yalla-shoots.tv Open in urlscan Pro
104.21.235.79  Public Scan

13 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://yalla-shoots.tv/live/11813/0/motogp-vs-motogp HTTP 301
   https://yalla-shoots.tv/live/11813/0/motogp-vs-motogp/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84

• https://a.tribalfusion.com/i.match?p=b6&u=CAESEGZjNmc1meKMlTpj9cBFuAE&google_cver=1&google_push=AXcoOmRTMXlnXPhmYx2_EJhh-qmsdbufUtylDqsLQmnRKC52cuupMuVF_kbwHkt4bQ_wiGTGSiibnlBEzBDoCUi7pVpyg9GVoYwSIg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRTMXlnXPhmYx2_EJhh-qmsdbufUtylDqsLQmnRKC52cuupMuVF_kbwHkt4bQ_wiGTGSiibnlBEzBDoCUi7pVpyg9GVoYwSIg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGZjNmc1meKMlTpj9cBFuAE&google_cver=1&google_push=AXcoOmRTMXlnXPhmYx2_EJhh-qmsdbufUtylDqsLQmnRKC52cuupMuVF_kbwHkt4bQ_wiGTGSiibnlBEzBDoCUi7pVpyg9GVoYwSIg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRTMXlnXPhmYx2_EJhh-qmsdbufUtylDqsLQmnRKC52cuupMuVF_kbwHkt4bQ_wiGTGSiibnlBEzBDoCUi7pVpyg9GVoYwSIg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 85

• https://fksnk.com/cs/google?google_gid=CAESEHPx_Rio6PfDz-4ZZfsSOUw&google_cver=1&google_push=AXcoOmT-m1oDVhuV_XLakE1EagedVNMcVkRNri2YkZCLZzYoFKvtd7KhK0Cu5022-kZU9if9urTuDwK7XXxx2NI5Qo5mEbCTHI6Y HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MDIxREI3NTBBMzRGRDkyOQ==

Request Chain 86

• https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECSafTbUG2MKAjWnN2hby28&google_cver=1&google_push=AXcoOmT1GePXLaCdX5yFtJ-17ZZA0uDyER7WsJ4_kWO1i68RuqsZ_sewhj8RH9xaeikzYWoPXHcwWwo5U47gxRe-ASSCbP2Q09uQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2NDEzODA2ODE2Nzg4Mjg5Ng%3D%3D&google_push=AXcoOmT1GePXLaCdX5yFtJ-17ZZA0uDyER7WsJ4_kWO1i68RuqsZ_sewhj8RH9xaeikzYWoPXHcwWwo5U47gxRe-ASSCbP2Q09uQ

Request Chain 87

• https://ads.travelaudience.com/google_pixel?google_gid=CAESELlcv0SbdjctqA67gEA8YFM&google_cver=1&google_push=AXcoOmQZGv4jl79_zrkDfsV4BwY2Rm9q-1VgD1k0jx5_sOZQdttV7Z8ZtPTaqeXlgIk-fbRMblHNhdVxXvjhrsQn25esSGHd_zY2IA HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=IsSoXANIRGeALFMJmuwf1g2&google_push=AXcoOmQZGv4jl79_zrkDfsV4BwY2Rm9q-1VgD1k0jx5_sOZQdttV7Z8ZtPTaqeXlgIk-fbRMblHNhdVxXvjhrsQn25esSGHd_zY2IA

Request Chain 88

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHJ2iyNpnZNOzdneEc6rCTQ&google_cver=1&google_push=AXcoOmR511FslhHICgpsP3tNlE4i8rFcuzG288Y8oUCHo-0svk6dfeXMfpvoCzMXyScLx-BHTv9ErTvUgzz-KgHcnoZi9S3gxAtU HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHJ2iyNpnZNOzdneEc6rCTQ&google_cver=1&google_push=AXcoOmR511FslhHICgpsP3tNlE4i8rFcuzG288Y8oUCHo-0svk6dfeXMfpvoCzMXyScLx-BHTv9ErTvUgzz-KgHcnoZi9S3gxAtU HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc1NjIyNzgyNTk2OTY1OTE3NA&google_push=AXcoOmR511FslhHICgpsP3tNlE4i8rFcuzG288Y8oUCHo-0svk6dfeXMfpvoCzMXyScLx-BHTv9ErTvUgzz-KgHcnoZi9S3gxAtU

Request Chain 90

• https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESENh9mh5twz3uEdWVziri2bc&google_cver=1&google_push=AXcoOmQVjF8NBP7vujJTMvMIXocCSXRTd35mPBtHihiDdL3CqLvL-cVHMqxMglQEtDr00OSzYuk1POvlMaupkmCHblzz7Ayv3bx2LA HTTP 302
• https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQVjF8NBP7vujJTMvMIXocCSXRTd35mPBtHihiDdL3CqLvL-cVHMqxMglQEtDr00OSzYuk1POvlMaupkmCHblzz7Ayv3bx2LA&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1691313943336 HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-37492f50-b936-4e54-88c1-7a84e83c338c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQVjF8NBP7vujJTMvMIXocCSXRTd35mPBtHihiDdL3CqLvL-cVHMqxMglQEtDr00OSzYuk1POvlMaupkmCHblzz7Ayv3bx2LA%26google_hm%3DAzdJL1C5Nk5UiMF6hOg8M4w HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQVjF8NBP7vujJTMvMIXocCSXRTd35mPBtHihiDdL3CqLvL-cVHMqxMglQEtDr00OSzYuk1POvlMaupkmCHblzz7Ayv3bx2LA&google_hm=AzdJL1C5Nk5UiMF6hOg8M4w

Request Chain 107

• https://a.tribalfusion.com/i.match?p=b6&u=CAESEF_BFYSQYbzNw2rVdD-7pHU&google_cver=1&google_push=AXcoOmR0q0PoRsucmIpEskd29KMYdaJRWOIpYXUr_2Pj_DJwpjvoNThx2tGRkTvnUkaDOFlDyCLfQCOmBn117XLKISxJLjhzJZhH&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR0q0PoRsucmIpEskd29KMYdaJRWOIpYXUr_2Pj_DJwpjvoNThx2tGRkTvnUkaDOFlDyCLfQCOmBn117XLKISxJLjhzJZhH%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF_BFYSQYbzNw2rVdD-7pHU&google_cver=1&google_push=AXcoOmR0q0PoRsucmIpEskd29KMYdaJRWOIpYXUr_2Pj_DJwpjvoNThx2tGRkTvnUkaDOFlDyCLfQCOmBn117XLKISxJLjhzJZhH&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR0q0PoRsucmIpEskd29KMYdaJRWOIpYXUr_2Pj_DJwpjvoNThx2tGRkTvnUkaDOFlDyCLfQCOmBn117XLKISxJLjhzJZhH%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 108

• https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFCbXW2QgFDDLSYMhLjYPRw&google_cver=1&google_push=AXcoOmSzAvzlFM7F2TYnxORmG7UJBCjUV6TJTVjoF1UmAX7MCmZ4MnHTeQhUPqwkz0pdJBIMS-nT8_l9R2hIBjQlwBRedNXvM6L0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSzAvzlFM7F2TYnxORmG7UJBCjUV6TJTVjoF1UmAX7MCmZ4MnHTeQhUPqwkz0pdJBIMS-nT8_l9R2hIBjQlwBRedNXvM6L0&google_hm=RijgExejTpC2-0vIXH_bQG8

Request Chain 109

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ7P7NiNunFb0CsZWJiDFVU&google_cver=1&google_push=AXcoOmS43HlSjAMawpD_fPpnDTRUIYzBkOy4V0HFdzwjXAhUhFKltk7kC4pkHg90aPf2PQE9AV6Bi8zRS2LBqpNusCNdtDkFHFO4 HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJ7P7NiNunFb0CsZWJiDFVU&google_push=AXcoOmS43HlSjAMawpD_fPpnDTRUIYzBkOy4V0HFdzwjXAhUhFKltk7kC4pkHg90aPf2PQE9AV6Bi8zRS2LBqpNusCNdtDkFHFO4&s=184023&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ7P7NiNunFb0CsZWJiDFVU&google_hm=ZM9nFs2SyCgSEeWIWwTkCAAADKEAAAAB&google_nid=index&google_push=AXcoOmS43HlSjAMawpD_fPpnDTRUIYzBkOy4V0HFdzwjXAhUhFKltk7kC4pkHg90aPf2PQE9AV6Bi8zRS2LBqpNusCNdtDkFHFO4

Request Chain 112

• https://sync.inmobi.com/gob?google_gid=CAESECqUvBTKjgDqFP6xpqgF9ZY&google_cver=1&google_push=AXcoOmQCqfx5YT8QSyF95-wAfubGOTBQdBLORQ2_DmjiKqoY9enXo8N7YMY6n9ruaKBDaOJra9Yjxtjse_zC-TKC9GhLGba5WuuZ2g HTTP 302
• https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQCqfx5YT8QSyF95-wAfubGOTBQdBLORQ2_DmjiKqoY9enXo8N7YMY6n9ruaKBDaOJra9Yjxtjse_zC-TKC9GhLGba5WuuZ2g

Request Chain 130

• https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
• https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJ-4hbbbx4ADFU3IuwgdpQwESA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
• https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023080611254487602533953X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023080611254487602533953X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&partnerid=12218

Request Chain 153

• https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMB01v_9ERKBKTS0JcAOkP8&google_cver=1&google_push=AXcoOmQ2GwhK60vbLYeyzoARk-pJglcUHlvmcgzwUfDdnsbsYrKLaL80NuMxd3GxhqZG1C_E7BkPzeZET-MqUrON5fvx34i4msCKnQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQ2GwhK60vbLYeyzoARk-pJglcUHlvmcgzwUfDdnsbsYrKLaL80NuMxd3GxhqZG1C_E7BkPzeZET-MqUrON5fvx34i4msCKnQ

Request Chain 156

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENbpdPwcQ4nRLT7UMckTlrc&google_cver=1&google_push=AXcoOmQjCU3Z2PaX09aT0bIBFdZPgwdDD3ogSO-oRRX8lMup01DGmVWtYNefbsXat9cXiQnhEF2uZyk8qKTEOKjldJkM2vtUKYF0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc1NjIyNzgyNTk2OTY1OTE3NA&google_push=AXcoOmQjCU3Z2PaX09aT0bIBFdZPgwdDD3ogSO-oRRX8lMup01DGmVWtYNefbsXat9cXiQnhEF2uZyk8qKTEOKjldJkM2vtUKYF0

Request Chain 157

• https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEOxuUr2ha7CSIaHJmK4ooII&google_cver=1&google_push=AXcoOmTYlTrVVKlWS-oIGsrQ7I26b1Px1SgI_Cr_l5A84S-R--AdkIm6nWsoErx8rza28bJNfhoOBTn_oDqQivJ8Y6GmF_zZ_pb9yg HTTP 302
• https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEOxuUr2ha7CSIaHJmK4ooII&google_push=AXcoOmTYlTrVVKlWS-oIGsrQ7I26b1Px1SgI_Cr_l5A84S-R--AdkIm6nWsoErx8rza28bJNfhoOBTn_oDqQivJ8Y6GmF_zZ_pb9yg&s=2 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTYlTrVVKlWS-oIGsrQ7I26b1Px1SgI_Cr_l5A84S-R--AdkIm6nWsoErx8rza28bJNfhoOBTn_oDqQivJ8Y6GmF_zZ_pb9yg&google_hm=aFNudGNnWUhrZ2FiUWM2QnJQMTI=

Request Chain 158

• https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEALvjog6nZT2haEnsT8MkJ8&google_cver=1&google_push=AXcoOmT0N1smF81dUWFCZKe4NQNdiH3-t4w5M2Q-NwlX6JBgPIuk45hGtplrf3DDUkyt7v_PDBjHJLlrv1JZfUnJXvqFaC0TX-rD HTTP 307
• https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEALvjog6nZT2haEnsT8MkJ8&google_cver=1&google_push=AXcoOmT0N1smF81dUWFCZKe4NQNdiH3-t4w5M2Q-NwlX6JBgPIuk45hGtplrf3DDUkyt7v_PDBjHJLlrv1JZfUnJXvqFaC0TX-rD&sovrn_retry=true HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT0N1smF81dUWFCZKe4NQNdiH3-t4w5M2Q-NwlX6JBgPIuk45hGtplrf3DDUkyt7v_PDBjHJLlrv1JZfUnJXvqFaC0TX-rD&google_hm=HGtVpGZHkTniU49cT46acNbf

Request Chain 184

• https://t.adcell.com/p/view?promoId=309583&slotId=46690&pv=1&htlp=1&subId=oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://www.restposten.de/?utm_source=ADCELL&utm_medium=Text&utm_campaign=Standard&bid=309583-46690-oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY

