https%3A%2F%2Fdam.melia.com%2Fmelia%2Faccounts%2Ff8%2F4000018%2Fprojects%2F127%2Fassets%2F6e%2F47603%2Faebd33a4e6ead24232787fad20efeab5-1604698640.jpg%3Fim%3DRegionOfInterestCrop%3D%28800%2C800%29%2CregionOfInterest%3D%281476.5%2C912.0%29&v=3&w=800&s=_TGF8CkrGUuVHGbOQ4il8tQ5&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEgYkQADjiYKd7aWAAouBXbNKHorkAtbVTOURA&u=%7CnES9D%2FSP9mF5tYo1SS298VlBcqXke7diOkw%2FFjQlQlA%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkL9ENSsYQHHqzqEhpMmBS541imABqguik0SzIq4XyqVx9z2SLmEjVLCZgYdk73Za2NKURgjZ9vWIyx_E8Trl9WqCW9SI1K4R06bl3wMO2KZ3RVK9SRHQnSZ0w8sWY80HGB7eDSQAe8rpCrvRGvJ86F8spTVuFcrXq-KrXXl7PRyiPFnkB20cYAYkeOP3b6mikATbT1ROk-3G2ExR8k674IpjAbCrgjYkAF_uy-JdthUYaOHMSXYL-gYfnZHZKgahv_lTtIo9G8a9PBluZqasHCUG0ibBIeXUFQDDq8BEHX4evg-kvQnNVTEZTXAhKVIvHTNJ6-IGz_SNclL4hUIz0Tx42QCyBgPFmsnlGhRqDkEWoSryNNRhoncuHefpvhNfkQ9HCaWxvf1vBkg2-S3dLTW0KO4zwEHSBo6jgOkoP1J_YqnjqbzLle8WrbwW-JkC4_H44yFOk0loI-vnCy-26OpunndRCx_ZuFaz0zZ44FYxQrBM25wnzwdZ5Ps8ZnTm_56wVM6dNSjJDf0tw7at2JCZKX8YBiLMx_WqOtINFOT_orbv7zfU0NkIqgsrsNV2Rw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbYtxkRhIZKacDpbt3gOF3KjADMme0rFc1fbi1pMBwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAud0FNX2e7I-4AIAqAMBqgTEAk_QcG4pabimfrpfK9husQP4HXfzwRFU5B1IZk7Q9ZIlJgs7xTl2Fu59HNwBlSVvOA1UdhgCf1AX7VhFZS0ZQeoHSye3GPt5pXR_DCcuiIBrjwAQ-a2UbRHEy1NWeXozKdtgBWxadq1szBWHQylR_htFgs-XZe7en1oOJ17gphVWnvZc4XAMWGlAyPsHA74OojINC4KIsKXgwFunbjiilBHnoN7yKIRcX3GGt3g6CdoEYDdxE-jYkjoux98sSq7y6cOAa2v_5Pb_Rh0TvquhPJwbntQgJa1DiOPEyTBePqcNGkTjARBTqBHAH7h2nBTIrUAfeED4z_Q3Gw1VUx5o1jeORD7VPAhdZXMTMsOOhzfxF95hEC_Bo7nUGmIHcuCbU4bhyCPbed2v96g16r7NE6_Oo29JOkcTUZe4LOG-yk5OtH3RcuAEAYAGgauk4bfgiqQGoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1q1hzTYjNgsZozcC2ixxgjD90cbw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2970e36a38768dec16360ae8a5752c39154bfd84024436313ce4e3121cf00897
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31029258
content-length
57410
expires
Sun, 14 Apr 2024 14:33:19 GMT
img
imageproxy.eu.criteo.net/img/ Frame C6C8 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9740&q=80&r=2&u=https%3A%2F%2Fdam.melia.com%2Fmelia%2Faccounts%2Ff8%2F4000018%2Fprojects%2F127%2Fassets%2F70%2F52652%2F1959a6f6d7d1ab685b936ca1791301ee-1617812206.jpg%3Fim%3DRegionOfInterestCrop%3D%28800%2C800%29%2CregionOfInterest%3D%281771.5%2C1332.5%29&v=3&w=800&s=jafcF-0EhUUSq16jK63opRSR&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEgYkQADjiYKd7aWAAouBXbNKHorkAtbVTOURA&u=%7CnES9D%2FSP9mF5tYo1SS298VlBcqXke7diOkw%2FFjQlQlA%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkL9ENSsYQHHqzqEhpMmBS541imABqguik0SzIq4XyqVx9z2SLmEjVLCZgYdk73Za2NKURgjZ9vWIyx_E8Trl9WqCW9SI1K4R06bl3wMO2KZ3RVK9SRHQnSZ0w8sWY80HGB7eDSQAe8rpCrvRGvJ86F8spTVuFcrXq-KrXXl7PRyiPFnkB20cYAYkeOP3b6mikATbT1ROk-3G2ExR8k674IpjAbCrgjYkAF_uy-JdthUYaOHMSXYL-gYfnZHZKgahv_lTtIo9G8a9PBluZqasHCUG0ibBIeXUFQDDq8BEHX4evg-kvQnNVTEZTXAhKVIvHTNJ6-IGz_SNclL4hUIz0Tx42QCyBgPFmsnlGhRqDkEWoSryNNRhoncuHefpvhNfkQ9HCaWxvf1vBkg2-S3dLTW0KO4zwEHSBo6jgOkoP1J_YqnjqbzLle8WrbwW-JkC4_H44yFOk0loI-vnCy-26OpunndRCx_ZuFaz0zZ44FYxQrBM25wnzwdZ5Ps8ZnTm_56wVM6dNSjJDf0tw7at2JCZKX8YBiLMx_WqOtINFOT_orbv7zfU0NkIqgsrsNV2Rw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbYtxkRhIZKacDpbt3gOF3KjADMme0rFc1fbi1pMBwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAud0FNX2e7I-4AIAqAMBqgTEAk_QcG4pabimfrpfK9husQP4HXfzwRFU5B1IZk7Q9ZIlJgs7xTl2Fu59HNwBlSVvOA1UdhgCf1AX7VhFZS0ZQeoHSye3GPt5pXR_DCcuiIBrjwAQ-a2UbRHEy1NWeXozKdtgBWxadq1szBWHQylR_htFgs-XZe7en1oOJ17gphVWnvZc4XAMWGlAyPsHA74OojINC4KIsKXgwFunbjiilBHnoN7yKIRcX3GGt3g6CdoEYDdxE-jYkjoux98sSq7y6cOAa2v_5Pb_Rh0TvquhPJwbntQgJa1DiOPEyTBePqcNGkTjARBTqBHAH7h2nBTIrUAfeED4z_Q3Gw1VUx5o1jeORD7VPAhdZXMTMsOOhzfxF95hEC_Bo7nUGmIHcuCbU4bhyCPbed2v96g16r7NE6_Oo29JOkcTUZe4LOG-yk5OtH3RcuAEAYAGgauk4bfgiqQGoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1q1hzTYjNgsZozcC2ixxgjD90cbw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0bb192b827acba1f045c0d5d44002c6646a37ed6dec37e22ea66f98a7109a286
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=28262148
content-length
63596
expires
Thu, 14 Mar 2024 10:47:42 GMT
all
csm.eu.criteo.net/ Frame C6C8 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=ypvAjxt3IATpFnInaA4lfqXBbwzA8-4H36CuKPR7TABm1wga2FX4IxiDg_OtzIRwZJOntLO9tI7Wf-AP4K-cnoycm4SG4SVNpIAQaMCS2p3r2m5TnVT7IkQ2F_P8EPs-ghiYarTuUIGTBTXbunc0iUHrzNDpUBa7pFpu8d_zb20rivJ0w9OXB65muh9eL_JusWwAbpbiMt0D3WfUDoAQVMaekufgF9MsrFBf1FfVBENfE1x1IPI2GWnILeLpszI06rNfVQ&sds=2&rev=85950&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEgYkQADjiYKd7aWAAouBXbNKHorkAtbVTOURA&u=%7CnES9D%2FSP9mF5tYo1SS298VlBcqXke7diOkw%2FFjQlQlA%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkL9ENSsYQHHqzqEhpMmBS541imABqguik0SzIq4XyqVx9z2SLmEjVLCZgYdk73Za2NKURgjZ9vWIyx_E8Trl9WqCW9SI1K4R06bl3wMO2KZ3RVK9SRHQnSZ0w8sWY80HGB7eDSQAe8rpCrvRGvJ86F8spTVuFcrXq-KrXXl7PRyiPFnkB20cYAYkeOP3b6mikATbT1ROk-3G2ExR8k674IpjAbCrgjYkAF_uy-JdthUYaOHMSXYL-gYfnZHZKgahv_lTtIo9G8a9PBluZqasHCUG0ibBIeXUFQDDq8BEHX4evg-kvQnNVTEZTXAhKVIvHTNJ6-IGz_SNclL4hUIz0Tx42QCyBgPFmsnlGhRqDkEWoSryNNRhoncuHefpvhNfkQ9HCaWxvf1vBkg2-S3dLTW0KO4zwEHSBo6jgOkoP1J_YqnjqbzLle8WrbwW-JkC4_H44yFOk0loI-vnCy-26OpunndRCx_ZuFaz0zZ44FYxQrBM25wnzwdZ5Ps8ZnTm_56wVM6dNSjJDf0tw7at2JCZKX8YBiLMx_WqOtINFOT_orbv7zfU0NkIqgsrsNV2Rw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbYtxkRhIZKacDpbt3gOF3KjADMme0rFc1fbi1pMBwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAud0FNX2e7I-4AIAqAMBqgTEAk_QcG4pabimfrpfK9husQP4HXfzwRFU5B1IZk7Q9ZIlJgs7xTl2Fu59HNwBlSVvOA1UdhgCf1AX7VhFZS0ZQeoHSye3GPt5pXR_DCcuiIBrjwAQ-a2UbRHEy1NWeXozKdtgBWxadq1szBWHQylR_htFgs-XZe7en1oOJ17gphVWnvZc4XAMWGlAyPsHA74OojINC4KIsKXgwFunbjiilBHnoN7yKIRcX3GGt3g6CdoEYDdxE-jYkjoux98sSq7y6cOAa2v_5Pb_Rh0TvquhPJwbntQgJa1DiOPEyTBePqcNGkTjARBTqBHAH7h2nBTIrUAfeED4z_Q3Gw1VUx5o1jeORD7VPAhdZXMTMsOOhzfxF95hEC_Bo7nUGmIHcuCbU4bhyCPbed2v96g16r7NE6_Oo29JOkcTUZe4LOG-yk5OtH3RcuAEAYAGgauk4bfgiqQGoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1q1hzTYjNgsZozcC2ixxgjD90cbw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 25 Apr 2023 18:14:41 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C6C8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEgYkQADjiYKd7aWAAouBXbNKHorkAtbVTOURA&u=%7CnES9D%2FSP9mF5tYo1SS298VlBcqXke7diOkw%2FFjQlQlA%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkL9ENSsYQHHqzqEhpMmBS541imABqguik0SzIq4XyqVx9z2SLmEjVLCZgYdk73Za2NKURgjZ9vWIyx_E8Trl9WqCW9SI1K4R06bl3wMO2KZ3RVK9SRHQnSZ0w8sWY80HGB7eDSQAe8rpCrvRGvJ86F8spTVuFcrXq-KrXXl7PRyiPFnkB20cYAYkeOP3b6mikATbT1ROk-3G2ExR8k674IpjAbCrgjYkAF_uy-JdthUYaOHMSXYL-gYfnZHZKgahv_lTtIo9G8a9PBluZqasHCUG0ibBIeXUFQDDq8BEHX4evg-kvQnNVTEZTXAhKVIvHTNJ6-IGz_SNclL4hUIz0Tx42QCyBgPFmsnlGhRqDkEWoSryNNRhoncuHefpvhNfkQ9HCaWxvf1vBkg2-S3dLTW0KO4zwEHSBo6jgOkoP1J_YqnjqbzLle8WrbwW-JkC4_H44yFOk0loI-vnCy-26OpunndRCx_ZuFaz0zZ44FYxQrBM25wnzwdZ5Ps8ZnTm_56wVM6dNSjJDf0tw7at2JCZKX8YBiLMx_WqOtINFOT_orbv7zfU0NkIqgsrsNV2Rw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbYtxkRhIZKacDpbt3gOF3KjADMme0rFc1fbi1pMBwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAud0FNX2e7I-4AIAqAMBqgTEAk_QcG4pabimfrpfK9husQP4HXfzwRFU5B1IZk7Q9ZIlJgs7xTl2Fu59HNwBlSVvOA1UdhgCf1AX7VhFZS0ZQeoHSye3GPt5pXR_DCcuiIBrjwAQ-a2UbRHEy1NWeXozKdtgBWxadq1szBWHQylR_htFgs-XZe7en1oOJ17gphVWnvZc4XAMWGlAyPsHA74OojINC4KIsKXgwFunbjiilBHnoN7yKIRcX3GGt3g6CdoEYDdxE-jYkjoux98sSq7y6cOAa2v_5Pb_Rh0TvquhPJwbntQgJa1DiOPEyTBePqcNGkTjARBTqBHAH7h2nBTIrUAfeED4z_Q3Gw1VUx5o1jeORD7VPAhdZXMTMsOOhzfxF95hEC_Bo7nUGmIHcuCbU4bhyCPbed2v96g16r7NE6_Oo29JOkcTUZe4LOG-yk5OtH3RcuAEAYAGgauk4bfgiqQGoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1q1hzTYjNgsZozcC2ixxgjD90cbw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 19 Apr 2024 18:14:42 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame C6C8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEgYkQADjiYKd7aWAAouBXbNKHorkAtbVTOURA&u=%7CnES9D%2FSP9mF5tYo1SS298VlBcqXke7diOkw%2FFjQlQlA%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkL9ENSsYQHHqzqEhpMmBS541imABqguik0SzIq4XyqVx9z2SLmEjVLCZgYdk73Za2NKURgjZ9vWIyx_E8Trl9WqCW9SI1K4R06bl3wMO2KZ3RVK9SRHQnSZ0w8sWY80HGB7eDSQAe8rpCrvRGvJ86F8spTVuFcrXq-KrXXl7PRyiPFnkB20cYAYkeOP3b6mikATbT1ROk-3G2ExR8k674IpjAbCrgjYkAF_uy-JdthUYaOHMSXYL-gYfnZHZKgahv_lTtIo9G8a9PBluZqasHCUG0ibBIeXUFQDDq8BEHX4evg-kvQnNVTEZTXAhKVIvHTNJ6-IGz_SNclL4hUIz0Tx42QCyBgPFmsnlGhRqDkEWoSryNNRhoncuHefpvhNfkQ9HCaWxvf1vBkg2-S3dLTW0KO4zwEHSBo6jgOkoP1J_YqnjqbzLle8WrbwW-JkC4_H44yFOk0loI-vnCy-26OpunndRCx_ZuFaz0zZ44FYxQrBM25wnzwdZ5Ps8ZnTm_56wVM6dNSjJDf0tw7at2JCZKX8YBiLMx_WqOtINFOT_orbv7zfU0NkIqgsrsNV2Rw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbYtxkRhIZKacDpbt3gOF3KjADMme0rFc1fbi1pMBwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAud0FNX2e7I-4AIAqAMBqgTEAk_QcG4pabimfrpfK9husQP4HXfzwRFU5B1IZk7Q9ZIlJgs7xTl2Fu59HNwBlSVvOA1UdhgCf1AX7VhFZS0ZQeoHSye3GPt5pXR_DCcuiIBrjwAQ-a2UbRHEy1NWeXozKdtgBWxadq1szBWHQylR_htFgs-XZe7en1oOJ17gphVWnvZc4XAMWGlAyPsHA74OojINC4KIsKXgwFunbjiilBHnoN7yKIRcX3GGt3g6CdoEYDdxE-jYkjoux98sSq7y6cOAa2v_5Pb_Rh0TvquhPJwbntQgJa1DiOPEyTBePqcNGkTjARBTqBHAH7h2nBTIrUAfeED4z_Q3Gw1VUx5o1jeORD7VPAhdZXMTMsOOhzfxF95hEC_Bo7nUGmIHcuCbU4bhyCPbed2v96g16r7NE6_Oo29JOkcTUZe4LOG-yk5OtH3RcuAEAYAGgauk4bfgiqQGoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1q1hzTYjNgsZozcC2ixxgjD90cbw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 19 Apr 2024 18:14:42 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame BCBF
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
307 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 18:14:42 GMT
expires
Tue, 25 Apr 2023 18:14:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 18:14:42 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
b1_1-954.ts
a4.koora.cloud/watch/rubrPQYS_DhSP9iR6nBWzg/1682449826/1682450080/1/ Frame DB59 		482 KB
483 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a4.koora.cloud/watch/rubrPQYS_DhSP9iR6nBWzg/1682449826/1682450080/1/b1_1-954.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.89.19 , Belize, ASN213371 (SQUITTER-NETWORKS, IN),
Reverse DNS
Software
amazon /
Resource Hash
f84fcc4ebfb489f955268b1a10dfbd2681bfa8de5e23e2e2ea5d20cecbb5cd2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 18:14:42 GMT
Last-Modified
Tue, 25 Apr 2023 18:14:00 GMT
Server
amazon
ETag
"64481868-78880"
X-Cache-Status
HIT
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
493696
default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame 047A 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hh8mf96j6vryddcpq64t68rdy9679wgymsabprb3g5mf9tc2r00qz392t2ebwwzp88d541sjyjk1pqzf2ps9pnzcgw3z7gxvs1dq4p5p31k2yqney5wg003y6dbpsawemygz52e579tp3re82385k6r0j2kr0sjf0a87fsbps5ayv29821224688p0sxdqdxdvb67cdef5nha33jzqzgz0hxeyjetv97sdf11trqcvapmvgybmjdjf2dhxy1may6yjmvhyqpscnnz09aqzc493hmx4qcgp2771zdeenrj66f40xnga3jpthb4zx27v3w30dhd051d7n3a5enga6g8006p3m9fhyx0t2p4n6whddvz3hp16pzkcfxzeceab6ddzqh3wr6wsrkpp2qpxryrjz4kp7tvfmn2kzhmpgna6damw5xcg73zqkhdvg3zdhjvmr4hccwc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaXjDkRhIZMCHDoSa3wOsuLyADJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAkGZOi4odLI-4AIAqAMBqgTKAk_Qo8jUg5KjOXGgwDY7PrF_J1LbDOzAMFuRB_LfH9IjzfxAGxcPnuhyeVIG_JExSih7JjQ0Ahs-QS7x2ufi-8-et5QweWMIdcfawfUH5SMboZNTmeraErJXDDVVIT8Y63YmD3f1vErGmpEJtTThtrbS_h3961CL3VhvsX2O9EKl0m4A4OYgl01DRTwYWnvSz7XS2SQays9Yxs8O1CIiNkd4wADBR-2CjPCG2ItJhjAZ_n8nttHQ77256hkfmWhap5NBZCSbGNTwUcbxVB06zM2JUGooj9wX60zDu9QwXCkgpsZ7EO_MCK5yNKzprfHVp9USAfSb3W-NR-51J77ZXVUxDQlNtVbUBb983EJ4P98FfuO1sPMdt1MevKfMzk0Vl_KBdxme10APzV1Feir97eoqI8s4hpvda81uc9MJP2p-jFXbutHxO1qWCOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bX74egU4h5sO43JAKcOG4dLdfqg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hh8mf96j6vryddcpq64t68rdy9679wgymsabprb3g5mf9tc2r00qz392t2ebwwzp88d541sjyjk1pqzf2ps9pnzcgw3z7gxvs1dq4p5p31k2yqney5wg003y6dbpsawemygz52e579tp3re82385k6r0j2kr0sjf0a87fsbps5ayv29821224688p0sxdqdxdvb67cdef5nha33jzqzgz0hxeyjetv97sdf11trqcvapmvgybmjdjf2dhxy1may6yjmvhyqpscnnz09aqzc493hmx4qcgp2771zdeenrj66f40xnga3jpthb4zx27v3w30dhd051d7n3a5enga6g8006p3m9fhyx0t2p4n6whddvz3hp16pzkcfxzeceab6ddzqh3wr6wsrkpp2qpxryrjz4kp7tvfmn2kzhmpgna6damw5xcg73zqkhdvg3zdhjvmr4hccwc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaXjDkRhIZMCHDoSa3wOsuLyADJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAkGZOi4odLI-4AIAqAMBqgTKAk_Qo8jUg5KjOXGgwDY7PrF_J1LbDOzAMFuRB_LfH9IjzfxAGxcPnuhyeVIG_JExSih7JjQ0Ahs-QS7x2ufi-8-et5QweWMIdcfawfUH5SMboZNTmeraErJXDDVVIT8Y63YmD3f1vErGmpEJtTThtrbS_h3961CL3VhvsX2O9EKl0m4A4OYgl01DRTwYWnvSz7XS2SQays9Yxs8O1CIiNkd4wADBR-2CjPCG2ItJhjAZ_n8nttHQ77256hkfmWhap5NBZCSbGNTwUcbxVB06zM2JUGooj9wX60zDu9QwXCkgpsZ7EO_MCK5yNKzprfHVp9USAfSb3W-NR-51J77ZXVUxDQlNtVbUBb983EJ4P98FfuO1sPMdt1MevKfMzk0Vl_KBdxme10APzV1Feir97eoqI8s4hpvda81uc9MJP2p-jFXbutHxO1qWCOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bX74egU4h5sO43JAKcOG4dLdfqg%26client%3Dca-pub-3831894559014614%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1681210094
age
25800
cf-polished
origSize=96968
x-guploader-uploadid
ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 11 Apr 2023 10:48:50 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1681210130860508
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jS6ov1bM0qwuCt3qohkAUyh%2BXJAisd1xahjjtH1FE%2BrTugsgp7PPFzL1dXjjMdxSBMNsudRtKn1IQ46VfZpY4oDSfvZhntznFFNrbW8H4Ql9hCME%2BAU%2B07B3yrcgOtK9akVAut7dCgU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7bd891322bde9bf4-FRA
expires
Tue, 25 Apr 2023 19:14:42 GMT
r62eglto.js
ad4m.at/ Frame 047A 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hh8mf96j6vryddcpq64t68rdy9679wgymsabprb3g5mf9tc2r00qz392t2ebwwzp88d541sjyjk1pqzf2ps9pnzcgw3z7gxvs1dq4p5p31k2yqney5wg003y6dbpsawemygz52e579tp3re82385k6r0j2kr0sjf0a87fsbps5ayv29821224688p0sxdqdxdvb67cdef5nha33jzqzgz0hxeyjetv97sdf11trqcvapmvgybmjdjf2dhxy1may6yjmvhyqpscnnz09aqzc493hmx4qcgp2771zdeenrj66f40xnga3jpthb4zx27v3w30dhd051d7n3a5enga6g8006p3m9fhyx0t2p4n6whddvz3hp16pzkcfxzeceab6ddzqh3wr6wsrkpp2qpxryrjz4kp7tvfmn2kzhmpgna6damw5xcg73zqkhdvg3zdhjvmr4hccwc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaXjDkRhIZMCHDoSa3wOsuLyADJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAkGZOi4odLI-4AIAqAMBqgTKAk_Qo8jUg5KjOXGgwDY7PrF_J1LbDOzAMFuRB_LfH9IjzfxAGxcPnuhyeVIG_JExSih7JjQ0Ahs-QS7x2ufi-8-et5QweWMIdcfawfUH5SMboZNTmeraErJXDDVVIT8Y63YmD3f1vErGmpEJtTThtrbS_h3961CL3VhvsX2O9EKl0m4A4OYgl01DRTwYWnvSz7XS2SQays9Yxs8O1CIiNkd4wADBR-2CjPCG2ItJhjAZ_n8nttHQ77256hkfmWhap5NBZCSbGNTwUcbxVB06zM2JUGooj9wX60zDu9QwXCkgpsZ7EO_MCK5yNKzprfHVp9USAfSb3W-NR-51J77ZXVUxDQlNtVbUBb983EJ4P98FfuO1sPMdt1MevKfMzk0Vl_KBdxme10APzV1Feir97eoqI8s4hpvda81uc9MJP2p-jFXbutHxO1qWCOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bX74egU4h5sO43JAKcOG4dLdfqg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
16132
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WB54xRV5pFJYsRkvztTamloMovkMeEyZYoggmh0jGiEFzz%2Bfij%2Bo69MFqNlWOhqIBa8IuA5rvErnZv1WE4uGUfs57F%2Bf3ezO0rWkhp%2Fvkm7I8pr1cL5yqPzMaE1%2FxX9CKVZXtto%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7bd891322bdf9bf4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 18 Apr 2023 13:45:45 GMT
truncated
/ Frame 2AD2 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b6ac9d8f4b6dc9ec33052904c22ac1bdbc5cfe417bea7fef80e964ab6b2d12a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame A2C2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFmfMx4hplvJPV9HLgum3iI&google_push=ATf1kGNT5bBfpwmLqeNDA78sN_dofAbqKasBOLAIVC5ANa_wTExDjMWiLp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFmfMx4hplvJPV9HLgum3iI&google_push=ATf1kGNT5bBfpwmLqeNDA78sN_dofAbqKasBOLAIVC5ANa_wTExDjMWiLpej3CzuOF40Fpep2gX4tfwMO6QDL_fqyNvT7oqnWq6X
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-hhn-etou8220058-HHN
pragma
no-cache
date
Tue, 25 Apr 2023 18:14:42 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1682446482.309883,VS0,VE93
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFmfMx4hplvJPV9HLgum3iI&google_push=ATf1kGNT5bBfpwmLqeNDA78sN_dofAbqKasBOLAIVC5ANa_wTExDjMWiLpej3CzuOF40Fpep2gX4tfwMO6QDL_fqyNvT7oqnWq6X
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame A2C2
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBvamQ_4AGqx3vkCcZa4U9w&google_cver=1&google_push=ATf1kGOYCsdOeTFabMQmjSMfnOosTqsWB5kMqWcZlkf3QCbm5LiuYFzBNPEnIleKnpokauelyAbulKn4sxd...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGOYCsdOeTFabMQmjSMfnOosTqsWB5kMqWcZlkf3QCbm5LiuYFzBNPEnIleKnpokauelyAbulKn4sxdTB3haTTonSVUrPBX7&google_hm=oD5LJR-lRR6wawPbuNZ6bBU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGOYCsdOeTFabMQmjSMfnOosTqsWB5kMqWcZlkf3QCbm5LiuYFzBNPEnIleKnpokauelyAbulKn4sxdTB3haTTonSVUrPBX7&google_hm=oD5LJR-lRR6wawPbuNZ6bBU
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:41 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGOYCsdOeTFabMQmjSMfnOosTqsWB5kMqWcZlkf3QCbm5LiuYFzBNPEnIleKnpokauelyAbulKn4sxdTB3haTTonSVUrPBX7&google_hm=oD5LJR-lRR6wawPbuNZ6bBU
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A2C2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJZb21_N-8ZMQy2ZKpkry5s&google_cver=1&google_push=ATf1kGOTpSK2_IPOHYuS5SRKTd0ug1vrLbyvxE6PMdfSahIw4Y8ulbSEIV7K05Anj63Bwr4lgOro6WQWYE4LSkcbUTQR...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJZb21_N-8ZMQy2ZKpkry5s&google_cver=1&google_push=ATf1kGOTpSK2_IPOHYuS5SRKTd0ug1vrLbyvxE6PMdfSahIw4Y8ulbSEIV7K05Anj63Bwr4lgOro6WQWYE4LSk...
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=64e975dc-f15e-43db-8f20-e0e8d9dafdff
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=64e975dc-f15e-43db-8f20-e0e8d9dafdff
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=5955d501-6487-49a8-a91b-2bdf3f3d3a6d&user_group=1&ssp=google&bsw_param=64e975dc-f15e-43db-8f20-e0e8d9dafdff
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP5eSNcWap5SUU2TsQkKEYtiP1Yhbmb8i3Zhf9Nv-WvF8pWY7d3fulYPip8YWU2FHDG_WN74xL8vJrAzm4E6ZE1zIhzcQKs&google_hm=ZOl13PFeQ9uPIODo2dr9_w==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP5eSNcWap5SUU2TsQkKEYtiP1Yhbmb8i3Zhf9Nv-WvF8pWY7d3fulYPip8YWU2FHDG_WN74xL8vJrAzm4E6ZE1zIhzcQKs&google_hm=ZOl13PFeQ9uPIODo2dr9_w==
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP5eSNcWap5SUU2TsQkKEYtiP1Yhbmb8i3Zhf9Nv-WvF8pWY7d3fulYPip8YWU2FHDG_WN74xL8vJrAzm4E6ZE1zIhzcQKs&google_hm=ZOl13PFeQ9uPIODo2dr9_w==
date
Tue, 25 Apr 2023 18:14:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame A2C2
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=M5IGQBicT_2cZpD_nrXf1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=M5IGQBicT_2cZpD_nrXf1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMZUNFhHE039Am2bII1Iio7ilJd_2D8tvEfN4QTNG56Xc0lslnHx3eT6lkk1YizHA9O_9lywOv0Enj9eECjC37nb17Uzw-TNg
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=M5IGQBicT_2cZpD_nrXf1g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMZUNFhHE039Am2bII1Iio7ilJd_2D8tvEfN4QTNG56Xc0lslnHx3eT6lkk1YizHA9O_9lywOv0Enj9eECjC37nb17Uzw-TNg
date
Tue, 25 Apr 2023 18:14:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
sync
dsp.adkernel.com/ Frame A2C2 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEFQiCa2spqmul6vZalzjITE&google_cver=1&google_push=ATf1kGOodgH3fGUmfY32hXk8LTq5LsVS9h-Qk7J-0bS6MiDI09-VuNi6DbvbJyg0xvrSO60i2XosgXIIi3H3csq5x9v_jgGLhbDc-w
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Apr 2023 18:14:42 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
/
cc.adingo.jp/adx/push/ Frame A2C2 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESECunE1ItkeyKcqVnkm5zzDQ&google_cver=1&google_push=ATf1kGPPjaP643b6GJ6TaufzgmIs7jd39lE9UFzq4PDOMEB-Zybmpv7FPJIfZez836VlDLq-YaTsRiKar9tJXovHqm3NnnxKeiAMSA
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.201.33 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-201-33.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
server
awselb/2.0
v1
match.sharethrough.com/E4rooAtA/ Frame A2C2 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEABGP3rtveJGO0-Dp2zxvfs&google_cver=1&google_push=ATf1kGONaYUYMIhP5RXh8fZkvS8nKs3AOFRqnI2dBW-Z_dL8bMamT9yqJ2NZ-w9L6_vH7-nThJPY3qeBXDLrs_3v9WCo37O-4FtgkQ4
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.154.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-154-54.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
attr
cm.g.doubleclick.net/pixel/ Frame A2C2 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J7j4jr1iLfxLlaenUKLvlErFnzHRzl25LvlvpARt8jEZfJpGiYIqgkmlKtRCpoCRP4xqj4vA
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
f18e9c29-4d47-4ded-b804-87e66a8b0f82
https://yalla-shoots.tv/ Frame DB59 		62 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://yalla-shoots.tv/f18e9c29-4d47-4ded-b804-87e66a8b0f82
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2e2ee124a92ca6673a9ce2508260ac228832de36594217daffcbce988758fc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
63763
Content-Type
text/javascript
channel
us.web3-lab.com/v1/ Frame DB59 		458 B
725 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us.web3-lab.com:8443/v1/channel
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86731bb83502024d2e29c3ae3ea1595c91ddb4eda573688526289d542b14ec47