204 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
13 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response yalla-shoots.tv/live/11813/0/motogp-vs-motogp/ Redirect Chain https://yalla-shoots.tv/live/11813/0/motogp-vs-motogp https://yalla-shoots.tv/live/11813/0/motogp-vs-motogp/	191 KB 60 KB	475ms 475ms	Document text/html	104.21.235.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yalla-shoots.tv/live/11813/0/motogp-vs-motogp/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.235.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6977411ebfaba707e0ec8765e188bad56ea868b2466072c2e7bec468ffcfae3c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control max-age=60 cf-cache-status DYNAMIC cf-ray 7f263bda39549143-FRA content-encoding br content-type text/html; charset=UTF-8 date Sun, 06 Aug 2023 09:25:40 GMT expires Sun, 06 Aug 2023 09:26:40 GMT feature-policy microphone none;camera none;geolocation none; last-modified Sun, 06 Aug 2023 09:25:39 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} permissions-policy camera=(), microphone=(), geolocation=() pragma public referrer-policy strict-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fmQ8b8G%2FPmDN2V0I3CZgw64RJfUeqiY%2Bobccdxt6YMiQQkrVZugEe1Rmg9Yvj%2FF88KiiROwkOy3znC0r4uBPfFiLSXj9yWx5CFBdfJsbJ9SwYMHaoAiC%2BLNbX26mODXVyPU%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block Redirect headers alt-svc h3=":443"; ma=86400 cache-control max-age=60 cf-cache-status DYNAMIC cf-ray 7f263bd9c8a89143-FRA content-type text/html date Sun, 06 Aug 2023 09:25:39 GMT expires Sun, 06 Aug 2023 09:26:39 GMT feature-policy microphone none;camera none;geolocation none; location https://yalla-shoots.tv/live/11813/0/motogp-vs-motogp/ nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} permissions-policy camera=(), microphone=(), geolocation=() referrer-policy strict-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGhFyR8nVi4IP4npqUykdfKNNGnhUikx7CFLJVl2QUSNJN1%2FcV3zpk%2Bmp5x7LqJXypj4Jy6vsHOpvqCCWOvsizpbOmxCr6la2VW2FM2sv%2FcY8OMEzEKLZlw3%2F9jPDu%2FGZec%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	up.js Show response live.demand.supply/	5 KB 3 KB	1331ms 299ms	Script application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/up.js Requested by Host: yalla-shoots.tv URL: https://yalla-shoots.tv/live/11813/0/motogp-vs-motogp/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd2d17e87916c3dce66fb39a66e2b147ffcb384eef15405b0e896fc5834dc212 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nf-request-id 01H70R2PQZ01FWENFCJKXCY5HW date Sun, 06 Aug 2023 09:25:41 GMT content-encoding br cf-cache-status HIT age 1121 cf-polished origSize=4392 alt-svc h3=":443"; ma=86400 cf-bgj minify server cloudflare etag W/"00badb0d20c4bd4460edaae1698fbd9b-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=1200,must-revalidate,stale-while-revalidate=3600 cf-ray 7f263be3c92337cb-FRA link <https://live.demand.supply/impl.v17.8.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-10-0/eWFsbGEtc2hvb3RzLnR2Lw==>; rel=preload; as=script timing-allow-origin *
GET H2	200	A-letterbigger_Savir.png jscdn.greeter.me/	945 B 1 KB	106ms 24ms	Image image/png	205.185.216.42 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://jscdn.greeter.me/A-letterbigger_Savir.png Requested by Host: yalla-shoots.tv URL: https://yalla-shoots.tv/live/11813/0/motogp-vs-motogp/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software / Resource Hash 4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:40 GMT strict-transport-security max-age=15552000; includeSubDomains; preload last-modified Sun, 10 Jul 2022 13:45:06 GMT x-amz-request-id tx00000000000005b63f8ec-0064cf5ae0-adcbe5b3-fra1b etag "f07519ec5fbc46385f386b577e6e2a1d" vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin x-hw 1691313940.dop208.lo4.t,1691313940.cds089.lo4.hn,1691313940.cds287.lo4.c content-type image/png cache-control max-age=476 x-rgw-object-type Normal accept-ranges bytes content-length 945
GET H3	200	yalla-shoot.png yalla-shoots.tv/uploads/logo/	6 KB 7 KB	20ms 20ms	Image image/png	104.21.235.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://yalla-shoots.tv/uploads/logo/yalla-shoot.png Requested by Host: yalla-shoots.tv URL: https://yalla-shoots.tv/live/11813/0/motogp-vs-motogp/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.235.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3790ed75687a3b6c3d71bcf4bd62c99f82a3dd738ae4b6b2639bd36e4f6bca29 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:40 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 181093 alt-svc h3=":443"; ma=86400 content-length 6352 x-xss-protection 1; mode=block referrer-policy strict-origin last-modified Sat, 23 Jul 2022 01:22:27 GMT server cloudflare etag "62db4d53-18d0" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/png report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ZYW2kJ9msZ1vwXDErj9e1Orj1LnTVycH%2Fr3u%2BPeJypHKHsyCwZf9u8CQ6wSxEFgWiXWuTSdlfmUCisPZ8cnhN9B5WmKVoLsYozjHixEPhjQPNXASvLs3j12v3vRzdIaX70%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=2592000 feature-policy microphone none;camera none;geolocation none; permissions-policy camera=(), microphone=(), geolocation=() accept-ranges bytes cf-ray 7f263bdd589f9baa-FRA expires Sun, 03 Sep 2023 07:07:27 GMT
GET H3	200	rocket-loader.min.js Show response yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	10ms 9ms	Script application/javascript	104.21.235.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: yalla-shoots.tv URL: https://yalla-shoots.tv/live/11813/0/motogp-vs-motogp/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.235.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:40 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 04 Aug 2023 16:29:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64cd2768-302c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0j1%2BtnGZoZoPWJY4dkxtdubWFkFss5bjGe9lLdAYDEYBE05xM%2BDgzJiu1qcO4lRdXojb3kPKzEZ1jAeVujR%2BFJalRyKT6jsLGunXiXWlbbebhJ5PS7hz1nlEQhZ8DWs7%2BKM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 7f263bdd58ac9baa-FRA expires Tue, 08 Aug 2023 09:25:40 GMT
GET DATA	200 OK	truncated /	451 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	944 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	248 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	460 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	500 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET		telegram.svg live.shoot-yalla.tv/uploads/img/	0 0
GET H3	200	NeoSansArabic.woff yalla-shoots.tv/assets/fonts/	56 KB 57 KB	15ms 15ms	Font font/woff	104.21.235.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yalla-shoots.tv/assets/fonts/NeoSansArabic.woff Requested by Host: yalla-shoots.tv URL: https://yalla-shoots.tv/live/11813/0/motogp-vs-motogp/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.235.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://yalla-shoots.tv/live/11813/0/motogp-vs-motogp/ Origin https://yalla-shoots.tv accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:40 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 181091 alt-svc h3=":443"; ma=86400 content-length 57364 x-xss-protection 1; mode=block referrer-policy strict-origin last-modified Sat, 23 Jul 2022 01:21:21 GMT server cloudflare etag "62db4d11-e014" vary Accept-Encoding x-frame-options SAMEORIGIN content-type font/woff report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBwtkLkgG1%2FLjeRBzJt6WCwUIPB%2BIrrPUhkuCe7LtyrZQZ5PvvxW7UYm9FuV0ex9pCQRH8ZUEd0Y4ZrzjT8f4UH9hTpyvfC7wVNxCB3%2BX9zXTjUwnmJDpL5GDPHu%2BauKhAI%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=2592000 feature-policy microphone none;camera none;geolocation none; permissions-policy camera=(), microphone=(), geolocation=() accept-ranges bytes cf-ray 7f263bdd68bf9baa-FRA expires Sun, 03 Sep 2023 07:07:29 GMT
GET H2	200	1691310531.png web-api.scorarab.com/uploads/team/	75 KB 76 KB	101ms 42ms	Image image/png	104.21.30.140 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://web-api.scorarab.com/uploads/team/1691310531.png Requested by Host: yalla-shoots.tv URL: https://yalla-shoots.tv/live/11813/0/motogp-vs-motogp/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.30.140 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff8de8226d832c9cb9f9551cd33e95f792adc564ced47489153b322c6c84700f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:40 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2891 alt-svc h3=":443"; ma=86400 content-length 77246 x-xss-protection 1; mode=block last-modified Sun, 06 Aug 2023 08:28:51 GMT server cloudflare etag "64cf59c3-12dbe" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6acHXI2lJttOlGU7AqrjEgBx7dj%2BsF%2BB8p6PE8viacwRHuTSf0L2u39AB0vwbuDxB23PW6X3l198OvqiH9aZhUc5C9eZR3PVI4k6z5x5ajCfCX5qgpzR8cJnSPnvf36PpdapBoc26w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=2592000 accept-ranges bytes cf-ray 7f263bdddc5e6964-FRA expires Tue, 05 Sep 2023 08:37:29 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	179 KB 65 KB	294ms 22ms	Script application/javascript	2a00:1450:4001:801::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-230085360-1 Requested by Host: yalla-shoots.tv URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash cbea4683c7a39cd78ff709500a3326a546ff4da26316c1a305fd074e792a4952 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:40 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66576 x-xss-protection 0 last-modified Sun, 06 Aug 2023 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 06 Aug 2023 09:25:40 GMT
GET H3	200	lazyload.js Show response yalla-shoots.tv/assets/themes/yalla-shoot/js/	7 KB 3 KB	18ms 18ms	Script application/javascript	104.21.235.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yalla-shoots.tv/assets/themes/yalla-shoot/js/lazyload.js Requested by Host: yalla-shoots.tv URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.235.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1b682cb1fee45d7f80c900aba4d8ddcb18ac1016dcf38ece495801ac65eb14f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:40 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 180743 cf-polished origSize=7249 content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin cf-bgj minify last-modified Sat, 23 Jul 2022 01:24:16 GMT server cloudflare etag W/"62db4dc0-1c51" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NV66FeC3%2BZczhHFRYpSb3AD3e7kVVnIgVbeOz47xsyISi%2B9xLwl%2BZmNR3V%2FlttiFEyoGBTO8RspFElfj6GhwaCRWCZAuDp60W9w8gMrFfCIaQj2ICnIYbjzddSA04Mt6D4g%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=2592000 feature-policy microphone none;camera none;geolocation none; permissions-policy camera=(), microphone=(), geolocation=() cf-ray 7f263bdda9459baa-FRA expires Sun, 03 Sep 2023 07:13:17 GMT
GET H2	403	matche dalbouh.xyz/api/	0 0	109ms 78ms	Script text/html	104.21.233.172 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dalbouh.xyz/api/matche?t=1691313940 Requested by Host: yalla-shoots.tv URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.233.172 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers
GET H/1.1	200 OK	spt Show response tg1.modoro360.com/api/adserver/	29 KB 8 KB	115ms 26ms	Script text/javascript	2a02:26f0:480:25::1726:621b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=63e0c53d06b87484dc0f3a56&AV_PUBLISHERID=63e0c30829bdc76cde070e85 Requested by Host: yalla-shoots.tv URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:25::1726:621b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 581ad5323de6a28c11d7a5b7224a4c6230f3cee26bb9b625d3aca5e087b14f90 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers X-Bamboo-C-SkSt 1 Content-Encoding gzip X-Bamboo-C-SkFe 1 X-Bamboo-C-S BYPASS Date Sun, 06 Aug 2023 09:25:40 GMT Access-Control-Max-Age 1728000 Access-Control-Allow-Methods GET, POST, DELETE, PUT, OPTIONS, INDEX Content-Type text/javascript Vary Accept-Encoding Cache-Control max-age=300 Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With Content-Length 7151 Expires Sun, 06 Aug 2023 09:30:40 GMT
GET H2	200	yalla-shoots.tvdynamic.js Show response jscdn.greeter.me/	8 KB 8 KB	67ms 44ms	Script text/javascript	205.185.216.42 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://jscdn.greeter.me/yalla-shoots.tvdynamic.js Requested by Host: yalla-shoots.tv URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software / Resource Hash 35cf75de5d617b7a8e395dc30579c7245e3001a2b8227d55f3d3ddc2e773741d Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:40 GMT strict-transport-security max-age=15552000; includeSubDomains; preload last-modified Wed, 11 Jan 2023 19:24:32 GMT x-amz-request-id tx00000000000005b89cc55-0064cf6714-adce137d-fra1b etag "3cc898bc27a1b9035922667e9a7e891a" vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin x-hw 1691313940.dop208.lo4.t,1691313940.cds089.lo4.hn,1691313940.cds278.lo4.pr content-type text/javascript cache-control max-age=3600 x-rgw-object-type Normal accept-ranges bytes content-length 7957
GET H2	200	yalla-shoots.tvhead.js Show response jscdn.greeter.me/	7 KB 8 KB	117ms 93ms	Script text/javascript	205.185.216.42 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://jscdn.greeter.me/yalla-shoots.tvhead.js Requested by Host: yalla-shoots.tv URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software / Resource Hash c73e7fcf76232d28a1760877bd3eccada211feb797fd25ba824df3bac45b46eb Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:40 GMT strict-transport-security max-age=15552000; includeSubDomains; preload last-modified Wed, 11 Jan 2023 19:35:56 GMT x-amz-request-id tx000000000000064170bb8-0064cf6714-ad9364d7-fra1b etag "559fe7c18011a3e1db9adb6276cba3f6" x-envoy-upstream-healthchecked-cluster vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin x-hw 1691313940.dop208.lo4.t,1691313940.cds089.lo4.hn,1691313940.cds265.lo4.pr content-type text/javascript cache-control max-age=3600 x-rgw-object-type Normal accept-ranges bytes content-length 7559
GET H3	200	jquery.min.js Show response yalla-shoots.tv/assets/js/	87 KB 33 KB	106ms 106ms	Script application/javascript	104.21.235.79 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yalla-shoots.tv/assets/js/jquery.min.js?t=1691313940 Requested by Host: yalla-shoots.tv URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.235.79 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c7e05b68eb47f0167793018bfc04a5fd640d8a9f406b6b2c1892a97f084f6769 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:40 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin last-modified Wed, 21 Sep 2022 18:59:19 GMT server cloudflare etag W/"632b5f07-15d3a" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BwlraV4jFWK2e8RTDiOG3Ou5nocV2D7EnRMbCtRcNQXDHb2h1d55j83NlqCxrl4%2BrlnD9p12SPd3SPRZoQcKENUQ1od6tzktstEFaV1Eqp2SZYFBJ2cmnXDgDmmqOeLqHxo%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=2592000 feature-policy microphone none;camera none;geolocation none; permissions-policy camera=(), microphone=(), geolocation=() cf-ray 7f263bdda9489baa-FRA expires Tue, 05 Sep 2023 09:25:40 GMT
GET H2	200	impl.v17.8.0.js Show response live.demand.supply/	82 KB 27 KB	92ms 91ms	Script application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/impl.v17.8.0.js Requested by Host: yalla-shoots.tv URL: https://yalla-shoots.tv/live/11813/0/motogp-vs-motogp/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1adccf6c93cef96635e609eb89bec05a73f42c238f1e1db2bff8200d6c502d57 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nf-request-id 01H70R2KMCKR8S2R4CFWYG9H82 date Sun, 06 Aug 2023 09:25:41 GMT content-encoding br cf-cache-status HIT age 145317 cf-polished origSize=83692 alt-svc h3=":443"; ma=86400 cf-bgj minify server cloudflare etag W/"29a6e854debbf54a926c6c3a6fa297fd-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=2592000,immutable,stale-if-error=604800 timing-allow-origin * cf-ray 7f263be5ab8537cb-FRA
GET H2	200	eWFsbGEtc2hvb3RzLnR2Lw== Show response live.demand.supply/p4/v16-10-0/	1004 B 635 B	211ms 211ms	Script text/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/p4/v16-10-0/eWFsbGEtc2hvb3RzLnR2Lw== Requested by Host: yalla-shoots.tv URL: https://yalla-shoots.tv/live/11813/0/motogp-vs-motogp/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0515a7281c7471cf6245ad496c65f008755224f824291adebc265697a2b1fae0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:41 GMT content-encoding br server cloudflare vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600 cf-ray 7f263be5ab8737cb-FRA alt-svc h3=":443"; ma=86400
HEAD H3	200	e.js Show response live.demand.supply/e/	0 519 B	118ms 105ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?e=ll&d=1332&cs=c&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nf-request-id 01H5N5AHKBES9HA8XC274JEKPE date Sun, 06 Aug 2023 09:25:41 GMT cf-cache-status HIT age 1345560 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "46f47d652033caa436f550f7e8b20e7f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7f263be5b8025c92-FRA
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	83 KB 28 KB	167ms 132ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 380cfe4eea43913833766bc85f614ac293d486057654eb8bc9e8fa424fd75c27 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:41 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28298 x-xss-protection 0 server cafe etag 88 / 19575 / m202308010101 / config-hash: 16920917814545374618 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Sun, 06 Aug 2023 09:25:41 GMT
GET H2	200	eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Show response live.demand.supply/p4/v16-10-0/	1004 B 557 B	256ms 255ms	Script text/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/p4/v16-10-0/eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0515a7281c7471cf6245ad496c65f008755224f824291adebc265697a2b1fae0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:41 GMT content-encoding br server cloudflare vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600 cf-ray 7f263be5ab9037cb-FRA alt-svc h3=":443"; ma=86400
GET H3	200	ds.2.html Show response live.demand.supply/	413 B 585 B	118ms 106ms	XHR text/html	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/ds.2.html Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nf-request-id 01H3WA237MVFAYZPRV32TG4JC5 date Sun, 06 Aug 2023 09:25:41 GMT content-encoding br cf-cache-status HIT server cloudflare age 1206473 vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=2592000,immutable,stale-if-error=604800 timing-allow-origin * cf-ray 7f263be5bffe5c92-FRA alt-svc h3=":443"; ma=86400
GET H3	200	yalla-shoots.tv_fluid_lb+sq Show response live.demand.supply/cp/	30 B 372 B	316ms 316ms	XHR text/plain	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/yalla-shoots.tv_fluid_lb+sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb7f6e00a28bbe976640aefe78ba30e518d0db6e75c74e656230bc7648eaf6ad Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:41 GMT server cloudflare vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 7f263be648975c92-FRA alt-svc h3=":443"; ma=86400 content-length 30
GET H3	200	yalla-shoots.tv_native_multi_native1 Show response live.demand.supply/cp/	30 B 373 B	252ms 251ms	XHR text/plain	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/yalla-shoots.tv_native_multi_native1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0aba69daeb064d1edd34b6926efc4aa4301be54d7a4c0d3199665f4c3747a617 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:41 GMT server cloudflare vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 7f263be6489b5c92-FRA alt-svc h3=":443"; ma=86400 content-length 30
GET H3	200	yalla-shoots.tv_fluid_sky+sq Show response live.demand.supply/cp/	29 B 373 B	225ms 225ms	XHR text/plain	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/yalla-shoots.tv_fluid_sky+sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a661e79703596ed04f0c27bd2e444b1f089af1be4e42486e38de1e180523ec2e Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:41 GMT server cloudflare vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 7f263be6489e5c92-FRA alt-svc h3=":443"; ma=86400 content-length 29
GET H3	200	yalla-shoots.tv_fluid_lb+sq Show response live.demand.supply/cp/	30 B 372 B	225ms 224ms	XHR text/plain	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/yalla-shoots.tv_fluid_lb+sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb7f6e00a28bbe976640aefe78ba30e518d0db6e75c74e656230bc7648eaf6ad Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:41 GMT server cloudflare vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 7f263be648a05c92-FRA alt-svc h3=":443"; ma=86400 content-length 30
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/	398 KB 126 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8f7018f33777001d751d8c8d9107bb98e2b2dc3e6c6375a85518365653147c8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 05 Aug 2023 10:57:55 GMT content-encoding br x-content-type-options nosniff age 80866 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 129167 x-xss-protection 0 server cafe etag 5057873641579568274 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Sun, 04 Aug 2024 10:57:55 GMT
GET H3	200	yalla-shoots.tv_auto_728x90_sticky_display_bottom Show response live.demand.supply/cp/	29 B 374 B	310ms 310ms	XHR text/plain	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/yalla-shoots.tv_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1066f0556e8a98472beb100efbf6f65dac3d7b554fd388fa91f23a9c37d4d614 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:41 GMT server cloudflare vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 7f263be749bc5c92-FRA alt-svc h3=":443"; ma=86400 content-length 29
GET H2	200	pubcid.min.js Show response cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/	732 B 1 KB	39ms 22ms	Script application/javascript	2606:4700::6810:5614 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:41 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 11446 x-jsd-version master content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230042-FRA, cache-jnb7027-JNB x-jsd-version-type branch server cloudflare etag W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9YrOAIhyBmz6zvb4Wg6OJfAesCa2EcQOuh3QxUD0iGulzkGiVdi9eLuXCIa1YAydH8ur3Oz6PKtLFbEO7XaM2tr517bNUMywYaNVj8lr%2FXKUzh4TiN27My4C60z1menxkVWWCmhRthtIKzT9EDw%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 7f263be7782f3600-FRA
GET H/1.1	200 OK	uid2SecureSignal.js Show response cdn.prod.uidapi.com/	2 KB 2 KB	274ms 7ms	Script text/javascript	2600:9000:2057:aa00:a:e047:753:be1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.uidapi.com/uid2SecureSignal.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:aa00:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-amz-version-id null Date Sun, 06 Aug 2023 01:26:26 GMT Via 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront) Last-Modified Thu, 04 May 2023 00:14:06 GMT Server AmazonS3 X-Amz-Cf-Pop FRA6-C1 Age 28756 x-amz-server-side-encryption AES256 ETag "4d5acbf33f4a0592ac0515db92fe88e6" X-Cache Hit from cloudfront Content-Type text/javascript Connection keep-alive Accept-Ranges bytes Content-Length 1858 X-Amz-Cf-Id n9Qtra-XFFuzhdd5RsMxKg_fJQQSkvjTq5t7vO9jB6z5RsRyP1xkxg==
GET H2	200	esp.js Show response cdn.id5-sync.com/api/1.0/	112 KB 26 KB	287ms 19ms	Script text/javascript	2606:4700:10::6816:3556 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/esp.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:41 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT last-modified Wed, 02 Aug 2023 11:32:19 GMT server cloudflare x-amz-request-id 9JD2PVWRNGH6W9D6 age 3478 etag W/"25c6f4638264ba52fb77e06351d38d61" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control public, max-age=3600 cf-ray 7f263be90eaa9226-FRA x-amz-id-2 C78NJH9XkIV+sX3gWmjnQ0d7A0CrZ/OSO/7CSNMeogj/qizLfap+8xu2sOYpsPd/7/w1SlaLgeQGDUvfhgOumQ==
GET H2	200	sync.min.js Show response tags.crwdcntrl.net/lt/c/16589/	38 KB 12 KB	1094ms 20ms	Script text/javascript	18.155.129.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/16589/sync.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.155.129.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-155-129-34.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 05 Aug 2023 11:15:11 GMT content-encoding gzip via 1.1 aeaf6805e1f7af40289dbac799f9b670.cloudfront.net (CloudFront) last-modified Wed, 31 May 2023 20:34:33 GMT server AmazonS3 x-amz-cf-pop CDG52-P4 age 79832 x-amz-server-side-encryption AES256 etag W/"550ead3a95bd6cfcd917d45c5f8f4553" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=86400 x-amz-cf-id mp3_kX36_MvmztCKgA_VhhSuKsY1_hVi987eFj8-g7mlmTUeaAL0AA==
GET H2	200	encrypted-tag-g.js Show response invstatic101.creativecdn.com/encrypted-signals/	1 KB 1 KB	1311ms 25ms	Script text/javascript	34.96.70.87 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 87.70.96.34.bc.googleusercontent.com Software Google Frontend / Resource Hash b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT via 1.1 google, 1.1 google last-modified Thu, 03 Aug 2023 03:28:51 GMT server Google Frontend etag fc4e6bfe266081c4873c6f08c8298e5c content-type text/javascript; charset=utf-8 x-cloud-trace-context aff05f5cc9628b26afeb62557a8f296f alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1207
GET H2	200	publishertag.ids.js Show response static.criteo.net/js/ld/	42 KB 13 KB	61ms 27ms	Script text/javascript	2a02:2638:d::2 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.ids.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:41 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Jul 2023 13:25:47 GMT server nginx etag W/"64ad585b-a980" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Mon, 07 Aug 2023 09:25:41 GMT
GET H2	200	ob.js Show response cdn-ima.33across.com/	40 KB 9 KB	285ms 14ms	Script application/javascript	104.18.24.112 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-ima.33across.com/ob.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.24.112 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca372f1d4ced7e2a37e83eb5b880159ba569a4fbf613b9cc2894a6c8726c13f6 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:41 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 20 Jul 2023 17:46:36 GMT server cloudflare age 53819 etag W/"64b972fc-a13f" vary Accept-Encoding content-type application/javascript cache-control public, max-age=86400 cf-ray 7f263be9192b9c00-FRA expires Mon, 07 Aug 2023 09:25:41 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	1 KB 758 B	272ms 272ms	XHR text/plain	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3795749037860041&correlator=4500165365949224&eid=31068826&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C175844fe-17b4-47e6-9355-28af1ff828c4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=1711219817&didk=1133630126&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1691313941663&lmt=1691313939&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11813%2F0%2Fmotogp-vs-motogp%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=784738915.1691313942&ga_sid=1691313942&ga_hid=1728061049&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYmdmq0ZwxSABSAghkEhkKCnB1YmNpZC5vcmcYmNmq0ZwxSABSAghkEhcKCHJ0YmhvdXNlGJnZqtGcMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiZ2arRnDFIAFICCGQSGQoKdWlkYXBpLmNvbRiZ2arRnDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJnZqtGcMUgAUgIIZA..&dlt=1691313940033&idt=1564&prev_scp=ti%3D8a8e1b47-95a7-47a1-8d1d-66d3c6b5767c%26interstitials-bid%3D13%26bid-p%3Dgoogle%26bsc%3D74 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 473fa3e5c5cbf8bd2b5ffb77db240b920c4297892b9a99ad67e008cff272e295 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:41 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 727 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://yalla-shoots.tv cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DF3B	6 KB 3 KB	64ms 14ms	Document text/html	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://yalla-shoots.tv/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sun, 06 Aug 2023 09:25:41 GMT expires Mon, 05 Aug 2024 09:25:41 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	pubads_impl_page_level_ads.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/	37 KB 13 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl_page_level_ads.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ad426d1dc2d0d527e2ad3f0e36344c25d9893546a49353e19bd991bd1b1638a8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 05 Aug 2023 11:01:54 GMT content-encoding br x-content-type-options nosniff age 80627 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13114 x-xss-protection 0 server cafe etag 13739258740327089956 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Sun, 04 Aug 2024 11:01:54 GMT
HEAD H3	200	e.js Show response live.demand.supply/e/	0 480 B	100ms 100ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&pdc=0.12517921924591066&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nf-request-id 01H5N5AHKBES9HA8XC274JEKPE date Sun, 06 Aug 2023 09:25:41 GMT cf-cache-status HIT age 1345560 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "46f47d652033caa436f550f7e8b20e7f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7f263be7aa205c92-FRA
GET H2	200	yalla-shoots.tv_fluid_lb+sq Show response api.demand.supply/v16-10-0/a/	384 B 719 B	47ms 20ms	XHR application/json	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.demand.supply/v16-10-0/a/yalla-shoots.tv_fluid_lb+sq?&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc1caaf48f07ac4a250c4b77588fe832b8425cfe51b2ad4036fda452779bd593 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:41 GMT content-encoding br cf-cache-status HIT server cloudflare age 4837 etag W/"180-HcP8qDR74P4pqtd25avrOUY3DlM" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600 cf-ray 7f263be7d9fe39d6-FRA alt-svc h3=":443"; ma=86400
HEAD H3	200	e.js Show response live.demand.supply/e/	0 480 B	104ms 103ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_sky%2Bsq&pdc=0.4350728511810303&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nf-request-id 01H5N5AHKBES9HA8XC274JEKPE date Sun, 06 Aug 2023 09:25:41 GMT cf-cache-status HIT age 1345560 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "46f47d652033caa436f550f7e8b20e7f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7f263be7aa245c92-FRA
GET H2	200	yalla-shoots.tv_fluid_sky+sq Show response api.demand.supply/v16-10-0/a/	376 B 539 B	47ms 20ms	XHR application/json	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.demand.supply/v16-10-0/a/yalla-shoots.tv_fluid_sky+sq?&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f1e0c66357f944b7cbbb90151cfe5c7a42356f03e5e0adf9093eb8f4b9145d1d Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:41 GMT content-encoding br cf-cache-status HIT server cloudflare age 2410 etag W/"178-6Hr6m8PXL+1CEL9o1pWc//R91uc" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600 cf-ray 7f263be7da0039d6-FRA alt-svc h3=":443"; ma=86400
GET H2	200	syncframe Show response gum.criteo.com/ Frame 3B53	15 KB 6 KB	344ms 15ms	Document text/html	178.250.1.11 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=yalla-shoots.tv Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.ids.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://yalla-shoots.tv/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 06 Aug 2023 09:25:41 GMT server Kestrel server-processing-duration-in-ticks 233454 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
HEAD H3	200	e.js Show response live.demand.supply/e/	0 482 B	98ms 98ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=yalla-shoots.tv_native_multi_native1&pdc=0.46250177621841426&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nf-request-id 01H5N5AHKBES9HA8XC274JEKPE date Sun, 06 Aug 2023 09:25:41 GMT cf-cache-status HIT age 1345560 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "46f47d652033caa436f550f7e8b20e7f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7f263be7da4c5c92-FRA
GET H2	200	yalla-shoots.tv_native_multi_native1 Show response api.demand.supply/v16-10-0/a/	2 B 301 B	94ms 94ms	XHR application/json	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.demand.supply/v16-10-0/a/yalla-shoots.tv_native_multi_native1?&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:41 GMT cf-cache-status HIT server cloudflare age 4412 etag W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600 accept-ranges bytes cf-ray 7f263be7d9ff39d6-FRA alt-svc h3=":443"; ma=86400 content-length 2
HEAD H3	200	e.js Show response live.demand.supply/x/	0 482 B	15ms 15ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/x/e.js?ce=da&r=yalla-shoots.tv_fluid_lb%2Bsq&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nf-request-id 01H4S9SCRGM1ZAKRQV2X4J80TA date Sun, 06 Aug 2023 09:25:41 GMT cf-cache-status HIT age 2061418 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "5b5ae7efc98c735bc4fd5b42c94c2364-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7f263be7fa715c92-FRA
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	674 B 356 B	474ms 474ms	XHR text/plain	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3795749037860041&correlator=1546529014346870&eid=31068826&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2Cb04e0731-e557-4382-a933-c1fbc3bd5d3a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x600%7C160x600%7C300x250%7C300x600%7C320x480&ifi=2&adks=2458278686&didk=412460675&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1691313941771&lmt=1691313939&adxs=302&adys=504&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11813%2F0%2Fmotogp-vs-motogp%2F&frm=20&vis=1&psz=1052x616&msz=1052x616&fws=4&ohw=1100&ga_vid=784738915.1691313942&ga_sid=1691313942&ga_hid=1728061049&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYmdmq0ZwxSABSAghkEhkKCnB1YmNpZC5vcmcYxNmq0ZwxSABSAghqEhcKCHJ0YmhvdXNlGJnZqtGcMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiZ2arRnDFIAFICCGQSGQoKdWlkYXBpLmNvbRiZ2arRnDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJnZqtGcMUgAUgIIZA..&dlt=1691313940033&idt=1564&prev_scp=ti%3D8a8e1b47-95a7-47a1-8d1d-66d3c6b5767c%26chrand%3Dy%26pof%3D0%26bid%3D0.43%26bid-p%3Dgoogle%26bsc%3D74 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d9d8e240781f8714783b04a213ccbb11f2d0f3caf6b0bd6faa129a1fcc537dee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 325 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://yalla-shoots.tv cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	670 B 351 B	186ms 185ms	XHR text/plain	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3795749037860041&correlator=293450141864263&eid=31068826&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2Cd1a1c191-431e-4572-9ea6-1ea409ee05ff&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=3&adks=924393925&didk=1418515193&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1691313941777&lmt=1691313939&adxs=314&adys=2311&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11813%2F0%2Fmotogp-vs-motogp%2F&frm=20&vis=1&psz=1076x116&msz=1076x116&fws=4&ohw=1100&ga_vid=784738915.1691313942&ga_sid=1691313942&ga_hid=1728061049&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYmdmq0ZwxSABSAghkEhkKCnB1YmNpZC5vcmcYxNmq0ZwxSABSAghqEhcKCHJ0YmhvdXNlGJnZqtGcMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiZ2arRnDFIAFICCGQSGQoKdWlkYXBpLmNvbRiZ2arRnDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJnZqtGcMUgAUgIIZA..&dlt=1691313940033&idt=1564&prev_scp=ti%3D8a8e1b47-95a7-47a1-8d1d-66d3c6b5767c%26chrand%3Dy%26pof%3D0%26bid%3D0.08%26bid-p%3Dgoogle%26rfi%3D30%26bsc%3D74 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 35fc8bbe311d8f6ac131019b3bd3742a54a9aa115330f85acc6c7bdba39a8da3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:41 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 320 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://yalla-shoots.tv cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
HEAD H3	200	e.js Show response live.demand.supply/e/	0 482 B	110ms 110ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&pdc=0.12517921924591066&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nf-request-id 01H5N5AHKBES9HA8XC274JEKPE date Sun, 06 Aug 2023 09:25:41 GMT cf-cache-status HIT age 1345560 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "46f47d652033caa436f550f7e8b20e7f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7f263be83ac75c92-FRA
GET H3	200	yalla-shoots.tv_fluid_lb+sq Show response api.demand.supply/v16-10-0/a/	384 B 690 B	103ms 103ms	XHR application/json	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.demand.supply/v16-10-0/a/yalla-shoots.tv_fluid_lb+sq?&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc1caaf48f07ac4a250c4b77588fe832b8425cfe51b2ad4036fda452779bd593 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:41 GMT content-encoding br cf-cache-status HIT server cloudflare etag W/"180-HcP8qDR74P4pqtd25avrOUY3DlM" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600 cf-ray 7f263be83ac85c92-FRA alt-svc h3=":443"; ma=86400
HEAD H3	200	e.js Show response live.demand.supply/e/	0 479 B	13ms 13ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=d&sc=yalla-shoots.tv_native_multi_native1&err=Cannot%20convert%20undefined%20or%20null%20to%20object&e=as&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nf-request-id 01H5N5AHKBES9HA8XC274JEKPE date Sun, 06 Aug 2023 09:25:41 GMT cf-cache-status HIT age 1345560 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "46f47d652033caa436f550f7e8b20e7f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7f263be87aff5c92-FRA
HEAD H3	200	e.js Show response live.demand.supply/x/	0 478 B	103ms 103ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/x/e.js?ce=da&r=yalla-shoots.tv_fluid_lb%2Bsq&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nf-request-id 01H4S9SCRGM1ZAKRQV2X4J80TA date Sun, 06 Aug 2023 09:25:41 GMT cf-cache-status HIT age 2061418 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "5b5ae7efc98c735bc4fd5b42c94c2364-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7f263be8eb7c5c92-FRA
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	670 B 351 B	167ms 166ms	XHR text/plain	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3795749037860041&correlator=2794392918962766&eid=31068826&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2Cd1a1c191-431e-4572-9ea6-1ea409ee05ff&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=4&adks=2339785257&didk=1418515199&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1691313941920&lmt=1691313939&adxs=302&adys=220&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11813%2F0%2Fmotogp-vs-motogp%2F&frm=20&vis=1&psz=1052x116&msz=1052x116&fws=4&ohw=1100&ga_vid=784738915.1691313942&ga_sid=1691313942&ga_hid=1728061049&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYmdmq0ZwxSABSAghkEhkKCnB1YmNpZC5vcmcYxNmq0ZwxSABSAghqEhcKCHJ0YmhvdXNlGJnZqtGcMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiZ2arRnDFIAFICCGQSGQoKdWlkYXBpLmNvbRiZ2arRnDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJnZqtGcMUgAUgIIZA..&dlt=1691313940033&idt=1564&prev_scp=ti%3D8a8e1b47-95a7-47a1-8d1d-66d3c6b5767c%26chrand%3Dy%26pof%3D0%26bid%3D0.08%26bid-p%3Dgoogle%26rfi%3D30%26bsc%3D74 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash de5728fffd5c4be9482003ef45ea73112b0389c734ac56ac6163a7819449881f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 320 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://yalla-shoots.tv cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
HEAD H3	200	e.js Show response live.demand.supply/e/	0 480 B	18ms 18ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_interstitial_desktop&e=nai&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nf-request-id 01H5N5AHKBES9HA8XC274JEKPE date Sun, 06 Aug 2023 09:25:41 GMT cf-cache-status HIT age 1345560 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "46f47d652033caa436f550f7e8b20e7f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7f263be92bd05c92-FRA
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	972 B 509 B	189ms 189ms	XHR text/plain	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3795749037860041&correlator=308313782683399&eid=31068826&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2Cb17090f6-08a6-4b68-a0ee-9e4e6b306a62&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&adks=4082428376&didk=3642258492&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D0824d0255d4a214e%3AT%3D1691313941%3ART%3D1691313941%3AS%3DALNI_MYciYAh5Iyhy4MSjl4poeLK6lH9aw&gpic=UID%3D00000c79f54e44c2%3AT%3D1691313941%3ART%3D1691313941%3AS%3DALNI_MYUlsPnWujiv9GBO-WKlO0iAe3rzA&abxe=1&dt=1691313941948&lmt=1691313939&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11813%2F0%2Fmotogp-vs-motogp%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=784738915.1691313942&ga_sid=1691313942&ga_hid=1728061049&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYmdmq0ZwxSABSAghkEhkKCnB1YmNpZC5vcmcYxNmq0ZwxSABSAghqEhcKCHJ0YmhvdXNlGJnZqtGcMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiZ2arRnDFIAFICCGQSGQoKdWlkYXBpLmNvbRiZ2arRnDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJnZqtGcMUgAUgIIZA..&dlt=1691313940033&idt=1564&prev_scp=ti%3D8a8e1b47-95a7-47a1-8d1d-66d3c6b5767c%26interstitials-bid%3D4%26bid-p%3Dgoogle%26bsc%3D74 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 06128f9e8b45d5891e7bd51098492245e6c2e79105435c4159b0de4085313e42 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 477 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://yalla-shoots.tv cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
HEAD H3	200	e.js Show response live.demand.supply/e/	0 481 B	99ms 98ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_728x90_sticky_display_bottom&pdc=0.1805095076560974&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nf-request-id 01H5N5AHKBES9HA8XC274JEKPE date Sun, 06 Aug 2023 09:25:42 GMT cf-cache-status HIT age 1345561 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "46f47d652033caa436f550f7e8b20e7f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7f263be93bea5c92-FRA
GET H3	200	sdb.css live.demand.supply/css/	4 KB 2 KB	104ms 103ms	Stylesheet text/css	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/css/sdb.css Requested by Host: client URL: about:client Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nf-request-id 01H6RG2MPY6RXJSSCBB6XQAQ1T date Sun, 06 Aug 2023 09:25:42 GMT content-encoding br cf-cache-status HIT cf-bgj minify server cloudflare age 1903 etag W/"624a705ce1b65875ce70f98cfa74b907-ssl-df" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control max-age=2592000,immutable,stale-if-error=604800 cf-ray 7f263be93f1f91f0-FRA alt-svc h3=":443"; ma=86400
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	27 KB 12 KB	188ms 188ms	XHR text/plain	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3795749037860041&correlator=2811860440761944&eid=31068826&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2Ce5669f2b-6edb-4aaf-a4c4-28a893d4756b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=6&adks=870027903&didk=4055989924&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D0824d0255d4a214e%3AT%3D1691313941%3ART%3D1691313941%3AS%3DALNI_MYciYAh5Iyhy4MSjl4poeLK6lH9aw&gpic=UID%3D00000c79f54e44c2%3AT%3D1691313941%3ART%3D1691313941%3AS%3DALNI_MYUlsPnWujiv9GBO-WKlO0iAe3rzA&abxe=1&dt=1691313941959&lmt=1691313939&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11813%2F0%2Fmotogp-vs-motogp%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=784738915.1691313942&ga_sid=1691313942&ga_hid=1728061049&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYmdmq0ZwxSABSAghkEhkKCnB1YmNpZC5vcmcYxNmq0ZwxSABSAghqEhcKCHJ0YmhvdXNlGJnZqtGcMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiZ2arRnDFIAFICCGQSGQoKdWlkYXBpLmNvbRiZ2arRnDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJnZqtGcMUgAUgIIZA..&dlt=1691313940033&idt=1564&prev_scp=ti%3D8a8e1b47-95a7-47a1-8d1d-66d3c6b5767c%26chrand%3Dy%26pof%3D0%26bid%3D0.18%26bid-p%3Dgoogle%26rfi%3D30%26stt%3Dbhs%26bsc%3D74 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3584fb220db9a57f31fe3edb0bab2248647877d319d35e6740310350d710f13a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12121 x-xss-protection 0 google-lineitem-id 5564063177 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138332681208 content-type text/plain; charset=UTF-8 access-control-allow-origin https://yalla-shoots.tv cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	204	increment Show response id5-sync.com/api/esp/	0 324 B	1035ms 8ms	XHR text/plain	162.19.138.83 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/api/esp/increment?counter=no-config Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/esp.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31532338.ip-162-19-138.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://yalla-shoots.tv/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://yalla-shoots.tv date Sun, 06 Aug 2023 09:25:42 GMT strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
HEAD H3	200	e.js Show response live.demand.supply/e/	0 481 B	15ms 14ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&e=nai&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nf-request-id 01H5N5AHKBES9HA8XC274JEKPE date Sun, 06 Aug 2023 09:25:41 GMT cf-cache-status HIT age 1345560 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "46f47d652033caa436f550f7e8b20e7f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7f263be95c055c92-FRA
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	37 KB 16 KB	202ms 201ms	XHR text/plain	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3795749037860041&correlator=2708560550796484&eid=31068826&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2Cfc89faaf-d2a1-46c0-b90d-6d8e04bab92a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=7&adks=4125583446&didk=1418515193&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D47dc1d5b42e349f1%3AT%3D1691313941%3ART%3D1691313941%3AS%3DALNI_MYEcMJUXUGOREWLj4jQrldazYlBww&gpic=UID%3D00000c79f53bedc2%3AT%3D1691313941%3ART%3D1691313941%3AS%3DALNI_MbYDwXygWgJ0x84jGKE25z1v-hEHw&abxe=1&dt=1691313941974&lmt=1691313939&adxs=314&adys=2311&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11813%2F0%2Fmotogp-vs-motogp%2F&frm=20&vis=1&psz=1076x116&msz=1076x116&fws=4&ohw=1100&ga_vid=784738915.1691313942&ga_sid=1691313942&ga_hid=1728061049&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYmdmq0ZwxSABSAghkEhkKCnB1YmNpZC5vcmcYxNmq0ZwxSABSAghqEhcKCHJ0YmhvdXNlGJnZqtGcMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiZ2arRnDFIAFICCGQSGQoKdWlkYXBpLmNvbRiZ2arRnDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJnZqtGcMUgAUgIIZA..&dlt=1691313940033&idt=1564&prev_scp=ti%3D8a8e1b47-95a7-47a1-8d1d-66d3c6b5767c%26chrand%3Dy%26pof%3D0%26bid%3D0.02%26bid-p%3Dgoogle%26rfi%3D30%26bsc%3D74 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 29b55995fcbe782ce6e851ea113b98c0ead4db2432e4b20534a6e18d39ef7431 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16197 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://yalla-shoots.tv cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	json Show response gum.criteo.com/sid/ Frame 3B53	425 B 552 B	16ms 16ms	Fetch application/json	178.250.1.11 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=publishertagids&domain=yalla-shoots.tv&sn=ChromeSyncframe&so=0&topUrl=yalla-shoots.tv&cw=1&lsw=1&topicsavail=0&fledgeavail=0 Requested by Host: gum.criteo.com URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=yalla-shoots.tv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash c57b7844672f326131fc9c8061ca5a4b183e62b66996e5178394d43b269c1755 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=yalla-shoots.tv User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sun, 06 Aug 2023 09:25:42 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding content-type application/json; charset=utf-8 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 2059149 expires 0
HEAD H3	200	e.js Show response live.demand.supply/e/	0 482 B	108ms 108ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&e=nai&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nf-request-id 01H5N5AHKBES9HA8XC274JEKPE date Sun, 06 Aug 2023 09:25:42 GMT cf-cache-status HIT age 1345561 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "46f47d652033caa436f550f7e8b20e7f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7f263bea2d685c92-FRA
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	38 KB 16 KB	217ms 216ms	XHR text/plain	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3795749037860041&correlator=2460083689840752&eid=31068826&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2Cfc89faaf-d2a1-46c0-b90d-6d8e04bab92a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=8&adks=4179791867&didk=1418515199&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D13580aba94c4fae3%3AT%3D1691313941%3ART%3D1691313941%3AS%3DALNI_MY0w_YTmT-1p-WpOgDj0SiJM5pecg&gpic=UID%3D00000c79f546cd8c%3AT%3D1691313941%3ART%3D1691313941%3AS%3DALNI_MavIcBGZkZqotMIr73cCnwjKJd67A&abxe=1&dt=1691313942111&lmt=1691313939&adxs=302&adys=220&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11813%2F0%2Fmotogp-vs-motogp%2F&frm=20&vis=1&psz=1052x116&msz=1052x116&fws=4&ohw=1100&ga_vid=784738915.1691313942&ga_sid=1691313942&ga_hid=1728061049&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYmdmq0ZwxSABSAghkEhkKCnB1YmNpZC5vcmcYxNmq0ZwxSABSAghqEhcKCHJ0YmhvdXNlGJnZqtGcMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiZ2arRnDFIAFICCGQSGQoKdWlkYXBpLmNvbRiZ2arRnDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJnZqtGcMUgAUgIIZA..&dlt=1691313940033&idt=1564&prev_scp=ti%3D8a8e1b47-95a7-47a1-8d1d-66d3c6b5767c%26chrand%3Dy%26pof%3D0%26bid%3D0.02%26bid-p%3Dgoogle%26rfi%3D30%26bsc%3D74 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3e3159e677ef36a038ca7c8d768f2c90790e874d3245b247516f7519caf4006e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16356 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://yalla-shoots.tv cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
HEAD H3	200	e.js Show response live.demand.supply/e/	0 479 B	102ms 102ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_interstitial_desktop&e=nai&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nf-request-id 01H5N5AHKBES9HA8XC274JEKPE date Sun, 06 Aug 2023 09:25:42 GMT cf-cache-status HIT age 1345561 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "46f47d652033caa436f550f7e8b20e7f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7f263bea6da95c92-FRA
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	972 B 507 B	267ms 267ms	XHR text/plain	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3795749037860041&correlator=3945647484206&eid=31068826&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C0d2503d0-0ba5-488d-b5c8-a33cd4dbb165&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=9&adks=382925298&didk=2510433324&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D13580aba94c4fae3%3AT%3D1691313941%3ART%3D1691313941%3AS%3DALNI_MY0w_YTmT-1p-WpOgDj0SiJM5pecg&gpic=UID%3D00000c79f546cd8c%3AT%3D1691313941%3ART%3D1691313941%3AS%3DALNI_MavIcBGZkZqotMIr73cCnwjKJd67A&abxe=1&dt=1691313942144&lmt=1691313939&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11813%2F0%2Fmotogp-vs-motogp%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=784738915.1691313942&ga_sid=1691313942&ga_hid=1728061049&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYmdmq0ZwxSABSAghkEhkKCnB1YmNpZC5vcmcYxNmq0ZwxSABSAghqEhcKCHJ0YmhvdXNlGJnZqtGcMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiZ2arRnDFIAFICCGQSGQoKdWlkYXBpLmNvbRiZ2arRnDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJnZqtGcMUgAUgIIZA..&dlt=1691313940033&idt=1564&prev_scp=ti%3D8a8e1b47-95a7-47a1-8d1d-66d3c6b5767c%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D74 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 865317a70e2782e54a3e0cc23788dd74454af42968ca53a7b0df0e8670d594da Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 477 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://yalla-shoots.tv cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET		view securepubads.g.doubleclick.net/pcs/ Frame 43E6	0 0
GET		rx_lidar.js www.googletagservices.com/activeview/js/current/ Frame 43E6	0 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	27 KB 12 KB	286ms 286ms	XHR text/plain	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3795749037860041&correlator=931851195588653&eid=31068826&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2Cbb510014-4c35-4178-96b7-44ce355e0c64&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=10&adks=3408801885&didk=4055989924&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D13580aba94c4fae3%3AT%3D1691313941%3ART%3D1691313941%3AS%3DALNI_MY0w_YTmT-1p-WpOgDj0SiJM5pecg&gpic=UID%3D00000c79f546cd8c%3AT%3D1691313941%3ART%3D1691313941%3AS%3DALNI_MavIcBGZkZqotMIr73cCnwjKJd67A&abxe=1&dt=1691313942169&lmt=1691313939&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11813%2F0%2Fmotogp-vs-motogp%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=784738915.1691313942&ga_sid=1691313942&ga_hid=1728061049&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYmdmq0ZwxSABSAghkEhkKCnB1YmNpZC5vcmcYxNmq0ZwxSABSAghqEhcKCHJ0YmhvdXNlGJnZqtGcMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiZ2arRnDFIAFICCGQSGQoKdWlkYXBpLmNvbRiZ2arRnDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJnZqtGcMUgAUgIIZA..&dlt=1691313940033&idt=1564&prev_scp=ti%3D8a8e1b47-95a7-47a1-8d1d-66d3c6b5767c%26chrand%3Dy%26pof%3D0%26bid%3D0.08%26bid-p%3Dgoogle%26rfi%3D30%26stt%3Dbhs%26bsc%3D74 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 22b0b21e4948221edab266cfbb8c3fced5b62bceecadec63571d99ac324e3e70 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12122 x-xss-protection 0 google-lineitem-id 5563951099 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138332681208 content-type text/plain; charset=UTF-8 access-control-allow-origin https://yalla-shoots.tv cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2E37	6 KB 3 KB	8ms 7ms	Document text/html	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://yalla-shoots.tv/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sun, 06 Aug 2023 09:25:41 GMT expires Mon, 05 Aug 2024 09:25:41 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
HEAD H3	200	e.js Show response live.demand.supply/e/	0 480 B	17ms 17ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&pn=1&sn=2&pc=0.12517921924591066&ds=true&e=wdp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nf-request-id 01H5N5AHKBES9HA8XC274JEKPE date Sun, 06 Aug 2023 09:25:42 GMT cf-cache-status HIT age 1345561 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "46f47d652033caa436f550f7e8b20e7f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7f263beabe015c92-FRA
HEAD H3	200	e.js Show response live.demand.supply/e/	0 480 B	100ms 100ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=0.02&b=2&r=yalla-shoots.tv_fluid_lb%2Bsq&sy=23a3d1b1-0160-42f1-a1d0-e2e5b611a1cd&ts=74&cd=2&pud=1332&pus=c&pue=1945&pid=94&pis=c&pie=2040&ppd=212&pps=a&ppe=2158&pcl=671&ttc=2320&tti=2761&ttif=0&lca=2158&lcak=ppe&lct=2158&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=8a8e1b47-95a7-47a1-8d1d-66d3c6b5767c&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nf-request-id 01H5N5AHKBES9HA8XC274JEKPE date Sun, 06 Aug 2023 09:25:42 GMT cf-cache-status HIT age 1345561 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "46f47d652033caa436f550f7e8b20e7f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7f263beabe065c92-FRA
GET H2	200	dr Show response as.ad4m.at/ad/ Frame 92C9	2 KB 3 KB	56ms 31ms	Document text/html	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/dr?ed=1hs4dm501bb0aqsc0xx9wawz90kkek6t2yw1yxkzqxkxkrp7whbtmsy0yjwvtpxm43ng948y5aetnv2hx0y9s1d51eyykdtz2p5vkwa37tpsqqk1yvz4zr84tv6twm8c8zmdkfppee6nffvx1wrfrzr8c1f3zy2ysdsqs2bbgpcqw1c8xmk7s3v970aab98b7c19zbvp7zd18464zbzx7jyrr3aqvsa5815j7akbjhqt7apfggg26d93yryrctfz00pvg83j2tq4w5wes50xmbaq2087d30bpz9sa5zb5gef580f6m9545sk5cxsbn8psx84n1etc0bzm23hshaafct548gq3qcnhn4m6wr4gt9bvs46k5h5bz849cdpexfw3gv1ac1bcf8tpszcvhk45pfjv5ck6nvkhah3vg2n3c4e7rvm9jxv5y0bqgd2980859mhmd6s89gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzFbbFmfPZPRpwrOR1Q_v2KPQApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS8Ak_Qy0T3GJwFiVxnKPffR-5qA3EaCuzYmopexnIu2iZEV06uDgnP76_YCLn17F8LvWYC87CXyJfVH03uL17oXnesWF3j47lXyeATNkDSzshaztZvXIPqmiI3B8b5RB9Lchi-P_7FAi8ydk36bfbxciVOrTgMsrj44GC9WqXsRD8B09ODoGda3bRaXmsmcuxjMxS-9eNXyIGbthgFoingdzluQ6ys42S5L3vb9mBLoPqUQ_VaOEhSKnysJ9Dg2wZ6sk6VUCOI29m5pK9zN0dn9uEDWm4oBx_WNBvQyWGUS6D1iyLJO86n78JvomWr-zVVkl5fH5Lk0hmzixJWbkStSeKQQunSRr9smO7aIvzbH4EKrrZMAhN-0RzzphOtVihZ0YSw7aa6FAMDiNYpf0HjIfToVF0sHsBOM3IHW8bgBAGABsiuydS6xLrcJaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0z5ZsHtulXStNxcotiVICIKyDGlQ%26client%3Dca-pub-3831894559014614%26adurl%3D Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 617507a8989c0e9b0f689491caeac5f88012a3b68cb57f2f26fa2fb48d9126cb Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-cache-status DYNAMIC cf-ray 7f263beafb454dcc-FRA content-encoding br content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' content-type text/html; charset=utf-8 cross-origin-embedder-policy unsafe-none cross-origin-opener-policy unsafe-none cross-origin-resource-policy cross-origin date Sun, 06 Aug 2023 09:25:42 GMT expires 0 feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} pragma no-cache referrer-policy same-origin report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} server cloudflare strict-transport-security max-age=86400; includeSubDomains; preload surrogate-control no-store vary accept-encoding via 1.1 google x-content-type-options nosniff x-download-options noopen x-xss-protection 1; mode=block
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 2E37	3 KB 1 KB	45ms 9ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 05 Aug 2023 14:44:44 GMT content-encoding br x-content-type-options nosniff age 67258 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 19 Aug 2023 14:44:44 GMT
GET H2	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 9EA4	1 KB 1001 B	28ms 5ms	Document text/html	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 15128 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 06 Aug 2023 05:13:34 GMT etag 48472445140208031 expires Mon, 07 Aug 2023 05:13:34 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 2E37	20 KB 8 KB	42ms 7ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 05 Aug 2023 13:47:03 GMT content-encoding br x-content-type-options nosniff age 70719 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8261 x-xss-protection 0 server cafe etag 3571037177597359341 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 19 Aug 2023 13:47:03 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 2E37	0 0	198ms 19ms	Image text/html	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTsYF0FAbXUkzPPHpbq5k0vEKntj7Ro952pXxeAqrunyURbxX9iKlxK11IwMUGEqGYzjolBoJ6KLxunVL7yhraSBTCGIQ Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers