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eOUfWFNoRvpSY8jtiiMnJjNWS13c8wr2%2FxZdOZYsjowjaLZOI9IYNs4oLSnHKzwqbplQR0B3sey3JouNA6JbNY36fm4KQHe5tkGTvciTaVrYAsTYJr1OMET2uVfQEbZINqtFAmPulsTIYA%2F6Vsy2AgKw6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
7bd891327857367f-FRA
alt-svc
h3=":8443"; ma=86400, h3-29=":8443"; ma=86400
truncated
/ Frame 906E 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f800fe03d43b53e419091957cf8fb97c8efdfb7985160ea5620e06b872ba457

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 429A 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 18:58:23 GMT
x-content-type-options
nosniff
age
256579
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 18:58:23 GMT
lato-400.css
static.criteo.net/design/googlefont/lato/ Frame C6C8 		682 B
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/lato/lato-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 14:04:37 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391eef5-2aa"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Apr 2024 18:14:42 GMT
montserrat-700.css
static.criteo.net/design/googlefont/montserrat/ Frame C6C8 		2 KB
803 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
77a44f65bb6894c92e3c7ccab98de0fc357172221cc1dd45949ab938c0c7756a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:06:55 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ef7f-675"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 19 Apr 2024 18:14:42 GMT
montserrat-400.css
static.criteo.net/design/googlefont/montserrat/ Frame C6C8 		2 KB
803 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:06:54 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ef7e-675"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 19 Apr 2024 18:14:42 GMT
ac81f3548a5e4f35a5789fe64b48bd89_unisex_16-9.mp4
static.criteo.net/design/dt/48044/230330/ Frame 521D 		20 KB
20 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/48044/230330/ac81f3548a5e4f35a5789fe64b48bd89_unisex_16-9.mp4
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e67715848b4b8349cbaf140f03068df1d9b5baa1c0428c738b3996467676698a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=1966080-

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Mar 2023 13:11:38 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"64258a8a-1e5017"
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 1966080-1986582/1986583
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
20503
expires
Fri, 19 Apr 2024 18:14:42 GMT
generate_204
tpc.googlesyndication.com/ Frame C701 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?5A-SQQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B49A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21770
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 12:11:52 GMT
etag
48472445140208031
expires
Wed, 26 Apr 2023 12:11:52 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame A036 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQiRF0wn3uKAcFeNPcla82KixudNT9ekts7XsiuspLlq19UWNpN9W3sUbwGOAMNtyN6jG9NX_SAB7XnxR5oXR3bsOvU-V2w0BDYk5Lz-qpGew2Yi2H&sig=Cg0ArKJSzKBEUAfpFk0FEAE&id=lidar2&mcvt=1019&p=1111,437,1199,1163&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=3202367356&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682446480995&rpt=342&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B49A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFpN2f1Crgz2MAVHLYC_wXw&google_cver=1&google_push=ATf1kGMR1TkHgCp7IRrtKJC9dxSZRwefIVXSXIqTUQYIK3ZHmB0xA0xwJkWVmWPvSgM97o0YcqMaUcQRuoGILhsraAPAMZMSYHmT8A
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzcwNjYxNTUzNTYyMTYzMjg4NA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFpN2f1Crgz2MAVHLYC_wXw&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFpN2f1Crgz2MAVHLYC_wXw&google_cver=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 25 Apr 2023 18:14:42 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFpN2f1Crgz2MAVHLYC_wXw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame B49A 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJTo6DQx53QcGeV5msP1zlA&google_cver=1&google_push=ATf1kGOU0fKy8SuBTEwB_diVEYCQ6L7lv0k9p5p7XxeUgU2Nf_3JO0J41yya_MndxxuaW1gieXNV2sUMXwL398stkvwBSJQN_wvO
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:42 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame B49A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGIQ5Q5r8tyHwy5PqA1d6DA&google_cver=1&google_push=ATf1kGP5eSNcWap5SUU2TsQkKEYtiP1Yhbmb8i3Zhf9Nv-WvF8pWY7d3fulYPip8YWU2FHDG_WN74xL8vJrAzm4E6ZE1...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP5eSNcWap5SUU2TsQkKEYtiP1Yhbmb8i3Zhf9Nv-WvF8pWY7d3fulYPip8YWU2FHDG_WN74xL8vJrAzm4E6ZE1zIhzcQKs&google_hm=ZOl13PFeQ9uPIODo2dr9_w==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP5eSNcWap5SUU2TsQkKEYtiP1Yhbmb8i3Zhf9Nv-WvF8pWY7d3fulYPip8YWU2FHDG_WN74xL8vJrAzm4E6ZE1zIhzcQKs&google_hm=ZOl13PFeQ9uPIODo2dr9_w==
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGP5eSNcWap5SUU2TsQkKEYtiP1Yhbmb8i3Zhf9Nv-WvF8pWY7d3fulYPip8YWU2FHDG_WN74xL8vJrAzm4E6ZE1zIhzcQKs&google_hm=ZOl13PFeQ9uPIODo2dr9_w==
date
Tue, 25 Apr 2023 18:14:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame B49A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFhv8CCQs5xAptuQST8MSsg&google_cver=1&google_push=ATf1kGOsckPr5xmPgCs_vky5s1lnqwMVsNa2GjWJsug9wrD8-rYLNvF-X5uAlU-XaAj-60aItOA51Ez-COSDRbMBW2oM0Vg...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOsckPr5xmPgCs_vky5s1lnqwMVsNa2GjWJsug9wrD8-rYLNvF-X5uAlU-XaAj-60aItOA51Ez-COSDRbMBW2oM0VgPKdfwKg&google_hm=eS1ESTE1aFVoRTJwR2kx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOsckPr5xmPgCs_vky5s1lnqwMVsNa2GjWJsug9wrD8-rYLNvF-X5uAlU-XaAj-60aItOA51Ez-COSDRbMBW2oM0VgPKdfwKg&google_hm=eS1ESTE1aFVoRTJwR2kxdHNBV3pPQkFEaHRiSVpxVHJyOH5B
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 25 Apr 2023 18:14:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOsckPr5xmPgCs_vky5s1lnqwMVsNa2GjWJsug9wrD8-rYLNvF-X5uAlU-XaAj-60aItOA51Ez-COSDRbMBW2oM0VgPKdfwKg&google_hm=eS1ESTE1aFVoRTJwR2kxdHNBV3pPQkFEaHRiSVpxVHJyOH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame B49A
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELCME1Sso8zDXgDJbqtLchA&google_cver=1&google_push=ATf1kGMwuGrYj-vcWFHGSC1MzUbgfKue7b0atjT7NjcslwsQkRRLNucEnNJ8n1YEoiNrzug5yUSQ9V5WznTRikBCT3CkHIc...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESELCME1Sso8zDXgDJbqtLchA&google_cver=1&google_push=ATf1kGMwuGrYj-vcWFHGSC1MzUbgfKue7b0atjT7NjcslwsQkRRLNucEnNJ8n1YEoiNrzug5yUSQ9V5WznTRikBCT3CkH...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMwuGrYj-vcWFHGSC1MzUbgfKue7b0atjT7NjcslwsQkRRLNucEnNJ8n1YEoiNrzug5yUSQ9V5WznTRikBCT3CkHIcyihWQdQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMwuGrYj-vcWFHGSC1MzUbgfKue7b0atjT7NjcslwsQkRRLNucEnNJ8n1YEoiNrzug5yUSQ9V5WznTRikBCT3CkHIcyihWQdQ
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMwuGrYj-vcWFHGSC1MzUbgfKue7b0atjT7NjcslwsQkRRLNucEnNJ8n1YEoiNrzug5yUSQ9V5WznTRikBCT3CkHIcyihWQdQ
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
sync
ssbsync.smartadserver.com/api/ Frame B49A 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEMktv8mtqxAWn9HuEzSF0Xo&google_cver=1&google_push=ATf1kGN5tbKqdzN3NV88fTMvGYaktKyXmfob6k9iiHndzK43XskSi3x6C8NJSXrMB0y-o1dxu-GQoOwOG2Y0_jg41V4HXfpjIDGm
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame B49A
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEFcEZNbxY...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=64e975dc-f15e-43db-8f20-e0e8d9dafdff&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=64e975dc-f15e-43db-8f20-e0e8d9dafdff&%%GOOGLE_PUSH_PAIR%%
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=64e975dc-f15e-43db-8f20-e0e8d9dafdff&%%GOOGLE_PUSH_PAIR%%
date
Tue, 25 Apr 2023 18:14:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame B49A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jk1AkbzoTHvzOI_dqT2rQoGapg8B42vuhUFDPbHUPPJAUA1Oqe9Lcim0kXkPs6HTbBjAl6rw
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 047A 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3263
x-guploader-uploadid
ADPycdvYh6DcFTcWtsreocvh62FI68ZU81_mgPS4ytwaAhFYa5C3QcDwbcGxCi4sDoChQ5ABuxRYfNBwOuyo4AygCt86RAHaZWyx
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FyIr3BnqJm10oG4vr9ynDbujTgc8R7J2wx2xi0OLTlBll4PFWTJWuFjRnEM%2B6kcQ7QGkBgc3z6g%2BQs1%2Bud%2BF8jcnoUaFSvBm6oOkSnAVxsk5diuJZeAe8syE7kJatemlFjROjan1ZtZmVHL9uSyYMN0w"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7bd8913369ce3827-FRA
expires
Tue, 25 Apr 2023 17:34:22 GMT
w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
pagead2.googlesyndication.com/bg/ Frame 4496 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 16:19:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
6897
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14215
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Apr 2024 16:19:45 GMT
frame.html
ad4m.at/ Frame 1FB5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
457732
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7bd891330c889bf5-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 25 Apr 2023 18:14:42 GMT
expires
Thu, 30 Mar 2023 21:56:13 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVmVWyc168n2KSYL2qu5BhqKU6JSikW4XwnuvSwekSw60cS1wNZBNStzkc97lVFigtDAnPM8GovBZVbhEH6XPuMCAD%2BMrBTQrSVbi0T5%2BYrQfhgGbwAQkCU0uS90IVy5eEube%2BI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
montserrat-400-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame C6C8 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/montserrat/montserrat-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:06:54 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ef7e-31a4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 19 Apr 2024 18:14:42 GMT
lato-400-latin.woff2
static.criteo.net/design/googlefont/lato/ Frame C6C8 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/lato/lato-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/lato/lato-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ae5488cdee6c86ae9f892d07dfa77b93f820e132a99dd1a719cbf909168706c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/lato/lato-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:04:37 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391eef5-5c1c"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 19 Apr 2024 18:14:42 GMT
montserrat-700-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame C6C8 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/montserrat/montserrat-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
28f403366c2c520bfff7d5a0883f1d53e1e87ba1c8202f3f29e6395a0b66806d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:06:55 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ef7f-3230"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 19 Apr 2024 18:14:42 GMT
e.js
live.demand.supply/e/ 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_728x90_sticky_display_bottom&e=ao&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTA2NzMvODc4MjQ4L2dpcm9uYS12cy1yZWFsLW1hZHJpZC8=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.7.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-nf-request-id
01GW05JHBT4DKMPHVGPCYAW7T4
date
Tue, 25 Apr 2023 18:14:42 GMT
cf-cache-status
HIT
age
1465702
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7bd891333d293719-FRA
b1_1-954.ts
a4.koora.cloud/watch/rubrPQYS_DhSP9iR6nBWzg/1682449826/1682450080/1/ Frame DB59 		1 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4.koora.cloud/watch/rubrPQYS_DhSP9iR6nBWzg/1682449826/1682450080/1/b1_1-954.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.89.19 , Belize, ASN213371 (SQUITTER-NETWORKS, IN),
Reverse DNS
Software
amazon /
Resource Hash
cd0aa9856147b6c5b4ff2b7dfee5da20aa38253099ef1b4a64aced233c9afe29