GET H2	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2E37	24 KB 7 KB	42ms 8ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Wed, 02 Aug 2023 08:18:25 GMT content-encoding br x-content-type-options nosniff age 349637 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6402 x-xss-protection 0 last-modified Thu, 03 Nov 2022 19:10:08 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 01 Aug 2024 08:18:25 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 2E37	179 KB 57 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57430 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1690976231057960" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 06 Aug 2023 09:25:42 GMT
HEAD H3	200	e.js Show response live.demand.supply/e/	0 480 B	17ms 17ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_sky%2Bsq&e=nai&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nf-request-id 01H5N5AHKBES9HA8XC274JEKPE date Sun, 06 Aug 2023 09:25:42 GMT cf-cache-status HIT age 1345561 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "46f47d652033caa436f550f7e8b20e7f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7f263beb1e745c92-FRA
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	27 KB 12 KB	332ms 331ms	XHR text/plain	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3795749037860041&correlator=3235132593717429&eid=31068826&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C1e113ef7-ca18-48f5-b9a7-d1012c42bba1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x600%7C160x600%7C300x250%7C300x600%7C320x480&ifi=11&adks=3312549555&didk=412460675&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D71061afa4f87b656%3AT%3D1691313941%3ART%3D1691313941%3AS%3DALNI_MaTn69Mo1i5UYkz7u1gbZ-qtjI2Gg&gpic=UID%3D00000c79f5b75660%3AT%3D1691313941%3ART%3D1691313941%3AS%3DALNI_MZoJ-Yo5nIE0_2qo4FlDeUMpPaJiQ&abxe=1&dt=1691313942258&lmt=1691313939&adxs=302&adys=504&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11813%2F0%2Fmotogp-vs-motogp%2F&frm=20&vis=1&psz=1052x616&msz=1052x616&fws=4&ohw=1100&ga_vid=784738915.1691313942&ga_sid=1691313942&ga_hid=1728061049&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYmdmq0ZwxSABSAghkEhkKCnB1YmNpZC5vcmcYxNmq0ZwxSABSAghqEhcKCHJ0YmhvdXNlGJnZqtGcMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiZ2arRnDFIAFICCGQSGQoKdWlkYXBpLmNvbRiZ2arRnDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJnZqtGcMUgAUgIIZA..&dlt=1691313940033&idt=1564&prev_scp=ti%3D8a8e1b47-95a7-47a1-8d1d-66d3c6b5767c%26chrand%3Dy%26pof%3D0%26bid%3D0.16%26bid-p%3Dgoogle%26bsc%3D74 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7aaf207e15c060d216ffc7aa07d1f91fe8e836e4ea8ac90fde34c0a6c30dc95a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12122 x-xss-protection 0 google-lineitem-id 5564063651 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138332681208 content-type text/plain; charset=UTF-8 access-control-allow-origin https://yalla-shoots.tv cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	i.match s.tribalfusion.com/z/ Frame 9EA4 Redirect Chain https://a.tribalfusion.com/i.match?p=b6&u=CAESEGZjNmc1meKMlTpj9cBFuAE&google_cver=1&google_push=AXcoOmRTMXlnXPhmYx2_EJhh-qmsdbufUtylDqsLQmnRKC52cuupMuVF_kbwHkt4bQ_wiGTGSiibnlBEzBDoCUi7pVpyg9GVoYwSI... https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGZjNmc1meKMlTpj9cBFuAE&google_cver=1&google_push=AXcoOmRTMXlnXPhmYx2_EJhh-qmsdbufUtylDqsLQmnRKC52cuupMuVF_kbwHkt4bQ_wiGTGSiibnlBEzBDoCUi7pVpyg9GVoYw...	43 B 433 B	195ms 186ms	Image image/gif	2606:4700::6812:18ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGZjNmc1meKMlTpj9cBFuAE&google_cver=1&google_push=AXcoOmRTMXlnXPhmYx2_EJhh-qmsdbufUtylDqsLQmnRKC52cuupMuVF_kbwHkt4bQ_wiGTGSiibnlBEzBDoCUi7pVpyg9GVoYwSIg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRTMXlnXPhmYx2_EJhh-qmsdbufUtylDqsLQmnRKC52cuupMuVF_kbwHkt4bQ_wiGTGSiibnlBEzBDoCUi7pVpyg9GVoYwSIg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sun, 06 Aug 2023 09:25:42 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7f263bec8cad9125-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Sun, 06 Aug 2023 09:25:42 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 1470 content-type text/html location https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGZjNmc1meKMlTpj9cBFuAE&google_cver=1&google_push=AXcoOmRTMXlnXPhmYx2_EJhh-qmsdbufUtylDqsLQmnRKC52cuupMuVF_kbwHkt4bQ_wiGTGSiibnlBEzBDoCUi7pVpyg9GVoYwSIg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRTMXlnXPhmYx2_EJhh-qmsdbufUtylDqsLQmnRKC52cuupMuVF_kbwHkt4bQ_wiGTGSiibnlBEzBDoCUi7pVpyg9GVoYwSIg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7f263beb5b3c9125-FRA alt-svc h3=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 9EA4 Redirect Chain https://fksnk.com/cs/google?google_gid=CAESEHPx_Rio6PfDz-4ZZfsSOUw&google_cver=1&google_push=AXcoOmT-m1oDVhuV_XLakE1EagedVNMcVkRNri2YkZCLZzYoFKvtd7KhK0Cu5022-kZU9if9urTuDwK7XXxx2NI5Qo5mEbCTHI6Y https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MDIxREI3NTBBMzRGRDkyOQ==	170 B 188 B	19ms 18ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MDIxREI3NTBBMzRGRDkyOQ== Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sun, 06 Aug 2023 09:25:43 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MDIxREI3NTBBMzRGRDkyOQ== date Sun, 06 Aug 2023 09:25:43 GMT content-language en-US content-type text/html;charset=ISO-8859-1
GET H2	200	pixel cm.g.doubleclick.net/ Frame 9EA4 Redirect Chain https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECSafTbUG2MKAjWnN2hby28&google_cver=1&google_push=AXcoOmT1GePXLaCdX5yFtJ-17ZZA0uDyER7WsJ4_kWO1i68RuqsZ_sewhj8RH9xaeikzYWoPXHcwWwo5U47gxR... https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2NDEzODA2ODE2Nzg4Mjg5Ng%3D%3D&google_push=AXcoOmT1GePXLaCdX5yFtJ-17ZZA0uDyER7WsJ4_kWO1i68RuqsZ_sewhj8RH9xaeikzYWoPXHcwWwo5U47gxRe-AS...	170 B 329 B	18ms 17ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2NDEzODA2ODE2Nzg4Mjg5Ng%3D%3D&google_push=AXcoOmT1GePXLaCdX5yFtJ-17ZZA0uDyER7WsJ4_kWO1i68RuqsZ_sewhj8RH9xaeikzYWoPXHcwWwo5U47gxRe-ASSCbP2Q09uQ Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sun, 06 Aug 2023 09:25:42 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2NDEzODA2ODE2Nzg4Mjg5Ng%3D%3D&google_push=AXcoOmT1GePXLaCdX5yFtJ-17ZZA0uDyER7WsJ4_kWO1i68RuqsZ_sewhj8RH9xaeikzYWoPXHcwWwo5U47gxRe-ASSCbP2Q09uQ Date Sun, 06 Aug 2023 09:25:42 GMT Server nginx Connection keep-alive Transfer-Encoding chunked p3p policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
GET H2	200	pixel cm.g.doubleclick.net/ Frame 9EA4 Redirect Chain https://ads.travelaudience.com/google_pixel?google_gid=CAESELlcv0SbdjctqA67gEA8YFM&google_cver=1&google_push=AXcoOmQZGv4jl79_zrkDfsV4BwY2Rm9q-1VgD1k0jx5_sOZQdttV7Z8ZtPTaqeXlgIk-fbRMblHNhdVxXvjhrsQn... https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=IsSoXANIRGeALFMJmuwf1g2&google_push=AXcoOmQZGv4jl79_zrkDfsV4BwY2Rm9q-1VgD1k0jx5_sOZQdttV7Z8ZtPTaqeXlgIk-fbRMblHNhdVxXvjhrsQn25esSGHd_zY2IA	170 B 232 B	26ms 26ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=IsSoXANIRGeALFMJmuwf1g2&google_push=AXcoOmQZGv4jl79_zrkDfsV4BwY2Rm9q-1VgD1k0jx5_sOZQdttV7Z8ZtPTaqeXlgIk-fbRMblHNhdVxXvjhrsQn25esSGHd_zY2IA Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sun, 06 Aug 2023 09:25:42 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sun, 06 Aug 2023 09:25:42 GMT via 1.1 google x-engine-version 0.0.0 server nginx/1.21.6 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC" location https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=IsSoXANIRGeALFMJmuwf1g2&google_push=AXcoOmQZGv4jl79_zrkDfsV4BwY2Rm9q-1VgD1k0jx5_sOZQdttV7Z8ZtPTaqeXlgIk-fbRMblHNhdVxXvjhrsQn25esSGHd_zY2IA x-host tde-deliveryengine-production-559d484bf7-hkkd4 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame 9EA4 Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHJ2iyNpnZNOzdneEc6rCTQ&google_cver=1&google_push=AXcoOmR511FslhHICgpsP3tNlE4i8rFcuzG288Y8oUCHo-0svk6dfeXMfpvoCzMXyScLx-BHTv9ErTvU... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHJ2iyNpnZNOzdneEc6rCTQ&google_cver=1&google_push=AXcoOmR511FslhHICgpsP3tNlE4i8rFcuzG288Y8oUCHo-0svk6dfeXMfpvoCzMXyScLx-BHTv9... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc1NjIyNzgyNTk2OTY1OTE3NA&google_push=AXcoOmR511FslhHICgpsP3tNlE4i8rFcuzG288Y8oUCHo-0svk6dfeXMfpvoCzMXyScLx-BHTv9ErT...	170 B 232 B	20ms 20ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc1NjIyNzgyNTk2OTY1OTE3NA&google_push=AXcoOmR511FslhHICgpsP3tNlE4i8rFcuzG288Y8oUCHo-0svk6dfeXMfpvoCzMXyScLx-BHTv9ErTvUgzz-KgHcnoZi9S3gxAtU Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sun, 06 Aug 2023 09:25:42 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 06 Aug 2023 09:25:42 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc1NjIyNzgyNTk2OTY1OTE3NA&google_push=AXcoOmR511FslhHICgpsP3tNlE4i8rFcuzG288Y8oUCHo-0svk6dfeXMfpvoCzMXyScLx-BHTv9ErTvUgzz-KgHcnoZi9S3gxAtU access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	204	- s.ad.smaato.net/c/n/// Frame 9EA4	0 237 B	296ms 21ms	Image text/plain	2600:9000:211e:8600:1b:5138:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKi93SPdbFtGaoRJXZUxDow&google_cver=1&google_push=AXcoOmSR3QbJTIDCr0dqLT-Pc-591zhedS0ycmRKkAOGhPqL_2zVqIOmAi8X0yfcYjD-P_0PxchyroO6f9DHJtOxRbT-JAGaqoOHIg Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211e:8600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT cache-control no-cache, must-revalidate via 1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA56-C2 x-amz-cf-id DGWlWEveT-g7svywrZ-T58g6A-K2vO0ClM385HCmW99F2k5wWv5ibw== x-cache Miss from cloudfront
GET H3	200	pixel cm.g.doubleclick.net/ Frame 9EA4 Redirect Chain https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEN... https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQVjF8NBP7vujJTMvMIXocCSXRTd35mPBtHihiDdL3CqLvL-cVHMqxMglQEtDr00OSzYuk1POvlMaupkmCHblzz7Ayv3bx2LA&redir=https%3A%2F%2Fcm.g.dou... https://sync.targeting.unrulymedia.com/csync/RX-37492f50-b936-4e54-88c1-7a84e83c338c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQVjF8NBP7vujJTMvMIX... https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQVjF8NBP7vujJTMvMIXocCSXRTd35mPBtHihiDdL3CqLvL-cVHMqxMglQEtDr00OSzYuk1POvlMaupkmCHblzz7Ayv3bx2LA&google_hm=AzdJL1C5Nk5UiMF6hOg8M4w	170 B 188 B	17ms 17ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQVjF8NBP7vujJTMvMIXocCSXRTd35mPBtHihiDdL3CqLvL-cVHMqxMglQEtDr00OSzYuk1POvlMaupkmCHblzz7Ayv3bx2LA&google_hm=AzdJL1C5Nk5UiMF6hOg8M4w Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sun, 06 Aug 2023 09:25:44 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQVjF8NBP7vujJTMvMIXocCSXRTd35mPBtHihiDdL3CqLvL-cVHMqxMglQEtDr00OSzYuk1POvlMaupkmCHblzz7Ayv3bx2LA&google_hm=AzdJL1C5Nk5UiMF6hOg8M4w date Sun, 06 Aug 2023 09:25:44 GMT p3p CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" etag RX37492f50b9364e5488c17a84e83c338c003 content-type text/html
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 9EA4	0 130 B	52ms 15ms	Image text/html	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JqJ0_Qq4yJXOlFRNQpCJOY7HpZnMRbMaYCUBdyCH66WSGhvN3hjYkyGAJ06Vm7WbFIvNC8 Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET DATA	200 OK	truncated / Frame 2E37	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash eef45c621ed07583ab72cfa5c9d4b7d7737d34ee1383d68bb04976c66fae0d17 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/png
GET H2	200	default.css as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 92C9	114 KB 14 KB	19ms 19ms	Stylesheet text/css	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1hs4dm501bb0aqsc0xx9wawz90kkek6t2yw1yxkzqxkxkrp7whbtmsy0yjwvtpxm43ng948y5aetnv2hx0y9s1d51eyykdtz2p5vkwa37tpsqqk1yvz4zr84tv6twm8c8zmdkfppee6nffvx1wrfrzr8c1f3zy2ysdsqs2bbgpcqw1c8xmk7s3v970aab98b7c19zbvp7zd18464zbzx7jyrr3aqvsa5815j7akbjhqt7apfggg26d93yryrctfz00pvg83j2tq4w5wes50xmbaq2087d30bpz9sa5zb5gef580f6m9545sk5cxsbn8psx84n1etc0bzm23hshaafct548gq3qcnhn4m6wr4gt9bvs46k5h5bz849cdpexfw3gv1ac1bcf8tpszcvhk45pfjv5ck6nvkhah3vg2n3c4e7rvm9jxv5y0bqgd2980859mhmd6s89gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzFbbFmfPZPRpwrOR1Q_v2KPQApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS8Ak_Qy0T3GJwFiVxnKPffR-5qA3EaCuzYmopexnIu2iZEV06uDgnP76_YCLn17F8LvWYC87CXyJfVH03uL17oXnesWF3j47lXyeATNkDSzshaztZvXIPqmiI3B8b5RB9Lchi-P_7FAi8ydk36bfbxciVOrTgMsrj44GC9WqXsRD8B09ODoGda3bRaXmsmcuxjMxS-9eNXyIGbthgFoingdzluQ6ys42S5L3vb9mBLoPqUQ_VaOEhSKnysJ9Dg2wZ6sk6VUCOI29m5pK9zN0dn9uEDWm4oBx_WNBvQyWGUS6D1iyLJO86n78JvomWr-zVVkl5fH5Lk0hmzixJWbkStSeKQQunSRr9smO7aIvzbH4EKrrZMAhN-0RzzphOtVihZ0YSw7aa6FAMDiNYpf0HjIfToVF0sHsBOM3IHW8bgBAGABsiuydS6xLrcJaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0z5ZsHtulXStNxcotiVICIKyDGlQ%26client%3Dca-pub-3831894559014614%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3 Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ad/dr?ed=1hs4dm501bb0aqsc0xx9wawz90kkek6t2yw1yxkzqxkxkrp7whbtmsy0yjwvtpxm43ng948y5aetnv2hx0y9s1d51eyykdtz2p5vkwa37tpsqqk1yvz4zr84tv6twm8c8zmdkfppee6nffvx1wrfrzr8c1f3zy2ysdsqs2bbgpcqw1c8xmk7s3v970aab98b7c19zbvp7zd18464zbzx7jyrr3aqvsa5815j7akbjhqt7apfggg26d93yryrctfz00pvg83j2tq4w5wes50xmbaq2087d30bpz9sa5zb5gef580f6m9545sk5cxsbn8psx84n1etc0bzm23hshaafct548gq3qcnhn4m6wr4gt9bvs46k5h5bz849cdpexfw3gv1ac1bcf8tpszcvhk45pfjv5ck6nvkhah3vg2n3c4e7rvm9jxv5y0bqgd2980859mhmd6s89gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzFbbFmfPZPRpwrOR1Q_v2KPQApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS8Ak_Qy0T3GJwFiVxnKPffR-5qA3EaCuzYmopexnIu2iZEV06uDgnP76_YCLn17F8LvWYC87CXyJfVH03uL17oXnesWF3j47lXyeATNkDSzshaztZvXIPqmiI3B8b5RB9Lchi-P_7FAi8ydk36bfbxciVOrTgMsrj44GC9WqXsRD8B09ODoGda3bRaXmsmcuxjMxS-9eNXyIGbthgFoingdzluQ6ys42S5L3vb9mBLoPqUQ_VaOEhSKnysJ9Dg2wZ6sk6VUCOI29m5pK9zN0dn9uEDWm4oBx_WNBvQyWGUS6D1iyLJO86n78JvomWr-zVVkl5fH5Lk0hmzixJWbkStSeKQQunSRr9smO7aIvzbH4EKrrZMAhN-0RzzphOtVihZ0YSw7aa6FAMDiNYpf0HjIfToVF0sHsBOM3IHW8bgBAGABsiuydS6xLrcJaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0z5ZsHtulXStNxcotiVICIKyDGlQ%26client%3Dca-pub-3831894559014614%26adurl%3D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-meta-goog-reserved-file-mtime 1687950287 age 1145323 cf-polished origSize=117335 x-guploader-uploadid ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 28 Jun 2023 11:05:15 GMT server cloudflare etag W/"5d49535c2a84a9762127b3d9e77d7e02" vary Accept-Encoding x-goog-generation 1687950315098833 content-type text/css x-goog-hash crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag== cache-control public, max-age=3600 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKoKHRwWHoZVrwk%2BRbhpiAk5hyrUiYxNWtmmucLrTwYxHEFFTZnc%2BIXPMaV6PoqeawRpl1Kn9LaKD11DaYVZS5HO92zaRPjWXT5pMxKeF4eOMuK7qGK2FtnuRL4LC0TE8dvpjmbV4z4%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 117335 cf-ray 7f263beb8bd24dcc-FRA expires Sun, 06 Aug 2023 10:25:42 GMT
GET H2	200	r62eglto.js Show response ad4m.at/ Frame 92C9	25 KB 10 KB	29ms 20ms	Script application/javascript	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/r62eglto.js Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1hs4dm501bb0aqsc0xx9wawz90kkek6t2yw1yxkzqxkxkrp7whbtmsy0yjwvtpxm43ng948y5aetnv2hx0y9s1d51eyykdtz2p5vkwa37tpsqqk1yvz4zr84tv6twm8c8zmdkfppee6nffvx1wrfrzr8c1f3zy2ysdsqs2bbgpcqw1c8xmk7s3v970aab98b7c19zbvp7zd18464zbzx7jyrr3aqvsa5815j7akbjhqt7apfggg26d93yryrctfz00pvg83j2tq4w5wes50xmbaq2087d30bpz9sa5zb5gef580f6m9545sk5cxsbn8psx84n1etc0bzm23hshaafct548gq3qcnhn4m6wr4gt9bvs46k5h5bz849cdpexfw3gv1ac1bcf8tpszcvhk45pfjv5ck6nvkhah3vg2n3c4e7rvm9jxv5y0bqgd2980859mhmd6s89gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzFbbFmfPZPRpwrOR1Q_v2KPQApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS8Ak_Qy0T3GJwFiVxnKPffR-5qA3EaCuzYmopexnIu2iZEV06uDgnP76_YCLn17F8LvWYC87CXyJfVH03uL17oXnesWF3j47lXyeATNkDSzshaztZvXIPqmiI3B8b5RB9Lchi-P_7FAi8ydk36bfbxciVOrTgMsrj44GC9WqXsRD8B09ODoGda3bRaXmsmcuxjMxS-9eNXyIGbthgFoingdzluQ6ys42S5L3vb9mBLoPqUQ_VaOEhSKnysJ9Dg2wZ6sk6VUCOI29m5pK9zN0dn9uEDWm4oBx_WNBvQyWGUS6D1iyLJO86n78JvomWr-zVVkl5fH5Lk0hmzixJWbkStSeKQQunSRr9smO7aIvzbH4EKrrZMAhN-0RzzphOtVihZ0YSw7aa6FAMDiNYpf0HjIfToVF0sHsBOM3IHW8bgBAGABsiuydS6xLrcJaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0z5ZsHtulXStNxcotiVICIKyDGlQ%26client%3Dca-pub-3831894559014614%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT content-encoding br cf-cache-status HIT last-modified Tue, 11 Jul 2023 16:29:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 406516 etag W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96sb%2BlG5jBLNRhUs3wN0MdzjORG9P2Tc2%2BrJSZK1lOcz4eQOgrO3ykNrQdNdMXQwAWVGKQmCM%2BDjjpTRLOYb9GjHjDkFIfrEyX4kEdJ8%2FPrlQv%2BIltlcG8bqJnJeuuO%2F3mAEGj0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=3600, must-revalidate, stale-while-revalidate=300 cf-ray 7f263beb9bea4dcc-FRA alt-svc h3=":443"; ma=86400 expires Tue, 01 Aug 2023 16:30:15 GMT
GET H3	200	container.html Show response 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AB46	6 KB 3 KB	17ms 17ms	Document text/html	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://yalla-shoots.tv/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sun, 06 Aug 2023 09:25:41 GMT expires Mon, 05 Aug 2024 09:25:41 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
HEAD H3	200	e.js Show response live.demand.supply/e/	0 480 B	106ms 106ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&pn=1&sn=2&pc=0.12517921924591066&ds=true&e=wdp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nf-request-id 01H5N5AHKBES9HA8XC274JEKPE date Sun, 06 Aug 2023 09:25:42 GMT cf-cache-status HIT age 1345561 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "46f47d652033caa436f550f7e8b20e7f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7f263bebaf115c92-FRA
HEAD H3	200	e.js Show response live.demand.supply/e/	0 480 B	15ms 15ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=0.02&b=2&r=yalla-shoots.tv_fluid_lb%2Bsq&sy=23a3d1b1-0160-42f1-a1d0-e2e5b611a1cd&ts=74&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=8a8e1b47-95a7-47a1-8d1d-66d3c6b5767c&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nf-request-id 01H5N5AHKBES9HA8XC274JEKPE date Sun, 06 Aug 2023 09:25:42 GMT cf-cache-status HIT age 1345561 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "46f47d652033caa436f550f7e8b20e7f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7f263bebaf135c92-FRA
GET H2	200	afr.php Show response ads.eu.criteo.com/delivery/r/ Frame 1DB4	122 KB 44 KB	627ms 35ms	Document text/html	178.250.1.17 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://ads.eu.criteo.com/delivery/r/afr.php?z=ZM9nFgACS2kCJ7yNAAfG-peZbFiRI1kPr4z65g&u=%7Cxiu6U%2BruRPPgYxhzVZIt%2BgRszIbbma0TZAU%2FHqX1N6g%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdruMtK_-xsAx-zoDeWpoM1ORn2ReKvK1DjNXYTqbBps_3glcg5ql_ZKupldwpDxqKI0qtMDEi9sO285jQOhK7ROclyMNZTCxGeqbjbsBxdWHDBHOsnFlqwQVFunV28Ak8GFYpvXNuznI_0eDxqAy4hT1xRCVflD-iAATSqSvJrjzclgEe8ho5B-FdIT3oRII553k_JxCj3wFBdMBH99IuNCIfjo3-Uy0vjrkvqrL6CLU4-6fNp2feE0_4u_HyYSqT6_vxHLoBss51yBKngkPgSh9y-i36cKBfC_eDKlY8OJWMPZKKG2-6LyBMTs81bICdcyXDXXtc7vTT9AWU_5Ofi2Qf8munk5MR-8EflWOAr1dcy7ACF7WGGwqARv9SHDfboX3bd3678bk78avuquZKZuJRQ0mlX5H3oxgRdxiHnwAzdADGzCiQtqxqSfGcmic6mwkSUYdjkQ1dfDZWV45utUiLCsMNuTZlX5zSLGNIOwrCQsLQeEd2xx8qn6XLkiTtFlGbCkbjzqll66EejQAgpJmvHgMxbF0WyJI954kBq3y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3wwUFmfPZOmWCY35nsEP-o2fsAHJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS2Ak_QVzMfu1bKbA1957WwxTrCqBJ0LAM-4oUftoHC5pl0lIgbNdSy1ooekYZLIvB3-ecYOM51927ojfauPG3VwZZQxIxAnbrNr_WEQuqQ-aR2CpXm938_mrRRx6ieGt4NWwTDNtKbIbgSN7suNaeTWDlFBFFuxwY6f4naFan-SVdD5u_8GLnbm9rI3GE5SFTV3NKR3jde1ii-5QmybRNkMgznWHJ6nLgVv9LrD9HDZAdAzR36B1wtXUlRoAGOvVP-zv1w5nbelaEaaigtxeLn2gw2xz1aDunIetMo_7lAp51zeshMLSigkk5KP0Q9p3_Ufv9l3MEsvZrySrj_tuOAHDBe2Bw8wkrQUj2rR9fFrAYZpAMoKRzr4JcgfisXEeUTDUI757ThJFQkklURQ8zFTGXdO9UbvMvgBAGABqDimaLYpv231AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0biPOZ1bc6WKCGNA1nJWuDICfHyw%26client%3Dca-pub-3831894559014614%26adurl%3D Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 01c1862252858ccc5602649d27df0884ef26163c7f08a6a7f11048434dee7a0f Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-max-age 1000 cache-control private, max-age=0, no-cache content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin date Sun, 06 Aug 2023 09:25:42 GMT expires Mon, 26 Jul 1997 05:00:00 GMT link <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin p3p CP='CUR ADM OUR NOR STA NID' pragma no-cache report-to {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=b007dhTtg5WKuW9vKEEXyCYX1-eNAuDaAso5Hy1cXb34E6bgZdQiuRDtG4IstMqWPWw1dkh6kBvKfiLOMl93uw8_Q_XORqNemKBfhYfDeN21Vab9sBfYeXnH539ICdsNkYQ-0HJicRYEdS3e8yqNmbZnud9mUgfDM9Pu6x8k3CoocvEr3Y4bn0ge4xRB4_4rrcaXdRXLy4WtEReHFgmTd4IORqhAHTT0WJBBY2hv4HupP8zVzHSiZIi9N3sjNoHLjagYXQ"}], "max_age": 86400} server Kestrel server-processing-duration-in-ticks 14524782 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame AB46	3 KB 1 KB	8ms 5ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 05 Aug 2023 14:44:44 GMT content-encoding br x-content-type-options nosniff age 67258 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 19 Aug 2023 14:44:44 GMT
GET H2	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame B501	1 KB 677 B	8ms 6ms	Document text/html	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 15128 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 06 Aug 2023 05:13:34 GMT etag 48472445140208031 expires Mon, 07 Aug 2023 05:13:34 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame AB46	20 KB 8 KB	8ms 6ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 05 Aug 2023 13:47:03 GMT content-encoding br x-content-type-options nosniff age 70719 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8261 x-xss-protection 0 server cafe etag 3571037177597359341 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 19 Aug 2023 13:47:03 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame AB46	0 0	45ms 20ms	Image text/html	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaThRECWvH8LW6QWcJ5H7i0amJKSov4_VRKnJSPz-bmVLEkVxa9VJ1VPMVpaf_3ZXDh30KqerXPqhClIHvhIpCCLkEOq1g Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers
GET H2	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame AB46	24 KB 6 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Wed, 02 Aug 2023 08:18:25 GMT content-encoding br x-content-type-options nosniff age 349637 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6402 x-xss-protection 0 last-modified Thu, 03 Nov 2022 19:10:08 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 01 Aug 2024 08:18:25 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame AB46	179 KB 56 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57430 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1690976231057960" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 06 Aug 2023 09:25:42 GMT
GET H2	200	adchoices_default.png static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 92C9	3 KB 4 KB	305ms 23ms	Image image/png	2606:4700:20::681a:71b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1073 x-guploader-uploadid ADPycdvYh6DcFTcWtsreocvh62FI68ZU81_mgPS4ytwaAhFYa5C3QcDwbcGxCi4sDoChQ5ABuxRYfNBwOuyo4AygCt86RAHaZWyx x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 content-length 3262 last-modified Tue, 21 Jun 2022 12:31:17 GMT server cloudflare etag "794c84d30e213ec6a144d64215f07551" vary X-Goog-Allowed-Resources, Accept-Encoding x-goog-generation 1655814677405990 content-type image/png content-language en x-goog-hash crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ== cache-control public, max-age=7200 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q34Ufb6oHEvgBiFiI3K10wS3EMsuP4hX2Kmnz4vmfApoMXkxgthFVjKed9utS0AzJJlq4RHegX75gInh4GBeXEQ83EiKzrgntz9VdrpGJp7OZARSqtWJWGyUzp0%2F9GzoylxKEvzVpWen%2Fkoret%2FPpaVQ"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 3262 accept-ranges bytes cf-ray 7f263bed9b31381f-FRA expires Sun, 06 Aug 2023 10:07:49 GMT
GET H3	200	frame.html Show response ad4m.at/ Frame 55F6	2 KB 1 KB	18ms 18ms	Document text/html	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/frame.html Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 1289989 alt-svc h3=":443"; ma=86400 cache-control public, max-age=3600 cf-cache-status HIT cf-ray 7f263bebdd539107-FRA content-encoding br content-language en content-type text/html; charset=utf-8 date Sun, 06 Aug 2023 09:25:42 GMT expires Sun, 09 Jul 2023 00:24:59 GMT last-modified Thu, 25 Aug 2022 14:12:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tamAb5gpNFytteW5Gg3af9EngSg1aZmMEeDVLa21fYNp5AKgwJ7EZiQov4LqyUzTQV2lZ5Sm5BKH1z1w2HbgWl6ZmtVEEqZ9Uu4cSrMob96c78raDBoRxZpsIK74kXNY9maGiJA%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	i.match s.tribalfusion.com/z/ Frame B501 Redirect Chain https://a.tribalfusion.com/i.match?p=b6&u=CAESEF_BFYSQYbzNw2rVdD-7pHU&google_cver=1&google_push=AXcoOmR0q0PoRsucmIpEskd29KMYdaJRWOIpYXUr_2Pj_DJwpjvoNThx2tGRkTvnUkaDOFlDyCLfQCOmBn117XLKISxJLjhzJZhH&... https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF_BFYSQYbzNw2rVdD-7pHU&google_cver=1&google_push=AXcoOmR0q0PoRsucmIpEskd29KMYdaJRWOIpYXUr_2Pj_DJwpjvoNThx2tGRkTvnUkaDOFlDyCLfQCOmBn117XLKISxJLjhzJZh...	43 B 403 B	198ms 198ms	Image image/gif	2606:4700::6812:18ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF_BFYSQYbzNw2rVdD-7pHU&google_cver=1&google_push=AXcoOmR0q0PoRsucmIpEskd29KMYdaJRWOIpYXUr_2Pj_DJwpjvoNThx2tGRkTvnUkaDOFlDyCLfQCOmBn117XLKISxJLjhzJZhH&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR0q0PoRsucmIpEskd29KMYdaJRWOIpYXUr_2Pj_DJwpjvoNThx2tGRkTvnUkaDOFlDyCLfQCOmBn117XLKISxJLjhzJZhH%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sun, 06 Aug 2023 09:25:42 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7f263becfd2d9125-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Sun, 06 Aug 2023 09:25:42 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 30 content-type text/html location https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF_BFYSQYbzNw2rVdD-7pHU&google_cver=1&google_push=AXcoOmR0q0PoRsucmIpEskd29KMYdaJRWOIpYXUr_2Pj_DJwpjvoNThx2tGRkTvnUkaDOFlDyCLfQCOmBn117XLKISxJLjhzJZhH&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR0q0PoRsucmIpEskd29KMYdaJRWOIpYXUr_2Pj_DJwpjvoNThx2tGRkTvnUkaDOFlDyCLfQCOmBn117XLKISxJLjhzJZhH%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7f263bebebfc9125-FRA alt-svc h3=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame B501 Redirect Chain https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFCbXW2QgFDDLSYMhLjYPRw&google_cver=1&google_push=AXcoOmSzAvzlFM7F2TYnxORmG7UJBCjUV6TJTVjoF1UmAX7MCmZ4MnHTeQhUPqwkz0pdJBIMS-nT8_l9R2h... https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSzAvzlFM7F2TYnxORmG7UJBCjUV6TJTVjoF1UmAX7MCmZ4MnHTeQhUPqwkz0pdJBIMS-nT8_l9R2hIBjQlwBRedNXvM6L0&google_hm=RijgExejTpC2-0vIXH_bQG8	170 B 232 B	18ms 18ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSzAvzlFM7F2TYnxORmG7UJBCjUV6TJTVjoF1UmAX7MCmZ4MnHTeQhUPqwkz0pdJBIMS-nT8_l9R2hIBjQlwBRedNXvM6L0&google_hm=RijgExejTpC2-0vIXH_bQG8 Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sun, 06 Aug 2023 09:25:42 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 06 Aug 2023 09:25:41 GMT via 1.1 google server Apache-Coyote/1.1 p3p CP="NOI DSP COR NID CUR OUR NOR" status 302 location https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSzAvzlFM7F2TYnxORmG7UJBCjUV6TJTVjoF1UmAX7MCmZ4MnHTeQhUPqwkz0pdJBIMS-nT8_l9R2hIBjQlwBRedNXvM6L0&google_hm=RijgExejTpC2-0vIXH_bQG8 content-type text/html;charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame B501 Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ7P7NiNunFb0CsZWJiDFVU&google_cver=1&googl... https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJ7P7NiNunFb0CsZWJiDFVU&google_push=AX... https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ7P7NiNunFb0CsZWJiDFVU&google_hm=ZM9nFs2SyCgSEeWIWwTkCAAADKEAAAAB&google_nid=index&google_push=AXcoOmS43HlSjAMawpD_fPpnDTRUIYzBkOy4V...	170 B 232 B	19ms 19ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ7P7NiNunFb0CsZWJiDFVU&google_hm=ZM9nFs2SyCgSEeWIWwTkCAAADKEAAAAB&google_nid=index&google_push=AXcoOmS43HlSjAMawpD_fPpnDTRUIYzBkOy4V0HFdzwjXAhUhFKltk7kC4pkHg90aPf2PQE9AV6Bi8zRS2LBqpNusCNdtDkFHFO4 Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sun, 06 Aug 2023 09:25:42 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Sun, 06 Aug 2023 09:25:42 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ7P7NiNunFb0CsZWJiDFVU&google_hm=ZM9nFs2SyCgSEeWIWwTkCAAADKEAAAAB&google_nid=index&google_push=AXcoOmS43HlSjAMawpD_fPpnDTRUIYzBkOy4V0HFdzwjXAhUhFKltk7kC4pkHg90aPf2PQE9AV6Bi8zRS2LBqpNusCNdtDkFHFO4 Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 0 Expires 0
GET H/1.1	200 OK	us sync.go.sonobi.com/ Frame B501	0 500 B	1641ms 96ms	Image text/plain	69.166.1.12
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmSgPSmX3sYtUGtbF4UEX9pI_JWHSnD1NTzknbfdfi5QCKpZQ2pioVTyOIJySf69hAyqWOqq_KvWG6DXjN75fJqHf9XjOwA%26google_hm%3D%5BUID%5D&google_gid=CAESEIQSnObkyWuD2GzXYpdpzhs&google_cver=1 Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.166.1.12 -, , ASN (), Reverse DNS Software sonobi-go / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Pragma no-cache Date Sun, 06 Aug 2023 09:25:43 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server go-iad-2-5-127 Content-Type text/plain; charset=utf8 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Length 0 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	204	sync ups.analytics.yahoo.com/ups/58281/ Frame B501	0 125 B	285ms 10ms	Image text/plain	3.71.149.231 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEFIM8huUrYOcGSlRgnvrQpg&google_cver=1&google_push=AXcoOmTYfbqOFYTZ9bcGOir4oE1GJEVkYR_wDnGGfRg9rxoN5kxin4hz2DUsWqhHWsxGsqpPPwbX-KgcOfatZwBmKsSvs76VCVVR Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-71-149-231.eu-central-1.compute.amazonaws.com Software ATS/9.1.10.64 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.64 age 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H/1.1	200	0.gif id5-sync.com/i/495/ Frame B501 Redirect Chain https://sync.inmobi.com/gob?google_gid=CAESECqUvBTKjgDqFP6xpqgF9ZY&google_cver=1&google_push=AXcoOmQCqfx5YT8QSyF95-wAfubGOTBQdBLORQ2_DmjiKqoY9enXo8N7YMY6n9ruaKBDaOJra9Yjxtjse_zC-TKC9GhLGba5WuuZ2g https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQCqfx5YT8QSyF95-wAfubGOTBQdBLORQ2_DmjiKqoY...	43 B 1 KB	26ms 10ms	Image image/gif	162.19.138.83 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQCqfx5YT8QSyF95-wAfubGOTBQdBLORQ2_DmjiKqoY9enXo8N7YMY6n9ruaKBDaOJra9Yjxtjse_zC-TKC9GhLGba5WuuZ2g Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Server 162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31532338.ip-162-19-138.eu Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers content-type image/gif;charset=UTF-8 date Sun, 06 Aug 2023 09:25:41 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers transfer-encoding chunked p3p CP="CAO PSA OUR" Redirect headers date Sun, 06 Aug 2023 09:25:42 GMT content-security-policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains x-permitted-cross-domain-policies none referrer-policy no-referrer expect-ct max-age=0 x-dns-prefetch-control off x-frame-options SAMEORIGIN content-type text/plain; charset=utf-8 location https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQCqfx5YT8QSyF95-wAfubGOTBQdBLORQ2_DmjiKqoY9enXo8N7YMY6n9ruaKBDaOJra9Yjxtjse_zC-TKC9GhLGba5WuuZ2g x-download-options noopen vary Accept content-length 273 x-xss-protection 0
GET H2	200	https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25 x.bidswitch.net/check_uuid/ Frame B501	43 B 146 B	220ms 10ms	Image image/gif	3.76.178.166 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEMbXmb4Qc01Lou70lbDR614&google_cver=1&google_push=AXcoOmS1petiDtwqhslMCJR6rtZmhbyR4odTsCRFRp-I-HxJstn1cBGkocJwkoL3dB-cBvXzDbvTdSZc61zyOPDOxQ22FuPuWKTN5A Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.76.178.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-76-178-166.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame B501	0 40 B	16ms 15ms	Image text/html	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LS-7yg0svD13IKIdvViJeSVz4mO7qEQll2gqDJoO-n06-_8MpG_2E0G8INUvj7uxJRfCamFSuF Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET DATA	200 OK	truncated / Frame AB46	218 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 237e47760eaf94af66fd5416617a9de46ff19681abe5a29220864116ba61d685 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/png
HEAD H3	200	e.js Show response live.demand.supply/e/	0 478 B	14ms 13ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_interstitial_desktop&e=nai&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nf-request-id 01H5N5AHKBES9HA8XC274JEKPE date Sun, 06 Aug 2023 09:25:42 GMT cf-cache-status HIT age 1345561 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "46f47d652033caa436f550f7e8b20e7f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7f263bec3fcf5c92-FRA
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame AB46	0 0	52ms 52ms	Image text/html	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CAzxxFmfPZOmWCY35nsEP-o2fsAHJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgSzAk_QVzMfu1bKbA1957WwxTrCqBJ0LAM-4oUftoHC5pl0lIgbNdSy1ooekYZLIvB3-ecYOM51927ojfauPG3VwZZQxIxAnbrNr_WEQuqQ-aR2CpXm938_mrRRx6ieGt4NWwTDNtKbIbgSN7suNaeTWDlFBFFuxwY6f4naFan-SVdD5u_8GLnbm9rI3GE5SFTV3NKR3jde1ii-5QmybRNkMgznWHJ6nLgVv9LrD9HDZAdAzR36B1wtXUlRoAGOvVP-zv1w5nbelaEaaigtxeLn2gw2xz1aDunIetMo_7lAp51zeshMLSigkk5KP0Q9p3_Ufv9l3MEsvZrySrj_tuOAHDBe2Bw8wkrQUj2rR9fF7gQ4NoSntQ9UfIODrhax6ewHB_QxyaxjkJwZNKeuXeDdyc9ZKGrgBAGABqDimaLYpv231AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=0P0t5pFrbzI&uach_m=[UACH]&cid=CAQSOwBpAlJWg8ws6By06M64ZdW618hvNGOHcpOfKzstYXBTWdndpnoj4iZQH1KgxsRplJ8FVIwFex65X4heGAE&cbvp=2&vis=1 Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers
GET H2	200	notify rtb.nl3.eu.criteo.com/google/auction/ Frame AB46	0 126 B	374ms 14ms	Image text/plain	178.250.1.10 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kNjOF-zZW4AImAKdg2ICAgAAAHobFO5qgn2yEBVnz2QJB8MLmay8kfp9AAASAAAKCkFRVUJBUUVCQVE&wp=ZM9nFgACS2kCJ7yNAAfG-peZbFiRI1kPr4z65g&cbvp=2 Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:41 GMT strict-transport-security max-age=31536000; preload; server-processing-duration-in-ticks 156654 server Kestrel content-length 0
POST H3	200	rs Show response ad4m.at/ Frame 92C9	2 KB 2 KB	30ms 30ms	XHR text/plain	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b62645433bb9223efb2c4bb1203fb2f623fbc4ff5a2161b7bbe6d8a41c99ad2b Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type application/json Response headers date Sun, 06 Aug 2023 09:25:42 GMT via 1.1 google content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4dJmBm7Y0Nnej4r5sCswTTd0UXMgH4xpsabrtZO7NQjOmYSmfiF%2F4BY7b9Eg%2BYtktXIUljghWICGYS%2BQoPJeMGixMPW1ih%2BRdht0ByiDayBQHyubFFzePWuVCOr7LB25wRptAzo%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain access-control-allow-origin https://as.ad4m.at access-control-allow-credentials true cf-ray 7f263bec9dc19018-FRA x-backend-server aa-reachservice-group-europe-west1-m7pg alt-svc h3=":443"; ma=86400
OPTIONS H3	200	rs ad4m.at/ Frame	0 0	41ms 31ms	Preflight text/plain	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://as.ad4m.at Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET,PATCH,POST,OPTIONS,DELETE access-control-allow-origin https://as.ad4m.at access-control-max-age 1800 allow HEAD,POST,GET,OPTIONS alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7f263bec6d869018-FRA content-length 24 content-type text/plain date Sun, 06 Aug 2023 09:25:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JgYBz82LJ4Jlb5M3X23y53JJQVts7yv4tPkC%2Fs%2F7K3eW6ca78L%2BBoWANlVXfYS0QxWI2OR6OPKJIB2s6BxtxhsnzGMmpFdpz861ggBdAiN2r0aC%2FoVN8CVrFn0UxUgH%2Bsg%2FkF78%3D"}],"group":"cf-nel","max_age":604800} server cloudflare via 1.1 google x-backend-server aa-reachservice-group-europe-west1-m7pg
GET		view securepubads.g.doubleclick.net/pcs/ Frame 9CC3	0 0
GET		rx_lidar.js www.googletagservices.com/activeview/js/current/ Frame 9CC3	0 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	33 KB 14 KB	260ms 259ms	XHR text/plain	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3795749037860041&correlator=2981325530482330&eid=31068826&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2Cf8f9545d-8e9d-418f-bef3-a9c0ef281789&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=12&adks=3408584863&didk=4055989924&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D71061afa4f87b656%3AT%3D1691313941%3ART%3D1691313941%3AS%3DALNI_MaTn69Mo1i5UYkz7u1gbZ-qtjI2Gg&gpic=UID%3D00000c79f5b75660%3AT%3D1691313941%3ART%3D1691313941%3AS%3DALNI_MZoJ-Yo5nIE0_2qo4FlDeUMpPaJiQ&abxe=1&dt=1691313942472&lmt=1691313939&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11813%2F0%2Fmotogp-vs-motogp%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=784738915.1691313942&ga_sid=1691313942&ga_hid=1728061049&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYmdmq0ZwxSABSAghkEhkKCnB1YmNpZC5vcmcYxNmq0ZwxSABSAghqEhcKCHJ0YmhvdXNlGJnZqtGcMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiZ2arRnDFIAFICCGQSGQoKdWlkYXBpLmNvbRiZ2arRnDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJnZqtGcMUgAUgIIZA..&dlt=1691313940033&idt=1564&prev_scp=ti%3D8a8e1b47-95a7-47a1-8d1d-66d3c6b5767c%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26rfi%3D30%26stt%3Dbhs%26bsc%3D74 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4bad2d14818d1454d37705d7db76af932df9e8e20426546ca9eea8322896052e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14469 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://yalla-shoots.tv cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rar Show response as.ad4m.at/ad/ Frame 658D	11 KB 5 KB	35ms 33ms	Document text/html	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/rar?a=175059%2C59040%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=250&e=&g=115e5e4c69de041762f76a6d2370e0a7%2F14664944789031701716&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691313942500&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gc04fvz63rn7s5rfbj6r23bgnjen8v4ffrwa13p6s9e4cty1c4cykscp6d5y1pyp94d7y1xd00ax3y1zrgj4468z3jqgnx6fa31xzzwzedn32xscaag290mexam89e5csb9atawtfny4behyrcdzxcmd1sfbdqkanjnwp6wfd2k5rgj8vqjatwjj26ja444zmde77em7j256jfcha0qpa7hn5zx3yh5evca5r29vjbj7nb0med3gawt27gkhtd399cx9ng4c0qm0psy719mvwe5qm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzFbbFmfPZPRpwrOR1Q_v2KPQApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS8Ak_Qy0T3GJwFiVxnKPffR-5qA3EaCuzYmopexnIu2iZEV06uDgnP76_YCLn17F8LvWYC87CXyJfVH03uL17oXnesWF3j47lXyeATNkDSzshaztZvXIPqmiI3B8b5RB9Lchi-P_7FAi8ydk36bfbxciVOrTgMsrj44GC9WqXsRD8B09ODoGda3bRaXmsmcuxjMxS-9eNXyIGbthgFoingdzluQ6ys42S5L3vb9mBLoPqUQ_VaOEhSKnysJ9Dg2wZ6sk6VUCOI29m5pK9zN0dn9uEDWm4oBx_WNBvQyWGUS6D1iyLJO86n78JvomWr-zVVkl5fH5Lk0hmzixJWbkStSeKQQunSRr9smO7aIvzbH4EKrrZMAhN-0RzzphOtVihZ0YSw7aa6FAMDiNYpf0HjIfToVF0sHsBOM3IHW8bgBAGABsiuydS6xLrcJaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0z5ZsHtulXStNxcotiVICIKyDGlQ%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a8a41d5ebe1d6a174c2d96abe82f537b432aae7efebff52e2947a5da2096b21e Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://as.ad4m.at/ad/dr?ed=1hs4dm501bb0aqsc0xx9wawz90kkek6t2yw1yxkzqxkxkrp7whbtmsy0yjwvtpxm43ng948y5aetnv2hx0y9s1d51eyykdtz2p5vkwa37tpsqqk1yvz4zr84tv6twm8c8zmdkfppee6nffvx1wrfrzr8c1f3zy2ysdsqs2bbgpcqw1c8xmk7s3v970aab98b7c19zbvp7zd18464zbzx7jyrr3aqvsa5815j7akbjhqt7apfggg26d93yryrctfz00pvg83j2tq4w5wes50xmbaq2087d30bpz9sa5zb5gef580f6m9545sk5cxsbn8psx84n1etc0bzm23hshaafct548gq3qcnhn4m6wr4gt9bvs46k5h5bz849cdpexfw3gv1ac1bcf8tpszcvhk45pfjv5ck6nvkhah3vg2n3c4e7rvm9jxv5y0bqgd2980859mhmd6s89gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzFbbFmfPZPRpwrOR1Q_v2KPQApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS8Ak_Qy0T3GJwFiVxnKPffR-5qA3EaCuzYmopexnIu2iZEV06uDgnP76_YCLn17F8LvWYC87CXyJfVH03uL17oXnesWF3j47lXyeATNkDSzshaztZvXIPqmiI3B8b5RB9Lchi-P_7FAi8ydk36bfbxciVOrTgMsrj44GC9WqXsRD8B09ODoGda3bRaXmsmcuxjMxS-9eNXyIGbthgFoingdzluQ6ys42S5L3vb9mBLoPqUQ_VaOEhSKnysJ9Dg2wZ6sk6VUCOI29m5pK9zN0dn9uEDWm4oBx_WNBvQyWGUS6D1iyLJO86n78JvomWr-zVVkl5fH5Lk0hmzixJWbkStSeKQQunSRr9smO7aIvzbH4EKrrZMAhN-0RzzphOtVihZ0YSw7aa6FAMDiNYpf0HjIfToVF0sHsBOM3IHW8bgBAGABsiuydS6xLrcJaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0z5ZsHtulXStNxcotiVICIKyDGlQ%26client%3Dca-pub-3831894559014614%26adurl%3D Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-cache-status DYNAMIC cf-ray 7f263becde339107-FRA content-encoding br content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' content-type text/html; charset=utf-8 cross-origin-embedder-policy unsafe-none cross-origin-opener-policy unsafe-none cross-origin-resource-policy cross-origin date Sun, 06 Aug 2023 09:25:42 GMT expires 0 feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} pragma no-cache referrer-policy same-origin report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} server cloudflare strict-transport-security max-age=86400; includeSubDomains; preload surrogate-control no-store vary accept-encoding via 1.1 google x-content-type-options nosniff x-download-options noopen x-xss-protection 1; mode=block
GET H3	200	default.css as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 658D	114 KB 14 KB	23ms 21ms	Stylesheet text/css	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=175059%2C59040%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=250&e=&g=115e5e4c69de041762f76a6d2370e0a7%2F14664944789031701716&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691313942500&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gc04fvz63rn7s5rfbj6r23bgnjen8v4ffrwa13p6s9e4cty1c4cykscp6d5y1pyp94d7y1xd00ax3y1zrgj4468z3jqgnx6fa31xzzwzedn32xscaag290mexam89e5csb9atawtfny4behyrcdzxcmd1sfbdqkanjnwp6wfd2k5rgj8vqjatwjj26ja444zmde77em7j256jfcha0qpa7hn5zx3yh5evca5r29vjbj7nb0med3gawt27gkhtd399cx9ng4c0qm0psy719mvwe5qm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzFbbFmfPZPRpwrOR1Q_v2KPQApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS8Ak_Qy0T3GJwFiVxnKPffR-5qA3EaCuzYmopexnIu2iZEV06uDgnP76_YCLn17F8LvWYC87CXyJfVH03uL17oXnesWF3j47lXyeATNkDSzshaztZvXIPqmiI3B8b5RB9Lchi-P_7FAi8ydk36bfbxciVOrTgMsrj44GC9WqXsRD8B09ODoGda3bRaXmsmcuxjMxS-9eNXyIGbthgFoingdzluQ6ys42S5L3vb9mBLoPqUQ_VaOEhSKnysJ9Dg2wZ6sk6VUCOI29m5pK9zN0dn9uEDWm4oBx_WNBvQyWGUS6D1iyLJO86n78JvomWr-zVVkl5fH5Lk0hmzixJWbkStSeKQQunSRr9smO7aIvzbH4EKrrZMAhN-0RzzphOtVihZ0YSw7aa6FAMDiNYpf0HjIfToVF0sHsBOM3IHW8bgBAGABsiuydS6xLrcJaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0z5ZsHtulXStNxcotiVICIKyDGlQ%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3 Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ad/rar?a=175059%2C59040%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=250&e=&g=115e5e4c69de041762f76a6d2370e0a7%2F14664944789031701716&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691313942500&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gc04fvz63rn7s5rfbj6r23bgnjen8v4ffrwa13p6s9e4cty1c4cykscp6d5y1pyp94d7y1xd00ax3y1zrgj4468z3jqgnx6fa31xzzwzedn32xscaag290mexam89e5csb9atawtfny4behyrcdzxcmd1sfbdqkanjnwp6wfd2k5rgj8vqjatwjj26ja444zmde77em7j256jfcha0qpa7hn5zx3yh5evca5r29vjbj7nb0med3gawt27gkhtd399cx9ng4c0qm0psy719mvwe5qm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzFbbFmfPZPRpwrOR1Q_v2KPQApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS8Ak_Qy0T3GJwFiVxnKPffR-5qA3EaCuzYmopexnIu2iZEV06uDgnP76_YCLn17F8LvWYC87CXyJfVH03uL17oXnesWF3j47lXyeATNkDSzshaztZvXIPqmiI3B8b5RB9Lchi-P_7FAi8ydk36bfbxciVOrTgMsrj44GC9WqXsRD8B09ODoGda3bRaXmsmcuxjMxS-9eNXyIGbthgFoingdzluQ6ys42S5L3vb9mBLoPqUQ_VaOEhSKnysJ9Dg2wZ6sk6VUCOI29m5pK9zN0dn9uEDWm4oBx_WNBvQyWGUS6D1iyLJO86n78JvomWr-zVVkl5fH5Lk0hmzixJWbkStSeKQQunSRr9smO7aIvzbH4EKrrZMAhN-0RzzphOtVihZ0YSw7aa6FAMDiNYpf0HjIfToVF0sHsBOM3IHW8bgBAGABsiuydS6xLrcJaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0z5ZsHtulXStNxcotiVICIKyDGlQ%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-meta-goog-reserved-file-mtime 1687950287 age 943954 cf-polished origSize=117335 x-guploader-uploadid ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 28 Jun 2023 11:05:15 GMT server cloudflare etag W/"5d49535c2a84a9762127b3d9e77d7e02" vary Accept-Encoding x-goog-generation 1687950315098833 content-type text/css x-goog-hash crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag== cache-control public, max-age=3600 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8e1LcMqzficPBQkDYGIvLyyHqj2DKHneYNVR7EQtFqVMFEJfNQ8sjvm9hRIkZe2verHz%2Bw1XVAF4puqlJCIRZFeI2lbSCxxM0ctxEdGESX%2BxgiR9ncZ13%2FDBVFahefc2QCJTtgYLS3I%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 117335 cf-ray 7f263bed2e7c9107-FRA expires Sun, 06 Aug 2023 10:25:42 GMT
GET H2	200	807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990 assets.ad4m.at/logo/ Frame 658D	6 KB 6 KB	46ms 27ms	Image image/webp	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=175059%2C59040%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=250&e=&g=115e5e4c69de041762f76a6d2370e0a7%2F14664944789031701716&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691313942500&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gc04fvz63rn7s5rfbj6r23bgnjen8v4ffrwa13p6s9e4cty1c4cykscp6d5y1pyp94d7y1xd00ax3y1zrgj4468z3jqgnx6fa31xzzwzedn32xscaag290mexam89e5csb9atawtfny4behyrcdzxcmd1sfbdqkanjnwp6wfd2k5rgj8vqjatwjj26ja444zmde77em7j256jfcha0qpa7hn5zx3yh5evca5r29vjbj7nb0med3gawt27gkhtd399cx9ng4c0qm0psy719mvwe5qm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzFbbFmfPZPRpwrOR1Q_v2KPQApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS8Ak_Qy0T3GJwFiVxnKPffR-5qA3EaCuzYmopexnIu2iZEV06uDgnP76_YCLn17F8LvWYC87CXyJfVH03uL17oXnesWF3j47lXyeATNkDSzshaztZvXIPqmiI3B8b5RB9Lchi-P_7FAi8ydk36bfbxciVOrTgMsrj44GC9WqXsRD8B09ODoGda3bRaXmsmcuxjMxS-9eNXyIGbthgFoingdzluQ6ys42S5L3vb9mBLoPqUQ_VaOEhSKnysJ9Dg2wZ6sk6VUCOI29m5pK9zN0dn9uEDWm4oBx_WNBvQyWGUS6D1iyLJO86n78JvomWr-zVVkl5fH5Lk0hmzixJWbkStSeKQQunSRr9smO7aIvzbH4EKrrZMAhN-0RzzphOtVihZ0YSw7aa6FAMDiNYpf0HjIfToVF0sHsBOM3IHW8bgBAGABsiuydS6xLrcJaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0z5ZsHtulXStNxcotiVICIKyDGlQ%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a8aedce5ce280bf3c1e99fa9b36cb226e62cd39cf77c1f0c5660a6cab7bdece3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2351797 cf-polished origFmt=png, origSize=11357 alt-svc h3=":443"; ma=86400 content-length 5848 cf-bgj imgq:85,h2pri last-modified Fri, 09 Jun 2023 08:41:46 GMT server cloudflare etag "ccfbd2e3feb27487a1f6d1f6b03866aa" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P9QaoR%2FxMXadPeCV8ZLD4ASmD7mro9uPbWbZ6l3riN47C3G7feUrvKR89rdL8Jc923QBEJoJWZJDNtfmv0eljX1fHzH%2BWFQpcE1j6fnAKRZ3HW7qfboOgzIc%2B%2BhrYqB3lWjGSMDdsheDDMCO"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 7f263bed3dd44dcc-FRA expires Mon, 07 Aug 2023 09:25:42 GMT
GET H2	200	2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B assets.ad4m.at/ Frame 658D	183 KB 184 KB	42ms 28ms	Image image/webp	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=175059%2C59040%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=250&e=&g=115e5e4c69de041762f76a6d2370e0a7%2F14664944789031701716&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691313942500&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gc04fvz63rn7s5rfbj6r23bgnjen8v4ffrwa13p6s9e4cty1c4cykscp6d5y1pyp94d7y1xd00ax3y1zrgj4468z3jqgnx6fa31xzzwzedn32xscaag290mexam89e5csb9atawtfny4behyrcdzxcmd1sfbdqkanjnwp6wfd2k5rgj8vqjatwjj26ja444zmde77em7j256jfcha0qpa7hn5zx3yh5evca5r29vjbj7nb0med3gawt27gkhtd399cx9ng4c0qm0psy719mvwe5qm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzFbbFmfPZPRpwrOR1Q_v2KPQApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS8Ak_Qy0T3GJwFiVxnKPffR-5qA3EaCuzYmopexnIu2iZEV06uDgnP76_YCLn17F8LvWYC87CXyJfVH03uL17oXnesWF3j47lXyeATNkDSzshaztZvXIPqmiI3B8b5RB9Lchi-P_7FAi8ydk36bfbxciVOrTgMsrj44GC9WqXsRD8B09ODoGda3bRaXmsmcuxjMxS-9eNXyIGbthgFoingdzluQ6ys42S5L3vb9mBLoPqUQ_VaOEhSKnysJ9Dg2wZ6sk6VUCOI29m5pK9zN0dn9uEDWm4oBx_WNBvQyWGUS6D1iyLJO86n78JvomWr-zVVkl5fH5Lk0hmzixJWbkStSeKQQunSRr9smO7aIvzbH4EKrrZMAhN-0RzzphOtVihZ0YSw7aa6FAMDiNYpf0HjIfToVF0sHsBOM3IHW8bgBAGABsiuydS6xLrcJaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0z5ZsHtulXStNxcotiVICIKyDGlQ%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 64f88a75df6eeef2e778f967a36f861c2005c64fb8b567a17a8f98878e351255 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2351797 cf-polished origFmt=png, origSize=289744 alt-svc h3=":443"; ma=86400 content-length 187558 cf-bgj imgq:85,h2pri last-modified Fri, 23 Jun 2023 11:11:49 GMT server cloudflare etag "17decb4f4cab809ec8159433a7f13627" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMvFdWhFMOID4HNOeG%2BHK0qSGMKlUMBvRr9nkA6I%2B9lqtKRANjiynM32EmZ0W%2FXP4IzLvFmyi4oc9QEtHItRM4ykDo7xhDiOb%2Fjk7hLcDfaGiG5qBt2V0e13akcGOclRFa4eIx4XJBnhc728"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 7f263bed3dd64dcc-FRA expires Mon, 07 Aug 2023 09:25:42 GMT
GET H2	200	D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155 assets.ad4m.at/logo/ Frame 658D	53 KB 54 KB	36ms 22ms	Image image/webp	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=175059%2C59040%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=250&e=&g=115e5e4c69de041762f76a6d2370e0a7%2F14664944789031701716&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691313942500&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gc04fvz63rn7s5rfbj6r23bgnjen8v4ffrwa13p6s9e4cty1c4cykscp6d5y1pyp94d7y1xd00ax3y1zrgj4468z3jqgnx6fa31xzzwzedn32xscaag290mexam89e5csb9atawtfny4behyrcdzxcmd1sfbdqkanjnwp6wfd2k5rgj8vqjatwjj26ja444zmde77em7j256jfcha0qpa7hn5zx3yh5evca5r29vjbj7nb0med3gawt27gkhtd399cx9ng4c0qm0psy719mvwe5qm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzFbbFmfPZPRpwrOR1Q_v2KPQApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS8Ak_Qy0T3GJwFiVxnKPffR-5qA3EaCuzYmopexnIu2iZEV06uDgnP76_YCLn17F8LvWYC87CXyJfVH03uL17oXnesWF3j47lXyeATNkDSzshaztZvXIPqmiI3B8b5RB9Lchi-P_7FAi8ydk36bfbxciVOrTgMsrj44GC9WqXsRD8B09ODoGda3bRaXmsmcuxjMxS-9eNXyIGbthgFoingdzluQ6ys42S5L3vb9mBLoPqUQ_VaOEhSKnysJ9Dg2wZ6sk6VUCOI29m5pK9zN0dn9uEDWm4oBx_WNBvQyWGUS6D1iyLJO86n78JvomWr-zVVkl5fH5Lk0hmzixJWbkStSeKQQunSRr9smO7aIvzbH4EKrrZMAhN-0RzzphOtVihZ0YSw7aa6FAMDiNYpf0HjIfToVF0sHsBOM3IHW8bgBAGABsiuydS6xLrcJaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0z5ZsHtulXStNxcotiVICIKyDGlQ%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2354927 cf-polished origFmt=png, origSize=115129 alt-svc h3=":443"; ma=86400 content-length 54564 cf-bgj imgq:85,h2pri last-modified Tue, 09 Feb 2021 15:11:24 GMT server cloudflare etag "0a277d59efca0369a6983645e273659e" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5VoxdiKsqgwFzIawMzX9rXNIzmeN%2BLzXTNPTDc54Dw%2Feoaj%2FHz0VUzTWptClUb3sHpSUQh53m8OVYTmcL%2BGTFEE7bWibLinzYbmwoPVMorBUphDt9%2BE0jaAroIioT0p7A%2BZyLxXTeC4QB%2Brc"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 7f263bed3dd84dcc-FRA expires Mon, 07 Aug 2023 09:25:42 GMT
GET H2	200	174251C99ECC2611CFF55CE4288DE127D854C48538EE2AA035DC71D2C7BEC4F59C31F29ED29F51E69EF40ACCC55F35F1D2437F91A0872484CD0B2C130103C9FC assets.ad4m.at/ Frame 658D	103 KB 103 KB	43ms 30ms	Image image/webp	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/174251C99ECC2611CFF55CE4288DE127D854C48538EE2AA035DC71D2C7BEC4F59C31F29ED29F51E69EF40ACCC55F35F1D2437F91A0872484CD0B2C130103C9FC Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=175059%2C59040%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=250&e=&g=115e5e4c69de041762f76a6d2370e0a7%2F14664944789031701716&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691313942500&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gc04fvz63rn7s5rfbj6r23bgnjen8v4ffrwa13p6s9e4cty1c4cykscp6d5y1pyp94d7y1xd00ax3y1zrgj4468z3jqgnx6fa31xzzwzedn32xscaag290mexam89e5csb9atawtfny4behyrcdzxcmd1sfbdqkanjnwp6wfd2k5rgj8vqjatwjj26ja444zmde77em7j256jfcha0qpa7hn5zx3yh5evca5r29vjbj7nb0med3gawt27gkhtd399cx9ng4c0qm0psy719mvwe5qm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzFbbFmfPZPRpwrOR1Q_v2KPQApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS8Ak_Qy0T3GJwFiVxnKPffR-5qA3EaCuzYmopexnIu2iZEV06uDgnP76_YCLn17F8LvWYC87CXyJfVH03uL17oXnesWF3j47lXyeATNkDSzshaztZvXIPqmiI3B8b5RB9Lchi-P_7FAi8ydk36bfbxciVOrTgMsrj44GC9WqXsRD8B09ODoGda3bRaXmsmcuxjMxS-9eNXyIGbthgFoingdzluQ6ys42S5L3vb9mBLoPqUQ_VaOEhSKnysJ9Dg2wZ6sk6VUCOI29m5pK9zN0dn9uEDWm4oBx_WNBvQyWGUS6D1iyLJO86n78JvomWr-zVVkl5fH5Lk0hmzixJWbkStSeKQQunSRr9smO7aIvzbH4EKrrZMAhN-0RzzphOtVihZ0YSw7aa6FAMDiNYpf0HjIfToVF0sHsBOM3IHW8bgBAGABsiuydS6xLrcJaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0z5ZsHtulXStNxcotiVICIKyDGlQ%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd2466477387e94dbde262c0c56612fe6ef46ec109b8d0d4069484a6f9ade247 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2350106 cf-polished origFmt=png, origSize=168649 alt-svc h3=":443"; ma=86400 content-length 105332 cf-bgj imgq:85,h2pri last-modified Mon, 15 May 2023 13:20:49 GMT server cloudflare etag "ac48b4403a35b54196486b0c2a925ee3" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OeBugpgWn%2Bi3e9KoQWRTRVKQsh6mxoHxbGPX%2BiYfbyfZsV%2FAy5zmdAY85Hqo6btmgcEzuHQkYzQc6oHgY88j3V%2Bn%2FbkYDocaGNq88Z6xlMVPfIg%2FNo60RTd19gIYbgYutBRIF2o0pNPXAvif"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 7f263bed3dd54dcc-FRA expires Mon, 07 Aug 2023 09:25:42 GMT
GET H/1.1	200 OK	/ partner.o2online.de/a/ Frame 658D Redirect Chain https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t... https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJ-4hbbbx4ADFU3IuwgdpQwESA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=... https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023080611254487602533953X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suit...	49 B 1 KB	67ms 28ms	Image image/gif	167.233.13.224
General Check archive.org Show headers Download Go to Show image Full URL https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023080611254487602533953X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023080611254487602533953X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&partnerid=12218 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=175059%2C59040%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=250&e=&g=115e5e4c69de041762f76a6d2370e0a7%2F14664944789031701716&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691313942500&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gc04fvz63rn7s5rfbj6r23bgnjen8v4ffrwa13p6s9e4cty1c4cykscp6d5y1pyp94d7y1xd00ax3y1zrgj4468z3jqgnx6fa31xzzwzedn32xscaag290mexam89e5csb9atawtfny4behyrcdzxcmd1sfbdqkanjnwp6wfd2k5rgj8vqjatwjj26ja444zmde77em7j256jfcha0qpa7hn5zx3yh5evca5r29vjbj7nb0med3gawt27gkhtd399cx9ng4c0qm0psy719mvwe5qm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzFbbFmfPZPRpwrOR1Q_v2KPQApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS8Ak_Qy0T3GJwFiVxnKPffR-5qA3EaCuzYmopexnIu2iZEV06uDgnP76_YCLn17F8LvWYC87CXyJfVH03uL17oXnesWF3j47lXyeATNkDSzshaztZvXIPqmiI3B8b5RB9Lchi-P_7FAi8ydk36bfbxciVOrTgMsrj44GC9WqXsRD8B09ODoGda3bRaXmsmcuxjMxS-9eNXyIGbthgFoingdzluQ6ys42S5L3vb9mBLoPqUQ_VaOEhSKnysJ9Dg2wZ6sk6VUCOI29m5pK9zN0dn9uEDWm4oBx_WNBvQyWGUS6D1iyLJO86n78JvomWr-zVVkl5fH5Lk0hmzixJWbkStSeKQQunSRr9smO7aIvzbH4EKrrZMAhN-0RzzphOtVihZ0YSw7aa6FAMDiNYpf0HjIfToVF0sHsBOM3IHW8bgBAGABsiuydS6xLrcJaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0z5ZsHtulXStNxcotiVICIKyDGlQ%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol HTTP/1.1 Server 167.233.13.224 -, , ASN (), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Sun, 06 Aug 2023 09:25:44 GMT X-NODEIP 46.4.62.19 Server nginx/1.14.0 (Ubuntu) RM-PrivacyPolicy https://www.nonstoppartner.net/ Content-Type image/gif P3P policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP" Connection keep-alive Keep-Alive timeout=10 Content-Length 49 Redirect headers location https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023080611254487602533953X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&cons=0&spid=2023080611254487602533953X117679V1226132702MSviewoneidQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&wfid=117679&partnerid=12218 date Sun, 06 Aug 2023 09:25:44 GMT x-content-type-options nosniff server nginx x-xss-protection 1; mode=block content-type text/html; charset=UTF-8
GET H2	200	90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826 assets.ad4m.at/logo/ Frame 658D	36 KB 36 KB	31ms 18ms	Image image/webp	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=175059%2C59040%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=250&e=&g=115e5e4c69de041762f76a6d2370e0a7%2F14664944789031701716&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691313942500&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gc04fvz63rn7s5rfbj6r23bgnjen8v4ffrwa13p6s9e4cty1c4cykscp6d5y1pyp94d7y1xd00ax3y1zrgj4468z3jqgnx6fa31xzzwzedn32xscaag290mexam89e5csb9atawtfny4behyrcdzxcmd1sfbdqkanjnwp6wfd2k5rgj8vqjatwjj26ja444zmde77em7j256jfcha0qpa7hn5zx3yh5evca5r29vjbj7nb0med3gawt27gkhtd399cx9ng4c0qm0psy719mvwe5qm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzFbbFmfPZPRpwrOR1Q_v2KPQApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS8Ak_Qy0T3GJwFiVxnKPffR-5qA3EaCuzYmopexnIu2iZEV06uDgnP76_YCLn17F8LvWYC87CXyJfVH03uL17oXnesWF3j47lXyeATNkDSzshaztZvXIPqmiI3B8b5RB9Lchi-P_7FAi8ydk36bfbxciVOrTgMsrj44GC9WqXsRD8B09ODoGda3bRaXmsmcuxjMxS-9eNXyIGbthgFoingdzluQ6ys42S5L3vb9mBLoPqUQ_VaOEhSKnysJ9Dg2wZ6sk6VUCOI29m5pK9zN0dn9uEDWm4oBx_WNBvQyWGUS6D1iyLJO86n78JvomWr-zVVkl5fH5Lk0hmzixJWbkStSeKQQunSRr9smO7aIvzbH4EKrrZMAhN-0RzzphOtVihZ0YSw7aa6FAMDiNYpf0HjIfToVF0sHsBOM3IHW8bgBAGABsiuydS6xLrcJaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0z5ZsHtulXStNxcotiVICIKyDGlQ%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2351040 cf-polished origFmt=png, origSize=62828 alt-svc h3=":443"; ma=86400 content-length 36446 cf-bgj imgq:85,h2pri last-modified Tue, 18 Oct 2022 15:02:47 GMT server cloudflare etag "e12c1a9f1887c09d377658838eaaa06d" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xY2pZEpDN6hdG6XC2gralQZ7ZEv3zRbKooQqe0j6JsiQ96%2FH5ansz81J0xG69KsXqiPvBHwASbLMVcFdanudLpxEJh6stKMlI83xhqDJiMqEIgHsmvxibNgPWQRMMyZLleKXQsCZKRCdOiCA"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 7f263bed3dd14dcc-FRA expires Mon, 07 Aug 2023 09:25:42 GMT
GET H2	200	287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1 assets.ad4m.at/ Frame 658D	38 KB 38 KB	41ms 29ms	Image image/jpeg	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=175059%2C59040%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=250&e=&g=115e5e4c69de041762f76a6d2370e0a7%2F14664944789031701716&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691313942500&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gc04fvz63rn7s5rfbj6r23bgnjen8v4ffrwa13p6s9e4cty1c4cykscp6d5y1pyp94d7y1xd00ax3y1zrgj4468z3jqgnx6fa31xzzwzedn32xscaag290mexam89e5csb9atawtfny4behyrcdzxcmd1sfbdqkanjnwp6wfd2k5rgj8vqjatwjj26ja444zmde77em7j256jfcha0qpa7hn5zx3yh5evca5r29vjbj7nb0med3gawt27gkhtd399cx9ng4c0qm0psy719mvwe5qm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzFbbFmfPZPRpwrOR1Q_v2KPQApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS8Ak_Qy0T3GJwFiVxnKPffR-5qA3EaCuzYmopexnIu2iZEV06uDgnP76_YCLn17F8LvWYC87CXyJfVH03uL17oXnesWF3j47lXyeATNkDSzshaztZvXIPqmiI3B8b5RB9Lchi-P_7FAi8ydk36bfbxciVOrTgMsrj44GC9WqXsRD8B09ODoGda3bRaXmsmcuxjMxS-9eNXyIGbthgFoingdzluQ6ys42S5L3vb9mBLoPqUQ_VaOEhSKnysJ9Dg2wZ6sk6VUCOI29m5pK9zN0dn9uEDWm4oBx_WNBvQyWGUS6D1iyLJO86n78JvomWr-zVVkl5fH5Lk0hmzixJWbkStSeKQQunSRr9smO7aIvzbH4EKrrZMAhN-0RzzphOtVihZ0YSw7aa6FAMDiNYpf0HjIfToVF0sHsBOM3IHW8bgBAGABsiuydS6xLrcJaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0z5ZsHtulXStNxcotiVICIKyDGlQ%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2351040 cf-polished degrade=85, origSize=133780, status=vary_header_present alt-svc h3=":443"; ma=86400 content-length 38661 cf-bgj imgq:85,h2pri last-modified Tue, 18 Feb 2020 10:22:01 GMT server cloudflare etag "d061ca155f758f490340e147604dc3ee" vary X-Goog-Allowed-Resources, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YcRHrl%2Bn5PJ3qrP7lkmiQdeVNA0eRZEoew0BeKkHFfHaxnj4X3a4c9yof8p0AbuqHHv9lbdUEZ5IeJ%2FD148YceOLhiApssA%2FruJgSymKHcKHZTf4oufiIwVoO9LTbT2WYzkPv%2B3AyM%2F7hiKH"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=86400 accept-ranges bytes cf-ray 7f263bed3dd74dcc-FRA expires Mon, 07 Aug 2023 09:25:42 GMT