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-0

Response headers

Date
Tue, 25 Apr 2023 18:14:42 GMT
Last-Modified
Tue, 25 Apr 2023 18:14:00 GMT
Server
amazon
ETag
"64481868-78880"
X-Cache-Status
HIT
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Content-Range
bytes 0-0/493696
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=60
Connection
keep-alive
Content-Length
1
ac81f3548a5e4f35a5789fe64b48bd89_unisex_16-9.mp4
static.criteo.net/design/dt/48044/230330/ Frame 521D 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/48044/230330/ac81f3548a5e4f35a5789fe64b48bd89_unisex_16-9.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
4924625695c0d768cabf6ed795fab8c937576cf4dc0eb3dd5fa07eed1abe2c8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=262144-

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Mar 2023 13:11:38 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"64258a8a-1e5017"
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 262144-1986582/1986583
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
1724439
expires
Fri, 19 Apr 2024 18:14:42 GMT
rs
ad4m.at/ Frame 047A 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b49b4b3777f7ed275269817a8b66137a3f848bcc437c95f92600a6cfe149a1b0

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eVHFfbikfJEdUPoPxY8mVCmCQeD4%2F5rV4hAXIlGP1RoqYQCSHkS%2BEw4M2XNIImnRkCmu5JIm5Hawh5sHalxUfhEkJu9SQ3izpIoz4TBuBVcf5pMxl0zV8jepZK%2BSbFOVKBBpz6I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7bd891344b8b2c26-FRA
x-backend-server
aa-reachservice-group-europe-west1-0pxx
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7bd891340b122c26-FRA
content-length
24
content-type
text/plain
date
Tue, 25 Apr 2023 18:14:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKAaZXlMAHdkJOmfdkyYBjNDkZBnYA9bG1Je8b6d%2BDkjZcofsLbDv7NBzHjOqHX46JU9%2FyjaWypf0S1k%2FYH3%2BzUX5gRDgsV0waolfJe4mqry%2FSK6AGcDpAJ6EtWQifx%2F5ly2wfg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-0pxx
b1_1-955.ts
a4.koora.cloud/watch/rubrPQYS_DhSP9iR6nBWzg/1682449826/1682450080/1/ Frame DB59 		478 KB
479 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a4.koora.cloud/watch/rubrPQYS_DhSP9iR6nBWzg/1682449826/1682450080/1/b1_1-955.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.89.19 , Belize, ASN213371 (SQUITTER-NETWORKS, IN),
Reverse DNS
Software
amazon /
Resource Hash
e6264fdcf8a40c3afce00d8851c5e3a594d4fcddc32b9d0f359157d2a208ab24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 18:14:42 GMT
Last-Modified
Tue, 25 Apr 2023 18:14:04 GMT
Server
amazon
ETag
"6448186c-779d0"
X-Cache-Status
HIT
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
489936
b1_1-956.ts
a4.koora.cloud/watch/rubrPQYS_DhSP9iR6nBWzg/1682449826/1682450080/1/ Frame DB59 		485 KB
486 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a4.koora.cloud/watch/rubrPQYS_DhSP9iR6nBWzg/1682449826/1682450080/1/b1_1-956.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.89.19 , Belize, ASN213371 (SQUITTER-NETWORKS, IN),
Reverse DNS
Software
amazon /
Resource Hash
76d3de09f286c0542d2ddbeabfd11967fbc5b6fe9ca634ebaad0fe661f244f97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 18:14:42 GMT
Last-Modified
Tue, 25 Apr 2023 18:14:08 GMT
Server
amazon
ETag
"64481870-795c0"
X-Cache-Status
HIT
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
497088
rar
as.ad4m.at/ad/ Frame CC05 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=e7dba04208610c5be649028871ba78b1%2F8809809848389707856&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682446482627&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzrqpezy7h76w2gq6p5wh097a8jce04vhk2sj4300erzhf1qbncnrn6vq4y878tznjxqnwvnwhz3ymnxxqfqdn8py5sba9pwy6hk87appay9tx08at3cwag2recbgzrktfrhz2njqb1b8kr0bqgmeyzt2jcjttnwh5d1ch2veefdp51z8htpm8facrztzv48vg9jcthtf1vwak4n3beqrj42jm20mep352359zt8x549tmbmngdt31yh7rbgszg752ap75en5jv4gn4by3c4qr2y8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaXjDkRhIZMCHDoSa3wOsuLyADJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAkGZOi4odLI-4AIAqAMBqgTKAk_Qo8jUg5KjOXGgwDY7PrF_J1LbDOzAMFuRB_LfH9IjzfxAGxcPnuhyeVIG_JExSih7JjQ0Ahs-QS7x2ufi-8-et5QweWMIdcfawfUH5SMboZNTmeraErJXDDVVIT8Y63YmD3f1vErGmpEJtTThtrbS_h3961CL3VhvsX2O9EKl0m4A4OYgl01DRTwYWnvSz7XS2SQays9Yxs8O1CIiNkd4wADBR-2CjPCG2ItJhjAZ_n8nttHQ77256hkfmWhap5NBZCSbGNTwUcbxVB06zM2JUGooj9wX60zDu9QwXCkgpsZ7EO_MCK5yNKzprfHVp9USAfSb3W-NR-51J77ZXVUxDQlNtVbUBb983EJ4P98FfuO1sPMdt1MevKfMzk0Vl_KBdxme10APzV1Feir97eoqI8s4hpvda81uc9MJP2p-jFXbutHxO1qWCOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bX74egU4h5sO43JAKcOG4dLdfqg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41f6f38e002e2b79b9791d5cbfb3ddfceaf90dcbb291840c58f477f953383580
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1hh8mf96j6vryddcpq64t68rdy9679wgymsabprb3g5mf9tc2r00qz392t2ebwwzp88d541sjyjk1pqzf2ps9pnzcgw3z7gxvs1dq4p5p31k2yqney5wg003y6dbpsawemygz52e579tp3re82385k6r0j2kr0sjf0a87fsbps5ayv29821224688p0sxdqdxdvb67cdef5nha33jzqzgz0hxeyjetv97sdf11trqcvapmvgybmjdjf2dhxy1may6yjmvhyqpscnnz09aqzc493hmx4qcgp2771zdeenrj66f40xnga3jpthb4zx27v3w30dhd051d7n3a5enga6g8006p3m9fhyx0t2p4n6whddvz3hp16pzkcfxzeceab6ddzqh3wr6wsrkpp2qpxryrjz4kp7tvfmn2kzhmpgna6damw5xcg73zqkhdvg3zdhjvmr4hccwc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaXjDkRhIZMCHDoSa3wOsuLyADJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAkGZOi4odLI-4AIAqAMBqgTKAk_Qo8jUg5KjOXGgwDY7PrF_J1LbDOzAMFuRB_LfH9IjzfxAGxcPnuhyeVIG_JExSih7JjQ0Ahs-QS7x2ufi-8-et5QweWMIdcfawfUH5SMboZNTmeraErJXDDVVIT8Y63YmD3f1vErGmpEJtTThtrbS_h3961CL3VhvsX2O9EKl0m4A4OYgl01DRTwYWnvSz7XS2SQays9Yxs8O1CIiNkd4wADBR-2CjPCG2ItJhjAZ_n8nttHQ77256hkfmWhap5NBZCSbGNTwUcbxVB06zM2JUGooj9wX60zDu9QwXCkgpsZ7EO_MCK5yNKzprfHVp9USAfSb3W-NR-51J77ZXVUxDQlNtVbUBb983EJ4P98FfuO1sPMdt1MevKfMzk0Vl_KBdxme10APzV1Feir97eoqI8s4hpvda81uc9MJP2p-jFXbutHxO1qWCOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bX74egU4h5sO43JAKcOG4dLdfqg%26client%3Dca-pub-3831894559014614%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7bd8913538519bf5-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 18:14:42 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
b1_1-957.ts
a4.koora.cloud/watch/rubrPQYS_DhSP9iR6nBWzg/1682449826/1682450080/1/ Frame DB59 		485 KB
485 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a4.koora.cloud/watch/rubrPQYS_DhSP9iR6nBWzg/1682449826/1682450080/1/b1_1-957.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.89.19 , Belize, ASN213371 (SQUITTER-NETWORKS, IN),
Reverse DNS
Software
amazon /
Resource Hash
820d61324fe32ab658b288bd780e631a7ef1b1099420a95204d765f53c712801

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 18:14:42 GMT
Last-Modified
Tue, 25 Apr 2023 18:14:12 GMT
Server
amazon
ETag
"64481874-79380"
X-Cache-Status
HIT
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
496512
prebid
mp.4dex.io/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:42 GMT
x-err
Parsing the Prebid Request. org/site not found
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7bd891359cdf9110-FRA
expires
0
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid
ap.lijit.com/rtb/ 		25 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.4
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
2e33b299483775d638e43b2051ef7e358e501c968c0ea87830f764d772dd9417