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame 658D	43 B 703 B	391ms 77ms	Image image/gif	2.20.213.154 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=175059%2C59040%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=250&e=&g=115e5e4c69de041762f76a6d2370e0a7%2F14664944789031701716&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691313942500&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gc04fvz63rn7s5rfbj6r23bgnjen8v4ffrwa13p6s9e4cty1c4cykscp6d5y1pyp94d7y1xd00ax3y1zrgj4468z3jqgnx6fa31xzzwzedn32xscaag290mexam89e5csb9atawtfny4behyrcdzxcmd1sfbdqkanjnwp6wfd2k5rgj8vqjatwjj26ja444zmde77em7j256jfcha0qpa7hn5zx3yh5evca5r29vjbj7nb0med3gawt27gkhtd399cx9ng4c0qm0psy719mvwe5qm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzFbbFmfPZPRpwrOR1Q_v2KPQApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS8Ak_Qy0T3GJwFiVxnKPffR-5qA3EaCuzYmopexnIu2iZEV06uDgnP76_YCLn17F8LvWYC87CXyJfVH03uL17oXnesWF3j47lXyeATNkDSzshaztZvXIPqmiI3B8b5RB9Lchi-P_7FAi8ydk36bfbxciVOrTgMsrj44GC9WqXsRD8B09ODoGda3bRaXmsmcuxjMxS-9eNXyIGbthgFoingdzluQ6ys42S5L3vb9mBLoPqUQ_VaOEhSKnysJ9Dg2wZ6sk6VUCOI29m5pK9zN0dn9uEDWm4oBx_WNBvQyWGUS6D1iyLJO86n78JvomWr-zVVkl5fH5Lk0hmzixJWbkStSeKQQunSRr9smO7aIvzbH4EKrrZMAhN-0RzzphOtVihZ0YSw7aa6FAMDiNYpf0HjIfToVF0sHsBOM3IHW8bgBAGABsiuydS6xLrcJaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0z5ZsHtulXStNxcotiVICIKyDGlQ%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.20.213.154 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-20-213-154.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Pragma no-cache Date Sun, 06 Aug 2023 09:25:42 GMT Strict-Transport-Security max-age=86400 Node Helix Content-Type image/gif P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Connection keep-alive Content-Length 43 Expires 0
GET		view securepubads.g.doubleclick.net/pcs/ Frame 16ED	0 0
GET		rx_lidar.js www.googletagservices.com/activeview/js/current/ Frame 16ED	0 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	59 KB 14 KB	386ms 386ms	XHR text/plain	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3795749037860041&correlator=2866480521958527&eid=31068826&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2Cf22cd2de-ab38-4762-9506-bf7fa60ab4da&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C1024x600%7C160x600%7C300x250%7C300x600%7C320x480&fluid=height&ifi=13&adks=2335899613&didk=412460675&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D71061afa4f87b656%3AT%3D1691313941%3ART%3D1691313941%3AS%3DALNI_MaTn69Mo1i5UYkz7u1gbZ-qtjI2Gg&gpic=UID%3D00000c79f5b75660%3AT%3D1691313941%3ART%3D1691313941%3AS%3DALNI_MZoJ-Yo5nIE0_2qo4FlDeUMpPaJiQ&abxe=1&dt=1691313942649&lmt=1691313939&adxs=302&adys=668&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11813%2F0%2Fmotogp-vs-motogp%2F&frm=20&vis=1&psz=1052x616&msz=1052x616&fws=4&ohw=1100&ga_vid=784738915.1691313942&ga_sid=1691313942&ga_hid=1728061049&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYmdmq0ZwxSABSAghkEhkKCnB1YmNpZC5vcmcYxNmq0ZwxSABSAghqEhcKCHJ0YmhvdXNlGJnZqtGcMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiZ2arRnDFIAFICCGQSGQoKdWlkYXBpLmNvbRiZ2arRnDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJnZqtGcMUgAUgIIZA..&dlt=1691313940033&idt=1564&prev_scp=ti%3D8a8e1b47-95a7-47a1-8d1d-66d3c6b5767c%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D74 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5c63da72cedc9c2cde459097e4ad7e7982f69d632c0fc9087c93614019ab8227 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:43 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13981 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://yalla-shoots.tv access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	429	link.html track.webgains.com/ Frame 658D	0 0	341ms 36ms	Script text/html	13.42.110.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h1sk7s6186n6x3vt7kc89vqzses8ckpjkm7trdn7chjkqf37trt4ajym73kaa6cwhhkfcmdzrj1f35rjb2zh1qww43a0hqrferbwqftkfv221qxsbj3avm4svwkysq10a9h5j79hw0drg5f5mn1ekbzw945p0cmncvd8fcqpr2ncvm9fmdfe94b1xjtjaqc1j3cwhxjfbgb3s74n2pj9xrcxrfr0w7hzzgj362kpp3s29jv4jn6zrdz8zmw5ghf3b0hc%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gc04fvz63rn7s5rfbj6r23bgnjen8v4ffrwa13p6s9e4cty1c4cykscp6d5y1pyp94d7y1xd00ax3y1zrgj4468z3jqgnx6fa31xzzwzedn32xscaag290mexam89e5csb9atawtfny4behyrcdzxcmd1sfbdqkanjnwp6wfd2k5rgj8vqjatwjj26ja444zmde77em7j256jfcha0qpa7hn5zx3yh5evca5r29vjbj7nb0med3gawt27gkhtd399cx9ng4c0qm0psy719mvwe5qm%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCzFbbFmfPZPRpwrOR1Q_v2KPQApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS8Ak_Qy0T3GJwFiVxnKPffR-5qA3EaCuzYmopexnIu2iZEV06uDgnP76_YCLn17F8LvWYC87CXyJfVH03uL17oXnesWF3j47lXyeATNkDSzshaztZvXIPqmiI3B8b5RB9Lchi-P_7FAi8ydk36bfbxciVOrTgMsrj44GC9WqXsRD8B09ODoGda3bRaXmsmcuxjMxS-9eNXyIGbthgFoingdzluQ6ys42S5L3vb9mBLoPqUQ_VaOEhSKnysJ9Dg2wZ6sk6VUCOI29m5pK9zN0dn9uEDWm4oBx_WNBvQyWGUS6D1iyLJO86n78JvomWr-zVVkl5fH5Lk0hmzixJWbkStSeKQQunSRr9smO7aIvzbH4EKrrZMAhN-0RzzphOtVihZ0YSw7aa6FAMDiNYpf0HjIfToVF0sHsBOM3IHW8bgBAGABsiuydS6xLrcJaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0z5ZsHtulXStNxcotiVICIKyDGlQ%252526client%25253Dca-pub-3831894559014614%252526adurl%25253D&clickref=oneid24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidQMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7boneid__suite_Netmix_Reach128_WEBGAINSMOSTLY Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=175059%2C59040%2C19769&b=QMGH4fjfP2BJaxH5HYtGtbMzjF6S4TG6dTRB7b%2CQMGH4fjfD1GVfxH5HYtGtZZWS6S4TG6dTRB7b%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=24zt6fqfj2RWSVHWHktwC2JgGHxS7TgQXaEK68%2C24zt6fqfx7PrfVHWHktwCxxDaxS7TgQXaEK68%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=970&d=250&e=&g=115e5e4c69de041762f76a6d2370e0a7%2F14664944789031701716&i=65915%2C20774%2C21630&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691313942500&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gc04fvz63rn7s5rfbj6r23bgnjen8v4ffrwa13p6s9e4cty1c4cykscp6d5y1pyp94d7y1xd00ax3y1zrgj4468z3jqgnx6fa31xzzwzedn32xscaag290mexam89e5csb9atawtfny4behyrcdzxcmd1sfbdqkanjnwp6wfd2k5rgj8vqjatwjj26ja444zmde77em7j256jfcha0qpa7hn5zx3yh5evca5r29vjbj7nb0med3gawt27gkhtd399cx9ng4c0qm0psy719mvwe5qm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzFbbFmfPZPRpwrOR1Q_v2KPQApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS8Ak_Qy0T3GJwFiVxnKPffR-5qA3EaCuzYmopexnIu2iZEV06uDgnP76_YCLn17F8LvWYC87CXyJfVH03uL17oXnesWF3j47lXyeATNkDSzshaztZvXIPqmiI3B8b5RB9Lchi-P_7FAi8ydk36bfbxciVOrTgMsrj44GC9WqXsRD8B09ODoGda3bRaXmsmcuxjMxS-9eNXyIGbthgFoingdzluQ6ys42S5L3vb9mBLoPqUQ_VaOEhSKnysJ9Dg2wZ6sk6VUCOI29m5pK9zN0dn9uEDWm4oBx_WNBvQyWGUS6D1iyLJO86n78JvomWr-zVVkl5fH5Lk0hmzixJWbkStSeKQQunSRr9smO7aIvzbH4EKrrZMAhN-0RzzphOtVihZ0YSw7aa6FAMDiNYpf0HjIfToVF0sHsBOM3IHW8bgBAGABsiuydS6xLrcJaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0z5ZsHtulXStNxcotiVICIKyDGlQ%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.42.110.74 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-42-110-74.eu-west-2.compute.amazonaws.com Software awselb/2.0 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:43 GMT server awselb/2.0 content-length 45 content-type text/html
GET H3	200	container.html Show response 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B4A2	6 KB 3 KB	7ms 6ms	Document text/html	2a00:1450:4001:800::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://yalla-shoots.tv/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sun, 06 Aug 2023 09:25:41 GMT expires Mon, 05 Aug 2024 09:25:41 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
HEAD H3	200	e.js Show response live.demand.supply/e/	0 480 B	16ms 16ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_728x90_sticky_display_bottom&pn=1&sn=3&pc=0.1805095076560974&ds=true&e=wdp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nf-request-id 01H5N5AHKBES9HA8XC274JEKPE date Sun, 06 Aug 2023 09:25:42 GMT cf-cache-status HIT age 1345561 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "46f47d652033caa436f550f7e8b20e7f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7f263bee2a025c92-FRA
GET DATA	200 OK	truncated /	182 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	834 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/svg+xml
HEAD H3	200	e.js Show response live.demand.supply/e/	0 479 B	98ms 97ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=0.01&b=3&r=yalla-shoots.tv_auto_728x90_sticky_display_bottom&sy=23a3d1b1-0160-42f1-a1d0-e2e5b611a1cd&ts=74&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=8a8e1b47-95a7-47a1-8d1d-66d3c6b5767c&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nf-request-id 01H5N5AHKBES9HA8XC274JEKPE date Sun, 06 Aug 2023 09:25:42 GMT cf-cache-status HIT age 1345561 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "46f47d652033caa436f550f7e8b20e7f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7f263bee2a085c92-FRA
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame B4A2	0 0	49ms 49ms	Fetch text/html	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CR59PFmfPZM_BH9q2nsEPxMuGqAiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEsQJP0GqH410ZrA456mwcIE2nErBowqrXZYlFUSAS3rFYA_WY3pXt5QcFqw5CQw_WIbLfMWbLCLJxoqfonRfb6vxitbBg5TeRLg-5jrBucdvHrJMV50VhG-hey4ECKWitIGKQeD2ybU44g_du2dWxp-JzhLOcFIbbNig4wcKFh_NMzIluWjApfrRPnswz1KRmKhrjRD5Jb9U1ybJ5sItkOvr6l3-Mp9qNUWH3GeWXFn7MJXg_w2XFzqAxpF61g1-Vatv9X2CL7ormnYuDRt1oN5BRxFOJj-QFaiAboCa7ef3RBDxvVkKsR7pEU-bCwmULCirzXdaILgPgKyq6wO49oYZyxRm_uYp3fZpMJXaHjjr-bUA35sGpg95OqaOjmSbBWTl5WyRv6jYS7RfufWhzRkmUdOAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=OVBt0ceBf_g&uach_m=[UACH]&cid=CAQSOwBpAlJW0MX96l7ZnKjIMZvK6jwaPhhil0Dx4eNUnq4Ztw10W5jccdYF8_frEsgbGmZ1OToK3Ztj3DW6GAE Requested by Host: yalla-shoots.tv URL: https://yalla-shoots.tv/live/11813/0/motogp-vs-motogp/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers
GET H2	204	winResponse prod-rtb.ad4mat.net/ Frame B4A2	0 0	42ms 17ms	Fetch image/gif	2600:1901:0:76b9:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://prod-rtb.ad4mat.net/winResponse?a=1g8fggmkv74y976ea8zp0183a56qgy21rtwa85dfv29d8z87jf9sec8bat6mc1xw0h1gfqgfe6n0s09d4mkyd65j94fwv1q147vh7da7j6095gnf5a328sjazasf5v22ewwhgcv0b7x0bemppph1jvrshmt5cfpzxjyk0r14rc7611x4sxjag3t3awy1c71z8s4a9xf1xs3fmhsdd20msrm079bhk7evc3s1n6ks0yhsx4654cn28ajwt1sg59fe7xmr2e16tmt68myvj738sbc94sn66ynd11jdm1qhzgna2a9c19q16pn1mtq9f0shepfg3ahnghknsnq0pqks6e1dp79pr6trnr4cz650040qjdmxwedqnxkq124r9ww081c57wf7jm2kgv0e&b=ZM9nFgAH4M8CJ5taAAGlxPrg_-efkDLFJ5RT1g Requested by Host: yalla-shoots.tv URL: https://yalla-shoots.tv/live/11813/0/motogp-vs-motogp/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers access-control-allow-origin * date Sun, 06 Aug 2023 09:25:42 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type image/gif
GET H3	200	dr Show response as.ad4m.at/ad/ Frame F02B	2 KB 2 KB	28ms 28ms	Document text/html	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/dr?ed=1krmjyfz7qajmtzgk0nt2dv3x5sn2gbcay7t84xera08hz1x6bj9xv5pdykk7htj014mdrncwbcx817j33qtmmjhwvq9d336rmzgj7kka2ff0ef7ewvvykj5gm5dwe5epn6q7x734925qy6px9n934senhk585h21p3x3mshsn3x9dd04199xhhwrs079fzssnfnkzq0xe0qrwtstrmkzfaf65y1jgweegg7qyt3bz23w1avspqsmztc0cny3zxnv3amrywr8my6zhjwtr7gvgrtm5pjxf8pshyrcz9b7vs0mz7ng5nw5s945x98v4g7dctv4p79v4qg9kd4axastqzfqj5nekp7f7jgx0zvqw0kfkgxd66he49t02fg6kwbnsytb5e20sprbb9ss8ztmedc9ekytsvb6m5atfykxqh7vnfwx27rbr9w2xbgxcxy3w0haqfffg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSNRCFmfPZM_BH9q2nsEPxMuGqAiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEtAJP0GqH410ZrA456mwcIE2nErBowqrXZYlFUSAS3rFYA_WY3pXt5QcFqw5CQw_WIbLfMWbLCLJxoqfonRfb6vxitbBg5TeRLg-5jrBucdvHrJMV50VhG-hey4ECKWitIGKQeD2ybU44g_du2dWxp-JzhLOcFIbbNig4wcKFh_NMzIluWjApfrRPnswz1KRmKhrjRD5Jb9U1ybJ5sItkOvr6l3-Mp9qNUWH3GeWXFn7MJXg_w2XFzqAxpF61g1-Vatv9X2CL7ormnYuDRt1oN5BRxFOJj-QFaiAboCa7ef3RBDxvVkKsR7pEU-bCwmULCirzXdaILgPgKyq6wO49oYZyxRm_uYp3fZpMJXbFjBtsurmwpgkuy0iU4DFRoDLL9DNXQ_nvKH-AFYPwUXCmmtbUvDkcOeAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0hVYrcT4yOxVcfp-oScks5DOku2g%26client%3Dca-pub-3831894559014614%26adurl%3D Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5949b4f57ad0bfeb1f653f0ab401de93790108a00dd580ff5496849aff8f26f Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-cache-status DYNAMIC cf-ray 7f263bee3f8f9107-FRA content-encoding br content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' content-type text/html; charset=utf-8 cross-origin-embedder-policy unsafe-none cross-origin-opener-policy unsafe-none cross-origin-resource-policy cross-origin date Sun, 06 Aug 2023 09:25:42 GMT expires 0 feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} pragma no-cache referrer-policy same-origin report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} server cloudflare strict-transport-security max-age=86400; includeSubDomains; preload surrogate-control no-store vary accept-encoding via 1.1 google x-content-type-options nosniff x-download-options noopen x-xss-protection 1; mode=block
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame B4A2	3 KB 1 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 05 Aug 2023 14:44:44 GMT content-encoding br x-content-type-options nosniff age 67258 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 19 Aug 2023 14:44:44 GMT
GET H2	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame C9A7	1 KB 677 B	7ms 6ms	Document text/html	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 15128 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 06 Aug 2023 05:13:34 GMT etag 48472445140208031 expires Mon, 07 Aug 2023 05:13:34 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame B4A2	20 KB 8 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 05 Aug 2023 13:47:03 GMT content-encoding br x-content-type-options nosniff age 70719 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8261 x-xss-protection 0 server cafe etag 3571037177597359341 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 19 Aug 2023 13:47:03 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame B4A2	0 0	15ms 14ms	Image text/html	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSwinqGe9D4qa6nFlDdJptxcN1Am8D0yKCWO_BjeIL0f-GUXqldkyuiyrVHIqGGmeLF0J5wsm72XNTKcDEAzxTKAEJWhA Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers
GET H3	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B4A2	24 KB 6 KB	9ms 9ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Wed, 02 Aug 2023 08:18:25 GMT content-encoding br x-content-type-options nosniff age 349637 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6402 x-xss-protection 0 last-modified Thu, 03 Nov 2022 19:10:08 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 01 Aug 2024 08:18:25 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame B4A2	179 KB 56 KB	17ms 16ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57430 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1690976231057960" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 06 Aug 2023 09:25:42 GMT
POST H2	200	map Show response bcp.crwdcntrl.net/6/	60 B 335 B	99ms 30ms	XHR application/json	34.251.163.198 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/6/map Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.251.163.198 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-251-163-198.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 5ffaa17b2500431f66ae3622b78192de82e614a6834054c048e676eea7adc514 Request headers Referer https://yalla-shoots.tv/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sun, 06 Aug 2023 09:25:42 GMT server Jetty(9.4.38.v20210224) content-type application/json;charset=utf-8 p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://yalla-shoots.tv cache-control no-cache x-server 10.45.31.203 access-control-allow-credentials true content-length 60 expires 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame C9A7 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMB01v_9ERKBKTS0JcAOkP8&google_cver=1&google_push=AXcoOmQ2GwhK60vbLYeyzoARk-pJglcUHlvmcgzwUfDdnsbsYrKLaL80NuMxd3GxhqZG1C_E7BkPzeZET-MqUrON... https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQ2GwhK60vbLYeyzoARk-pJglcUHlvmcgzwUfDdnsbsYrKLaL80NuMxd3GxhqZG1C_E7BkPzeZET-MqUrON5fvx34i4msCKnQ	170 B 188 B	17ms 17ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQ2GwhK60vbLYeyzoARk-pJglcUHlvmcgzwUfDdnsbsYrKLaL80NuMxd3GxhqZG1C_E7BkPzeZET-MqUrON5fvx34i4msCKnQ Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sun, 06 Aug 2023 09:25:42 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Sun, 06 Aug 2023 09:25:42 GMT Server MT3 1031 59fd23a master zrh zrh-pixel-x26 config_version:"1524" Content-Type image/gif Access-Control-Allow-Origin * location https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQ2GwhK60vbLYeyzoARk-pJglcUHlvmcgzwUfDdnsbsYrKLaL80NuMxd3GxhqZG1C_E7BkPzeZET-MqUrON5fvx34i4msCKnQ P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Keep-Alive timeout=360 Content-Length 0 Expires Sun, 06 Aug 2023 09:25:41 GMT
GET H2	200	i.match a.tribalfusion.com/ Frame C9A7	43 B 399 B	180ms 175ms	Image image/gif	2606:4700::6812:18ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b6&u=CAESEF_BFYSQYbzNw2rVdD-7pHU&google_cver=1&google_push=AXcoOmQjMGsFEKbB8Kblafos6TRo4PG4ConhOpfVgiVcVUHvV8UXbOOR99F1rOCQHZWZDtKY6ZyBK4EgtFJC2y9Cye4RuWYTw-YPyQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQjMGsFEKbB8Kblafos6TRo4PG4ConhOpfVgiVcVUHvV8UXbOOR99F1rOCQHZWZDtKY6ZyBK4EgtFJC2y9Cye4RuWYTw-YPyQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sun, 06 Aug 2023 09:25:42 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7f263bee6f439125-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	sync x.bidswitch.net/ Frame C9A7	43 B 145 B	10ms 6ms	Image image/gif	3.76.178.166 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEUPwPsy6lmJvlAGEXB-kTQ&google_cver=1&google_push=AXcoOmQb2cT8YWPSpU8iexz1jpuOcF6Zu99YlBRnzmscx50-rUGZ5dxtBD2Guur-SKY58bqUye2up28ol4YsEu-oMBsmoUHwcwsumw Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.76.178.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-76-178-166.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif
GET H3	200	pixel cm.g.doubleclick.net/ Frame C9A7 Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENbpdPwcQ4nRLT7UMckTlrc&google_cver=1&google_push=AXcoOmQjCU3Z2PaX09aT0bIBFdZPgwdDD3ogSO-oRRX8lMup01DGmVWtYNefbsXat9cXiQnhEF2uZyk8... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc1NjIyNzgyNTk2OTY1OTE3NA&google_push=AXcoOmQjCU3Z2PaX09aT0bIBFdZPgwdDD3ogSO-oRRX8lMup01DGmVWtYNefbsXat9cXiQnhEF2uZy...	170 B 188 B	20ms 20ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc1NjIyNzgyNTk2OTY1OTE3NA&google_push=AXcoOmQjCU3Z2PaX09aT0bIBFdZPgwdDD3ogSO-oRRX8lMup01DGmVWtYNefbsXat9cXiQnhEF2uZyk8qKTEOKjldJkM2vtUKYF0 Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sun, 06 Aug 2023 09:25:42 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 06 Aug 2023 09:25:42 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc1NjIyNzgyNTk2OTY1OTE3NA&google_push=AXcoOmQjCU3Z2PaX09aT0bIBFdZPgwdDD3ogSO-oRRX8lMup01DGmVWtYNefbsXat9cXiQnhEF2uZyk8qKTEOKjldJkM2vtUKYF0 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H3	200	pixel cm.g.doubleclick.net/ Frame C9A7 Redirect Chain https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEOxuUr2ha7CSIaHJmK4ooII&google_cver=1&google_push=AXcoOmTYlTrVVKlWS-oIGsrQ7I26b1Px1SgI_Cr_l5A84S-R--AdkIm6nWsoErx8rza28bJNfhoOBTn_oDqQi... https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEOxuUr2ha7CSIaHJmK4ooII&google_push=AXcoOmTYlTrVVKlWS-oIGsrQ7I26b1Px1SgI_Cr_l5A84S-R--AdkIm6nWsoErx8rza28bJNfhoOBTn_oDqQi... https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTYlTrVVKlWS-oIGsrQ7I26b1Px1SgI_Cr_l5A84S-R--AdkIm6nWsoErx8rza28bJNfhoOBTn_oDqQivJ8Y6GmF_zZ_pb9yg&google_hm=aFNudGNnWUhrZ2FiUW...	170 B 188 B	18ms 18ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTYlTrVVKlWS-oIGsrQ7I26b1Px1SgI_Cr_l5A84S-R--AdkIm6nWsoErx8rza28bJNfhoOBTn_oDqQivJ8Y6GmF_zZ_pb9yg&google_hm=aFNudGNnWUhrZ2FiUWM2QnJQMTI= Requested by Host: yalla-shoots.tv URL: https://yalla-shoots.tv/live/11813/0/motogp-vs-motogp/ Protocol H3 Server 142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sun, 06 Aug 2023 09:25:43 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Sun, 06 Aug 2023 09:25:43 GMT Content-Type text/html; charset=utf-8 Location https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTYlTrVVKlWS-oIGsrQ7I26b1Px1SgI_Cr_l5A84S-R--AdkIm6nWsoErx8rza28bJNfhoOBTn_oDqQivJ8Y6GmF_zZ_pb9yg&google_hm=aFNudGNnWUhrZ2FiUWM2QnJQMTI= P3p CP="We do not support P3P header." Cache-Control no-cache, no-store, must-revalidate Content-Length 238 Expires Thu, 01 Dec 1994 16:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame C9A7 Redirect Chain https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEALvjog6nZT2haEnsT8MkJ8&google_cver=1&google_push=AXcoOmT0N1smF81dUWFCZKe4NQNdiH3-t4w5M2Q-NwlX6JBgPIuk45hGtplrf3DDUkyt7v_PDBjHJLlrv1JZfUnJX... https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEALvjog6nZT2haEnsT8MkJ8&google_cver=1&google_push=AXcoOmT0N1smF81dUWFCZKe4NQNdiH3-t4w5M2Q-NwlX6JBgPIuk45hGtplrf3DDUkyt7v_PDBjHJLlrv1JZfUnJX... https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT0N1smF81dUWFCZKe4NQNdiH3-t4w5M2Q-NwlX6JBgPIuk45hGtplrf3DDUkyt7v_PDBjHJLlrv1JZfUnJXvqFaC0TX-rD&google_hm=HGtVpGZHkTniU49cT46acNbf	170 B 188 B	19ms 18ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT0N1smF81dUWFCZKe4NQNdiH3-t4w5M2Q-NwlX6JBgPIuk45hGtplrf3DDUkyt7v_PDBjHJLlrv1JZfUnJXvqFaC0TX-rD&google_hm=HGtVpGZHkTniU49cT46acNbf Requested by Host: yalla-shoots.tv URL: https://yalla-shoots.tv/live/11813/0/motogp-vs-motogp/ Protocol H3 Server 142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sun, 06 Aug 2023 09:25:43 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Sun, 06 Aug 2023 09:25:43 GMT Access-Control-Allow-Methods GET, POST, DELETE, PUT Location https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT0N1smF81dUWFCZKe4NQNdiH3-t4w5M2Q-NwlX6JBgPIuk45hGtplrf3DDUkyt7v_PDBjHJLlrv1JZfUnJXvqFaC0TX-rD&google_hm=HGtVpGZHkTniU49cT46acNbf Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap1ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 0
GET H2	204	/ cc.adingo.jp/adx/push/ Frame C9A7	0 44 B	1006ms 250ms	Image text/plain	35.76.51.71 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cc.adingo.jp/adx/push/?google_gid=CAESELIN5gxHUwi7LMd_KbWQNdA&google_cver=1&google_push=AXcoOmRTv4nypR7fSipf8ilNHm9TuGi8tbh6KNe0lCA7-C3_ETYxiBZw3oOlPPgn7Lu_leYdPwyk-f9zMt2Pq0zPtUKrJB9Q3crx Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.76.51.71 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-76-51-71.ap-northeast-1.compute.amazonaws.com Software awselb/2.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:43 GMT server awselb/2.0
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame C9A7	0 12 B	18ms 15ms	Image text/html	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ikim5miXUD47E6YyRsw6D6VZHni3kP0Y-wst_-MwlnS6kbaixldaVi-MslkYKRBN3Hueb0 Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET DATA	200 OK	truncated / Frame B4A2	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3c3c503f37c83b8319fa1bf1487ab239a92a7e57780462df4caf44ad26db166f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/png
GET H3	200	default.css as.ad4m.at/ad/style/0.1.48/one-ad/ Frame F02B	114 KB 14 KB	19ms 19ms	Stylesheet text/css	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1krmjyfz7qajmtzgk0nt2dv3x5sn2gbcay7t84xera08hz1x6bj9xv5pdykk7htj014mdrncwbcx817j33qtmmjhwvq9d336rmzgj7kka2ff0ef7ewvvykj5gm5dwe5epn6q7x734925qy6px9n934senhk585h21p3x3mshsn3x9dd04199xhhwrs079fzssnfnkzq0xe0qrwtstrmkzfaf65y1jgweegg7qyt3bz23w1avspqsmztc0cny3zxnv3amrywr8my6zhjwtr7gvgrtm5pjxf8pshyrcz9b7vs0mz7ng5nw5s945x98v4g7dctv4p79v4qg9kd4axastqzfqj5nekp7f7jgx0zvqw0kfkgxd66he49t02fg6kwbnsytb5e20sprbb9ss8ztmedc9ekytsvb6m5atfykxqh7vnfwx27rbr9w2xbgxcxy3w0haqfffg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSNRCFmfPZM_BH9q2nsEPxMuGqAiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEtAJP0GqH410ZrA456mwcIE2nErBowqrXZYlFUSAS3rFYA_WY3pXt5QcFqw5CQw_WIbLfMWbLCLJxoqfonRfb6vxitbBg5TeRLg-5jrBucdvHrJMV50VhG-hey4ECKWitIGKQeD2ybU44g_du2dWxp-JzhLOcFIbbNig4wcKFh_NMzIluWjApfrRPnswz1KRmKhrjRD5Jb9U1ybJ5sItkOvr6l3-Mp9qNUWH3GeWXFn7MJXg_w2XFzqAxpF61g1-Vatv9X2CL7ormnYuDRt1oN5BRxFOJj-QFaiAboCa7ef3RBDxvVkKsR7pEU-bCwmULCirzXdaILgPgKyq6wO49oYZyxRm_uYp3fZpMJXbFjBtsurmwpgkuy0iU4DFRoDLL9DNXQ_nvKH-AFYPwUXCmmtbUvDkcOeAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0hVYrcT4yOxVcfp-oScks5DOku2g%26client%3Dca-pub-3831894559014614%26adurl%3D Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3 Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ad/dr?ed=1krmjyfz7qajmtzgk0nt2dv3x5sn2gbcay7t84xera08hz1x6bj9xv5pdykk7htj014mdrncwbcx817j33qtmmjhwvq9d336rmzgj7kka2ff0ef7ewvvykj5gm5dwe5epn6q7x734925qy6px9n934senhk585h21p3x3mshsn3x9dd04199xhhwrs079fzssnfnkzq0xe0qrwtstrmkzfaf65y1jgweegg7qyt3bz23w1avspqsmztc0cny3zxnv3amrywr8my6zhjwtr7gvgrtm5pjxf8pshyrcz9b7vs0mz7ng5nw5s945x98v4g7dctv4p79v4qg9kd4axastqzfqj5nekp7f7jgx0zvqw0kfkgxd66he49t02fg6kwbnsytb5e20sprbb9ss8ztmedc9ekytsvb6m5atfykxqh7vnfwx27rbr9w2xbgxcxy3w0haqfffg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSNRCFmfPZM_BH9q2nsEPxMuGqAiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEtAJP0GqH410ZrA456mwcIE2nErBowqrXZYlFUSAS3rFYA_WY3pXt5QcFqw5CQw_WIbLfMWbLCLJxoqfonRfb6vxitbBg5TeRLg-5jrBucdvHrJMV50VhG-hey4ECKWitIGKQeD2ybU44g_du2dWxp-JzhLOcFIbbNig4wcKFh_NMzIluWjApfrRPnswz1KRmKhrjRD5Jb9U1ybJ5sItkOvr6l3-Mp9qNUWH3GeWXFn7MJXg_w2XFzqAxpF61g1-Vatv9X2CL7ormnYuDRt1oN5BRxFOJj-QFaiAboCa7ef3RBDxvVkKsR7pEU-bCwmULCirzXdaILgPgKyq6wO49oYZyxRm_uYp3fZpMJXbFjBtsurmwpgkuy0iU4DFRoDLL9DNXQ_nvKH-AFYPwUXCmmtbUvDkcOeAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0hVYrcT4yOxVcfp-oScks5DOku2g%26client%3Dca-pub-3831894559014614%26adurl%3D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-meta-goog-reserved-file-mtime 1687950287 age 943954 cf-polished origSize=117335 x-guploader-uploadid ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 28 Jun 2023 11:05:15 GMT server cloudflare etag W/"5d49535c2a84a9762127b3d9e77d7e02" vary Accept-Encoding x-goog-generation 1687950315098833 content-type text/css x-goog-hash crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag== cache-control public, max-age=3600 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b10lpv9b7PKh0MyqEIXAIOPMaekAxPq8hH4O8oF7WsPQBg%2FJv3mtkqkB9DFWQDApKvwIAh6hg0262Jw4fnkAgolqX0fisoLQgT7BQvaNEmh276cEkIc7cOt75AaeDUt4v4FgXARPYZE%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 117335 cf-ray 7f263bee7fc09107-FRA expires Sun, 06 Aug 2023 10:25:42 GMT
GET H3	200	r62eglto.js Show response ad4m.at/ Frame F02B	25 KB 10 KB	19ms 18ms	Script application/javascript	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/r62eglto.js Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1krmjyfz7qajmtzgk0nt2dv3x5sn2gbcay7t84xera08hz1x6bj9xv5pdykk7htj014mdrncwbcx817j33qtmmjhwvq9d336rmzgj7kka2ff0ef7ewvvykj5gm5dwe5epn6q7x734925qy6px9n934senhk585h21p3x3mshsn3x9dd04199xhhwrs079fzssnfnkzq0xe0qrwtstrmkzfaf65y1jgweegg7qyt3bz23w1avspqsmztc0cny3zxnv3amrywr8my6zhjwtr7gvgrtm5pjxf8pshyrcz9b7vs0mz7ng5nw5s945x98v4g7dctv4p79v4qg9kd4axastqzfqj5nekp7f7jgx0zvqw0kfkgxd66he49t02fg6kwbnsytb5e20sprbb9ss8ztmedc9ekytsvb6m5atfykxqh7vnfwx27rbr9w2xbgxcxy3w0haqfffg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSNRCFmfPZM_BH9q2nsEPxMuGqAiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEtAJP0GqH410ZrA456mwcIE2nErBowqrXZYlFUSAS3rFYA_WY3pXt5QcFqw5CQw_WIbLfMWbLCLJxoqfonRfb6vxitbBg5TeRLg-5jrBucdvHrJMV50VhG-hey4ECKWitIGKQeD2ybU44g_du2dWxp-JzhLOcFIbbNig4wcKFh_NMzIluWjApfrRPnswz1KRmKhrjRD5Jb9U1ybJ5sItkOvr6l3-Mp9qNUWH3GeWXFn7MJXg_w2XFzqAxpF61g1-Vatv9X2CL7ormnYuDRt1oN5BRxFOJj-QFaiAboCa7ef3RBDxvVkKsR7pEU-bCwmULCirzXdaILgPgKyq6wO49oYZyxRm_uYp3fZpMJXbFjBtsurmwpgkuy0iU4DFRoDLL9DNXQ_nvKH-AFYPwUXCmmtbUvDkcOeAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0hVYrcT4yOxVcfp-oScks5DOku2g%26client%3Dca-pub-3831894559014614%26adurl%3D Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT content-encoding br cf-cache-status HIT last-modified Tue, 11 Jul 2023 16:29:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 406517 etag W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9zjMiNe%2F%2Bo9hRfJW7CysAQ0vOdgZ0H6wtcM4kbdaGTQzmMLZBiJWiVl38NTYU%2F3P74iIM5JXLpjQjqLUKD0Mib1SfUQjS43CtnOJIsmxT5hh7wOsWYe7DaM8%2FaHgN9LoHanMAY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=3600, must-revalidate, stale-while-revalidate=300 cf-ray 7f263bee7fc39107-FRA alt-svc h3=":443"; ma=86400 expires Tue, 01 Aug 2023 16:30:15 GMT
GET H2	200	adchoices_default.png static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame F02B	3 KB 3 KB	29ms 28ms	Image image/png	2606:4700:20::681a:71b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:42 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1073 x-guploader-uploadid ADPycdvYh6DcFTcWtsreocvh62FI68ZU81_mgPS4ytwaAhFYa5C3QcDwbcGxCi4sDoChQ5ABuxRYfNBwOuyo4AygCt86RAHaZWyx x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 content-length 3262 last-modified Tue, 21 Jun 2022 12:31:17 GMT server cloudflare etag "794c84d30e213ec6a144d64215f07551" vary X-Goog-Allowed-Resources, Accept-Encoding x-goog-generation 1655814677405990 content-type image/png content-language en x-goog-hash crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ== cache-control public, max-age=7200 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbcxdoBQLFQ8Mz0RCl0nh18UhUOfAASkVmI997x4%2BkxN3tdO3veuL6iF8nYPuuwqzRwzv9aBs5rX7UFtfXKK8VPAJDr1tw4FZThRG0Wo0b7NWGvXTRmVuVmZe1v66SmArSe1FvHS%2BLMusxVoi1BEOXnv"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 3262 accept-ranges bytes cf-ray 7f263beefd95381f-FRA expires Sun, 06 Aug 2023 10:07:49 GMT
GET H3	200	frame.html Show response ad4m.at/ Frame 9D17	2 KB 1 KB	17ms 17ms	Document text/html	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/frame.html Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 1289989 alt-svc h3=":443"; ma=86400 cache-control public, max-age=3600 cf-cache-status HIT cf-ray 7f263bef28a39107-FRA content-encoding br content-language en content-type text/html; charset=utf-8 date Sun, 06 Aug 2023 09:25:42 GMT expires Sun, 09 Jul 2023 00:24:59 GMT last-modified Thu, 25 Aug 2022 14:12:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrYn3AY8nPKTr7npjtTJsAi8InjlclR%2BIQxRGYxS1rrA5tg%2BwAMXojIyV9gCzj%2BM73J9pW%2BeHs0Cqkg1gGqWqB9bj8IJ8GgVv%2B9b6JN9p7l15JCf3Jkve3NXa0bNrx6g%2BjUMcWY%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
POST H3	200	rs Show response ad4m.at/ Frame F02B	2 KB 2 KB	34ms 34ms	XHR text/plain	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b15412becd65396d3911ab270ad9bd3794f6f4fd2eb735ea35a39ac3ec283eb Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type application/json Response headers date Sun, 06 Aug 2023 09:25:42 GMT via 1.1 google content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5BF%2FqxH8QavU0Zz6PcXPq2FpwpBAygpaDTjZow9ctIdnrstHEyQdIdJP0PSnCXUJZhiWm%2FnfG6rwaBkuB7aj4cwE6aJO%2BWI8bEZ7iHvp8e4x9mBATNhzBCo8zyqHF1Ybd7yOhk%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain access-control-allow-origin https://as.ad4m.at access-control-allow-credentials true cf-ray 7f263bef790c9018-FRA x-backend-server aa-reachservice-group-europe-west1-m7pg alt-svc h3=":443"; ma=86400
OPTIONS H3	200	rs ad4m.at/ Frame	0 0	27ms 26ms	Preflight text/plain	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://as.ad4m.at Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET,PATCH,POST,OPTIONS,DELETE access-control-allow-origin https://as.ad4m.at access-control-max-age 1800 allow HEAD,POST,GET,OPTIONS alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7f263bef58c59018-FRA content-length 24 content-type text/plain date Sun, 06 Aug 2023 09:25:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PANhFxGCnI0CNLmCnO3FsC%2FH175oh8ODiBOzMd2T8RtKOztUKxBGAgbdIrugQoHoM20cJwsQK0w38%2FqeWK4is4Lh5N1TEHB7Tz0PmjQmmcfYI4yDh2zh6cmaNRTUe7Ax9Ts8kf8%3D"}],"group":"cf-nel","max_age":604800} server cloudflare via 1.1 google x-backend-server aa-reachservice-group-europe-west1-m7pg
GET H3	200	rar Show response as.ad4m.at/ad/ Frame C58B	11 KB 5 KB	38ms 37ms	Document text/html	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=970&d=90&e=&g=545695ba7f220dee36b4efab48f4e5a9%2F8191472433834105136&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691313942969&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k90eefmsy52r83vhy5c4weatz7vaw7mbnm4zszsw0833cc22z95bjzm9qsjxvhf56a9gc60sa3w6a0ayrd005qahnxx3q2h6azcq2cfj41pcrvxe8x6f2d2vyfj8kcc1ahcavkz4yjs8s2jecscwnhmnnt7bmq96n7v8r0nxfxgj5gj8cwm8dy3kpz5aqkr2mf1n13jzb2q5d4x9g3mgjw1ha9dfwbyvpzb007nattmr3yc28759k48v5mqrws2g5dvqpdjqc1cwm4nmf8apqjecm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSNRCFmfPZM_BH9q2nsEPxMuGqAiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEtAJP0GqH410ZrA456mwcIE2nErBowqrXZYlFUSAS3rFYA_WY3pXt5QcFqw5CQw_WIbLfMWbLCLJxoqfonRfb6vxitbBg5TeRLg-5jrBucdvHrJMV50VhG-hey4ECKWitIGKQeD2ybU44g_du2dWxp-JzhLOcFIbbNig4wcKFh_NMzIluWjApfrRPnswz1KRmKhrjRD5Jb9U1ybJ5sItkOvr6l3-Mp9qNUWH3GeWXFn7MJXg_w2XFzqAxpF61g1-Vatv9X2CL7ormnYuDRt1oN5BRxFOJj-QFaiAboCa7ef3RBDxvVkKsR7pEU-bCwmULCirzXdaILgPgKyq6wO49oYZyxRm_uYp3fZpMJXbFjBtsurmwpgkuy0iU4DFRoDLL9DNXQ_nvKH-AFYPwUXCmmtbUvDkcOeAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0hVYrcT4yOxVcfp-oScks5DOku2g%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b7eceb858d92d4c926da43bcbde86060a83b84200d26f0bd920e378044138979 Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://as.ad4m.at/ad/dr?ed=1krmjyfz7qajmtzgk0nt2dv3x5sn2gbcay7t84xera08hz1x6bj9xv5pdykk7htj014mdrncwbcx817j33qtmmjhwvq9d336rmzgj7kka2ff0ef7ewvvykj5gm5dwe5epn6q7x734925qy6px9n934senhk585h21p3x3mshsn3x9dd04199xhhwrs079fzssnfnkzq0xe0qrwtstrmkzfaf65y1jgweegg7qyt3bz23w1avspqsmztc0cny3zxnv3amrywr8my6zhjwtr7gvgrtm5pjxf8pshyrcz9b7vs0mz7ng5nw5s945x98v4g7dctv4p79v4qg9kd4axastqzfqj5nekp7f7jgx0zvqw0kfkgxd66he49t02fg6kwbnsytb5e20sprbb9ss8ztmedc9ekytsvb6m5atfykxqh7vnfwx27rbr9w2xbgxcxy3w0haqfffg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSNRCFmfPZM_BH9q2nsEPxMuGqAiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEtAJP0GqH410ZrA456mwcIE2nErBowqrXZYlFUSAS3rFYA_WY3pXt5QcFqw5CQw_WIbLfMWbLCLJxoqfonRfb6vxitbBg5TeRLg-5jrBucdvHrJMV50VhG-hey4ECKWitIGKQeD2ybU44g_du2dWxp-JzhLOcFIbbNig4wcKFh_NMzIluWjApfrRPnswz1KRmKhrjRD5Jb9U1ybJ5sItkOvr6l3-Mp9qNUWH3GeWXFn7MJXg_w2XFzqAxpF61g1-Vatv9X2CL7ormnYuDRt1oN5BRxFOJj-QFaiAboCa7ef3RBDxvVkKsR7pEU-bCwmULCirzXdaILgPgKyq6wO49oYZyxRm_uYp3fZpMJXbFjBtsurmwpgkuy0iU4DFRoDLL9DNXQ_nvKH-AFYPwUXCmmtbUvDkcOeAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0hVYrcT4yOxVcfp-oScks5DOku2g%26client%3Dca-pub-3831894559014614%26adurl%3D Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-cache-status DYNAMIC cf-ray 7f263befb92f9107-FRA content-encoding br content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' content-type text/html; charset=utf-8 cross-origin-embedder-policy unsafe-none cross-origin-opener-policy unsafe-none cross-origin-resource-policy cross-origin date Sun, 06 Aug 2023 09:25:43 GMT expires 0 feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} pragma no-cache referrer-policy same-origin report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} server cloudflare strict-transport-security max-age=86400; includeSubDomains; preload surrogate-control no-store vary accept-encoding via 1.1 google x-content-type-options nosniff x-download-options noopen x-xss-protection 1; mode=block
GET H2	200	privacy_small.svg static.criteo.net/flash/icon/ Frame 1DB4	2 KB 1 KB	17ms 17ms	Image image/svg+xml	2a02:2638:d::2 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy_small.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZM9nFgACS2kCJ7yNAAfG-peZbFiRI1kPr4z65g&u=%7Cxiu6U%2BruRPPgYxhzVZIt%2BgRszIbbma0TZAU%2FHqX1N6g%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdruMtK_-xsAx-zoDeWpoM1ORn2ReKvK1DjNXYTqbBps_3glcg5ql_ZKupldwpDxqKI0qtMDEi9sO285jQOhK7ROclyMNZTCxGeqbjbsBxdWHDBHOsnFlqwQVFunV28Ak8GFYpvXNuznI_0eDxqAy4hT1xRCVflD-iAATSqSvJrjzclgEe8ho5B-FdIT3oRII553k_JxCj3wFBdMBH99IuNCIfjo3-Uy0vjrkvqrL6CLU4-6fNp2feE0_4u_HyYSqT6_vxHLoBss51yBKngkPgSh9y-i36cKBfC_eDKlY8OJWMPZKKG2-6LyBMTs81bICdcyXDXXtc7vTT9AWU_5Ofi2Qf8munk5MR-8EflWOAr1dcy7ACF7WGGwqARv9SHDfboX3bd3678bk78avuquZKZuJRQ0mlX5H3oxgRdxiHnwAzdADGzCiQtqxqSfGcmic6mwkSUYdjkQ1dfDZWV45utUiLCsMNuTZlX5zSLGNIOwrCQsLQeEd2xx8qn6XLkiTtFlGbCkbjzqll66EejQAgpJmvHgMxbF0WyJI954kBq3y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3wwUFmfPZOmWCY35nsEP-o2fsAHJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS2Ak_QVzMfu1bKbA1957WwxTrCqBJ0LAM-4oUftoHC5pl0lIgbNdSy1ooekYZLIvB3-ecYOM51927ojfauPG3VwZZQxIxAnbrNr_WEQuqQ-aR2CpXm938_mrRRx6ieGt4NWwTDNtKbIbgSN7suNaeTWDlFBFFuxwY6f4naFan-SVdD5u_8GLnbm9rI3GE5SFTV3NKR3jde1ii-5QmybRNkMgznWHJ6nLgVv9LrD9HDZAdAzR36B1wtXUlRoAGOvVP-zv1w5nbelaEaaigtxeLn2gw2xz1aDunIetMo_7lAp51zeshMLSigkk5KP0Q9p3_Ufv9l3MEsvZrySrj_tuOAHDBe2Bw8wkrQUj2rR9fFrAYZpAMoKRzr4JcgfisXEeUTDUI757ThJFQkklURQ8zFTGXdO9UbvMvgBAGABqDimaLYpv231AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0biPOZ1bc6WKCGNA1nJWuDICfHyw%26client%3Dca-pub-3831894559014614%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:43 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Feb 2020 14:30:28 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42ba84-6aa" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 31 Jul 2024 09:25:43 GMT
GET H2	200	adchoices_de.svg static.criteo.net/flash/icon/ Frame 1DB4	2 KB 1 KB	16ms 16ms	Image image/svg+xml	2a02:2638:d::2 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/adchoices_de.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZM9nFgACS2kCJ7yNAAfG-peZbFiRI1kPr4z65g&u=%7Cxiu6U%2BruRPPgYxhzVZIt%2BgRszIbbma0TZAU%2FHqX1N6g%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdruMtK_-xsAx-zoDeWpoM1ORn2ReKvK1DjNXYTqbBps_3glcg5ql_ZKupldwpDxqKI0qtMDEi9sO285jQOhK7ROclyMNZTCxGeqbjbsBxdWHDBHOsnFlqwQVFunV28Ak8GFYpvXNuznI_0eDxqAy4hT1xRCVflD-iAATSqSvJrjzclgEe8ho5B-FdIT3oRII553k_JxCj3wFBdMBH99IuNCIfjo3-Uy0vjrkvqrL6CLU4-6fNp2feE0_4u_HyYSqT6_vxHLoBss51yBKngkPgSh9y-i36cKBfC_eDKlY8OJWMPZKKG2-6LyBMTs81bICdcyXDXXtc7vTT9AWU_5Ofi2Qf8munk5MR-8EflWOAr1dcy7ACF7WGGwqARv9SHDfboX3bd3678bk78avuquZKZuJRQ0mlX5H3oxgRdxiHnwAzdADGzCiQtqxqSfGcmic6mwkSUYdjkQ1dfDZWV45utUiLCsMNuTZlX5zSLGNIOwrCQsLQeEd2xx8qn6XLkiTtFlGbCkbjzqll66EejQAgpJmvHgMxbF0WyJI954kBq3y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3wwUFmfPZOmWCY35nsEP-o2fsAHJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS2Ak_QVzMfu1bKbA1957WwxTrCqBJ0LAM-4oUftoHC5pl0lIgbNdSy1ooekYZLIvB3-ecYOM51927ojfauPG3VwZZQxIxAnbrNr_WEQuqQ-aR2CpXm938_mrRRx6ieGt4NWwTDNtKbIbgSN7suNaeTWDlFBFFuxwY6f4naFan-SVdD5u_8GLnbm9rI3GE5SFTV3NKR3jde1ii-5QmybRNkMgznWHJ6nLgVv9LrD9HDZAdAzR36B1wtXUlRoAGOvVP-zv1w5nbelaEaaigtxeLn2gw2xz1aDunIetMo_7lAp51zeshMLSigkk5KP0Q9p3_Ufv9l3MEsvZrySrj_tuOAHDBe2Bw8wkrQUj2rR9fFrAYZpAMoKRzr4JcgfisXEeUTDUI757ThJFQkklURQ8zFTGXdO9UbvMvgBAGABqDimaLYpv231AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0biPOZ1bc6WKCGNA1nJWuDICfHyw%26client%3Dca-pub-3831894559014614%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:43 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Feb 2020 14:27:58 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42b9ee-763" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 31 Jul 2024 09:25:43 GMT
GET H2	200	close_button.svg static.criteo.net/flash/icon/ Frame 1DB4	308 B 636 B	19ms 18ms	Image image/svg+xml	2a02:2638:d::2 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/close_button.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZM9nFgACS2kCJ7yNAAfG-peZbFiRI1kPr4z65g&u=%7Cxiu6U%2BruRPPgYxhzVZIt%2BgRszIbbma0TZAU%2FHqX1N6g%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdruMtK_-xsAx-zoDeWpoM1ORn2ReKvK1DjNXYTqbBps_3glcg5ql_ZKupldwpDxqKI0qtMDEi9sO285jQOhK7ROclyMNZTCxGeqbjbsBxdWHDBHOsnFlqwQVFunV28Ak8GFYpvXNuznI_0eDxqAy4hT1xRCVflD-iAATSqSvJrjzclgEe8ho5B-FdIT3oRII553k_JxCj3wFBdMBH99IuNCIfjo3-Uy0vjrkvqrL6CLU4-6fNp2feE0_4u_HyYSqT6_vxHLoBss51yBKngkPgSh9y-i36cKBfC_eDKlY8OJWMPZKKG2-6LyBMTs81bICdcyXDXXtc7vTT9AWU_5Ofi2Qf8munk5MR-8EflWOAr1dcy7ACF7WGGwqARv9SHDfboX3bd3678bk78avuquZKZuJRQ0mlX5H3oxgRdxiHnwAzdADGzCiQtqxqSfGcmic6mwkSUYdjkQ1dfDZWV45utUiLCsMNuTZlX5zSLGNIOwrCQsLQeEd2xx8qn6XLkiTtFlGbCkbjzqll66EejQAgpJmvHgMxbF0WyJI954kBq3y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3wwUFmfPZOmWCY35nsEP-o2fsAHJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS2Ak_QVzMfu1bKbA1957WwxTrCqBJ0LAM-4oUftoHC5pl0lIgbNdSy1ooekYZLIvB3-ecYOM51927ojfauPG3VwZZQxIxAnbrNr_WEQuqQ-aR2CpXm938_mrRRx6ieGt4NWwTDNtKbIbgSN7suNaeTWDlFBFFuxwY6f4naFan-SVdD5u_8GLnbm9rI3GE5SFTV3NKR3jde1ii-5QmybRNkMgznWHJ6nLgVv9LrD9HDZAdAzR36B1wtXUlRoAGOvVP-zv1w5nbelaEaaigtxeLn2gw2xz1aDunIetMo_7lAp51zeshMLSigkk5KP0Q9p3_Ufv9l3MEsvZrySrj_tuOAHDBe2Bw8wkrQUj2rR9fFrAYZpAMoKRzr4JcgfisXEeUTDUI757ThJFQkklURQ8zFTGXdO9UbvMvgBAGABqDimaLYpv231AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0biPOZ1bc6WKCGNA1nJWuDICfHyw%26client%3Dca-pub-3831894559014614%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:43 GMT strict-transport-security max-age=31536000; preload; last-modified Fri, 14 Feb 2020 13:51:32 GMT server nginx cross-origin-embedder-policy require-corp etag "5e46a5e4-134" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 308 expires Wed, 31 Jul 2024 09:25:43 GMT
GET H2	200	back_button2.svg static.criteo.net/flash/icon/ Frame 1DB4	293 B 621 B	18ms 17ms	Image image/svg+xml	2a02:2638:d::2 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/back_button2.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZM9nFgACS2kCJ7yNAAfG-peZbFiRI1kPr4z65g&u=%7Cxiu6U%2BruRPPgYxhzVZIt%2BgRszIbbma0TZAU%2FHqX1N6g%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdruMtK_-xsAx-zoDeWpoM1ORn2ReKvK1DjNXYTqbBps_3glcg5ql_ZKupldwpDxqKI0qtMDEi9sO285jQOhK7ROclyMNZTCxGeqbjbsBxdWHDBHOsnFlqwQVFunV28Ak8GFYpvXNuznI_0eDxqAy4hT1xRCVflD-iAATSqSvJrjzclgEe8ho5B-FdIT3oRII553k_JxCj3wFBdMBH99IuNCIfjo3-Uy0vjrkvqrL6CLU4-6fNp2feE0_4u_HyYSqT6_vxHLoBss51yBKngkPgSh9y-i36cKBfC_eDKlY8OJWMPZKKG2-6LyBMTs81bICdcyXDXXtc7vTT9AWU_5Ofi2Qf8munk5MR-8EflWOAr1dcy7ACF7WGGwqARv9SHDfboX3bd3678bk78avuquZKZuJRQ0mlX5H3oxgRdxiHnwAzdADGzCiQtqxqSfGcmic6mwkSUYdjkQ1dfDZWV45utUiLCsMNuTZlX5zSLGNIOwrCQsLQeEd2xx8qn6XLkiTtFlGbCkbjzqll66EejQAgpJmvHgMxbF0WyJI954kBq3y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3wwUFmfPZOmWCY35nsEP-o2fsAHJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS2Ak_QVzMfu1bKbA1957WwxTrCqBJ0LAM-4oUftoHC5pl0lIgbNdSy1ooekYZLIvB3-ecYOM51927ojfauPG3VwZZQxIxAnbrNr_WEQuqQ-aR2CpXm938_mrRRx6ieGt4NWwTDNtKbIbgSN7suNaeTWDlFBFFuxwY6f4naFan-SVdD5u_8GLnbm9rI3GE5SFTV3NKR3jde1ii-5QmybRNkMgznWHJ6nLgVv9LrD9HDZAdAzR36B1wtXUlRoAGOvVP-zv1w5nbelaEaaigtxeLn2gw2xz1aDunIetMo_7lAp51zeshMLSigkk5KP0Q9p3_Ufv9l3MEsvZrySrj_tuOAHDBe2Bw8wkrQUj2rR9fFrAYZpAMoKRzr4JcgfisXEeUTDUI757ThJFQkklURQ8zFTGXdO9UbvMvgBAGABqDimaLYpv231AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0biPOZ1bc6WKCGNA1nJWuDICfHyw%26client%3Dca-pub-3831894559014614%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:43 GMT strict-transport-security max-age=31536000; preload; last-modified Thu, 28 Apr 2022 09:09:48 GMT server nginx cross-origin-embedder-policy require-corp etag "626a59dc-125" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 293 expires Wed, 31 Jul 2024 09:25:43 GMT
GET H2	200	lg.php cat.nl3.eu.criteo.com/delivery/ Frame 1DB4	43 B 348 B	62ms 16ms	Image image/gif	178.250.1.6 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=68T6iTJnH-zlLSGsb4YEClp_4QlQURd-0XmF3LeJwEJG3UtgTLaJTDORbQlz4WvEREkUNMhG1uXsfMyAmISk9erreWM0GXMJe64O8tKyhCpwblxjGuHyjM6Bm43Eg1mumbw4-s8fAzlmEQGwqYMiYriO58gnxQZSOQrUvuMpg7RXncmr-MMqf3LpaEXImFQRhx7AXVCzXhpk55WZQuwNTJnXfRN6up_fK3qtDZkhg_39G8SONSqtBP3xG2FOQY2WftfhpHzjN0Ih3gdVVW4gPyx8lv5-w7QG686AEASd2PJeroYjRxw_ZchBuKfqs8DouSVDNGD2QvS5kM7fZb1m9cBaBtXc9Sm20RYG8ZOKs29F7ef21uMax6OHMWFZxBwik4Fp9tVxwGhRqU2B91okRfA-A6lPDOH8-p5zOTq5nKvmnOqc Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZM9nFgACS2kCJ7yNAAfG-peZbFiRI1kPr4z65g&u=%7Cxiu6U%2BruRPPgYxhzVZIt%2BgRszIbbma0TZAU%2FHqX1N6g%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdruMtK_-xsAx-zoDeWpoM1ORn2ReKvK1DjNXYTqbBps_3glcg5ql_ZKupldwpDxqKI0qtMDEi9sO285jQOhK7ROclyMNZTCxGeqbjbsBxdWHDBHOsnFlqwQVFunV28Ak8GFYpvXNuznI_0eDxqAy4hT1xRCVflD-iAATSqSvJrjzclgEe8ho5B-FdIT3oRII553k_JxCj3wFBdMBH99IuNCIfjo3-Uy0vjrkvqrL6CLU4-6fNp2feE0_4u_HyYSqT6_vxHLoBss51yBKngkPgSh9y-i36cKBfC_eDKlY8OJWMPZKKG2-6LyBMTs81bICdcyXDXXtc7vTT9AWU_5Ofi2Qf8munk5MR-8EflWOAr1dcy7ACF7WGGwqARv9SHDfboX3bd3678bk78avuquZKZuJRQ0mlX5H3oxgRdxiHnwAzdADGzCiQtqxqSfGcmic6mwkSUYdjkQ1dfDZWV45utUiLCsMNuTZlX5zSLGNIOwrCQsLQeEd2xx8qn6XLkiTtFlGbCkbjzqll66EejQAgpJmvHgMxbF0WyJI954kBq3y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3wwUFmfPZOmWCY35nsEP-o2fsAHJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS2Ak_QVzMfu1bKbA1957WwxTrCqBJ0LAM-4oUftoHC5pl0lIgbNdSy1ooekYZLIvB3-ecYOM51927ojfauPG3VwZZQxIxAnbrNr_WEQuqQ-aR2CpXm938_mrRRx6ieGt4NWwTDNtKbIbgSN7suNaeTWDlFBFFuxwY6f4naFan-SVdD5u_8GLnbm9rI3GE5SFTV3NKR3jde1ii-5QmybRNkMgznWHJ6nLgVv9LrD9HDZAdAzR36B1wtXUlRoAGOvVP-zv1w5nbelaEaaigtxeLn2gw2xz1aDunIetMo_7lAp51zeshMLSigkk5KP0Q9p3_Ufv9l3MEsvZrySrj_tuOAHDBe2Bw8wkrQUj2rR9fFrAYZpAMoKRzr4JcgfisXEeUTDUI757ThJFQkklURQ8zFTGXdO9UbvMvgBAGABqDimaLYpv231AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0biPOZ1bc6WKCGNA1nJWuDICfHyw%26client%3Dca-pub-3831894559014614%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sun, 06 Aug 2023 09:25:42 GMT strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 2597501 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	webfontloader.js Show response cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 1DB4	12 KB 5 KB	290ms 21ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZM9nFgACS2kCJ7yNAAfG-peZbFiRI1kPr4z65g&u=%7Cxiu6U%2BruRPPgYxhzVZIt%2BgRszIbbma0TZAU%2FHqX1N6g%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdruMtK_-xsAx-zoDeWpoM1ORn2ReKvK1DjNXYTqbBps_3glcg5ql_ZKupldwpDxqKI0qtMDEi9sO285jQOhK7ROclyMNZTCxGeqbjbsBxdWHDBHOsnFlqwQVFunV28Ak8GFYpvXNuznI_0eDxqAy4hT1xRCVflD-iAATSqSvJrjzclgEe8ho5B-FdIT3oRII553k_JxCj3wFBdMBH99IuNCIfjo3-Uy0vjrkvqrL6CLU4-6fNp2feE0_4u_HyYSqT6_vxHLoBss51yBKngkPgSh9y-i36cKBfC_eDKlY8OJWMPZKKG2-6LyBMTs81bICdcyXDXXtc7vTT9AWU_5Ofi2Qf8munk5MR-8EflWOAr1dcy7ACF7WGGwqARv9SHDfboX3bd3678bk78avuquZKZuJRQ0mlX5H3oxgRdxiHnwAzdADGzCiQtqxqSfGcmic6mwkSUYdjkQ1dfDZWV45utUiLCsMNuTZlX5zSLGNIOwrCQsLQeEd2xx8qn6XLkiTtFlGbCkbjzqll66EejQAgpJmvHgMxbF0WyJI954kBq3y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3wwUFmfPZOmWCY35nsEP-o2fsAHJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS2Ak_QVzMfu1bKbA1957WwxTrCqBJ0LAM-4oUftoHC5pl0lIgbNdSy1ooekYZLIvB3-ecYOM51927ojfauPG3VwZZQxIxAnbrNr_WEQuqQ-aR2CpXm938_mrRRx6ieGt4NWwTDNtKbIbgSN7suNaeTWDlFBFFuxwY6f4naFan-SVdD5u_8GLnbm9rI3GE5SFTV3NKR3jde1ii-5QmybRNkMgznWHJ6nLgVv9LrD9HDZAdAzR36B1wtXUlRoAGOvVP-zv1w5nbelaEaaigtxeLn2gw2xz1aDunIetMo_7lAp51zeshMLSigkk5KP0Q9p3_Ufv9l3MEsvZrySrj_tuOAHDBe2Bw8wkrQUj2rR9fFrAYZpAMoKRzr4JcgfisXEeUTDUI757ThJFQkklURQ8zFTGXdO9UbvMvgBAGABqDimaLYpv231AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0biPOZ1bc6WKCGNA1nJWuDICfHyw%26client%3Dca-pub-3831894559014614%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1424495 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 4418 last-modified Thu, 22 Jun 2023 11:22:44 GMT server cloudflare cf-cdnjs-via cfworker/r2 etag "64942f04-1142" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQ%2BALvLO2HtZ93d3DwYwm163dv64nS%2F9wFmLX7ClPXwrqutFHHULGkcxCBRAv7hypPWZPpdGNrDfISwXU6%2FmNdkqzQIEQ3r35E3YzjmUnRQldzfhsI1z3ECYfdQuuN0umRnIlafxMyqWPodF%2Fsu%2B1ee%2F"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7f263bf18e6a996e-FRA expires Fri, 26 Jul 2024 09:25:43 GMT
GET H2	200	animejs.js Show response static.criteo.net/animejs/ Frame 1DB4	12 KB 6 KB	20ms 19ms	Script text/javascript	2a02:2638:d::2 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/animejs/animejs.js Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZM9nFgACS2kCJ7yNAAfG-peZbFiRI1kPr4z65g&u=%7Cxiu6U%2BruRPPgYxhzVZIt%2BgRszIbbma0TZAU%2FHqX1N6g%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdruMtK_-xsAx-zoDeWpoM1ORn2ReKvK1DjNXYTqbBps_3glcg5ql_ZKupldwpDxqKI0qtMDEi9sO285jQOhK7ROclyMNZTCxGeqbjbsBxdWHDBHOsnFlqwQVFunV28Ak8GFYpvXNuznI_0eDxqAy4hT1xRCVflD-iAATSqSvJrjzclgEe8ho5B-FdIT3oRII553k_JxCj3wFBdMBH99IuNCIfjo3-Uy0vjrkvqrL6CLU4-6fNp2feE0_4u_HyYSqT6_vxHLoBss51yBKngkPgSh9y-i36cKBfC_eDKlY8OJWMPZKKG2-6LyBMTs81bICdcyXDXXtc7vTT9AWU_5Ofi2Qf8munk5MR-8EflWOAr1dcy7ACF7WGGwqARv9SHDfboX3bd3678bk78avuquZKZuJRQ0mlX5H3oxgRdxiHnwAzdADGzCiQtqxqSfGcmic6mwkSUYdjkQ1dfDZWV45utUiLCsMNuTZlX5zSLGNIOwrCQsLQeEd2xx8qn6XLkiTtFlGbCkbjzqll66EejQAgpJmvHgMxbF0WyJI954kBq3y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3wwUFmfPZOmWCY35nsEP-o2fsAHJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS2Ak_QVzMfu1bKbA1957WwxTrCqBJ0LAM-4oUftoHC5pl0lIgbNdSy1ooekYZLIvB3-ecYOM51927ojfauPG3VwZZQxIxAnbrNr_WEQuqQ-aR2CpXm938_mrRRx6ieGt4NWwTDNtKbIbgSN7suNaeTWDlFBFFuxwY6f4naFan-SVdD5u_8GLnbm9rI3GE5SFTV3NKR3jde1ii-5QmybRNkMgznWHJ6nLgVv9LrD9HDZAdAzR36B1wtXUlRoAGOvVP-zv1w5nbelaEaaigtxeLn2gw2xz1aDunIetMo_7lAp51zeshMLSigkk5KP0Q9p3_Ufv9l3MEsvZrySrj_tuOAHDBe2Bw8wkrQUj2rR9fFrAYZpAMoKRzr4JcgfisXEeUTDUI757ThJFQkklURQ8zFTGXdO9UbvMvgBAGABqDimaLYpv231AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0biPOZ1bc6WKCGNA1nJWuDICfHyw%26client%3Dca-pub-3831894559014614%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:43 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 26 Mar 2019 17:44:11 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5c9a64eb-3181" content-type text/javascript access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 31 Jul 2024 09:25:43 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 1DB4	17 KB 17 KB	1195ms 55ms	Image image/png	2a02:2638:3::10
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?h=476&m=0&partner=105228&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105228%2F4764284%2F68f6c4ef084c4a81bde704e1dd2b0c4b_logo.png&v=3&w=346&s=6ehCAkTvTs251UN7cYEoTKcm Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZM9nFgACS2kCJ7yNAAfG-peZbFiRI1kPr4z65g&u=%7Cxiu6U%2BruRPPgYxhzVZIt%2BgRszIbbma0TZAU%2FHqX1N6g%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdruMtK_-xsAx-zoDeWpoM1ORn2ReKvK1DjNXYTqbBps_3glcg5ql_ZKupldwpDxqKI0qtMDEi9sO285jQOhK7ROclyMNZTCxGeqbjbsBxdWHDBHOsnFlqwQVFunV28Ak8GFYpvXNuznI_0eDxqAy4hT1xRCVflD-iAATSqSvJrjzclgEe8ho5B-FdIT3oRII553k_JxCj3wFBdMBH99IuNCIfjo3-Uy0vjrkvqrL6CLU4-6fNp2feE0_4u_HyYSqT6_vxHLoBss51yBKngkPgSh9y-i36cKBfC_eDKlY8OJWMPZKKG2-6LyBMTs81bICdcyXDXXtc7vTT9AWU_5Ofi2Qf8munk5MR-8EflWOAr1dcy7ACF7WGGwqARv9SHDfboX3bd3678bk78avuquZKZuJRQ0mlX5H3oxgRdxiHnwAzdADGzCiQtqxqSfGcmic6mwkSUYdjkQ1dfDZWV45utUiLCsMNuTZlX5zSLGNIOwrCQsLQeEd2xx8qn6XLkiTtFlGbCkbjzqll66EejQAgpJmvHgMxbF0WyJI954kBq3y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3wwUFmfPZOmWCY35nsEP-o2fsAHJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS2Ak_QVzMfu1bKbA1957WwxTrCqBJ0LAM-4oUftoHC5pl0lIgbNdSy1ooekYZLIvB3-ecYOM51927ojfauPG3VwZZQxIxAnbrNr_WEQuqQ-aR2CpXm938_mrRRx6ieGt4NWwTDNtKbIbgSN7suNaeTWDlFBFFuxwY6f4naFan-SVdD5u_8GLnbm9rI3GE5SFTV3NKR3jde1ii-5QmybRNkMgznWHJ6nLgVv9LrD9HDZAdAzR36B1wtXUlRoAGOvVP-zv1w5nbelaEaaigtxeLn2gw2xz1aDunIetMo_7lAp51zeshMLSigkk5KP0Q9p3_Ufv9l3MEsvZrySrj_tuOAHDBe2Bw8wkrQUj2rR9fFrAYZpAMoKRzr4JcgfisXEeUTDUI757ThJFQkklURQ8zFTGXdO9UbvMvgBAGABqDimaLYpv231AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0biPOZ1bc6WKCGNA1nJWuDICfHyw%26client%3Dca-pub-3831894559014614%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::10 -, , ASN (), Reverse DNS Software Kestrel / Resource Hash bbb7b12e3c8c5b2dcf227f116e27160df3f1f3d80cb2122f4766c06bf9180831 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:43 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/png cache-control public, max-age=31104000 content-length 17635 expires Sat, 01 Jun 2024 08:31:40 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 1DB4	326 KB 326 KB	1166ms 27ms	Image image/png	2a02:2638:3::10
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?m=0&partner=105228&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105228%2F4764284%2Fc2600a5d594641d1a8fe8dfd4f140708_12.jpg&v=3&s=hGZ8zrvaaE5JaUkxqRsQTAx0 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZM9nFgACS2kCJ7yNAAfG-peZbFiRI1kPr4z65g&u=%7Cxiu6U%2BruRPPgYxhzVZIt%2BgRszIbbma0TZAU%2FHqX1N6g%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdruMtK_-xsAx-zoDeWpoM1ORn2ReKvK1DjNXYTqbBps_3glcg5ql_ZKupldwpDxqKI0qtMDEi9sO285jQOhK7ROclyMNZTCxGeqbjbsBxdWHDBHOsnFlqwQVFunV28Ak8GFYpvXNuznI_0eDxqAy4hT1xRCVflD-iAATSqSvJrjzclgEe8ho5B-FdIT3oRII553k_JxCj3wFBdMBH99IuNCIfjo3-Uy0vjrkvqrL6CLU4-6fNp2feE0_4u_HyYSqT6_vxHLoBss51yBKngkPgSh9y-i36cKBfC_eDKlY8OJWMPZKKG2-6LyBMTs81bICdcyXDXXtc7vTT9AWU_5Ofi2Qf8munk5MR-8EflWOAr1dcy7ACF7WGGwqARv9SHDfboX3bd3678bk78avuquZKZuJRQ0mlX5H3oxgRdxiHnwAzdADGzCiQtqxqSfGcmic6mwkSUYdjkQ1dfDZWV45utUiLCsMNuTZlX5zSLGNIOwrCQsLQeEd2xx8qn6XLkiTtFlGbCkbjzqll66EejQAgpJmvHgMxbF0WyJI954kBq3y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3wwUFmfPZOmWCY35nsEP-o2fsAHJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS2Ak_QVzMfu1bKbA1957WwxTrCqBJ0LAM-4oUftoHC5pl0lIgbNdSy1ooekYZLIvB3-ecYOM51927ojfauPG3VwZZQxIxAnbrNr_WEQuqQ-aR2CpXm938_mrRRx6ieGt4NWwTDNtKbIbgSN7suNaeTWDlFBFFuxwY6f4naFan-SVdD5u_8GLnbm9rI3GE5SFTV3NKR3jde1ii-5QmybRNkMgznWHJ6nLgVv9LrD9HDZAdAzR36B1wtXUlRoAGOvVP-zv1w5nbelaEaaigtxeLn2gw2xz1aDunIetMo_7lAp51zeshMLSigkk5KP0Q9p3_Ufv9l3MEsvZrySrj_tuOAHDBe2Bw8wkrQUj2rR9fFrAYZpAMoKRzr4JcgfisXEeUTDUI757ThJFQkklURQ8zFTGXdO9UbvMvgBAGABqDimaLYpv231AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0biPOZ1bc6WKCGNA1nJWuDICfHyw%26client%3Dca-pub-3831894559014614%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::10 -, , ASN (), Reverse DNS Software Kestrel / Resource Hash 381daf2da790e31f02dc2cfa690d859975ab8970c6613f64fafbb57402f2ab9f Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:43 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/png cache-control public, max-age=31104000 content-length 333754 expires Sat, 01 Jun 2024 08:31:40 GMT
POST H2	200	all csm.eu.criteo.net/ Frame 1DB4	0 128 B	304ms 17ms	Ping text/plain	2a02:2638:d::11 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://csm.eu.criteo.net/all?cppv=3&cpp=b007dhTtg5WKuW9vKEEXyCYX1-eNAuDaAso5Hy1cXb34E6bgZdQiuRDtG4IstMqWPWw1dkh6kBvKfiLOMl93uw8_Q_XORqNemKBfhYfDeN21Vab9sBfYeXnH539ICdsNkYQ-0HJicRYEdS3e8yqNmbZnud9mUgfDM9Pu6x8k3CoocvEr3Y4bn0ge4xRB4_4rrcaXdRXLy4WtEReHFgmTd4IORqhAHTT0WJBBY2hv4HupP8zVzHSiZIi9N3sjNoHLjagYXQ&sds=2&rev=87676.7&sendBeacon=true Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZM9nFgACS2kCJ7yNAAfG-peZbFiRI1kPr4z65g&u=%7Cxiu6U%2BruRPPgYxhzVZIt%2BgRszIbbma0TZAU%2FHqX1N6g%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdruMtK_-xsAx-zoDeWpoM1ORn2ReKvK1DjNXYTqbBps_3glcg5ql_ZKupldwpDxqKI0qtMDEi9sO285jQOhK7ROclyMNZTCxGeqbjbsBxdWHDBHOsnFlqwQVFunV28Ak8GFYpvXNuznI_0eDxqAy4hT1xRCVflD-iAATSqSvJrjzclgEe8ho5B-FdIT3oRII553k_JxCj3wFBdMBH99IuNCIfjo3-Uy0vjrkvqrL6CLU4-6fNp2feE0_4u_HyYSqT6_vxHLoBss51yBKngkPgSh9y-i36cKBfC_eDKlY8OJWMPZKKG2-6LyBMTs81bICdcyXDXXtc7vTT9AWU_5Ofi2Qf8munk5MR-8EflWOAr1dcy7ACF7WGGwqARv9SHDfboX3bd3678bk78avuquZKZuJRQ0mlX5H3oxgRdxiHnwAzdADGzCiQtqxqSfGcmic6mwkSUYdjkQ1dfDZWV45utUiLCsMNuTZlX5zSLGNIOwrCQsLQeEd2xx8qn6XLkiTtFlGbCkbjzqll66EejQAgpJmvHgMxbF0WyJI954kBq3y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3wwUFmfPZOmWCY35nsEP-o2fsAHJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS2Ak_QVzMfu1bKbA1957WwxTrCqBJ0LAM-4oUftoHC5pl0lIgbNdSy1ooekYZLIvB3-ecYOM51927ojfauPG3VwZZQxIxAnbrNr_WEQuqQ-aR2CpXm938_mrRRx6ieGt4NWwTDNtKbIbgSN7suNaeTWDlFBFFuxwY6f4naFan-SVdD5u_8GLnbm9rI3GE5SFTV3NKR3jde1ii-5QmybRNkMgznWHJ6nLgVv9LrD9HDZAdAzR36B1wtXUlRoAGOvVP-zv1w5nbelaEaaigtxeLn2gw2xz1aDunIetMo_7lAp51zeshMLSigkk5KP0Q9p3_Ufv9l3MEsvZrySrj_tuOAHDBe2Bw8wkrQUj2rR9fFrAYZpAMoKRzr4JcgfisXEeUTDUI757ThJFQkklURQ8zFTGXdO9UbvMvgBAGABqDimaLYpv231AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0biPOZ1bc6WKCGNA1nJWuDICfHyw%26client%3Dca-pub-3831894559014614%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.eu.criteo.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sun, 06 Aug 2023 09:25:43 GMT strict-transport-security max-age=31536000; preload; cross-origin-resource-policy cross-origin server Finatra content-length 0
GET H2	200	criteo_logo_2021.svg static.criteo.net/flash/icon/ Frame 1DB4	2 KB 1 KB	18ms 17ms	Image image/svg+xml	2a02:2638:d::2 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/criteo_logo_2021.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZM9nFgACS2kCJ7yNAAfG-peZbFiRI1kPr4z65g&u=%7Cxiu6U%2BruRPPgYxhzVZIt%2BgRszIbbma0TZAU%2FHqX1N6g%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdruMtK_-xsAx-zoDeWpoM1ORn2ReKvK1DjNXYTqbBps_3glcg5ql_ZKupldwpDxqKI0qtMDEi9sO285jQOhK7ROclyMNZTCxGeqbjbsBxdWHDBHOsnFlqwQVFunV28Ak8GFYpvXNuznI_0eDxqAy4hT1xRCVflD-iAATSqSvJrjzclgEe8ho5B-FdIT3oRII553k_JxCj3wFBdMBH99IuNCIfjo3-Uy0vjrkvqrL6CLU4-6fNp2feE0_4u_HyYSqT6_vxHLoBss51yBKngkPgSh9y-i36cKBfC_eDKlY8OJWMPZKKG2-6LyBMTs81bICdcyXDXXtc7vTT9AWU_5Ofi2Qf8munk5MR-8EflWOAr1dcy7ACF7WGGwqARv9SHDfboX3bd3678bk78avuquZKZuJRQ0mlX5H3oxgRdxiHnwAzdADGzCiQtqxqSfGcmic6mwkSUYdjkQ1dfDZWV45utUiLCsMNuTZlX5zSLGNIOwrCQsLQeEd2xx8qn6XLkiTtFlGbCkbjzqll66EejQAgpJmvHgMxbF0WyJI954kBq3y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3wwUFmfPZOmWCY35nsEP-o2fsAHJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS2Ak_QVzMfu1bKbA1957WwxTrCqBJ0LAM-4oUftoHC5pl0lIgbNdSy1ooekYZLIvB3-ecYOM51927ojfauPG3VwZZQxIxAnbrNr_WEQuqQ-aR2CpXm938_mrRRx6ieGt4NWwTDNtKbIbgSN7suNaeTWDlFBFFuxwY6f4naFan-SVdD5u_8GLnbm9rI3GE5SFTV3NKR3jde1ii-5QmybRNkMgznWHJ6nLgVv9LrD9HDZAdAzR36B1wtXUlRoAGOvVP-zv1w5nbelaEaaigtxeLn2gw2xz1aDunIetMo_7lAp51zeshMLSigkk5KP0Q9p3_Ufv9l3MEsvZrySrj_tuOAHDBe2Bw8wkrQUj2rR9fFrAYZpAMoKRzr4JcgfisXEeUTDUI757ThJFQkklURQ8zFTGXdO9UbvMvgBAGABqDimaLYpv231AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0biPOZ1bc6WKCGNA1nJWuDICfHyw%26client%3Dca-pub-3831894559014614%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:43 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 27 May 2021 13:21:59 GMT server nginx cross-origin-embedder-policy require-corp etag W/"60af9cf7-891" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 31 Jul 2024 09:25:43 GMT