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 25 Apr 2023 18:14:42 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
c
prebid.a-mo.net/a/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Tue, 25 Apr 2023 18:14:42 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=98841994217
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
3ab8a941c0707e9b53a35718960f640e157b9ef8507175de30c9724e2af537fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yalla-shoots.tv
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1625
default.css
as.ad4m.at/ad/style/0.1.39/one-ad/ Frame CC05 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=e7dba04208610c5be649028871ba78b1%2F8809809848389707856&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682446482627&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzrqpezy7h76w2gq6p5wh097a8jce04vhk2sj4300erzhf1qbncnrn6vq4y878tznjxqnwvnwhz3ymnxxqfqdn8py5sba9pwy6hk87appay9tx08at3cwag2recbgzrktfrhz2njqb1b8kr0bqgmeyzt2jcjttnwh5d1ch2veefdp51z8htpm8facrztzv48vg9jcthtf1vwak4n3beqrj42jm20mep352359zt8x549tmbmngdt31yh7rbgszg752ap75en5jv4gn4by3c4qr2y8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaXjDkRhIZMCHDoSa3wOsuLyADJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAkGZOi4odLI-4AIAqAMBqgTKAk_Qo8jUg5KjOXGgwDY7PrF_J1LbDOzAMFuRB_LfH9IjzfxAGxcPnuhyeVIG_JExSih7JjQ0Ahs-QS7x2ufi-8-et5QweWMIdcfawfUH5SMboZNTmeraErJXDDVVIT8Y63YmD3f1vErGmpEJtTThtrbS_h3961CL3VhvsX2O9EKl0m4A4OYgl01DRTwYWnvSz7XS2SQays9Yxs8O1CIiNkd4wADBR-2CjPCG2ItJhjAZ_n8nttHQ77256hkfmWhap5NBZCSbGNTwUcbxVB06zM2JUGooj9wX60zDu9QwXCkgpsZ7EO_MCK5yNKzprfHVp9USAfSb3W-NR-51J77ZXVUxDQlNtVbUBb983EJ4P98FfuO1sPMdt1MevKfMzk0Vl_KBdxme10APzV1Feir97eoqI8s4hpvda81uc9MJP2p-jFXbutHxO1qWCOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bX74egU4h5sO43JAKcOG4dLdfqg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=e7dba04208610c5be649028871ba78b1%2F8809809848389707856&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682446482627&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzrqpezy7h76w2gq6p5wh097a8jce04vhk2sj4300erzhf1qbncnrn6vq4y878tznjxqnwvnwhz3ymnxxqfqdn8py5sba9pwy6hk87appay9tx08at3cwag2recbgzrktfrhz2njqb1b8kr0bqgmeyzt2jcjttnwh5d1ch2veefdp51z8htpm8facrztzv48vg9jcthtf1vwak4n3beqrj42jm20mep352359zt8x549tmbmngdt31yh7rbgszg752ap75en5jv4gn4by3c4qr2y8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaXjDkRhIZMCHDoSa3wOsuLyADJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAkGZOi4odLI-4AIAqAMBqgTKAk_Qo8jUg5KjOXGgwDY7PrF_J1LbDOzAMFuRB_LfH9IjzfxAGxcPnuhyeVIG_JExSih7JjQ0Ahs-QS7x2ufi-8-et5QweWMIdcfawfUH5SMboZNTmeraErJXDDVVIT8Y63YmD3f1vErGmpEJtTThtrbS_h3961CL3VhvsX2O9EKl0m4A4OYgl01DRTwYWnvSz7XS2SQays9Yxs8O1CIiNkd4wADBR-2CjPCG2ItJhjAZ_n8nttHQ77256hkfmWhap5NBZCSbGNTwUcbxVB06zM2JUGooj9wX60zDu9QwXCkgpsZ7EO_MCK5yNKzprfHVp9USAfSb3W-NR-51J77ZXVUxDQlNtVbUBb983EJ4P98FfuO1sPMdt1MevKfMzk0Vl_KBdxme10APzV1Feir97eoqI8s4hpvda81uc9MJP2p-jFXbutHxO1qWCOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bX74egU4h5sO43JAKcOG4dLdfqg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1681210094
age
25800
cf-polished
origSize=96968
x-guploader-uploadid
ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 11 Apr 2023 10:48:50 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
Accept-Encoding
x-goog-generation
1681210130860508
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cLEqXIAaKz9YbLLzgQuN1S8IkKxyNE%2Fd3TcKB9A5Ck4jkDDjmeA2UHV3KrDQzztnEWp1GKj8NVb0ee6SscdUnbfZ0Xg5wqtRZRmD4f8UoXR9tb7QAtWzerf4HpoZ45Rw4SOHsy%2BV1Q%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
7bd89135a91d9bf5-FRA
expires
Tue, 25 Apr 2023 19:14:42 GMT
C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame CC05 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=e7dba04208610c5be649028871ba78b1%2F8809809848389707856&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682446482627&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzrqpezy7h76w2gq6p5wh097a8jce04vhk2sj4300erzhf1qbncnrn6vq4y878tznjxqnwvnwhz3ymnxxqfqdn8py5sba9pwy6hk87appay9tx08at3cwag2recbgzrktfrhz2njqb1b8kr0bqgmeyzt2jcjttnwh5d1ch2veefdp51z8htpm8facrztzv48vg9jcthtf1vwak4n3beqrj42jm20mep352359zt8x549tmbmngdt31yh7rbgszg752ap75en5jv4gn4by3c4qr2y8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaXjDkRhIZMCHDoSa3wOsuLyADJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAkGZOi4odLI-4AIAqAMBqgTKAk_Qo8jUg5KjOXGgwDY7PrF_J1LbDOzAMFuRB_LfH9IjzfxAGxcPnuhyeVIG_JExSih7JjQ0Ahs-QS7x2ufi-8-et5QweWMIdcfawfUH5SMboZNTmeraErJXDDVVIT8Y63YmD3f1vErGmpEJtTThtrbS_h3961CL3VhvsX2O9EKl0m4A4OYgl01DRTwYWnvSz7XS2SQays9Yxs8O1CIiNkd4wADBR-2CjPCG2ItJhjAZ_n8nttHQ77256hkfmWhap5NBZCSbGNTwUcbxVB06zM2JUGooj9wX60zDu9QwXCkgpsZ7EO_MCK5yNKzprfHVp9USAfSb3W-NR-51J77ZXVUxDQlNtVbUBb983EJ4P98FfuO1sPMdt1MevKfMzk0Vl_KBdxme10APzV1Feir97eoqI8s4hpvda81uc9MJP2p-jFXbutHxO1qWCOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bX74egU4h5sO43JAKcOG4dLdfqg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
434427
cf-polished
origFmt=png, origSize=10283
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4736
cf-bgj
imgq:85,h2pri
last-modified
Thu, 06 Apr 2023 12:21:02 GMT
server
cloudflare
etag
"b90d04a587c2a1ab6749e51d8bb195d1"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BvkH%2BlPdyYxT9cKjiBfeYE10khs5W428MeGj0QtB%2Fw8dBo6irGh2DR%2BNNXfyyP1AtS0BEuqDfitedVABvbZ9o%2FRkDmcNpIeiD6M%2FcMb%2Bu5aEwQXUG4Zqut0E1%2B8cYIt5cKwhLs5O9Z50U%2FbG"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7bd89135c94c9bf4-FRA
expires
Wed, 26 Apr 2023 18:14:42 GMT
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame CC05 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=e7dba04208610c5be649028871ba78b1%2F8809809848389707856&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682446482627&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzrqpezy7h76w2gq6p5wh097a8jce04vhk2sj4300erzhf1qbncnrn6vq4y878tznjxqnwvnwhz3ymnxxqfqdn8py5sba9pwy6hk87appay9tx08at3cwag2recbgzrktfrhz2njqb1b8kr0bqgmeyzt2jcjttnwh5d1ch2veefdp51z8htpm8facrztzv48vg9jcthtf1vwak4n3beqrj42jm20mep352359zt8x549tmbmngdt31yh7rbgszg752ap75en5jv4gn4by3c4qr2y8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaXjDkRhIZMCHDoSa3wOsuLyADJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAkGZOi4odLI-4AIAqAMBqgTKAk_Qo8jUg5KjOXGgwDY7PrF_J1LbDOzAMFuRB_LfH9IjzfxAGxcPnuhyeVIG_JExSih7JjQ0Ahs-QS7x2ufi-8-et5QweWMIdcfawfUH5SMboZNTmeraErJXDDVVIT8Y63YmD3f1vErGmpEJtTThtrbS_h3961CL3VhvsX2O9EKl0m4A4OYgl01DRTwYWnvSz7XS2SQays9Yxs8O1CIiNkd4wADBR-2CjPCG2ItJhjAZ_n8nttHQ77256hkfmWhap5NBZCSbGNTwUcbxVB06zM2JUGooj9wX60zDu9QwXCkgpsZ7EO_MCK5yNKzprfHVp9USAfSb3W-NR-51J77ZXVUxDQlNtVbUBb983EJ4P98FfuO1sPMdt1MevKfMzk0Vl_KBdxme10APzV1Feir97eoqI8s4hpvda81uc9MJP2p-jFXbutHxO1qWCOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bX74egU4h5sO43JAKcOG4dLdfqg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
460654
cf-polished
origSize=105738, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
92686
cf-bgj
imgq:85,h2pri
last-modified
Mon, 04 Jul 2022 08:55:40 GMT
server
cloudflare
etag
"147be38db57f89c69c9e65b05983ff0e"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mkp6sMkC%2BJxkRmMdfz8sDgSfnx2EwMipgmvhLJyYLxpQs2MXBoGQeOa1icxTU9PbFfDyZAHt%2FDqMSS9XSbMH3sAKHJZ5Kfbv56aY9v7g44xSkRWPNA%2BbhVQZC4Synts1FQWiC1OptOYM1fFw"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7bd89135c9499bf4-FRA
expires
Wed, 26 Apr 2023 18:14:42 GMT
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame CC05 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=e7dba04208610c5be649028871ba78b1%2F8809809848389707856&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682446482627&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzrqpezy7h76w2gq6p5wh097a8jce04vhk2sj4300erzhf1qbncnrn6vq4y878tznjxqnwvnwhz3ymnxxqfqdn8py5sba9pwy6hk87appay9tx08at3cwag2recbgzrktfrhz2njqb1b8kr0bqgmeyzt2jcjttnwh5d1ch2veefdp51z8htpm8facrztzv48vg9jcthtf1vwak4n3beqrj42jm20mep352359zt8x549tmbmngdt31yh7rbgszg752ap75en5jv4gn4by3c4qr2y8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaXjDkRhIZMCHDoSa3wOsuLyADJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAkGZOi4odLI-4AIAqAMBqgTKAk_Qo8jUg5KjOXGgwDY7PrF_J1LbDOzAMFuRB_LfH9IjzfxAGxcPnuhyeVIG_JExSih7JjQ0Ahs-QS7x2ufi-8-et5QweWMIdcfawfUH5SMboZNTmeraErJXDDVVIT8Y63YmD3f1vErGmpEJtTThtrbS_h3961CL3VhvsX2O9EKl0m4A4OYgl01DRTwYWnvSz7XS2SQays9Yxs8O1CIiNkd4wADBR-2CjPCG2ItJhjAZ_n8nttHQ77256hkfmWhap5NBZCSbGNTwUcbxVB06zM2JUGooj9wX60zDu9QwXCkgpsZ7EO_MCK5yNKzprfHVp9USAfSb3W-NR-51J77ZXVUxDQlNtVbUBb983EJ4P98FfuO1sPMdt1MevKfMzk0Vl_KBdxme10APzV1Feir97eoqI8s4hpvda81uc9MJP2p-jFXbutHxO1qWCOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bX74egU4h5sO43JAKcOG4dLdfqg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
147303
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PWlATpSQtTpitZ%2FAOk2RtR3iPz4pvbQkFlEGmOjkAc%2FRJSyK%2BBaTjI9MtJtyJuUVinacTUHd40XGAs12xFUjYjDcy0ph6SG7HuZLAXBp50DpXa0YFgDPfioEj01FgaGjbv%2BuWOe29FrMFqQU"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7bd89135c94a9bf4-FRA
expires
Wed, 26 Apr 2023 18:14:42 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame CC05 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=e7dba04208610c5be649028871ba78b1%2F8809809848389707856&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682446482627&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzrqpezy7h76w2gq6p5wh097a8jce04vhk2sj4300erzhf1qbncnrn6vq4y878tznjxqnwvnwhz3ymnxxqfqdn8py5sba9pwy6hk87appay9tx08at3cwag2recbgzrktfrhz2njqb1b8kr0bqgmeyzt2jcjttnwh5d1ch2veefdp51z8htpm8facrztzv48vg9jcthtf1vwak4n3beqrj42jm20mep352359zt8x549tmbmngdt31yh7rbgszg752ap75en5jv4gn4by3c4qr2y8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaXjDkRhIZMCHDoSa3wOsuLyADJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAkGZOi4odLI-4AIAqAMBqgTKAk_Qo8jUg5KjOXGgwDY7PrF_J1LbDOzAMFuRB_LfH9IjzfxAGxcPnuhyeVIG_JExSih7JjQ0Ahs-QS7x2ufi-8-et5QweWMIdcfawfUH5SMboZNTmeraErJXDDVVIT8Y63YmD3f1vErGmpEJtTThtrbS_h3961CL3VhvsX2O9EKl0m4A4OYgl01DRTwYWnvSz7XS2SQays9Yxs8O1CIiNkd4wADBR-2CjPCG2ItJhjAZ_n8nttHQ77256hkfmWhap5NBZCSbGNTwUcbxVB06zM2JUGooj9wX60zDu9QwXCkgpsZ7EO_MCK5yNKzprfHVp9USAfSb3W-NR-51J77ZXVUxDQlNtVbUBb983EJ4P98FfuO1sPMdt1MevKfMzk0Vl_KBdxme10APzV1Feir97eoqI8s4hpvda81uc9MJP2p-jFXbutHxO1qWCOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bX74egU4h5sO43JAKcOG4dLdfqg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2405582
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tz3ghuAag36ktUM%2BcNNQzo%2B2PwIrFZq03Wo5YY8lG1ev%2B7tlAWO5EjAYjVo09jxIsr1onofQ0oCZeULmSkjnJJ%2BGpCju3ArYyeodTFqMljm7rQw%2F1K38uePJnWkoDqQCoCNLYSREARVoEbAb"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7bd89135c9479bf4-FRA
expires
Wed, 26 Apr 2023 18:14:42 GMT
cshow.php
www.awin1.com/ Frame CC05 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=e7dba04208610c5be649028871ba78b1%2F8809809848389707856&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682446482627&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzrqpezy7h76w2gq6p5wh097a8jce04vhk2sj4300erzhf1qbncnrn6vq4y878tznjxqnwvnwhz3ymnxxqfqdn8py5sba9pwy6hk87appay9tx08at3cwag2recbgzrktfrhz2njqb1b8kr0bqgmeyzt2jcjttnwh5d1ch2veefdp51z8htpm8facrztzv48vg9jcthtf1vwak4n3beqrj42jm20mep352359zt8x549tmbmngdt31yh7rbgszg752ap75en5jv4gn4by3c4qr2y8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaXjDkRhIZMCHDoSa3wOsuLyADJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAkGZOi4odLI-4AIAqAMBqgTKAk_Qo8jUg5KjOXGgwDY7PrF_J1LbDOzAMFuRB_LfH9IjzfxAGxcPnuhyeVIG_JExSih7JjQ0Ahs-QS7x2ufi-8-et5QweWMIdcfawfUH5SMboZNTmeraErJXDDVVIT8Y63YmD3f1vErGmpEJtTThtrbS_h3961CL3VhvsX2O9EKl0m4A4OYgl01DRTwYWnvSz7XS2SQays9Yxs8O1CIiNkd4wADBR-2CjPCG2ItJhjAZ_n8nttHQ77256hkfmWhap5NBZCSbGNTwUcbxVB06zM2JUGooj9wX60zDu9QwXCkgpsZ7EO_MCK5yNKzprfHVp9USAfSb3W-NR-51J77ZXVUxDQlNtVbUBb983EJ4P98FfuO1sPMdt1MevKfMzk0Vl_KBdxme10APzV1Feir97eoqI8s4hpvda81uc9MJP2p-jFXbutHxO1qWCOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bX74egU4h5sO43JAKcOG4dLdfqg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.210.125.176 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-125-176.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Apr 2023 18:14:42 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame CC05 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=e7dba04208610c5be649028871ba78b1%2F8809809848389707856&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682446482627&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzrqpezy7h76w2gq6p5wh097a8jce04vhk2sj4300erzhf1qbncnrn6vq4y878tznjxqnwvnwhz3ymnxxqfqdn8py5sba9pwy6hk87appay9tx08at3cwag2recbgzrktfrhz2njqb1b8kr0bqgmeyzt2jcjttnwh5d1ch2veefdp51z8htpm8facrztzv48vg9jcthtf1vwak4n3beqrj42jm20mep352359zt8x549tmbmngdt31yh7rbgszg752ap75en5jv4gn4by3c4qr2y8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaXjDkRhIZMCHDoSa3wOsuLyADJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAkGZOi4odLI-4AIAqAMBqgTKAk_Qo8jUg5KjOXGgwDY7PrF_J1LbDOzAMFuRB_LfH9IjzfxAGxcPnuhyeVIG_JExSih7JjQ0Ahs-QS7x2ufi-8-et5QweWMIdcfawfUH5SMboZNTmeraErJXDDVVIT8Y63YmD3f1vErGmpEJtTThtrbS_h3961CL3VhvsX2O9EKl0m4A4OYgl01DRTwYWnvSz7XS2SQays9Yxs8O1CIiNkd4wADBR-2CjPCG2ItJhjAZ_n8nttHQ77256hkfmWhap5NBZCSbGNTwUcbxVB06zM2JUGooj9wX60zDu9QwXCkgpsZ7EO_MCK5yNKzprfHVp9USAfSb3W-NR-51J77ZXVUxDQlNtVbUBb983EJ4P98FfuO1sPMdt1MevKfMzk0Vl_KBdxme10APzV1Feir97eoqI8s4hpvda81uc9MJP2p-jFXbutHxO1qWCOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bX74egU4h5sO43JAKcOG4dLdfqg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
605189
cf-polished
origFmt=png, origSize=62828
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36446
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Oct 2022 15:02:47 GMT
server
cloudflare
etag
"e12c1a9f1887c09d377658838eaaa06d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMlUO2YlPr7qVKmP32DYe8c8fOU5gVgK7YTcYwZhxN6H0mJv9p1Afl6b1teOaFNnXaDkd9LECL96FWJcHy2A%2BrPn7A30Mr3dblXSUQkBr%2BQe8NrzoPBz6qze23eO1AwAeZfFPmRISPd%2BUYTf"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7bd89135c94b9bf4-FRA
expires
Wed, 26 Apr 2023 18:14:42 GMT
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame CC05 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=e7dba04208610c5be649028871ba78b1%2F8809809848389707856&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682446482627&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzrqpezy7h76w2gq6p5wh097a8jce04vhk2sj4300erzhf1qbncnrn6vq4y878tznjxqnwvnwhz3ymnxxqfqdn8py5sba9pwy6hk87appay9tx08at3cwag2recbgzrktfrhz2njqb1b8kr0bqgmeyzt2jcjttnwh5d1ch2veefdp51z8htpm8facrztzv48vg9jcthtf1vwak4n3beqrj42jm20mep352359zt8x549tmbmngdt31yh7rbgszg752ap75en5jv4gn4by3c4qr2y8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaXjDkRhIZMCHDoSa3wOsuLyADJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAkGZOi4odLI-4AIAqAMBqgTKAk_Qo8jUg5KjOXGgwDY7PrF_J1LbDOzAMFuRB_LfH9IjzfxAGxcPnuhyeVIG_JExSih7JjQ0Ahs-QS7x2ufi-8-et5QweWMIdcfawfUH5SMboZNTmeraErJXDDVVIT8Y63YmD3f1vErGmpEJtTThtrbS_h3961CL3VhvsX2O9EKl0m4A4OYgl01DRTwYWnvSz7XS2SQays9Yxs8O1CIiNkd4wADBR-2CjPCG2ItJhjAZ_n8nttHQ77256hkfmWhap5NBZCSbGNTwUcbxVB06zM2JUGooj9wX60zDu9QwXCkgpsZ7EO_MCK5yNKzprfHVp9USAfSb3W-NR-51J77ZXVUxDQlNtVbUBb983EJ4P98FfuO1sPMdt1MevKfMzk0Vl_KBdxme10APzV1Feir97eoqI8s4hpvda81uc9MJP2p-jFXbutHxO1qWCOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bX74egU4h5sO43JAKcOG4dLdfqg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
860230
cf-polished
qual=85, origFmt=jpeg, origSize=133780
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28740
cf-bgj
imgq:85,h2pri
last-modified
Tue, 18 Feb 2020 10:22:01 GMT
server
cloudflare
etag
"d061ca155f758f490340e147604dc3ee"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fbsQdHBcBSAmbk44UtyNEZ4Tr3Q1xo5yct1BISRHlOSCUNrF2okMWWwx2lrF73O16pcuGl9mRWR0YlkJoPbyUp5Gmp75jxh3aliIv74c9GJgyBxFutkA7J8hUGU%2Bt6D7Dwr%2BEhhQ5%2BlNRiLI"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7bd89135c9469bf4-FRA
expires
Wed, 26 Apr 2023 18:14:42 GMT
cshow.php
www.awin1.com/ Frame CC05 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=e7dba04208610c5be649028871ba78b1%2F8809809848389707856&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682446482627&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzrqpezy7h76w2gq6p5wh097a8jce04vhk2sj4300erzhf1qbncnrn6vq4y878tznjxqnwvnwhz3ymnxxqfqdn8py5sba9pwy6hk87appay9tx08at3cwag2recbgzrktfrhz2njqb1b8kr0bqgmeyzt2jcjttnwh5d1ch2veefdp51z8htpm8facrztzv48vg9jcthtf1vwak4n3beqrj42jm20mep352359zt8x549tmbmngdt31yh7rbgszg752ap75en5jv4gn4by3c4qr2y8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaXjDkRhIZMCHDoSa3wOsuLyADJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAkGZOi4odLI-4AIAqAMBqgTKAk_Qo8jUg5KjOXGgwDY7PrF_J1LbDOzAMFuRB_LfH9IjzfxAGxcPnuhyeVIG_JExSih7JjQ0Ahs-QS7x2ufi-8-et5QweWMIdcfawfUH5SMboZNTmeraErJXDDVVIT8Y63YmD3f1vErGmpEJtTThtrbS_h3961CL3VhvsX2O9EKl0m4A4OYgl01DRTwYWnvSz7XS2SQays9Yxs8O1CIiNkd4wADBR-2CjPCG2ItJhjAZ_n8nttHQ77256hkfmWhap5NBZCSbGNTwUcbxVB06zM2JUGooj9wX60zDu9QwXCkgpsZ7EO_MCK5yNKzprfHVp9USAfSb3W-NR-51J77ZXVUxDQlNtVbUBb983EJ4P98FfuO1sPMdt1MevKfMzk0Vl_KBdxme10APzV1Feir97eoqI8s4hpvda81uc9MJP2p-jFXbutHxO1qWCOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bX74egU4h5sO43JAKcOG4dLdfqg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.210.125.176 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-125-176.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Apr 2023 18:14:42 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
link.html
track.webgains.com/ Frame CC05 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hjpv7cf1bzqnnrxejprgjpyn0w1dcteyj751pmp1ka3rqfgq0e815an53ak6qm4ff13axfthtcfq1xfd6h5grhb0rf7bqr66217kva1236xae2fm31v44j1z90rwm99rrxvnrkt7p6nd02gfj6sjfnkp0bbmhefyngzhd0w11d1j6fbjey5aht8ftpw8q6dz54bt71cdtaehkz6pdatndfz2bybeq5ayqhwrce59wnvr1aahejfmx9k6sdegp9vwpc0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jzrqpezy7h76w2gq6p5wh097a8jce04vhk2sj4300erzhf1qbncnrn6vq4y878tznjxqnwvnwhz3ymnxxqfqdn8py5sba9pwy6hk87appay9tx08at3cwag2recbgzrktfrhz2njqb1b8kr0bqgmeyzt2jcjttnwh5d1ch2veefdp51z8htpm8facrztzv48vg9jcthtf1vwak4n3beqrj42jm20mep352359zt8x549tmbmngdt31yh7rbgszg752ap75en5jv4gn4by3c4qr2y8%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCaXjDkRhIZMCHDoSa3wOsuLyADJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAkGZOi4odLI-4AIAqAMBqgTKAk_Qo8jUg5KjOXGgwDY7PrF_J1LbDOzAMFuRB_LfH9IjzfxAGxcPnuhyeVIG_JExSih7JjQ0Ahs-QS7x2ufi-8-et5QweWMIdcfawfUH5SMboZNTmeraErJXDDVVIT8Y63YmD3f1vErGmpEJtTThtrbS_h3961CL3VhvsX2O9EKl0m4A4OYgl01DRTwYWnvSz7XS2SQays9Yxs8O1CIiNkd4wADBR-2CjPCG2ItJhjAZ_n8nttHQ77256hkfmWhap5NBZCSbGNTwUcbxVB06zM2JUGooj9wX60zDu9QwXCkgpsZ7EO_MCK5yNKzprfHVp9USAfSb3W-NR-51J77ZXVUxDQlNtVbUBb983EJ4P98FfuO1sPMdt1MevKfMzk0Vl_KBdxme10APzV1Feir97eoqI8s4hpvda81uc9MJP2p-jFXbutHxO1qWCOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1bX74egU4h5sO43JAKcOG4dLdfqg%252526client%25253Dca-pub-3831894559014614%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=e7dba04208610c5be649028871ba78b1%2F8809809848389707856&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682446482627&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzrqpezy7h76w2gq6p5wh097a8jce04vhk2sj4300erzhf1qbncnrn6vq4y878tznjxqnwvnwhz3ymnxxqfqdn8py5sba9pwy6hk87appay9tx08at3cwag2recbgzrktfrhz2njqb1b8kr0bqgmeyzt2jcjttnwh5d1ch2veefdp51z8htpm8facrztzv48vg9jcthtf1vwak4n3beqrj42jm20mep352359zt8x549tmbmngdt31yh7rbgszg752ap75en5jv4gn4by3c4qr2y8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaXjDkRhIZMCHDoSa3wOsuLyADJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAkGZOi4odLI-4AIAqAMBqgTKAk_Qo8jUg5KjOXGgwDY7PrF_J1LbDOzAMFuRB_LfH9IjzfxAGxcPnuhyeVIG_JExSih7JjQ0Ahs-QS7x2ufi-8-et5QweWMIdcfawfUH5SMboZNTmeraErJXDDVVIT8Y63YmD3f1vErGmpEJtTThtrbS_h3961CL3VhvsX2O9EKl0m4A4OYgl01DRTwYWnvSz7XS2SQays9Yxs8O1CIiNkd4wADBR-2CjPCG2ItJhjAZ_n8nttHQ77256hkfmWhap5NBZCSbGNTwUcbxVB06zM2JUGooj9wX60zDu9QwXCkgpsZ7EO_MCK5yNKzprfHVp9USAfSb3W-NR-51J77ZXVUxDQlNtVbUBb983EJ4P98FfuO1sPMdt1MevKfMzk0Vl_KBdxme10APzV1Feir97eoqI8s4hpvda81uc9MJP2p-jFXbutHxO1qWCOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bX74egU4h5sO43JAKcOG4dLdfqg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.40.91.69 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-40-91-69.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
9d35b132703d26b1bf7c7ef234f0263f69ac8388eda15384b2cd784653848aab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:43 GMT
last-modified
Tue, 25 Apr 2023 18:14:43 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 25 Apr 2023 18:15:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304200101&jk=263317129759169&bg=!Dg2lDVnNAAYfNdXmPzU7ADkAdvg8WsTOolriDxfXhzvnT6TIITryJC9xfXMyVi4KgH3lgiFm3O8vbfFG8AB93w2GE75G4QfhK2gCAAACelIAAAACaAEHmQLHGno4m6SHEH1BDWYTZ_htn77zgcF0vF2Y-qb2N74d2LZVn2GR29XIliVsxdLigNsDC-2UwRAjO7v3VeuJQe17zY9lKR8PWekJeyl909h4-S96tRs_FNZnL2yXyPh6SEUjAORScnHwn3HQS5jO-vzyetTjQJwh4q6ZubbPxW0F8zo2wC1cxmXI9wVXJEkE9lrmPyncnVr2yCVN79x-i-zbh6oukRT0Fa0d3LG82HWiN-iQBY9KMU1oD-_FHR4FVqdMUyfevtqXakfpTdY_S1SsXemLWCHQXtxPY1ef5jyuXsCbTur9OwIH-gkPvSzjNHoVedAmWZNS0FU19hWgVbyeWNbo0rJeInnSjvqqK9qcIV_K0ENa8ZIds1WOTia61TEvB69Ooh-Un1_LJUOxJlRLieyxjITdrXCX3YquJ74diExNC0eq9QlGdHTcql3w2X5T8qX_N7I5yIfYfekOimno0KmloNY95F9gmj-wZ7rbx5RGd-SWE90MwIRCm3ZWHHpX6l-Fogbxndk-jmVd948TUqE3J8AJleYP-k_LfGNiyi6oIU0tOsHac3lUXVLwnBlIrNx10qQlkZ8HnWrwaMWM8ao8tAubd-iA_b5dxUTBc7CAIFm_K-F6WX9j4XfCcdkB7l7G46ObQvdou94NOVhcf3-PSVn-Xe7met6-W9wYRc8y89odzifSr80rUss1YRTOhSZQDiv7qTA6IIFFebyXmUM9Epnpd4_ws0WHidXvu3-Z2PmVnWdJSFUYr2TRQcvMadXajtxoMCtmOTuCfWzFEdglGzh7vP6mKOpscmEK-qBgcYmEOQJODgsG2W_Kgg-Bg6TbtgaTrU4Vp96dh0kPjLRo9mxpPgU2eFdOCFmrBl9QKRzup_t2y65sNi2A7vz3FYk1bK4bFw1Hh8WslH9xFudY2HmbJknRSzhh65RPYyKITEJPZlg-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		384 B
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=263317129759169&correlator=2579824786682429&eid=31073385%2C31074093&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=160x600&ifi=22&adks=2294990510&didk=2716137147&sfv=1-0-40&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-1682446482767-0%26hb_r_id%3D24879eb95575442d%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_adid%3D251c68e118b7d924%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10673%252F878248%252Fgirona-vs-real-madrid%252F&sc=1&cookie=ID%3Dd63755abbe95516f-229a3c7baddd004c%3AT%3D1682446480%3AS%3DALNI_MYRpzP03Ys_rEAIRiVJXrNhV1qWhA&gpic=UID%3D00000befae92e8fe%3AT%3D1682446480%3ART%3D1682446480%3AS%3DALNI_Mb434xwexQHonekkg6izdHYivHpnQ&abxe=1&dt=1682446482909&lmt=1682446463&dlt=1682446480164&idt=437&adxs=-160&adys=310&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=m&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=160&psts=ABHeCvjxIWcjgbIotATn_fkmuNKMZKV0YUaoYwS7nW8a1jQyUZ9PsonQkPN6-PNMdnA8vjurBEBb8ospvv1K-pazf60MmuE%2CABHeCvh8XWrWVxsz8_h5BkIi98RXWnv-S7_ObenR_3ZuM-vLYAO9CYoRWv-oMFNFG69EFkB5I-2TBK2jfR_o5J8TvKUb3B8%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1037507575.1682446481&ga_sid=1682446481&ga_hid=309559342&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYher_zPswSABSAghkEhkKCnB1YmNpZC5vcmcY_ur_zPswSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqakRHUVJxc09YUkpONTJkdkpNUFFDMThxQWZ5Q2tkUkVJRkZwVmtORmJhbDBKQXZPdzZqUzNSWldPU1liNW0zLzVaWDlpejBxaUFtZFUxUmZTOEtjcCtFbkFTTUltU25veTZ0bnh1Y1lPZmpybndobGhJaEN5T0d5TEhxV3ZNNlFXT0dqM3JDZnIyR0JLSGZrdnhRRWEzcGlyYVBKV2pmbTluY1NOYzFWS3NxZE45S3E3aEhxT09BaUxSaXlsL2wwbXc9PRiK7P_M-zBIABIdCg5lc3AuY3JpdGVvLmNvbRiF6v_M-zBIAFICCGQSGQoKdWlkYXBpLmNvbRiF6v_M-zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNDr_8z7MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e5c0a0580fcdbabae0f615e99564c37dcc8df4e62e9497b66fee3bbc4044405d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5B4E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 18:14:40 GMT
expires
Wed, 24 Apr 2024 18:14:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 5B4E 		4 KB
645 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3018c5284222e82380ec1570f914f544c35e062c4ff9c64e46fdc01695b2b274
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Apr 2023 18:14:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:28:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Apr 2023 18:14:43 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 5B4E 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 12:11:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
21790
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 12:11:33 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 5B4E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CA4FykhhIZOnFIZqE3wP8u5jgDe-DxKFuv8ivrL8OzMeapv0IEAEgudvzJmCVypmCrAegAbC6odcDyAEJqQLndBTV9nuyPuACAKgDAcgDywSqBJoCT9Aj4Zt1u0hmMXzP4i6-A4-zYLY9xfj-Gn719dHCRQpYc2eiqnoa1Idm2vO4Na8qZ2K48nU_LbvFphVQK5O7HUVstPZGEPP5EUxka_nLIAUMiXi2QYckRfY0P8Zrz6D8aQx9NLgPZC69nrDGFyGCwWIY2beIUd1HJUox2fnGMdScXnM37R03AfYsxjjz9tvCojKzKzFBisGej9WXLVQCwltk3Ys90x3AdSfHdEjUmNIdqjweKZrzMQEIuT1GttW86lcsrBaV0Cj4t2l77Z1UTXbt3eq8BgaLA1_IIUNTOSvlTyaU8esuKQGKM2jApleFpi1pOTSAGjDK35EihvhXub8ia7of0rJeHz427655Uv7SD3oVhakNv0S2wATJmKmq4APgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHxfetPqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDN6BDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDIgUAtAVAYAXAbIXHgocCAASFHB1Yi02NzM2MjU2NDczMjAyNzMzGOTDDg&sigh=BSh1VS4k0_4&uach_m=[UACH]&cid=CAQSPABygQiDl8GNhitOJ3VM75yM4-iNt9PyJqzOVXVoCzBy3C-kEMCdTW51kyYvqcGOflv9vdiDqLQU3jogdBgB&template_id=494
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame 5B4E 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite_fy2021.js
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 14:56:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
11914
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8535
x-xss-protection
0
server
cafe
etag
13968503839060854674
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 14:56:09 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 5B4E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 16:19:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
6898
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 16:19:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 5B4E 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 12:11:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
21792
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8104
x-xss-protection
0
server
cafe
etag
11444945707709536616
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 12:11:31 GMT
l
www.google.com/ads/measurement/ Frame 5B4E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ7ajF0VSGfxH4pPQ_99hNduuwSBB6JChtDI7YpMhNLaiG56ZVnGFknYDAqrS1d4xkPLyWFf7hE-P97Q106quHRIHfWoQ
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5B4E 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Apr 2023 18:14:43 GMT
f8970ecc2196f374e9d99027c476dd6b.js
www.gstatic.com/mysidia/ Frame 5B4E 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 12:11:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21772
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13747
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 20:22:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 24 Jul 2023 12:11:51 GMT
truncated
/ Frame 5B4E 		287 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
624907996767536446
tpc.googlesyndication.com/simgad/ Frame 5B4E
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
  • https://tpc.googlesyndication.com/simgad/624907996767536446
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/624907996767536446
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 20:07:58 GMT
x-content-type-options
nosniff
age
252405
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8502
x-xss-protection
0
last-modified
Tue, 09 Apr 2019 09:00:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 21 Apr 2024 20:07:58 GMT

Redirect headers

date
Tue, 25 Apr 2023 04:41:09 GMT
x-content-type-options
nosniff
server
cafe
age
48814
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/624907996767536446
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 25 May 2023 04:41:09 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A525 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21771
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 12:11:52 GMT
etag
48472445140208031
expires
Wed, 26 Apr 2023 12:11:52 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 5B4E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
960049b3fd8b1c292eabcea91fa7660a2a3b5936f1ad70ac23623205606e36ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
pvClk.min.js
analytics.webgains.io/ Frame CC05 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hjpv7cf1bzqnnrxejprgjpyn0w1dcteyj751pmp1ka3rqfgq0e815an53ak6qm4ff13axfthtcfq1xfd6h5grhb0rf7bqr66217kva1236xae2fm31v44j1z90rwm99rrxvnrkt7p6nd02gfj6sjfnkp0bbmhefyngzhd0w11d1j6fbjey5aht8ftpw8q6dz54bt71cdtaehkz6pdatndfz2bybeq5ayqhwrce59wnvr1aahejfmx9k6sdegp9vwpc0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jzrqpezy7h76w2gq6p5wh097a8jce04vhk2sj4300erzhf1qbncnrn6vq4y878tznjxqnwvnwhz3ymnxxqfqdn8py5sba9pwy6hk87appay9tx08at3cwag2recbgzrktfrhz2njqb1b8kr0bqgmeyzt2jcjttnwh5d1ch2veefdp51z8htpm8facrztzv48vg9jcthtf1vwak4n3beqrj42jm20mep352359zt8x549tmbmngdt31yh7rbgszg752ap75en5jv4gn4by3c4qr2y8%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCaXjDkRhIZMCHDoSa3wOsuLyADJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAkGZOi4odLI-4AIAqAMBqgTKAk_Qo8jUg5KjOXGgwDY7PrF_J1LbDOzAMFuRB_LfH9IjzfxAGxcPnuhyeVIG_JExSih7JjQ0Ahs-QS7x2ufi-8-et5QweWMIdcfawfUH5SMboZNTmeraErJXDDVVIT8Y63YmD3f1vErGmpEJtTThtrbS_h3961CL3VhvsX2O9EKl0m4A4OYgl01DRTwYWnvSz7XS2SQays9Yxs8O1CIiNkd4wADBR-2CjPCG2ItJhjAZ_n8nttHQ77256hkfmWhap5NBZCSbGNTwUcbxVB06zM2JUGooj9wX60zDu9QwXCkgpsZ7EO_MCK5yNKzprfHVp9USAfSb3W-NR-51J77ZXVUxDQlNtVbUBb983EJ4P98FfuO1sPMdt1MevKfMzk0Vl_KBdxme10APzV1Feir97eoqI8s4hpvda81uc9MJP2p-jFXbutHxO1qWCOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1bX74egU4h5sO43JAKcOG4dLdfqg%252526client%25253Dca-pub-3831894559014614%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 05:34:41 GMT
content-encoding
gzip
via
1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
45603
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
-V0NbJtM6MiJfgF8wI9N6AwwBkiI91zSfY32qrL7OBZAQFnUdp58PA==
1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame CC05 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1682446783&Signature=NWWbqHFQgzQ~-nJfgVOKpm5vZqUh9FepIxpW5akVWH6Ii4MnlxDxbMJc5JOE-YlDEeVd3dQi5mR0vv3pk7XH2KEtgpidFtAhTIvzLqQVcR1X4EEWNmVP7xjxm23FYFM~sCny3nywZiDggHUSQZMEp0C~eWhgv-0j7GxJcK45kDM-kf186uEhsNadViUG0u8Edtgb9uNv1zEwAnXRGB4fyqYB-QhKgffXuWS03g4Daz0RREpVMlis85jEmGQMNaqCB8UhHTQ-rd5DclpwRmKmVzlwf--QsNzHksYEYLfG6sd5cUUw-J6MtHiASiCzzyvmGDqlVk8AYXPBvAWM-TRjfw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=e7dba04208610c5be649028871ba78b1%2F8809809848389707856&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682446482627&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzrqpezy7h76w2gq6p5wh097a8jce04vhk2sj4300erzhf1qbncnrn6vq4y878tznjxqnwvnwhz3ymnxxqfqdn8py5sba9pwy6hk87appay9tx08at3cwag2recbgzrktfrhz2njqb1b8kr0bqgmeyzt2jcjttnwh5d1ch2veefdp51z8htpm8facrztzv48vg9jcthtf1vwak4n3beqrj42jm20mep352359zt8x549tmbmngdt31yh7rbgszg752ap75en5jv4gn4by3c4qr2y8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaXjDkRhIZMCHDoSa3wOsuLyADJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAkGZOi4odLI-4AIAqAMBqgTKAk_Qo8jUg5KjOXGgwDY7PrF_J1LbDOzAMFuRB_LfH9IjzfxAGxcPnuhyeVIG_JExSih7JjQ0Ahs-QS7x2ufi-8-et5QweWMIdcfawfUH5SMboZNTmeraErJXDDVVIT8Y63YmD3f1vErGmpEJtTThtrbS_h3961CL3VhvsX2O9EKl0m4A4OYgl01DRTwYWnvSz7XS2SQays9Yxs8O1CIiNkd4wADBR-2CjPCG2ItJhjAZ_n8nttHQ77256hkfmWhap5NBZCSbGNTwUcbxVB06zM2JUGooj9wX60zDu9QwXCkgpsZ7EO_MCK5yNKzprfHVp9USAfSb3W-NR-51J77ZXVUxDQlNtVbUBb983EJ4P98FfuO1sPMdt1MevKfMzk0Vl_KBdxme10APzV1Feir97eoqI8s4hpvda81uc9MJP2p-jFXbutHxO1qWCOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bX74egU4h5sO43JAKcOG4dLdfqg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-52.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 25 Apr 2023 06:04:45 GMT
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:41:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
43799
etag
"d4e8f970f24f6d19b53aa92b1907c1ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15054
x-amz-cf-id
1P0SX59mWWItdFW301kHr10f3ZXWdqbCVVEgOgWlPAq1fzlbsKi1Tg==
pixel
cm.g.doubleclick.net/ Frame A525
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKCY9oyAQGsOg08-FpLJCsM&google_cver=1&google_push=ATf1kGPPgKcsAMQQRLE4VPJJIVAorK6UISxOnH1ciDByN0A4OLss705uNGnFkpZNKhswcw2HQ3bvQ-ybjiUHJ1T_...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPPgKcsAMQQRLE4VPJJIVAorK6UISxOnH1ciDByN0A4OLss705uNGnFkpZNKhswcw2HQ3bvQ-ybjiUHJ1T_sstDBroP-YvWCQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPPgKcsAMQQRLE4VPJJIVAorK6UISxOnH1ciDByN0A4OLss705uNGnFkpZNKhswcw2HQ3bvQ-ybjiUHJ1T_sstDBroP-YvWCQ
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 25 Apr 2023 18:14:43 GMT
Server
MT3 830 785530e master zrh-pixel-x8 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPPgKcsAMQQRLE4VPJJIVAorK6UISxOnH1ciDByN0A4OLss705uNGnFkpZNKhswcw2HQ3bvQ-ybjiUHJ1T_sstDBroP-YvWCQ
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 25 Apr 2023 18:14:42 GMT
i.match
s.tribalfusion.com/z/ Frame A525
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHoaFzsZ4Q3N0CL3mB2kTLg&google_cver=1&google_push=ATf1kGPAfjSYJdH4JlteJUNqb8OxABWEQJl8oZne2BdP0N_ldcGhrmvnfSTBP6CkYnacv0miuZzriKI0HT8LfGtyNiXUGul3InJ2&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHoaFzsZ4Q3N0CL3mB2kTLg&google_cver=1&google_push=ATf1kGPAfjSYJdH4JlteJUNqb8OxABWEQJl8oZne2BdP0N_ldcGhrmvnfSTBP6CkYnacv0miuZzriKI0HT8LfGtyNiXUGul3InJ...
43 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHoaFzsZ4Q3N0CL3mB2kTLg&google_cver=1&google_push=ATf1kGPAfjSYJdH4JlteJUNqb8OxABWEQJl8oZne2BdP0N_ldcGhrmvnfSTBP6CkYnacv0miuZzriKI0HT8LfGtyNiXUGul3InJ2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPAfjSYJdH4JlteJUNqb8OxABWEQJl8oZne2BdP0N_ldcGhrmvnfSTBP6CkYnacv0miuZzriKI0HT8LfGtyNiXUGul3InJ2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:43 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7bd891392ded9962-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:43 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
18
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHoaFzsZ4Q3N0CL3mB2kTLg&google_cver=1&google_push=ATf1kGPAfjSYJdH4JlteJUNqb8OxABWEQJl8oZne2BdP0N_ldcGhrmvnfSTBP6CkYnacv0miuZzriKI0HT8LfGtyNiXUGul3InJ2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPAfjSYJdH4JlteJUNqb8OxABWEQJl8oZne2BdP0N_ldcGhrmvnfSTBP6CkYnacv0miuZzriKI0HT8LfGtyNiXUGul3InJ2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7bd89137dbfd9962-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A525
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAmFnUz61qSGkFJe4VyWkak&google_cver=1&google_push=ATf1kGMVzg69ZPCd9C8qrKSnknXN9_4bymP9l0IznJHA-t_Ovq3osVfmrQ57OOiYYVrTQbh-_YnKjwz3h82Of1...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyNjA1MjYyMTc2MjM2MTQ4NQ%3D%3D&google_push=ATf1kGMVzg69ZPCd9C8qrKSnknXN9_4bymP9l0IznJHA-t_Ovq3osVfmrQ57OOiYYVrTQbh-_YnKjwz3h82Of1RzVQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyNjA1MjYyMTc2MjM2MTQ4NQ%3D%3D&google_push=ATf1kGMVzg69ZPCd9C8qrKSnknXN9_4bymP9l0IznJHA-t_Ovq3osVfmrQ57OOiYYVrTQbh-_YnKjwz3h82Of1RzVQnk_cHucJVCGA
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyNjA1MjYyMTc2MjM2MTQ4NQ%3D%3D&google_push=ATf1kGMVzg69ZPCd9C8qrKSnknXN9_4bymP9l0IznJHA-t_Ovq3osVfmrQ57OOiYYVrTQbh-_YnKjwz3h82Of1RzVQnk_cHucJVCGA
Date
Tue, 25 Apr 2023 18:14:43 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame A525
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGIQ5Q5r8tyHwy5PqA1d6DA&google_cver=1&google_push=ATf1kGMWmgtDAvpIaVK01WWzhAfYAUyXaxiuM4lALekOY7W8VXyN7QXo4lfF9rFDcYQH64nuYMYcCGJbJH10niIWnxdp...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMWmgtDAvpIaVK01WWzhAfYAUyXaxiuM4lALekOY7W8VXyN7QXo4lfF9rFDcYQH64nuYMYcCGJbJH10niIWnxdpwy8eLJ-Q5w&google_hm=ZOl13PFeQ9uPIODo2dr9_w==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMWmgtDAvpIaVK01WWzhAfYAUyXaxiuM4lALekOY7W8VXyN7QXo4lfF9rFDcYQH64nuYMYcCGJbJH10niIWnxdpwy8eLJ-Q5w&google_hm=ZOl13PFeQ9uPIODo2dr9_w==
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGMWmgtDAvpIaVK01WWzhAfYAUyXaxiuM4lALekOY7W8VXyN7QXo4lfF9rFDcYQH64nuYMYcCGJbJH10niIWnxdpwy8eLJ-Q5w&google_hm=ZOl13PFeQ9uPIODo2dr9_w==
date
Tue, 25 Apr 2023 18:14:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
dds
rtb.openx.net/sync/ Frame A525 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEKjRejRZxOYkOVoxYHtbgOg&google_cver=1&google_push=ATf1kGMf1wXtJ70urO9AxAIpUmRZAa6a2KhQ49M4OP0VMYVOJOP9V2tOeC4hd3fOZUTO3tXrluR78KlB5XvO-WCNVc9ymMn3QJlkTQ
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:43 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
tenf5p0hu8m05bte2ciq5i59c2f5c1vm
pixel
cm.g.doubleclick.net/ Frame A525
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL6SvCkIjHAEFvywh313btk&google_cver=1&google_push=ATf1kGNXPrxYLje0RzYo3A_phSTQoEKQj6D0TxE0JC6yxhMetFsz2t6uHanYHhSwGuvC86r1ocU-xU2oFCgkrZDRv...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNXPrxYLje0RzYo3A_phSTQoEKQj6D0TxE0JC6yxhMetFsz2t6uHanYHhSwGuvC86r1ocU-xU2oFCgkrZDRv8CmsmuQ-MyXCA&google_hm=GioGuBZHyX1k5_yZThSm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNXPrxYLje0RzYo3A_phSTQoEKQj6D0TxE0JC6yxhMetFsz2t6uHanYHhSwGuvC86r1ocU-xU2oFCgkrZDRv8CmsmuQ-MyXCA&google_hm=GioGuBZHyX1k5_yZThSm9Ehx
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 25 Apr 2023 18:14:43 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNXPrxYLje0RzYo3A_phSTQoEKQj6D0TxE0JC6yxhMetFsz2t6uHanYHhSwGuvC86r1ocU-xU2oFCgkrZDRv8CmsmuQ-MyXCA&google_hm=GioGuBZHyX1k5_yZThSm9Ehx
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
/
onetag-sys.com/match/ Frame A525
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDWPWn-dPyq8wdwzBqJ4jAM&google_cver=1&google_push=ATf1kGN7V8RJpUdQ3lPSOc-7o5EsC1Ix58OR9bLcUu2Arg25WK8ebPM8cCh1xkmAQHFlC3FOOBgWc8877dC...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGN7V8RJpUdQ3lPSOc-7o5EsC1Ix58OR9bLcUu2Arg25WK8ebPM8cCh1xkmAQHFlC3FOOBgWc8877dC55r5-gNmLFseLUmdt54Q
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame A525 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LEM51Zw63i3vJFz1fSZ5QbpPfDVz4JzXWtf5CQWTc1E5_MTScJrGowh2IMrzBcLbzrxH8wYA
Requested by
Host: 359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5B4E 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 18:58:23 GMT
x-content-type-options
nosniff
age
256580
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 18:58:23 GMT
w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
pagead2.googlesyndication.com/bg/ Frame 20DB 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 16:19:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
6898
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14215
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Apr 2024 16:19:45 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2AD2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxHKc15MAgep8SnYiVxFZup_W4-JPB_OqRnoTwELacoomB_u72I16IfbLepNVK7t_TSQtiocg5meIzMXuTQD2h-Ilo&sig=Cg0ArKJSzD0WJhP_WVmYEAE&id=lidar2&mcvt=1000&p=220,288,500,1312&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2230020544&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682446481477&rpt=702&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame C6C8 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=ypvAjxt3IATpFnInaA4lfqXBbwzA8-4H36CuKPR7TABm1wga2FX4IxiDg_OtzIRwZJOntLO9tI7Wf-AP4K-cnoycm4SG4SVNpIAQaMCS2p3r2m5TnVT7IkQ2F_P8EPs-ghiYarTuUIGTBTXbunc0iUHrzNDpUBa7pFpu8d_zb20rivJ0w9OXB65muh9eL_JusWwAbpbiMt0D3WfUDoAQVMaekufgF9MsrFBf1FfVBENfE1x1IPI2GWnILeLpszI06rNfVQ&sds=2&rev=85950&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEgYkQADjiYKd7aWAAouBXbNKHorkAtbVTOURA&u=%7CnES9D%2FSP9mF5tYo1SS298VlBcqXke7diOkw%2FFjQlQlA%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkL9ENSsYQHHqzqEhpMmBS541imABqguik0SzIq4XyqVx9z2SLmEjVLCZgYdk73Za2NKURgjZ9vWIyx_E8Trl9WqCW9SI1K4R06bl3wMO2KZ3RVK9SRHQnSZ0w8sWY80HGB7eDSQAe8rpCrvRGvJ86F8spTVuFcrXq-KrXXl7PRyiPFnkB20cYAYkeOP3b6mikATbT1ROk-3G2ExR8k674IpjAbCrgjYkAF_uy-JdthUYaOHMSXYL-gYfnZHZKgahv_lTtIo9G8a9PBluZqasHCUG0ibBIeXUFQDDq8BEHX4evg-kvQnNVTEZTXAhKVIvHTNJ6-IGz_SNclL4hUIz0Tx42QCyBgPFmsnlGhRqDkEWoSryNNRhoncuHefpvhNfkQ9HCaWxvf1vBkg2-S3dLTW0KO4zwEHSBo6jgOkoP1J_YqnjqbzLle8WrbwW-JkC4_H44yFOk0loI-vnCy-26OpunndRCx_ZuFaz0zZ44FYxQrBM25wnzwdZ5Ps8ZnTm_56wVM6dNSjJDf0tw7at2JCZKX8YBiLMx_WqOtINFOT_orbv7zfU0NkIqgsrsNV2Rw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbYtxkRhIZKacDpbt3gOF3KjADMme0rFc1fbi1pMBwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAud0FNX2e7I-4AIAqAMBqgTEAk_QcG4pabimfrpfK9husQP4HXfzwRFU5B1IZk7Q9ZIlJgs7xTl2Fu59HNwBlSVvOA1UdhgCf1AX7VhFZS0ZQeoHSye3GPt5pXR_DCcuiIBrjwAQ-a2UbRHEy1NWeXozKdtgBWxadq1szBWHQylR_htFgs-XZe7en1oOJ17gphVWnvZc4XAMWGlAyPsHA74OojINC4KIsKXgwFunbjiilBHnoN7yKIRcX3GGt3g6CdoEYDdxE-jYkjoux98sSq7y6cOAa2v_5Pb_Rh0TvquhPJwbntQgJa1DiOPEyTBePqcNGkTjARBTqBHAH7h2nBTIrUAfeED4z_Q3Gw1VUx5o1jeORD7VPAhdZXMTMsOOhzfxF95hEC_Bo7nUGmIHcuCbU4bhyCPbed2v96g16r7NE6_Oo29JOkcTUZe4LOG-yk5OtH3RcuAEAYAGgauk4bfgiqQGoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1q1hzTYjNgsZozcC2ixxgjD90cbw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 25 Apr 2023 18:14:42 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 429A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKDiGWpHPoL5HCVGic3aUvS9eSwRxPxVjWHR-mxsnnxbEhJUx_LLV3QJI2Qv7Nf6r372tNHnl1jkSS9JolBJvWlv4&sig=Cg0ArKJSzLnUOrbh6l6mEAE&id=lidar2&mcvt=1000&p=30,272,248,533.5&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2602376739&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682446481362&rpt=939&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 429A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuz6bHv4G4Dn1xfsJZqSk7YZcoa5hdScHG8FUK21hMUGVKrIegxtuAfOePv8J3HFSAOdVn_lKyFhdRthdQto8mq6Ok&sig=Cg0ArKJSzK0gBwZjXQ9VEAE&id=lidar2&mcvt=1001&p=710,263,928,524.5&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2602376739&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682446481362&rpt=936&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:13:32 GMT
server
nginx
etag
W/"642e8d3c-15c1d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 26 Apr 2023 18:14:43 GMT
csi
csi.gstatic.com/ Frame 521D 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lgwl71oy&c=34310919892&slotId=17155459946&qqid=CIL82MbRxf4CFQ7QdwodYocC0w&fb=outstream-lima&gpm_i=1&gpm_c=1&gpm_a=1&smb=1000&mt=video%2Fmp4&vs=1920x1080&msm=1&aits=0&webm=0&vp9=0&vamt=video%2Fmp4&hvmf=false&vms=1&bit=0&umsem=0&ape=1&ple=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:401b:814::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:43 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7507 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstn5BTBwF-MK24l2dy-dIwvhurpNzAsmPHJ7RU7TAzp7tEm9_rASFKXGKUEvhwfv_RijN8tVbsLQeQwbIiS7BJhKH7c6vmX6e5sc24GbJ-wHtcn6YhZ5PxlgHoGOZG2bwQH2861T4Mp_dZQfK04A-SSJFhmozICWB6N3_D9loV17XKU9x5g4-lHrA6Vt1roBXh9Nj2ktYd9ljy_37Nbq5fgWboFbLg_6w_M7XPlGKQ1Ia63a3fXTUXp8gePBkvthvlZBTtBtQRIWJ6Go4qBMbom_oREMPJzPAIZVXis41S28QAWFquaKEQi1x0xsttWG5-yyedisTQXPswNKmOE&sai=AMfl-YTDPL9a9HZnLg7g-aHZg6ikuEyiBe_EH8Zq50_BWkshgkxyBNaawxLNURH5dejDwoTZv4TB0iiYeGPWvPAKYDNYVqXn74Te5qkR11ykcZ6hDl6qlgFJW_k_kpwc8C8&sig=Cg0ArKJSzLPrBCAGXIiSEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
outbrain.js
widgets.outbrain.com/ Frame 7507 		198 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.229.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-229-53.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6cddc23a9c6e2426aeec27aae60ba96abfba6177ea52d1a743aed1b7e3d2623f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:43 GMT
content-encoding
gzip
last-modified
Wed, 19 Apr 2023 14:00:36 GMT
etag
"14-ftGhbLZprvgBtkiO300Q70gfDFE"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah-stg
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14500
access-control-allow-credentials
false
x-traceid
db1c799c45cdbe3a3640293e42b23c74
timing-allow-origin
*, *
content-length
72508
access-control-request-headers
X-OB-STG,X-OB-PRD
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7507 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Apr 2023 18:14:43 GMT
truncated
/ Frame 7507 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f728d9cc33578cefe3453893ee148e0eb6e2aa2398e64d7aa5d269300ed0c681

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
b1_1.m3u8
a4.koora.cloud/watch/rubrPQYS_DhSP9iR6nBWzg/1682449826/1682450080/1/ Frame DB59 		521 B
1019 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4.koora.cloud/watch/rubrPQYS_DhSP9iR6nBWzg/1682449826/1682450080/1/b1_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.89.19 , Belize, ASN213371 (SQUITTER-NETWORKS, IN),
Reverse DNS
Software
amazon /
Resource Hash
d5ed6f02bfa9d9808e5d0a2a8423359ed28c6a131f13448242f0a14ed5343a80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 18:14:43 GMT
Last-Modified
Tue, 25 Apr 2023 18:14:40 GMT
Server
amazon
ETag
"64481890-209"
X-Cache-Status
HIT
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
521
Expires
Tue, 25 Apr 2023 18:14:42 GMT
eWFsbGEtc2hvb3RzLnR2
tcheck.outbrainimg.com/tcheck/check/ Frame 7507 		16 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/eWFsbGEtc2hvb3RzLnR2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.229.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-229-140.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 18:14:44 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=10088
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
1f73c12eb3183520b2bd697d640e9903
Content-Length
16
Expires
Tue, 25 Apr 2023 21:02:52 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ Frame 7507 		43 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.229.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-229-53.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires
Thu, 25 May 2023 18:14:43 GMT
date
Tue, 25 Apr 2023 18:14:43 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
access-control-request-headers
X-OB-STG,X-OB-PRD
view
securepubads.g.doubleclick.net/pcs/ Frame 7507 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKz8gZ7JwVfQ6Aih6RjuBk6eMA-xvoRZlMCUbbAldzWm9X4qJQgTxJLTiEoR11uoCCE80gLngs-qJIXX3Fwkoul9MinEMt5vPylibkjg75cROS-0aekMu3eWxc7fEgC7Q6fKSRrELUSdmwt4g2RaoOCVy-r4YxTJr1OlvKu7NIELf5Ltu6XuhFlxE2r1ncQ4zw3yKpH0TJiNU4-jp9PUVWccOtoWHF6Kwz3VHs0s-aGiqix-HHd9mI62NalDSAXQMKK5qbUHGAaTaq70M97a3lZiR2XQbfDBtuhdMU9C3ScCocnyLH-MqSXL9RITWi5U8ncGxysAeHy8298t8QhoM&sai=AMfl-YR6_5UProF45yKlzthXOvrffpG9zMaIBtO61KFHIrUPmI4wxEGrhpPJgIO3C1F7WgZN4ueI0ZHKgvJnNYcbDkVZ5Y5zfXkQuNGfn9gfWRgWs5iHwBFuSnukkSqQ-50&sig=Cg0ArKJSzK5d9bzbMKyJEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 25 Apr 2023 18:14:44 GMT
tracking-event
api.webgains.io/ Frame CC05 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.81.67 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-81-67.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 25 Apr 2023 18:14:44 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.81.67 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-81-67.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 25 Apr 2023 18:14:44 GMT
server
nginx
platforms
odb.outbrain.com/utils/ Frame 7507 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&idx=0&rand=10303&widgetJSId=AR_10&va=true&et=true&format=html&adblck=false&abwl=false&px=0&py=0&vpd=0&cw=300&activeTab=true&ab=0&wl=0&settings=true&recs=true&key=ADIPO26N995I7C97HCI1JF7FG&version=2010278&sig=gaBaB9f3&apv=false&&osLang=en-US&winW=300&winH=250&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&chs=1&ref=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&ogn=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
057e582438252fb1984cde03cb0202cb9c5e7255c7f35d36fb2221da2bc28528

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Tue, 25 Apr 2023 18:14:44 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-timer
S1682446484.231904,VS0,VE106
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21929-LGA, cache-hhn-etou8220056-HHN
x-traceid
c4ecc5160b1c91d359371ac535984172
accept-ranges
bytes
content-length
1789
expires
Thu, 01 Jan 1970 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5B4E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxMG80uD499KuvjAxFsLHLkf0gjRFu29_XXLYYoMvtZiX2_IYqlpTcqveMH0xnrHRAL0BmViOshh_e9qKwTki1YJ-3HgLGmkriPRFgQxlxXTw_ECXxU5ROg60mPkPnHEkfITUUPA&sai=AMfl-YSyHCR8XdFSOokBPLMSqa-HvyAPNLxXkVNoMObFAuoaEwaAaCxyhCcKGpz_XAkzXTshd4uHzbIPSM4ekoSGx9fSQb8LwQ6QhCXaQO7t5dL8APMVl5fUgb5oqLKK&sig=Cg0ArKJSzEtf-mKdpFqjEAE&cid=CAQSPABygQiDl8GNhitOJ3VM75yM4-iNt9PyJqzOVXVoCzBy3C-kEMCdTW51kyYvqcGOflv9vdiDqLQU3jogdBgB&id=lidar2&mcvt=1002&p=647,1018,897,1338&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1041763575&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682446483002&rpt=148&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
mcdp-nydc1.outbrain.com/ Frame 7507 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=f606561f3b837709fc19f56eed01df16_119225_1682446484297&tm=375&eT=6&wRV=2010278&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 25 Apr 2023 18:14:44 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
2451eb24ca7db3446f49b524147d9650
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
monitor.html
widgets.outbrain.com/widgetMonitor/ Frame 01D9 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.229.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-229-53.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
1606
content-type
text/html
date
Tue, 25 Apr 2023 18:14:44 GMT
etag
"1295e69d949ede7964200763acaebc50:1679841729.42395"
expires
Tue, 02 May 2023 18:14:44 GMT
last-modified
Sun, 26 Mar 2023 14:35:45 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
c
prebid.a-mo.net/a/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Tue, 25 Apr 2023 18:14:44 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
bid
ap.lijit.com/rtb/ 		24 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.4
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
ee288cc19f6731fa3abc2a65a77c5f50ed5bf1b10f33d56190384f6b9337fb6a

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 25 Apr 2023 18:14:44 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=8745070483
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
1b5910cf1df8d939c0745819d39ee7060f469ee2b4919dbcce1c0fa6ec774fb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Apr 2023 18:14:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yalla-shoots.tv
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1637
prebid
mp.4dex.io/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:44 GMT
x-err
Parsing the Prebid Request. org/site not found
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7bd89141f9eb9110-FRA
expires
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		384 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=263317129759169&correlator=1997851856393863&eid=31073385%2C31074093&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=160x600&ifi=23&adks=2619765842&didk=131725296&sfv=1-0-40&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-1682446484747-0%26hb_r_id%3D27246460331f9529%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_adid%3D2771f7cf0fa0c2f6%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10673%252F878248%252Fgirona-vs-real-madrid%252F&sc=1&cookie=ID%3Dd63755abbe95516f-229a3c7baddd004c%3AT%3D1682446480%3AS%3DALNI_MYRpzP03Ys_rEAIRiVJXrNhV1qWhA&gpic=UID%3D00000befae92e8fe%3AT%3D1682446480%3ART%3D1682446480%3AS%3DALNI_Mb434xwexQHonekkg6izdHYivHpnQ&abxe=1&dt=1682446484922&lmt=1682446463&dlt=1682446480164&idt=437&adxs=-160&adys=910&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=n&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=640&ohw=0&psts=ABHeCvjxIWcjgbIotATn_fkmuNKMZKV0YUaoYwS7nW8a1jQyUZ9PsonQkPN6-PNMdnA8vjurBEBb8ospvv1K-pazf60MmuE%2CABHeCvh8XWrWVxsz8_h5BkIi98RXWnv-S7_ObenR_3ZuM-vLYAO9CYoRWv-oMFNFG69EFkB5I-2TBK2jfR_o5J8TvKUb3B8%2CABHeCvhlS9btwS6oWpK742pe-crt2FWRRpunlRAEMdIBKwugB_2Ie07GF2vEG60G1OGJev67HqzKXS_3eRQmHMMU7Ic4o-U%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvifQeuAa56UZdw0okA-5k66IaGfnjNEaP9i-ppm-YL_weYDnNp5c6Wk_CQeJUMury8O_KaGGlfZQ0Lxve1Hp23fW9g%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvi028H5W38G8t4-H6sVFnqsB3HC3Yp7LDlaG6zqTiGdV2TgG69wH5lzC4BhxLtG2rp6fQnNth5mYnMCMpJ483muFRY%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1037507575.1682446481&ga_sid=1682446481&ga_hid=309559342&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYher_zPswSABSAghkEhkKCnB1YmNpZC5vcmcY_ur_zPswSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqakRHUVJxc09YUkpONTJkdkpNUFFDMThxQWZ5Q2tkUkVJRkZwVmtORmJhbDBKQXZPdzZqUzNSWldPU1liNW0zLzVaWDlpejBxaUFtZFUxUmZTOEtjcCtFbkFTTUltU25veTZ0bnh1Y1lPZmpybndobGhJaEN5T0d5TEhxV3ZNNlFXT0dqM3JDZnIyR0JLSGZrdnhRRWEzcGlyYVBKV2pmbTluY1NOYzFWS3NxZE45S3E3aEhxT09BaUxSaXlsL2wwbXc9PRiK7P_M-zBIABIdCg5lc3AuY3JpdGVvLmNvbRiF6v_M-zBIAFICCGQSGQoKdWlkYXBpLmNvbRiF6v_M-zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNDr_8z7MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
633e46a743533a8ea8985e78be46b46e5a67a3324127111509ef83763dd8e26b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fyalla-shoots.tv%2F&domain=yalla-shoots.tv&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://yalla-shoots.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 25 Apr 2023 18:14:44 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
335400
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fyalla-shoots.tv%2F&domain=yalla-shoots.tv&cw=1&pbt=1&lsw=1
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:44 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
268893
expires
0
prebid
id5-sync.com/api/config/ 		135 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://yalla-shoots.tv
date
Tue, 25 Apr 2023 18:14:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
/
onetag-sys.com/usync/ Frame B927 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1682446484888&gdpr=0
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame FE2F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1682446482851&gdpr=0
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame 74F0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1682446481506
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
9a5e996eba7d14e25ad8040463a735ca4240efa52770a63254af14a219d3c8d4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://yalla-shoots.tv
date
Tue, 25 Apr 2023 18:14:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
692.json
id5-sync.com/g/v2/ 		216 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
043f48f88dc61d4b754b357fc16e62005e15c8c827acfc7b9b6c7234e3f2460f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://yalla-shoots.tv
date
Tue, 25 Apr 2023 18:14:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
b1_1.m3u8
a4.koora.cloud/watch/rubrPQYS_DhSP9iR6nBWzg/1682449826/1682450080/1/ Frame DB59 		521 B
1019 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4.koora.cloud/watch/rubrPQYS_DhSP9iR6nBWzg/1682449826/1682450080/1/b1_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.89.19 , Belize, ASN213371 (SQUITTER-NETWORKS, IN),
Reverse DNS
Software
amazon /
Resource Hash
fc2c8ae3a03ae6de7b7f1153a05b8c7b5f36644d05c519bf34ba7dc885a2fe73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 18:14:45 GMT
Last-Modified
Tue, 25 Apr 2023 18:14:44 GMT
Server
amazon
ETag
"64481894-209"
X-Cache-Status
HIT
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
521
Expires
Tue, 25 Apr 2023 18:14:44 GMT
multitracking
ghb.aplhb.adipolo.com/adunit/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19472/hbw_master_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://yalla-shoots.tv
Date
Tue, 25 Apr 2023 18:14:46 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=55873163956
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
4716f029baacd3a2af738cc414220aae1eac40e4766259246665a5c9973402dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Apr 2023 18:14:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yalla-shoots.tv
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1647
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
mp.4dex.io/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 18:14:47 GMT
x-err
Parsing the Prebid Request. org/site not found
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7bd891528b7d9110-FRA
expires
0
bid
ap.lijit.com/rtb/ 		25 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.4
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
3373d368691ba8fde4be00199bb248da91373fe34c017028c7972c70a7bd40f3

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 25 Apr 2023 18:14:47 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
c
prebid.a-mo.net/a/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/467346/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Tue, 25 Apr 2023 18:14:46 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		384 B
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=263317129759169&correlator=2547370897126270&eid=31073385%2C31074093&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=160x600&ifi=24&adks=2201464949&didk=225182623&sfv=1-0-40&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-1682446487395-0%26hb_r_id%3D290c15ab2049f59b%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_adid%3D3061b3f65ae26d26%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F10673%252F878248%252Fgirona-vs-real-madrid%252F&sc=1&cookie=ID%3Dd63755abbe95516f-229a3c7baddd004c%3AT%3D1682446480%3AS%3DALNI_MYRpzP03Ys_rEAIRiVJXrNhV1qWhA&gpic=UID%3D00000befae92e8fe%3AT%3D1682446480%3ART%3D1682446480%3AS%3DALNI_Mb434xwexQHonekkg6izdHYivHpnQ&abxe=1&dt=1682446487538&lmt=1682446463&dlt=1682446480164&idt=437&adxs=-160&adys=1510&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=o&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F10673%2F878248%2Fgirona-vs-real-madrid%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=640&ohw=0&psts=ABHeCvjxIWcjgbIotATn_fkmuNKMZKV0YUaoYwS7nW8a1jQyUZ9PsonQkPN6-PNMdnA8vjurBEBb8ospvv1K-pazf60MmuE%2CABHeCvh8XWrWVxsz8_h5BkIi98RXWnv-S7_ObenR_3ZuM-vLYAO9CYoRWv-oMFNFG69EFkB5I-2TBK2jfR_o5J8TvKUb3B8%2CABHeCvhlS9btwS6oWpK742pe-crt2FWRRpunlRAEMdIBKwugB_2Ie07GF2vEG60G1OGJev67HqzKXS_3eRQmHMMU7Ic4o-U%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvifQeuAa56UZdw0okA-5k66IaGfnjNEaP9i-ppm-YL_weYDnNp5c6Wk_CQeJUMury8O_KaGGlfZQ0Lxve1Hp23fW9g%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvi028H5W38G8t4-H6sVFnqsB3HC3Yp7LDlaG6zqTiGdV2TgG69wH5lzC4BhxLtG2rp6fQnNth5mYnMCMpJ483muFRY%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1037507575.1682446481&ga_sid=1682446481&ga_hid=309559342&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYher_zPswSABSAghkEhkKCnB1YmNpZC5vcmcY_ur_zPswSABSAghqEu4BCghydGJob3VzZRLYATYvOWpzZWFOekpQQjdXalhLQjJqakRHUVJxc09YUkpONTJkdkpNUFFDMThxQWZ5Q2tkUkVJRkZwVmtORmJhbDBKQXZPdzZqUzNSWldPU1liNW0zLzVaWDlpejBxaUFtZFUxUmZTOEtjcCtFbkFTTUltU25veTZ0bnh1Y1lPZmpybndobGhJaEN5T0d5TEhxV3ZNNlFXT0dqM3JDZnIyR0JLSGZrdnhRRWEzcGlyYVBKV2pmbTluY1NOYzFWS3NxZE45S3E3aEhxT09BaUxSaXlsL2wwbXc9PRiK7P_M-zBIABIdCg5lc3AuY3JpdGVvLmNvbRiF6v_M-zBIAFICCGQSGQoKdWlkYXBpLmNvbRiF6v_M-zBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNDr_8z7MEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e1c0cd6fc7996bc44fe00676c9abe76c11891c1e7413004417f39ac7f7ba89f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:14:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
b1_1.m3u8
a4.koora.cloud/watch/rubrPQYS_DhSP9iR6nBWzg/1682449826/1682450080/1/ Frame DB59 		521 B
1019 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4.koora.cloud/watch/rubrPQYS_DhSP9iR6nBWzg/1682449826/1682450080/1/b1_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.89.19 , Belize, ASN213371 (SQUITTER-NETWORKS, IN),
Reverse DNS
Software
amazon /
Resource Hash
fc2c8ae3a03ae6de7b7f1153a05b8c7b5f36644d05c519bf34ba7dc885a2fe73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 18:14:47 GMT
Last-Modified
Tue, 25 Apr 2023 18:14:44 GMT
Server
amazon
ETag
"64481894-209"
X-Cache-Status
HIT
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
521
Expires
Tue, 25 Apr 2023 18:14:46 GMT
multitracking
ghb.aplhb.adipolo.com/adunit/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19472/hbw_master_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://yalla-shoots.tv
Date
Tue, 25 Apr 2023 18:14:48 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
all
csm.eu.criteo.net/ Frame C6C8 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=ypvAjxt3IATpFnInaA4lfqXBbwzA8-4H36CuKPR7TABm1wga2FX4IxiDg_OtzIRwZJOntLO9tI7Wf-AP4K-cnoycm4SG4SVNpIAQaMCS2p3r2m5TnVT7IkQ2F_P8EPs-ghiYarTuUIGTBTXbunc0iUHrzNDpUBa7pFpu8d_zb20rivJ0w9OXB65muh9eL_JusWwAbpbiMt0D3WfUDoAQVMaekufgF9MsrFBf1FfVBENfE1x1IPI2GWnILeLpszI06rNfVQ&sds=2&rev=85950&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEgYkQADjiYKd7aWAAouBXbNKHorkAtbVTOURA&u=%7CnES9D%2FSP9mF5tYo1SS298VlBcqXke7diOkw%2FFjQlQlA%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkL9ENSsYQHHqzqEhpMmBS541imABqguik0SzIq4XyqVx9z2SLmEjVLCZgYdk73Za2NKURgjZ9vWIyx_E8Trl9WqCW9SI1K4R06bl3wMO2KZ3RVK9SRHQnSZ0w8sWY80HGB7eDSQAe8rpCrvRGvJ86F8spTVuFcrXq-KrXXl7PRyiPFnkB20cYAYkeOP3b6mikATbT1ROk-3G2ExR8k674IpjAbCrgjYkAF_uy-JdthUYaOHMSXYL-gYfnZHZKgahv_lTtIo9G8a9PBluZqasHCUG0ibBIeXUFQDDq8BEHX4evg-kvQnNVTEZTXAhKVIvHTNJ6-IGz_SNclL4hUIz0Tx42QCyBgPFmsnlGhRqDkEWoSryNNRhoncuHefpvhNfkQ9HCaWxvf1vBkg2-S3dLTW0KO4zwEHSBo6jgOkoP1J_YqnjqbzLle8WrbwW-JkC4_H44yFOk0loI-vnCy-26OpunndRCx_ZuFaz0zZ44FYxQrBM25wnzwdZ5Ps8ZnTm_56wVM6dNSjJDf0tw7at2JCZKX8YBiLMx_WqOtINFOT_orbv7zfU0NkIqgsrsNV2Rw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbYtxkRhIZKacDpbt3gOF3KjADMme0rFc1fbi1pMBwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAud0FNX2e7I-4AIAqAMBqgTEAk_QcG4pabimfrpfK9husQP4HXfzwRFU5B1IZk7Q9ZIlJgs7xTl2Fu59HNwBlSVvOA1UdhgCf1AX7VhFZS0ZQeoHSye3GPt5pXR_DCcuiIBrjwAQ-a2UbRHEy1NWeXozKdtgBWxadq1szBWHQylR_htFgs-XZe7en1oOJ17gphVWnvZc4XAMWGlAyPsHA74OojINC4KIsKXgwFunbjiilBHnoN7yKIRcX3GGt3g6CdoEYDdxE-jYkjoux98sSq7y6cOAa2v_5Pb_Rh0TvquhPJwbntQgJa1DiOPEyTBePqcNGkTjARBTqBHAH7h2nBTIrUAfeED4z_Q3Gw1VUx5o1jeORD7VPAhdZXMTMsOOhzfxF95hEC_Bo7nUGmIHcuCbU4bhyCPbed2v96g16r7NE6_Oo29JOkcTUZe4LOG-yk5OtH3RcuAEAYAGgauk4bfgiqQGoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1q1hzTYjNgsZozcC2ixxgjD90cbw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 25 Apr 2023 18:14:49 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
b1_1.m3u8
a4.koora.cloud/watch/rubrPQYS_DhSP9iR6nBWzg/1682449826/1682450080/1/ Frame DB59 		521 B
1019 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4.koora.cloud/watch/rubrPQYS_DhSP9iR6nBWzg/1682449826/1682450080/1/b1_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.89.19 , Belize, ASN213371 (SQUITTER-NETWORKS, IN),
Reverse DNS
Software
amazon /
Resource Hash
fc2c8ae3a03ae6de7b7f1153a05b8c7b5f36644d05c519bf34ba7dc885a2fe73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 18:14:49 GMT
Last-Modified
Tue, 25 Apr 2023 18:14:44 GMT
Server
amazon
ETag
"64481894-209"
X-Cache-Status
HIT
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
521
Expires
Tue, 25 Apr 2023 18:14:48 GMT
b1_1.m3u8
a4.koora.cloud/watch/rubrPQYS_DhSP9iR6nBWzg/1682449826/1682450080/1/ Frame DB59 		521 B
1019 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4.koora.cloud/watch/rubrPQYS_DhSP9iR6nBWzg/1682449826/1682450080/1/b1_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.89.19 , Belize, ASN213371 (SQUITTER-NETWORKS, IN),
Reverse DNS
Software
amazon /
Resource Hash
fc2c8ae3a03ae6de7b7f1153a05b8c7b5f36644d05c519bf34ba7dc885a2fe73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 18:14:49 GMT
Last-Modified
Tue, 25 Apr 2023 18:14:44 GMT
Server
amazon
ETag
"64481894-209"
X-Cache-Status
HIT
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
521
Expires
Tue, 25 Apr 2023 18:14:48 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync-dmp.aura-dsp.com
URL
https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEIkm6R5SxVCZ0RcMDV3IgjQ&google_cver=1&google_push=ATf1kGOz6rI8YRYd965riiLz5EhNEJawvjxDkumvCO2IjAMyE-jncPPncu3pdcNZD_bTEDDVm0IHazBqv1imSZlvCo45DN7PhhHkLg

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 boolean| credentialless object| __cfQR string| demandSupplySc string| demandSupplyCr number| demandSupplySr object| houseAdCampaigns string| demandSupplyTi object| demandSupplyTc object| demandSupplyTcI number| demandSupplyPDI number| demandSupplyDFSS object| demandSupply object| googletag object| wg object| dspbjs string| demandSupplyFS object| _app object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| google_reactive_ads_global_state string| currentUrl string| mainURL object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| _0x480a function| _0x47df function| decrypt function| $ function| jQuery function| removeCustomBanner undefined| customBannerCountdownInterval number| p object| matche string| u_key string| k_url function| update_frame function| _0x17035d function| _0x1bbb function| _0x144026 function| _0x516788 object| divChannels object| rowChannel function| _0xef9dd0 function| _0x12aaab object| channels function| _0x599d function| _0x19cc99 object| channel0 object| aniplayerPos function| rdmode function| HqyLazyload function| gtag object| dataLayer boolean| __cfRLUnblockHandlers object| google_tag_manager object| gptAdSlots undefined| interstitialSlot undefined| staticSlot object| anchorSlot object| vmpbjs object| vpb object| adipolo object| signal_decrypted string| GoogleAnalyticsObject function| ga object| pbjs function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_Q object| sync16589_ua object| sync16589_va function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_N function| sync16589_O function| sync16589_P function| sync16589_ma function| sync16589_R function| sync16589_na function| sync16589_oa function| sync16589_pa function| sync16589_S function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_ta function| sync16589_T function| sync16589_U function| sync16589_wa function| sync16589_V function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_xa function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_1 function| sync16589_Aa function| sync16589_ya function| sync16589_2 function| sync16589_za function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_6 function| sync16589_Ca function| sync16589_Da function| sync16589_Ba function| sync16589_8 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ea function| sync16589_9 function| sync16589_7 function| sync16589_Ha function| sync16589_Ia function| sync16589_Ja function| sync16589_Ka function| sync16589_$ function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa object| lotame_sync_16589 function| setImmediate function| clearImmediate object| __uid2SecureSignalProvider object| __uid2 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_135 object| Criteo object| Criteo_identitytag_135 object| gaplugins object| gaData object| GoogleGcLKhOms object| vmpbjsChunk object| ADAGIO object| com function| _avcp object| sas object| apntag object| _ADAGIO object| google_image_requests object| ONFOCUS

46 Cookies

Domain/Path Name / Value
live.demand.supply/ Name: demandSupplyTi
Value: 75aa9d70-b9f0-4707-abb8-cc5d7820b549
.demand.supply/ Name: __cf_bm
Value: dAi346E5BlmJgxh0t9Y0O8m5eqnw66plQYvx5RuXT4I-1682446480-0-Aeuc0IVxS+Tms8KE1jRzowPiAafnFDKNg15mjsU5BUEJRk6lFNaGRcOv7Y7yN/ZnySyLjKRCRt2Tpy4e3hgjjsU=
.yalla-shoots.tv/ Name: _ga
Value: GA1.2.1037507575.1682446481
.yalla-shoots.tv/ Name: _gid
Value: GA1.2.657089758.1682446481
.yalla-shoots.tv/ Name: _gat_gtag_UA_230085360_1
Value: 1
.criteo.com/ Name: uid
Value: b018dc8d-5703-41f2-be45-3dc2a7334748
yalla-shoots.tv/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.yalla-shoots.tv/ Name: _pubcid
Value: 9b6c938a-a8d2-4eb2-87a9-42dfe48c08b7
.yalla-shoots.tv/ Name: __gads
Value: ID=d63755abbe95516f-229a3c7baddd004c:T=1682446480:S=ALNI_MYRpzP03Ys_rEAIRiVJXrNhV1qWhA
.yalla-shoots.tv/ Name: __gpi
Value: UID=00000befae92e8fe:T=1682446480:RT=1682446480:S=ALNI_Mb434xwexQHonekkg6izdHYivHpnQ
.yalla-shoots.tv/ Name: cto_bundle
Value: kQLb2V84OEhQSmtwcnh5blV5MyUyRnNLNGZLUyUyQmxDTm9JRnpYaHdTTDlOc0ZmRUxXZmZHMEhjVkh4WldQNnBKVlh2OHJieCUyQkR4VlA1VEswekdWTUZrTHpSZTNEemdhVmdiaEQzVXd1NGpRZWp5WjY3SUdFN2NhYkF4aUZGVzclMkZWbVFIZFg1bzZYcm1NVlZaR3oxS25qUE9CZXZ4USUzRCUzRA
.doubleclick.net/ Name: IDE
Value: AHWqTUkKsnR1lr2NwpMM51tOZm_tWkLDCtE3nebmoL7Z-p3VQlNrtU0XvB5ra4C5kHk
.uuidksinc.net/ Name: jcsuuid
Value: ObQm6D5TUnH8fIADtewM
.simpli.fi/ Name: suid
Value: 960065FFB9FA44B4BFB6521377506F78
.bidswitch.net/ Name: tuuid
Value: 64e975dc-f15e-43db-8f20-e0e8d9dafdff
.bidswitch.net/ Name: c
Value: 1682446482
.bidswitch.net/ Name: tuuid_lu
Value: 1682446482
.doubleclick.net/ Name: DSID
Value: NO_DATA
match.sharethrough.com/ Name: AWSALBCORS
Value: FdkXq7BZPjl/DoPSiMosRENgiM3dvqxQ3I8s8Mb9AjiqPDK0sUDCktY/pk8OxJYW0Us1HtGWFUjcFxPv9Lqi2kXklFE9Fzv/pp+12c4Snn4leIwsC7SEIFSMb9wk
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.ctnsnet.com/ Name: cid_a03e4b251fa5451eb06b03dbb8d67a6c
Value: 1
.ctnsnet.com/ Name: gid_CAESEBvamQ_4AGqx3vkCcZa4U9w
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 33920640-189C-4FFD-9C66-90FF9EB5DFD6
.melia.com/ Name: etuix
Value: TTpDUQPF.RhW0P1rwAzpZ_d8y5qAQh8c_VmLyNNaCUPjeIuFRc.hYw--
.melia.com/ Name: et0
Value: J3fdgwv0Ns3RnBONYqeBj41gM7aqI5IaXg3JWDLq78BPnZhy5Qzrb4n80NtJUuV3RIrDFe1D5IncNDPN711jYgoYkJt8QlBtQ.PRwe4c.quNhZyNCfAESsUuixEUhpP4fMs-
.melia.com/ Name: et
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZEgYkgAFaqfftAA9
.turn.com/ Name: uid
Value: 7706615535621632884
.de17a.com/ Name: guid
Value: 1.6019260842378369478
.yahoo.com/ Name: A3
Value: d=AQABBJIYSGQCENewYrns5qmzSwXICQbY65YFEgEBAQFqSWRRZAAAAAAA_eMAAA&S=AQAAAlxv0JAGxPzwHjxWudV9igo
.zemanta.com/ Name: zuid
Value: J_OLswGZ8MHjF-V_Vqcn
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-985debac-62fa-50f9-43c5-4ab0df538288.eXRvWjz%2Ftu8%2BuE3x6GPyFNrhHKZuYu%2FmGf5wuaO3qQ8
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AmF3rrGL6UPlDxUqw31OCiNly2hU.yQ6XRCEURkXx0yPhzZAL03s6iIeitZnF9Q%2FacRrgxUw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AmF3rrGL6UPlDxUqw31OCiNly2hU.yQ6XRCEURkXx0yPhzZAL03s6iIeitZnF9Q%2FacRrgxUw
.lijit.com/ Name: ljt_reader
Value: GioGuBZHyX1k5_yZThSm9Ehx
.awin1.com/ Name: awpv20044
Value: 412871|1682446482|0d31e781-e395-11ed-9a9c-22335c3bbb34
.awin1.com/ Name: awpv14702
Value: 412871|1682446482|0d33bc40-e395-11ed-9a9c-22335c3bbb34
.awin1.com/ Name: AWSESS
Value: 365825:2531885
pool.admedo.com/ Name: tuuid
Value: 5955d501-6487-49a8-a91b-2bdf3f3d3a6d
pool.admedo.com/ Name: c
Value: 1682446482
pool.admedo.com/ Name: tuuid_lu
Value: 1682446483
.bidswitch.net/ Name: google_push
Value: ATf1kGMWmgtDAvpIaVK01WWzhAfYAUyXaxiuM4lALekOY7W8VXyN7QXo4lfF9rFDcYQH64nuYMYcCGJbJH10niIWnxdpwy8eLJ-Q5w
.adfarm1.adition.com/ Name: UserID1
Value: 7226052621762361485
.mathtag.com/ Name: uuid
Value: 4a936448-1893-4700-857b-1b55172c5bab
.mathtag.com/ Name: mt_mop
Value: 4:1682446483
.tribalfusion.com/ Name: ANON_ID
Value: ahnseFm5ab6AyuoCUkE0Y81qMJtv0JdZcDJyHTbZadotwvfx2o6Oup9e0UYc7YFSNoBgSmXuSNX6OfUO0TnxMx

19 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: microphone, camera, geolocation. Values defined in Permissions-Policy header will be used.
other warning URL: https://yalla-shoots.tv/live/10673/878248/girona-vs-real-madrid/(Line 412)
Message:
<link rel=preload> must have a valid `as` value
network error URL: https://dalbouh.xyz/api/matche?t=1682446463
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: microphone, camera, geolocation. Values defined in Permissions-Policy header will be used.
other warning URL: https://359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security error URL: https://as.ad4m.at/ad/dr?ed=1hh8mf96j6vryddcpq64t68rdy9679wgymsabprb3g5mf9tc2r00qz392t2ebwwzp88d541sjyjk1pqzf2ps9pnzcgw3z7gxvs1dq4p5p31k2yqney5wg003y6dbpsawemygz52e579tp3re82385k6r0j2kr0sjf0a87fsbps5ayv29821224688p0sxdqdxdvb67cdef5nha33jzqzgz0hxeyjetv97sdf11trqcvapmvgybmjdjf2dhxy1may6yjmvhyqpscnnz09aqzc493hmx4qcgp2771zdeenrj66f40xnga3jpthb4zx27v3w30dhd051d7n3a5enga6g8006p3m9fhyx0t2p4n6whddvz3hp16pzkcfxzeceab6ddzqh3wr6wsrkpp2qpxryrjz4kp7tvfmn2kzhmpgna6damw5xcg73zqkhdvg3zdhjvmr4hccwc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaXjDkRhIZMCHDoSa3wOsuLyADJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAkGZOi4odLI-4AIAqAMBqgTKAk_Qo8jUg5KjOXGgwDY7PrF_J1LbDOzAMFuRB_LfH9IjzfxAGxcPnuhyeVIG_JExSih7JjQ0Ahs-QS7x2ufi-8-et5QweWMIdcfawfUH5SMboZNTmeraErJXDDVVIT8Y63YmD3f1vErGmpEJtTThtrbS_h3961CL3VhvsX2O9EKl0m4A4OYgl01DRTwYWnvSz7XS2SQays9Yxs8O1CIiNkd4wADBR-2CjPCG2ItJhjAZ_n8nttHQ77256hkfmWhap5NBZCSbGNTwUcbxVB06zM2JUGooj9wX60zDu9QwXCkgpsZ7EO_MCK5yNKzprfHVp9USAfSb3W-NR-51J77ZXVUxDQlNtVbUBb983EJ4P98FfuO1sPMdt1MevKfMzk0Vl_KBdxme10APzV1Feir97eoqI8s4hpvda81uc9MJP2p-jFXbutHxO1qWCOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bX74egU4h5sO43JAKcOG4dLdfqg%26client%3Dca-pub-3831894559014614%26adurl%3D
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=e7dba04208610c5be649028871ba78b1%2F8809809848389707856&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1682446482627&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzrqpezy7h76w2gq6p5wh097a8jce04vhk2sj4300erzhf1qbncnrn6vq4y878tznjxqnwvnwhz3ymnxxqfqdn8py5sba9pwy6hk87appay9tx08at3cwag2recbgzrktfrhz2njqb1b8kr0bqgmeyzt2jcjttnwh5d1ch2veefdp51z8htpm8facrztzv48vg9jcthtf1vwak4n3beqrj42jm20mep352359zt8x549tmbmngdt31yh7rbgszg752ap75en5jv4gn4by3c4qr2y8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaXjDkRhIZMCHDoSa3wOsuLyADJDhgYRctqjCivACwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAkGZOi4odLI-4AIAqAMBqgTKAk_Qo8jUg5KjOXGgwDY7PrF_J1LbDOzAMFuRB_LfH9IjzfxAGxcPnuhyeVIG_JExSih7JjQ0Ahs-QS7x2ufi-8-et5QweWMIdcfawfUH5SMboZNTmeraErJXDDVVIT8Y63YmD3f1vErGmpEJtTThtrbS_h3961CL3VhvsX2O9EKl0m4A4OYgl01DRTwYWnvSz7XS2SQays9Yxs8O1CIiNkd4wADBR-2CjPCG2ItJhjAZ_n8nttHQ77256hkfmWhap5NBZCSbGNTwUcbxVB06zM2JUGooj9wX60zDu9QwXCkgpsZ7EO_MCK5yNKzprfHVp9USAfSb3W-NR-51J77ZXVUxDQlNtVbUBb983EJ4P98FfuO1sPMdt1MevKfMzk0Vl_KBdxme10APzV1Feir97eoqI8s4hpvda81uc9MJP2p-jFXbutHxO1qWCOAEAYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bX74egU4h5sO43JAKcOG4dLdfqg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

359569fe9bd8f9bb60c22cf909865f5b.safeframe.googlesyndication.com
a.tribalfusion.com
a1.adform.net
a4.koora.cloud
ad.turn.com
ad4m.at
adipolo.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
b1sync.zemanta.com
bcp.crwdcntrl.net
bidder.criteo.com
cat.fr3.eu.criteo.com
cat.nl3.eu.criteo.com
cc.adingo.jp
cdn-adipolo.urekamedia.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
csi.gstatic.com
csm.eu.criteo.net
d5p.de17a.com
dalbouh.xyz
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsp.adkernel.com
esp.rtbhouse.com
feed.avplayer.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
ghb.aplhb.adipolo.com
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
image6.pubmatic.com
imageproxy.eu.criteo.net
imasdk.googleapis.com
invstatic101.creativecdn.com
jscdn.greeter.me
lb.eu-1-id5-sync.com
live.demand.supply
live.shoot-yalla.tv
match.adsrvr.org
match.sharethrough.com
mcdp-nydc1.outbrain.com
mm.melia.com
mp.4dex.io
mug.criteo.com
odb.outbrain.com
onetag-sys.com
pagead2.googlesyndication.com
player.adtelligent.com
player.aplhb.adipolo.com
player.avplayer.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
pro.ip-api.com
prod-rtb.ad4mat.net
r.turn.com
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
rtb.openx.net
rtb2-useast.e-volution.ai
s.tribalfusion.com
s.uuidksinc.net
script.4dex.io
securepubads.g.doubleclick.net
servt.modoro360.com
ssbsync.smartadserver.com
static-de.ad4mat.net
static.criteo.net
storage.de.cloud.ovh.net
sync-dmp.aura-dsp.com
sync-tm.everesttech.net
sync.mathtag.com
sync.srv.stackadapt.com
tags.crwdcntrl.net
tcheck.outbrainimg.com
tg1.modoro360.com
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
us.web3-lab.com
web-api.scorarab.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
yalla-shoots.tv
sync-dmp.aura-dsp.com
104.21.233.172
104.21.235.80
109.232.197.110
13.40.91.69
141.95.4.204
146.75.122.132
147.75.84.158
151.101.130.49
162.19.138.117
162.19.138.119
172.217.16.194
172.67.141.250
174.137.133.49
178.250.1.6
178.250.7.13
178.250.7.9
18.133.81.67
18.185.164.153
18.66.147.98
185.29.132.245
185.53.89.19
185.64.189.115
185.86.139.104
188.114.97.3
2.19.229.140
2.19.229.53
2001:678:cb4:bbbb::11
205.185.216.42
213.155.156.167
216.52.2.30
23.210.125.176
2600:1901:0:76b9::
2600:9000:2250:ac00:a:e047:752:b361
2606:4700:10::6816:3556
2606:4700:20::681a:61b
2606:4700:20::681a:8a9
2606:4700:20::681a:bd1
2606:4700::6810:5514
2606:4700::6810:8616
2606:4700::6811:190e
2606:4700::6812:19ad
2606:4700::6812:272
2a00:1450:4001:806::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::2008
2a00:1450:4001:811::200e
2a00:1450:4001:813::2001
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:401b:814::2003
2a02:2638:3::12
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::9
2a02:2638:d::11
2a02:2638:d::13
2a02:2638:d::c
2a02:2638:d::d
2a02:26f0:480:25::1726:6216
2a02:6ea0:c700::10
2a02:fa8:8806:16::1400
2a05:d018:d29:3605:bd89:7cdc:b138:f023
2a06:98c1:3120::3
2a06:98c1:3121::3
2a0c:5c81:5142::2
3.215.149.208
3.248.141.162
31.220.27.134
34.96.70.87
35.186.193.173
35.186.253.211
35.190.39.111
35.204.158.49
35.210.53.219
37.157.4.41
45.133.44.4
51.77.64.70
51.89.9.253
52.223.40.198
54.227.251.232
54.64.201.33
54.93.154.54
64.202.112.159
65.9.66.68
69.16.175.42
70.42.32.223
85.114.159.93
99.86.4.52
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
0390a205adde41148772c08262a87b8b173f4d1df61e9ce323b89069827643c2
043f48f88dc61d4b754b357fc16e62005e15c8c827acfc7b9b6c7234e3f2460f
055e97048fdeb72ca41bbb1f261aea8d8f41f5a366c1d66149c9c5b69a0e551c
057e582438252fb1984cde03cb0202cb9c5e7255c7f35d36fb2221da2bc28528
0609b70c35eab974a2c2d99d6da5d84d95b97f9fe3d28828710d04835153cb20
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb192b827acba1f045c0d5d44002c6646a37ed6dec37e22ea66f98a7109a286
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0e1070ef03510c03bf072fc9acc862eb3e3bc71cd0079472eb0dc10455e9838a
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
0eaedcd2f342b29a8ce0c22294618f8885aa34d6413d580e56b8fed1d486b60e
106ae5d15a9bdfc78cca111d24c73e5c0a3fd8ab51ab0fb9446c8decea428a37
14ff6990c88dc1b8612265161acb023d6cdba726bc355004cc3c7ea89deb04e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
1b5910cf1df8d939c0745819d39ee7060f469ee2b4919dbcce1c0fa6ec774fb5
1e5f72435fd80ae68dc20f7e3a81d4ab60bbad56f635dee225a7e3b7b9a13b09
1f494b3a6cc1372a74ad008aaf2abd294cd93426de602ff7fd8084342308d717
231de18b8d42e355897c3c550df71a0e4c19593ba51070a130ee9f307a70c441
255ae330ac3e1f559f481df2ba9c695f5856ae11f348ed6818fd7c140dc42e06
258906f6f571fd93dc466499e9ea6b46751a8bd2db70ea6ee2de52b37f27f6fd
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
272976e47a2b186641def1054de0d584af41c25eda9295804560b6f638473ab4
28f403366c2c520bfff7d5a0883f1d53e1e87ba1c8202f3f29e6395a0b66806d
2970e36a38768dec16360ae8a5752c39154bfd84024436313ce4e3121cf00897
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c
2b6ac9d8f4b6dc9ec33052904c22ac1bdbc5cfe417bea7fef80e964ab6b2d12a
2c1a8a075f616501584f5d4f615bc375196e68fcf9934ce46358c34043130463
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e33b299483775d638e43b2051ef7e358e501c968c0ea87830f764d772dd9417
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3018c5284222e82380ec1570f914f544c35e062c4ff9c64e46fdc01695b2b274
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3373d368691ba8fde4be00199bb248da91373fe34c017028c7972c70a7bd40f3
35cf75de5d617b7a8e395dc30579c7245e3001a2b8227d55f3d3ddc2e773741d
36e48b9c355752e1949ed933ac0a137a729a08174646b2bc705d6a97b9208078
3790ed75687a3b6c3d71bcf4bd62c99f82a3dd738ae4b6b2639bd36e4f6bca29
38354e6a0119fe113356e1506a115ca148a6b9ea22cf88136baa9167d6fde794
3ab8a941c0707e9b53a35718960f640e157b9ef8507175de30c9724e2af537fc
3b59cdde4a3635530ad7a792d5006193b256ae5ba1b5cb40605b6750b21837f6
3c73a368f2adbcd75df31d3560480583bc7593ab82220a4ac6c45dfb3a93c700
3e1c0cd6fc7996bc44fe00676c9abe76c11891c1e7413004417f39ac7f7ba89f
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
41f6f38e002e2b79b9791d5cbfb3ddfceaf90dcbb291840c58f477f953383580
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
43cab9eb043537bb9f4986951aba3110de339aa5d2c4a7d1456a06e87ca69ac6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
45dd60aee8728ca8786226233d74694db5f4c0110647c8e48710c49cdd5bdf41
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4716f029baacd3a2af738cc414220aae1eac40e4766259246665a5c9973402dc
471f22e34b9ce2b646d3833ca88a30d7dfa095c22e33dea2ddcd4243df30e029
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4924625695c0d768cabf6ed795fab8c937576cf4dc0eb3dd5fa07eed1abe2c8f
49f8b5d3e66d4a8de21ad2a864dfff04420a44770d5c808e61d10e0fed8ff6b6
4a81f13d46c07290b0bc225a82667ad1245996f3f0d6256f962890c33ed9903d
4ac2614f0cf797d0dc5e1d7c89fca178117cdfe1e367395561cf6a2b572dce31
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439
585ca35d1756a90e03e28d509d5305c416894a3cd057b4a30f39735610a01d80
5bec9890db3b39400b4353537c731939cb2fcf758edb1efae15ca4a6ae3dfc2f
5bf50991cae7569e67094261c94f48092482ea44c8ff6386997190e44d846123
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d7e500c30cac2f6b323076f17ffdd19bd120708167a5e516345f97d365bd71a
5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873
5ffdc3ac4306a19c995a12935fcbebddba0d65dce9680443e84fb04541cf43f3
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61da852ba9bccd86c1208f906244f578d0eedba955d4149355d19f4e21821da8
633e46a743533a8ea8985e78be46b46e5a67a3324127111509ef83763dd8e26b
65d67f668f50e5667a3ae6faf47ccc470f793f7aa7ef9e7a38df5ceb33b5471c
65dba5656cf6e9151d5be35836f94834b963f2bac3bac28189cd9dfd194e373d
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66c84fd2e855f7f8795d82db9f5aacc7b3752200f492850aac5cda6eddad7fd1
6a44e8a64318be6f675166b149cb8872c5198af02329da52fe11342db9145172
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cddc23a9c6e2426aeec27aae60ba96abfba6177ea52d1a743aed1b7e3d2623f
6ed189deb10c01729abdd99de6612b09f5de8015e74ba82ed87a0aeccdbe568e
6f800fe03d43b53e419091957cf8fb97c8efdfb7985160ea5620e06b872ba457
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
76424403ed6780c256db2267a1ac06230a2dd60963b361e9fdce1430bd6ab806
76d0c953ed23e810ff3182290d898f080456f25506c86c16e272d60230ca0b96
76d3de09f286c0542d2ddbeabfd11967fbc5b6fe9ca634ebaad0fe661f244f97
77a44f65bb6894c92e3c7ccab98de0fc357172221cc1dd45949ab938c0c7756a
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
7a4f601a875eb2b913819f5daec97504ed7644f6e450dbf32a70705c00189d60
7b0ca24dca02ca12ce11107abc641ee3ce3d453ae575aa4d59cfbef991bf1cdd
820d61324fe32ab658b288bd780e631a7ef1b1099420a95204d765f53c712801
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a
83b8e8dc344c9649c8addcb67428d1904ed16721b9300c7ef417ef66345a36f7
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
86731bb83502024d2e29c3ae3ea1595c91ddb4eda573688526289d542b14ec47
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53c943c63c9e8aff1243225da791659acbf40ea9d7f88d698744e93fb011de
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
960049b3fd8b1c292eabcea91fa7660a2a3b5936f1ad70ac23623205606e36ab
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a5e996eba7d14e25ad8040463a735ca4240efa52770a63254af14a219d3c8d4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bae94635ca8e444c83c3276ac5163e5dbaa6667e162d6f821a949e134264ce0
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9cb3101b86834feb430c14bcd8495b145e54eec4db6d3f8b12a5c1b979072664
9d35b132703d26b1bf7c7ef234f0263f69ac8388eda15384b2cd784653848aab
9f4c75624f348e16a3d79e64e9192ac34f2ee4fa61a44dcf51ff9db809aa891b
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2691bd6b15ba97b282d9d1e5e6ee305bbc2b6a6706328b3aeb1a2e2ddfcd869
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a31e81b5ee962da98d89c99da3f964c57755440e8b8e0c950b6cf63f4f29b7fa
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b
a8eb7e24873bb65c9b7193534bda15761d8853b24ca4a41d7749360972504141
aaf66d61241e134af54f637377aea34e26cf61a7cf186f6cd50666eba849fd93
ab186efaeb0fa73eb90dea037fed5107187b8adaf16c1e91860953dac12fcc48
ae5488cdee6c86ae9f892d07dfa77b93f820e132a99dd1a719cbf909168706c7
af3db37cd37f8c6425e168cdde71e01053db2350a26ce758c1393820a2497453
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1b682cb1fee45d7f80c900aba4d8ddcb18ac1016dcf38ece495801ac65eb14f
b49b4b3777f7ed275269817a8b66137a3f848bcc437c95f92600a6cfe149a1b0
b69dffefbcf3d6d04fe11ac62bd287872e0c8033cf9fa63263f2dcd483c456b9
b9c48c22b924583ec44c30b0f26f83ccc343f79a891f05b9f162187d8a3f201f
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
bc62326ee9c9dee876f7dad3f875ab571f5b0f52feff0b695fb8c580c8d0b3d2
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c247c2d28fb0abc88fa5da722273010d1855dbf7cbd5ef55d539e817118ececc
c2e618f85e4345235b90bc69e8a2fda53424f28ed251e59cd42b288106760a1e
c317a678c440afae34736fd8d13a0a28f7f21fdfb351a94f33c7f2abb2560ed8
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08
c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579
c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738
c618d0210f46e9b9c6decff2ab712bf2f64546b3ac7d25e59996d3106d7adc32
c6888a47441fe1d98cdee30223a7f4763b628e3df8a6e682fb4e393c17bf9ed0
c73e7fcf76232d28a1760877bd3eccada211feb797fd25ba824df3bac45b46eb
c7e05b68eb47f0167793018bfc04a5fd640d8a9f406b6b2c1892a97f084f6769
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb1738b2b6694eebd0b856d857aa4d0438a2c8841d2ac3cf7ac3fe924bcbb366
cba78783503f962e24d09c78f38add0360021817317c6972d14e37e250b52e3b
cbd979b253f1094192758b903dbf1258373e373ea264905849c30ca44931e1e1
cc1dee19479920553d30ee41e247efb0f35ab2682b262d0ed70360e645a12c1e
cce1aee65b9f2093ba86119d6ef979fd5183c77b513a1f6c735e0cd56f951070
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd0aa9856147b6c5b4ff2b7dfee5da20aa38253099ef1b4a64aced233c9afe29
ce00e20b1de71ae06025269109fb0cb9482ba6af1dbc262ba4eda319aaef9229
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9
d5ed6f02bfa9d9808e5d0a2a8423359ed28c6a131f13448242f0a14ed5343a80
d919c65fe953b72f59d9dccc6d0ea816512e7bea96f63e17366c1fb5b6b00ef0
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
da2d372b44ac98dfac76f5557216a9d5d406feb6bc877e0ccd3284abf8e4187e
db2ad1d92372869a972e4efdf320c025607350b54c58d39114d8cea57b4cf625
dc1001110e06487c436dfbfae5af000ccc073d324bdfa65d3669e996c4b26ddd
de06d2f3d217dcf4a678277e67e548d975b22b5f2dbb3bc16f0fb0009771aec1
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
df8c0be0f45554e3ff28c88b772a342b15de276033c114c401e655adf2505ea8
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e103a42492ad6e21528f709a1fa97d5645b540f15570589a039059d44d1842ec
e2e2ee124a92ca6673a9ce2508260ac228832de36594217daffcbce988758fc5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5c0a0580fcdbabae0f615e99564c37dcc8df4e62e9497b66fee3bbc4044405d
e6264fdcf8a40c3afce00d8851c5e3a594d4fcddc32b9d0f359157d2a208ab24
e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f
e67715848b4b8349cbaf140f03068df1d9b5baa1c0428c738b3996467676698a
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
eb806e0cae8e3282c5caee51eaf4ae5629654a74302f7e137ca5f3798dd79ea2
ec24ef47fe7e6d57063ab95cae40f760d0c8bf48e36db346f0670706c2d4af3f
ed0bba0e9e5357215cdeae19956cedef3d03af5b5a293a3205d5951d1cce29d4
ed6e2f7777351bda0cbf8dfc104174391c9ece5f2aa0fc8a1983f67be3949712
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee288cc19f6731fa3abc2a65a77c5f50ed5bf1b10f33d56190384f6b9337fb6a
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
eebca01c60b315a6937fea6c94dfaa2b2afcb61cd14cdf7e655cefec2fc32017
eeea83cc9fede5617cbdb79cf37fba31f3080e90ba0243868d8a7c1d1fa0166e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f268f7d22ab75ff200d8554fd1bec7c63dd8b4ec8107513f8fefee902be16c48
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5a556e2c1247f0f02560737cf890acb7fb3dbcb32f58ec6d8307f394e4d5d29
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6ee8f5847140c4b24a3fc2ad1aa458ad98aa0b2b2466c318dc1728a6c6c7c78
f728d9cc33578cefe3453893ee148e0eb6e2aa2398e64d7aa5d269300ed0c681
f730c61e14f8499025f7f27686374e8fd4486930d3cad3ae07eb9fe93c9f33a4
f84fcc4ebfb489f955268b1a10dfbd2681bfa8de5e23e2e2ea5d20cecbb5cd2c
f8aa9a880d6e487e7842722fbaee7c4c914803cef2baf4f92b76167b48df3bad
f94a0b25ed421e6643ca8ae21ccd63cf5630e8db8a3b64f63a669936d068c427
f96795e5986b128c28976d4229c5be0e6c05409a94884a26414f6b9aa43010c2
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8
fc2c8ae3a03ae6de7b7f1153a05b8c7b5f36644d05c519bf34ba7dc885a2fe73
fd41e389839b4455c120639c03ce0d70ae8b67bafa57b97bd2fd207f6dad7520