GET H2	200	privacy.svg static.criteo.net/flash/icon/ Frame 1DB4	2 KB 1 KB	16ms 16ms	Image image/svg+xml	2a02:2638:d::2 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZM9nFgACS2kCJ7yNAAfG-peZbFiRI1kPr4z65g&u=%7Cxiu6U%2BruRPPgYxhzVZIt%2BgRszIbbma0TZAU%2FHqX1N6g%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdruMtK_-xsAx-zoDeWpoM1ORn2ReKvK1DjNXYTqbBps_3glcg5ql_ZKupldwpDxqKI0qtMDEi9sO285jQOhK7ROclyMNZTCxGeqbjbsBxdWHDBHOsnFlqwQVFunV28Ak8GFYpvXNuznI_0eDxqAy4hT1xRCVflD-iAATSqSvJrjzclgEe8ho5B-FdIT3oRII553k_JxCj3wFBdMBH99IuNCIfjo3-Uy0vjrkvqrL6CLU4-6fNp2feE0_4u_HyYSqT6_vxHLoBss51yBKngkPgSh9y-i36cKBfC_eDKlY8OJWMPZKKG2-6LyBMTs81bICdcyXDXXtc7vTT9AWU_5Ofi2Qf8munk5MR-8EflWOAr1dcy7ACF7WGGwqARv9SHDfboX3bd3678bk78avuquZKZuJRQ0mlX5H3oxgRdxiHnwAzdADGzCiQtqxqSfGcmic6mwkSUYdjkQ1dfDZWV45utUiLCsMNuTZlX5zSLGNIOwrCQsLQeEd2xx8qn6XLkiTtFlGbCkbjzqll66EejQAgpJmvHgMxbF0WyJI954kBq3y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3wwUFmfPZOmWCY35nsEP-o2fsAHJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS2Ak_QVzMfu1bKbA1957WwxTrCqBJ0LAM-4oUftoHC5pl0lIgbNdSy1ooekYZLIvB3-ecYOM51927ojfauPG3VwZZQxIxAnbrNr_WEQuqQ-aR2CpXm938_mrRRx6ieGt4NWwTDNtKbIbgSN7suNaeTWDlFBFFuxwY6f4naFan-SVdD5u_8GLnbm9rI3GE5SFTV3NKR3jde1ii-5QmybRNkMgznWHJ6nLgVv9LrD9HDZAdAzR36B1wtXUlRoAGOvVP-zv1w5nbelaEaaigtxeLn2gw2xz1aDunIetMo_7lAp51zeshMLSigkk5KP0Q9p3_Ufv9l3MEsvZrySrj_tuOAHDBe2Bw8wkrQUj2rR9fFrAYZpAMoKRzr4JcgfisXEeUTDUI757ThJFQkklURQ8zFTGXdO9UbvMvgBAGABqDimaLYpv231AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0biPOZ1bc6WKCGNA1nJWuDICfHyw%26client%3Dca-pub-3831894559014614%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:43 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Wed, 19 Feb 2020 10:57:21 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e4d1491-646" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 31 Jul 2024 09:25:43 GMT
GET H3	200	default.css as.ad4m.at/ad/style/0.1.48/one-ad/ Frame C58B	114 KB 14 KB	24ms 24ms	Stylesheet text/css	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=970&d=90&e=&g=545695ba7f220dee36b4efab48f4e5a9%2F8191472433834105136&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691313942969&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k90eefmsy52r83vhy5c4weatz7vaw7mbnm4zszsw0833cc22z95bjzm9qsjxvhf56a9gc60sa3w6a0ayrd005qahnxx3q2h6azcq2cfj41pcrvxe8x6f2d2vyfj8kcc1ahcavkz4yjs8s2jecscwnhmnnt7bmq96n7v8r0nxfxgj5gj8cwm8dy3kpz5aqkr2mf1n13jzb2q5d4x9g3mgjw1ha9dfwbyvpzb007nattmr3yc28759k48v5mqrws2g5dvqpdjqc1cwm4nmf8apqjecm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSNRCFmfPZM_BH9q2nsEPxMuGqAiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEtAJP0GqH410ZrA456mwcIE2nErBowqrXZYlFUSAS3rFYA_WY3pXt5QcFqw5CQw_WIbLfMWbLCLJxoqfonRfb6vxitbBg5TeRLg-5jrBucdvHrJMV50VhG-hey4ECKWitIGKQeD2ybU44g_du2dWxp-JzhLOcFIbbNig4wcKFh_NMzIluWjApfrRPnswz1KRmKhrjRD5Jb9U1ybJ5sItkOvr6l3-Mp9qNUWH3GeWXFn7MJXg_w2XFzqAxpF61g1-Vatv9X2CL7ormnYuDRt1oN5BRxFOJj-QFaiAboCa7ef3RBDxvVkKsR7pEU-bCwmULCirzXdaILgPgKyq6wO49oYZyxRm_uYp3fZpMJXbFjBtsurmwpgkuy0iU4DFRoDLL9DNXQ_nvKH-AFYPwUXCmmtbUvDkcOeAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0hVYrcT4yOxVcfp-oScks5DOku2g%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3 Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=970&d=90&e=&g=545695ba7f220dee36b4efab48f4e5a9%2F8191472433834105136&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691313942969&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k90eefmsy52r83vhy5c4weatz7vaw7mbnm4zszsw0833cc22z95bjzm9qsjxvhf56a9gc60sa3w6a0ayrd005qahnxx3q2h6azcq2cfj41pcrvxe8x6f2d2vyfj8kcc1ahcavkz4yjs8s2jecscwnhmnnt7bmq96n7v8r0nxfxgj5gj8cwm8dy3kpz5aqkr2mf1n13jzb2q5d4x9g3mgjw1ha9dfwbyvpzb007nattmr3yc28759k48v5mqrws2g5dvqpdjqc1cwm4nmf8apqjecm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSNRCFmfPZM_BH9q2nsEPxMuGqAiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEtAJP0GqH410ZrA456mwcIE2nErBowqrXZYlFUSAS3rFYA_WY3pXt5QcFqw5CQw_WIbLfMWbLCLJxoqfonRfb6vxitbBg5TeRLg-5jrBucdvHrJMV50VhG-hey4ECKWitIGKQeD2ybU44g_du2dWxp-JzhLOcFIbbNig4wcKFh_NMzIluWjApfrRPnswz1KRmKhrjRD5Jb9U1ybJ5sItkOvr6l3-Mp9qNUWH3GeWXFn7MJXg_w2XFzqAxpF61g1-Vatv9X2CL7ormnYuDRt1oN5BRxFOJj-QFaiAboCa7ef3RBDxvVkKsR7pEU-bCwmULCirzXdaILgPgKyq6wO49oYZyxRm_uYp3fZpMJXbFjBtsurmwpgkuy0iU4DFRoDLL9DNXQ_nvKH-AFYPwUXCmmtbUvDkcOeAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0hVYrcT4yOxVcfp-oScks5DOku2g%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:43 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-meta-goog-reserved-file-mtime 1687950287 age 943955 cf-polished origSize=117335 x-guploader-uploadid ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 28 Jun 2023 11:05:15 GMT server cloudflare etag W/"5d49535c2a84a9762127b3d9e77d7e02" vary Accept-Encoding x-goog-generation 1687950315098833 content-type text/css x-goog-hash crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag== cache-control public, max-age=3600 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDJE22VVrjeyeKiubEvw52B5vZ1wcHlODSwowHJOHDtiyJLw6HUgyVnhSjw8UNJS%2BNLgb1zC0h31O%2FbiNfy%2F0DKo%2BiDq88yKhXofuqhUNVXuNH0IX5MXo20%2FpHgHrs1uuYmzx6aeuJE%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 117335 cf-ray 7f263bf019879107-FRA expires Sun, 06 Aug 2023 10:25:43 GMT
GET H3	200	1A3519435B93A8A4F3F6C13959D6951303D43C0A1C67EEC9C84723E6608D860AF870AF3D1E802C8E6A703FE15D4D810EB0CD13D3F6F07FB94916A320CEFB013B assets.ad4m.at/logo/ Frame C58B	95 KB 96 KB	17ms 17ms	Image image/webp	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/1A3519435B93A8A4F3F6C13959D6951303D43C0A1C67EEC9C84723E6608D860AF870AF3D1E802C8E6A703FE15D4D810EB0CD13D3F6F07FB94916A320CEFB013B Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=970&d=90&e=&g=545695ba7f220dee36b4efab48f4e5a9%2F8191472433834105136&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691313942969&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k90eefmsy52r83vhy5c4weatz7vaw7mbnm4zszsw0833cc22z95bjzm9qsjxvhf56a9gc60sa3w6a0ayrd005qahnxx3q2h6azcq2cfj41pcrvxe8x6f2d2vyfj8kcc1ahcavkz4yjs8s2jecscwnhmnnt7bmq96n7v8r0nxfxgj5gj8cwm8dy3kpz5aqkr2mf1n13jzb2q5d4x9g3mgjw1ha9dfwbyvpzb007nattmr3yc28759k48v5mqrws2g5dvqpdjqc1cwm4nmf8apqjecm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSNRCFmfPZM_BH9q2nsEPxMuGqAiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEtAJP0GqH410ZrA456mwcIE2nErBowqrXZYlFUSAS3rFYA_WY3pXt5QcFqw5CQw_WIbLfMWbLCLJxoqfonRfb6vxitbBg5TeRLg-5jrBucdvHrJMV50VhG-hey4ECKWitIGKQeD2ybU44g_du2dWxp-JzhLOcFIbbNig4wcKFh_NMzIluWjApfrRPnswz1KRmKhrjRD5Jb9U1ybJ5sItkOvr6l3-Mp9qNUWH3GeWXFn7MJXg_w2XFzqAxpF61g1-Vatv9X2CL7ormnYuDRt1oN5BRxFOJj-QFaiAboCa7ef3RBDxvVkKsR7pEU-bCwmULCirzXdaILgPgKyq6wO49oYZyxRm_uYp3fZpMJXbFjBtsurmwpgkuy0iU4DFRoDLL9DNXQ_nvKH-AFYPwUXCmmtbUvDkcOeAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0hVYrcT4yOxVcfp-oScks5DOku2g%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 898107a317921f1fe8f4784c2a5f9032dba634f89a2c5a31bdaa253206f19eff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:43 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2054926 cf-polished origFmt=png, origSize=155987 alt-svc h3=":443"; ma=86400 content-length 97378 cf-bgj imgq:85,h2pri last-modified Wed, 03 May 2023 10:34:04 GMT server cloudflare etag "046c487317a4f122cc1e9773901d1d88" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2Bn8kF%2BIHsQHztUUXu0oHPOBc9RjEOAE9WYTeqdvrg6Qlzg0YenY7aHjgrgKYf3EJu3ileAu4siuzsyFpuTLL28IwpzA%2FipB89sYBxt2267EorToWzcY01olPw2ZHdoHTni%2F9pRFrQ%2BRWNX1"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 7f263bf019889107-FRA expires Mon, 07 Aug 2023 09:25:43 GMT
GET H3	200	F3A3B7992F041E027EDF5C55060530AEE4F74888194218BF68384A7CF45BCBCEFBE42F66E82D247734FE42733361C61FBF8347907D061895BF7BC8415B5E9D5B assets.ad4m.at/ Frame C58B	97 KB 97 KB	20ms 18ms	Image image/webp	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/F3A3B7992F041E027EDF5C55060530AEE4F74888194218BF68384A7CF45BCBCEFBE42F66E82D247734FE42733361C61FBF8347907D061895BF7BC8415B5E9D5B Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=970&d=90&e=&g=545695ba7f220dee36b4efab48f4e5a9%2F8191472433834105136&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691313942969&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k90eefmsy52r83vhy5c4weatz7vaw7mbnm4zszsw0833cc22z95bjzm9qsjxvhf56a9gc60sa3w6a0ayrd005qahnxx3q2h6azcq2cfj41pcrvxe8x6f2d2vyfj8kcc1ahcavkz4yjs8s2jecscwnhmnnt7bmq96n7v8r0nxfxgj5gj8cwm8dy3kpz5aqkr2mf1n13jzb2q5d4x9g3mgjw1ha9dfwbyvpzb007nattmr3yc28759k48v5mqrws2g5dvqpdjqc1cwm4nmf8apqjecm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSNRCFmfPZM_BH9q2nsEPxMuGqAiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEtAJP0GqH410ZrA456mwcIE2nErBowqrXZYlFUSAS3rFYA_WY3pXt5QcFqw5CQw_WIbLfMWbLCLJxoqfonRfb6vxitbBg5TeRLg-5jrBucdvHrJMV50VhG-hey4ECKWitIGKQeD2ybU44g_du2dWxp-JzhLOcFIbbNig4wcKFh_NMzIluWjApfrRPnswz1KRmKhrjRD5Jb9U1ybJ5sItkOvr6l3-Mp9qNUWH3GeWXFn7MJXg_w2XFzqAxpF61g1-Vatv9X2CL7ormnYuDRt1oN5BRxFOJj-QFaiAboCa7ef3RBDxvVkKsR7pEU-bCwmULCirzXdaILgPgKyq6wO49oYZyxRm_uYp3fZpMJXbFjBtsurmwpgkuy0iU4DFRoDLL9DNXQ_nvKH-AFYPwUXCmmtbUvDkcOeAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0hVYrcT4yOxVcfp-oScks5DOku2g%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c03e3b2943f699bc681b4449f737e96566128d62402914d631a6930bfc55106d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:43 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1515656 cf-polished origFmt=png, origSize=167445 alt-svc h3=":443"; ma=86400 content-length 99202 cf-bgj imgq:85,h2pri last-modified Wed, 03 May 2023 10:42:06 GMT server cloudflare etag "cdf0423881e134b37ad0cbff5572a8e7" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GhQawzgJfNSEiS0YNocGxtAW3mvJCFj7imHPLvrEd6iF4siVamce6awxQfsRIpqXDWYP1M38PMgExCl%2FYPybfbgGnMZJIgvyfaXd3OPbsdBIBCAosjpz7WPTrgPeZtz3Y3VtgqIn5aQFBxSY"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 7f263bf059bc9107-FRA expires Mon, 07 Aug 2023 09:25:43 GMT
GET		/ www.restposten.de/ Frame C58B Redirect Chain https://t.adcell.com/p/view?promoId=309583&slotId=46690&pv=1&htlp=1&subId=oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 https://www.restposten.de/?utm_source=ADCELL&utm_medium=Text&utm_campaign=Standard&bid=309583-46690-oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY	0 0
GET H3	200	AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111 assets.ad4m.at/logo/ Frame C58B	32 KB 33 KB	20ms 17ms	Image image/webp	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=970&d=90&e=&g=545695ba7f220dee36b4efab48f4e5a9%2F8191472433834105136&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691313942969&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k90eefmsy52r83vhy5c4weatz7vaw7mbnm4zszsw0833cc22z95bjzm9qsjxvhf56a9gc60sa3w6a0ayrd005qahnxx3q2h6azcq2cfj41pcrvxe8x6f2d2vyfj8kcc1ahcavkz4yjs8s2jecscwnhmnnt7bmq96n7v8r0nxfxgj5gj8cwm8dy3kpz5aqkr2mf1n13jzb2q5d4x9g3mgjw1ha9dfwbyvpzb007nattmr3yc28759k48v5mqrws2g5dvqpdjqc1cwm4nmf8apqjecm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSNRCFmfPZM_BH9q2nsEPxMuGqAiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEtAJP0GqH410ZrA456mwcIE2nErBowqrXZYlFUSAS3rFYA_WY3pXt5QcFqw5CQw_WIbLfMWbLCLJxoqfonRfb6vxitbBg5TeRLg-5jrBucdvHrJMV50VhG-hey4ECKWitIGKQeD2ybU44g_du2dWxp-JzhLOcFIbbNig4wcKFh_NMzIluWjApfrRPnswz1KRmKhrjRD5Jb9U1ybJ5sItkOvr6l3-Mp9qNUWH3GeWXFn7MJXg_w2XFzqAxpF61g1-Vatv9X2CL7ormnYuDRt1oN5BRxFOJj-QFaiAboCa7ef3RBDxvVkKsR7pEU-bCwmULCirzXdaILgPgKyq6wO49oYZyxRm_uYp3fZpMJXbFjBtsurmwpgkuy0iU4DFRoDLL9DNXQ_nvKH-AFYPwUXCmmtbUvDkcOeAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0hVYrcT4yOxVcfp-oScks5DOku2g%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5ac477d8785a4c9ef373969dd3f047e310bfb60d77bc518593795177bd131227 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:43 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 741605 cf-polished origFmt=png, origSize=60352 alt-svc h3=":443"; ma=86400 content-length 32982 cf-bgj imgq:85,h2pri last-modified Fri, 28 Jul 2023 11:40:29 GMT server cloudflare etag "0c5d451d92738dcd96474c734dc5b7c8" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=co4ZV8F9M%2BU0qqWwvoiCSeTUy%2BduuMMp9I0s9BU9XPOCU6sgDqFHtTypd121NmN%2FcIrgNxesNM3qqUxKJW4nrDlPgp0LDVis5oYDU%2BaX%2BM11pOeTyJ%2FrvYaFcnvUKVBtJa0h8HZlx5UXRqC6"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 7f263bf059c09107-FRA expires Mon, 07 Aug 2023 09:25:43 GMT
GET H3	200	A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75 assets.ad4m.at/product_image/ Frame C58B	91 KB 91 KB	29ms 26ms	Image image/png	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=970&d=90&e=&g=545695ba7f220dee36b4efab48f4e5a9%2F8191472433834105136&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691313942969&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k90eefmsy52r83vhy5c4weatz7vaw7mbnm4zszsw0833cc22z95bjzm9qsjxvhf56a9gc60sa3w6a0ayrd005qahnxx3q2h6azcq2cfj41pcrvxe8x6f2d2vyfj8kcc1ahcavkz4yjs8s2jecscwnhmnnt7bmq96n7v8r0nxfxgj5gj8cwm8dy3kpz5aqkr2mf1n13jzb2q5d4x9g3mgjw1ha9dfwbyvpzb007nattmr3yc28759k48v5mqrws2g5dvqpdjqc1cwm4nmf8apqjecm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSNRCFmfPZM_BH9q2nsEPxMuGqAiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEtAJP0GqH410ZrA456mwcIE2nErBowqrXZYlFUSAS3rFYA_WY3pXt5QcFqw5CQw_WIbLfMWbLCLJxoqfonRfb6vxitbBg5TeRLg-5jrBucdvHrJMV50VhG-hey4ECKWitIGKQeD2ybU44g_du2dWxp-JzhLOcFIbbNig4wcKFh_NMzIluWjApfrRPnswz1KRmKhrjRD5Jb9U1ybJ5sItkOvr6l3-Mp9qNUWH3GeWXFn7MJXg_w2XFzqAxpF61g1-Vatv9X2CL7ormnYuDRt1oN5BRxFOJj-QFaiAboCa7ef3RBDxvVkKsR7pEU-bCwmULCirzXdaILgPgKyq6wO49oYZyxRm_uYp3fZpMJXbFjBtsurmwpgkuy0iU4DFRoDLL9DNXQ_nvKH-AFYPwUXCmmtbUvDkcOeAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0hVYrcT4yOxVcfp-oScks5DOku2g%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:43 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2298062 cf-polished origSize=105738, status=vary_header_present alt-svc h3=":443"; ma=86400 content-length 92686 cf-bgj imgq:85,h2pri last-modified Mon, 04 Jul 2022 08:55:40 GMT server cloudflare etag "147be38db57f89c69c9e65b05983ff0e" vary X-Goog-Allowed-Resources, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F6exLnCqUmO4IQhFeGlvvIsOTBHKeLRcUxahHaXWOb3J8M7vD56nrPN%2BZu9lLXM5bzxubJNWFcydcBiUxckJGbn7FPd3hVyElK8lTmq6Zy%2FtvdT%2FzQFVbcwxFBrs3jJYYgvnikwNkbVVw2Zy"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=86400 accept-ranges bytes cf-ray 7f263bf059c19107-FRA expires Mon, 07 Aug 2023 09:25:43 GMT
GET H3	200	A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266 assets.ad4m.at/logo/ Frame C58B	2 KB 3 KB	34ms 32ms	Image image/webp	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=970&d=90&e=&g=545695ba7f220dee36b4efab48f4e5a9%2F8191472433834105136&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691313942969&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k90eefmsy52r83vhy5c4weatz7vaw7mbnm4zszsw0833cc22z95bjzm9qsjxvhf56a9gc60sa3w6a0ayrd005qahnxx3q2h6azcq2cfj41pcrvxe8x6f2d2vyfj8kcc1ahcavkz4yjs8s2jecscwnhmnnt7bmq96n7v8r0nxfxgj5gj8cwm8dy3kpz5aqkr2mf1n13jzb2q5d4x9g3mgjw1ha9dfwbyvpzb007nattmr3yc28759k48v5mqrws2g5dvqpdjqc1cwm4nmf8apqjecm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSNRCFmfPZM_BH9q2nsEPxMuGqAiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEtAJP0GqH410ZrA456mwcIE2nErBowqrXZYlFUSAS3rFYA_WY3pXt5QcFqw5CQw_WIbLfMWbLCLJxoqfonRfb6vxitbBg5TeRLg-5jrBucdvHrJMV50VhG-hey4ECKWitIGKQeD2ybU44g_du2dWxp-JzhLOcFIbbNig4wcKFh_NMzIluWjApfrRPnswz1KRmKhrjRD5Jb9U1ybJ5sItkOvr6l3-Mp9qNUWH3GeWXFn7MJXg_w2XFzqAxpF61g1-Vatv9X2CL7ormnYuDRt1oN5BRxFOJj-QFaiAboCa7ef3RBDxvVkKsR7pEU-bCwmULCirzXdaILgPgKyq6wO49oYZyxRm_uYp3fZpMJXbFjBtsurmwpgkuy0iU4DFRoDLL9DNXQ_nvKH-AFYPwUXCmmtbUvDkcOeAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0hVYrcT4yOxVcfp-oScks5DOku2g%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:43 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 979558 cf-polished origFmt=png, origSize=9357 alt-svc h3=":443"; ma=86400 content-length 2330 cf-bgj imgq:85,h2pri last-modified Thu, 08 Apr 2021 14:26:03 GMT server cloudflare etag "8cc161b392f5744da5319a4da549b763" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSEFY2uM1Ckl96%2Fxj8fM9od6w34BLfOCOdEhix1AgXxNpuI7TGWaFsJqXzGTrTN18v7cQsk%2BNG%2Bfan2GIFZB4oKllCJPBVHmhN7zgsDB2%2BfBnNn6poMGJWyQwrxpv28RmVnbfPlNobmPltEW"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 7f263bf059c29107-FRA expires Mon, 07 Aug 2023 09:25:43 GMT
GET H3	200	B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1 assets.ad4m.at/ Frame C58B	253 KB 254 KB	34ms 32ms	Image image/webp	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=970&d=90&e=&g=545695ba7f220dee36b4efab48f4e5a9%2F8191472433834105136&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691313942969&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k90eefmsy52r83vhy5c4weatz7vaw7mbnm4zszsw0833cc22z95bjzm9qsjxvhf56a9gc60sa3w6a0ayrd005qahnxx3q2h6azcq2cfj41pcrvxe8x6f2d2vyfj8kcc1ahcavkz4yjs8s2jecscwnhmnnt7bmq96n7v8r0nxfxgj5gj8cwm8dy3kpz5aqkr2mf1n13jzb2q5d4x9g3mgjw1ha9dfwbyvpzb007nattmr3yc28759k48v5mqrws2g5dvqpdjqc1cwm4nmf8apqjecm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSNRCFmfPZM_BH9q2nsEPxMuGqAiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEtAJP0GqH410ZrA456mwcIE2nErBowqrXZYlFUSAS3rFYA_WY3pXt5QcFqw5CQw_WIbLfMWbLCLJxoqfonRfb6vxitbBg5TeRLg-5jrBucdvHrJMV50VhG-hey4ECKWitIGKQeD2ybU44g_du2dWxp-JzhLOcFIbbNig4wcKFh_NMzIluWjApfrRPnswz1KRmKhrjRD5Jb9U1ybJ5sItkOvr6l3-Mp9qNUWH3GeWXFn7MJXg_w2XFzqAxpF61g1-Vatv9X2CL7ormnYuDRt1oN5BRxFOJj-QFaiAboCa7ef3RBDxvVkKsR7pEU-bCwmULCirzXdaILgPgKyq6wO49oYZyxRm_uYp3fZpMJXbFjBtsurmwpgkuy0iU4DFRoDLL9DNXQ_nvKH-AFYPwUXCmmtbUvDkcOeAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0hVYrcT4yOxVcfp-oScks5DOku2g%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:43 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1171271 cf-polished origFmt=png, origSize=431531 alt-svc h3=":443"; ma=86400 content-length 259252 cf-bgj imgq:85,h2pri last-modified Fri, 16 Jun 2023 10:20:07 GMT server cloudflare etag "16f7fe8ce7119ba0f513f8179ecb2d3a" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxZeAHZ0jTqXLnpusQFkRMQ4TL8%2FdM%2FWM3by60R8hcT8FhmnnOM1QqMQ%2Ff0V6Gy%2BpNY9jWYsQsWGTelPO6cqnrqkdAY5Z0uPzdY6pttus1Tz3qA2QqnAdwNHrAtAp2TBhNOQ2t1CMsNyKDfF"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 7f263bf059c49107-FRA expires Mon, 07 Aug 2023 09:25:43 GMT
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame C58B	43 B 703 B	66ms 63ms	Image image/gif	2.20.213.154 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=970&d=90&e=&g=545695ba7f220dee36b4efab48f4e5a9%2F8191472433834105136&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691313942969&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k90eefmsy52r83vhy5c4weatz7vaw7mbnm4zszsw0833cc22z95bjzm9qsjxvhf56a9gc60sa3w6a0ayrd005qahnxx3q2h6azcq2cfj41pcrvxe8x6f2d2vyfj8kcc1ahcavkz4yjs8s2jecscwnhmnnt7bmq96n7v8r0nxfxgj5gj8cwm8dy3kpz5aqkr2mf1n13jzb2q5d4x9g3mgjw1ha9dfwbyvpzb007nattmr3yc28759k48v5mqrws2g5dvqpdjqc1cwm4nmf8apqjecm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSNRCFmfPZM_BH9q2nsEPxMuGqAiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEtAJP0GqH410ZrA456mwcIE2nErBowqrXZYlFUSAS3rFYA_WY3pXt5QcFqw5CQw_WIbLfMWbLCLJxoqfonRfb6vxitbBg5TeRLg-5jrBucdvHrJMV50VhG-hey4ECKWitIGKQeD2ybU44g_du2dWxp-JzhLOcFIbbNig4wcKFh_NMzIluWjApfrRPnswz1KRmKhrjRD5Jb9U1ybJ5sItkOvr6l3-Mp9qNUWH3GeWXFn7MJXg_w2XFzqAxpF61g1-Vatv9X2CL7ormnYuDRt1oN5BRxFOJj-QFaiAboCa7ef3RBDxvVkKsR7pEU-bCwmULCirzXdaILgPgKyq6wO49oYZyxRm_uYp3fZpMJXbFjBtsurmwpgkuy0iU4DFRoDLL9DNXQ_nvKH-AFYPwUXCmmtbUvDkcOeAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0hVYrcT4yOxVcfp-oScks5DOku2g%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.20.213.154 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-20-213-154.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Pragma no-cache Date Sun, 06 Aug 2023 09:25:43 GMT Strict-Transport-Security max-age=86400 Node Helix Content-Type image/gif P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Connection keep-alive Content-Length 43 Expires 0
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012307180709000/ Frame 9025	222 KB 62 KB	54ms 8ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 04 Aug 2023 22:07:47 GMT age 127076 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 62064 x-xss-protection 0 server sffe etag "7c75c6afffb97d84" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 03 Aug 2024 22:07:47 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012307180709000/v0/ Frame 9025	15 KB 5 KB	65ms 20ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012307180709000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 04 Aug 2023 22:07:47 GMT age 127076 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5274 x-xss-protection 0 server sffe etag "b24c5d555100d699" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 03 Aug 2024 22:07:47 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012307180709000/v0/ Frame 9025	94 KB 28 KB	69ms 24ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012307180709000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 04 Aug 2023 22:07:47 GMT age 127076 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29021 x-xss-protection 0 server sffe etag "908f04349b1b2df1" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 03 Aug 2024 22:07:47 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012307180709000/v0/ Frame 9025	5 KB 2 KB	68ms 23ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012307180709000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 04 Aug 2023 22:07:47 GMT age 127076 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1913 x-xss-protection 0 server sffe etag "5416cfef676738bf" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 03 Aug 2024 22:07:47 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012307180709000/v0/ Frame 9025	40 KB 13 KB	66ms 21ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012307180709000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 04 Aug 2023 22:07:47 GMT age 127076 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13013 x-xss-protection 0 server sffe etag "4da616cd662b7cdb" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 03 Aug 2024 22:07:47 GMT
GET H2	200	css fonts.googleapis.com/ Frame 9025	14 KB 2 KB	593ms 18ms	Stylesheet text/css	142.250.184.234 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.234 Grosse Pointe, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f10.1e100.net Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 06 Aug 2023 09:25:43 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 06 Aug 2023 08:10:28 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 06 Aug 2023 09:25:43 GMT
GET H3	200	ar.png tpc.googlesyndication.com/pagead/images/abg/ Frame 9025	3 KB 3 KB	10ms 9ms	Image image/png	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/ar.png Requested by Host: yalla-shoots.tv URL: https://yalla-shoots.tv/live/11813/0/motogp-vs-motogp/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 04:27:50 GMT x-content-type-options nosniff server cafe age 17873 etag 9421415325968714010 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2737 x-xss-protection 0 expires Mon, 07 Aug 2023 04:27:50 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/abg/ Frame 9025	344 B 368 B	11ms 9ms	Image image/png	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/icon.png Requested by Host: yalla-shoots.tv URL: https://yalla-shoots.tv/live/11813/0/motogp-vs-motogp/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 05 Aug 2023 12:49:12 GMT x-content-type-options nosniff server cafe age 74191 etag 6766994032117382215 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 344 x-xss-protection 0 expires Sun, 06 Aug 2023 12:49:12 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 9025	0 0	16ms 14ms	Image text/html	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQqxovUxa44B3tjXVVuOG2M2714Mp6fFyf29nDeBboquHJeG-BYa95A81HYV9UCt0kczdir96NoBJv8678pxu4uDc-VOA Requested by Host: yalla-shoots.tv URL: https://yalla-shoots.tv/live/11813/0/motogp-vs-motogp/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers
HEAD H3	200	e.js Show response live.demand.supply/e/	0 482 B	18ms 17ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_sky%2Bsq&pn=1&sn=3&pc=0.4350728511810303&ds=true&e=wdp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nf-request-id 01H5N5AHKBES9HA8XC274JEKPE date Sun, 06 Aug 2023 09:25:43 GMT cf-cache-status HIT age 1345562 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "46f47d652033caa436f550f7e8b20e7f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7f263bf03c595c92-FRA
HEAD H3	200	e.js Show response live.demand.supply/e/	0 480 B	14ms 14ms	XHR application/javascript	2606:4700::6810:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=0.01&b=3&r=yalla-shoots.tv_fluid_sky%2Bsq&sy=23a3d1b1-0160-42f1-a1d0-e2e5b611a1cd&ts=74&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=1024x600&mlbw=4g&mlcs=NaN&mltp=8a8e1b47-95a7-47a1-8d1d-66d3c6b5767c&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTE4MTMvMC9tb3RvZ3AtdnMtbW90b2dwLw== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.8.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-nf-request-id 01H5N5AHKBES9HA8XC274JEKPE date Sun, 06 Aug 2023 09:25:43 GMT cf-cache-status HIT age 1345562 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "46f47d652033caa436f550f7e8b20e7f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7f263bf03c5a5c92-FRA
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/5705250839760595045/ Frame 9025	146 KB 146 KB	8ms 7ms	Image image/jpeg	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/5705250839760595045/14763004658117789537 Requested by Host: yalla-shoots.tv URL: https://yalla-shoots.tv/live/11813/0/motogp-vs-motogp/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1615006c8eb0c2ed6a596c9a9959159a17a84cf6de874386927e966a1de4d30e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Thu, 03 Aug 2023 12:37:46 GMT x-content-type-options nosniff age 247677 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 149614 x-xss-protection 0 last-modified Tue, 28 Jun 2022 03:01:15 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 02 Aug 2024 12:37:46 GMT
GET DATA	200 OK	truncated / Frame 9025	206 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 9025	209 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 9025	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b94a934d44fc9e7c91aa778e71be2705f5678514e37c353ae4e74b0ca842c044 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/png
GET H2	429	link.html track.webgains.com/ Frame C58B	0 0	35ms 34ms	Script text/html	13.42.110.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gstz8ygtjkvma9gnwwabpmp0sf7k1bwd1n9j0yp3pvnpmt2hxagg63s25gtr8rmjzv2z52g7c3p3nzk73822naf7r9jka2jeacegmsfrzce280vajs2vmdz9pq66zdjj1fqhbhghxmy8ntsbzf0dpjveswv79fxdnh7h9yqgek05ygkytqfn4he5hg9c24b3qmp968fe3k927xp4gyg783qbd43jxk42kcatc8qpz0gb8h4crsyzj7x05zwycbyprbg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k90eefmsy52r83vhy5c4weatz7vaw7mbnm4zszsw0833cc22z95bjzm9qsjxvhf56a9gc60sa3w6a0ayrd005qahnxx3q2h6azcq2cfj41pcrvxe8x6f2d2vyfj8kcc1ahcavkz4yjs8s2jecscwnhmnnt7bmq96n7v8r0nxfxgj5gj8cwm8dy3kpz5aqkr2mf1n13jzb2q5d4x9g3mgjw1ha9dfwbyvpzb007nattmr3yc28759k48v5mqrws2g5dvqpdjqc1cwm4nmf8apqjecm%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCSNRCFmfPZM_BH9q2nsEPxMuGqAiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEtAJP0GqH410ZrA456mwcIE2nErBowqrXZYlFUSAS3rFYA_WY3pXt5QcFqw5CQw_WIbLfMWbLCLJxoqfonRfb6vxitbBg5TeRLg-5jrBucdvHrJMV50VhG-hey4ECKWitIGKQeD2ybU44g_du2dWxp-JzhLOcFIbbNig4wcKFh_NMzIluWjApfrRPnswz1KRmKhrjRD5Jb9U1ybJ5sItkOvr6l3-Mp9qNUWH3GeWXFn7MJXg_w2XFzqAxpF61g1-Vatv9X2CL7ormnYuDRt1oN5BRxFOJj-QFaiAboCa7ef3RBDxvVkKsR7pEU-bCwmULCirzXdaILgPgKyq6wO49oYZyxRm_uYp3fZpMJXbFjBtsurmwpgkuy0iU4DFRoDLL9DNXQ_nvKH-AFYPwUXCmmtbUvDkcOeAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0hVYrcT4yOxVcfp-oScks5DOku2g%252526client%25253Dca-pub-3831894559014614%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=482267%2C197862%2C117569&b=7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQx%2CeYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6&f=EwKCDfEfeZjAuzHAHjt6CqWkMcKSVTYBDarZzR%2CDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y&c=970&d=90&e=&g=545695ba7f220dee36b4efab48f4e5a9%2F8191472433834105136&i=84588%2C71725%2C29981&j=4%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1691313942969&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k90eefmsy52r83vhy5c4weatz7vaw7mbnm4zszsw0833cc22z95bjzm9qsjxvhf56a9gc60sa3w6a0ayrd005qahnxx3q2h6azcq2cfj41pcrvxe8x6f2d2vyfj8kcc1ahcavkz4yjs8s2jecscwnhmnnt7bmq96n7v8r0nxfxgj5gj8cwm8dy3kpz5aqkr2mf1n13jzb2q5d4x9g3mgjw1ha9dfwbyvpzb007nattmr3yc28759k48v5mqrws2g5dvqpdjqc1cwm4nmf8apqjecm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCSNRCFmfPZM_BH9q2nsEPxMuGqAiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQI1PdpABHeyPuACAKgDAcgDAqoEtAJP0GqH410ZrA456mwcIE2nErBowqrXZYlFUSAS3rFYA_WY3pXt5QcFqw5CQw_WIbLfMWbLCLJxoqfonRfb6vxitbBg5TeRLg-5jrBucdvHrJMV50VhG-hey4ECKWitIGKQeD2ybU44g_du2dWxp-JzhLOcFIbbNig4wcKFh_NMzIluWjApfrRPnswz1KRmKhrjRD5Jb9U1ybJ5sItkOvr6l3-Mp9qNUWH3GeWXFn7MJXg_w2XFzqAxpF61g1-Vatv9X2CL7ormnYuDRt1oN5BRxFOJj-QFaiAboCa7ef3RBDxvVkKsR7pEU-bCwmULCirzXdaILgPgKyq6wO49oYZyxRm_uYp3fZpMJXbFjBtsurmwpgkuy0iU4DFRoDLL9DNXQ_nvKH-AFYPwUXCmmtbUvDkcOeAEAYAGzui6xZWzjYKnAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0hVYrcT4yOxVcfp-oScks5DOku2g%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.42.110.74 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-42-110-74.eu-west-2.compute.amazonaws.com Software awselb/2.0 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:43 GMT server awselb/2.0 content-length 45 content-type text/html
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 9025	0 0	52ms 51ms	Image text/html	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CfHKdFmfPZIPLKreqnsEPtaWqwAfZ9oyMcpqHmvuVEd_kor3AARABIJWbyiFgleKQgqAHoAGWldGSAsgBCakCNT3aQAR3sj7gAgCoAwHIAwqqBIsCT9BEm77LqXmsX4jlTCNiEzFjvckdpcf4s82F65ekla4OjQ9thQWLTmvmrS0-c5M0fBYkLpM9dsuPtApHbXjiEQQp_vr81guIazdnoJNjmut2X0qj76wmyNe9ONLCVhiOjinyfpgRK3wHxiexeTB6cegPoic1biVAMvE_V5bGIlUS7s73-Yj39MH0HoPFjU7HrOz8wEj4rZox73sXy2T3AJjbwR0rP9-9RkUhvZp1GtDfsd1hiMZ-8x7FxxF5PtPB7_1ZW6si464vTz98br3L9GDNH6O_KN-UaihW3XGUxg9oj6BgmBnaXTprV2c33VMO5BPykosLueSfX-BQgkhX06h27IFXwdAaLDLhwATJleOpoATgBAGSBQQIBBgBkgUECAUYBKAGLoAH0uqu7QGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCkwwrSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsBogwIKgYKBMOwsQLYEwKIFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItNzUwNzQzOTIzMzg2NTQxNRj9-RM&sigh=eyySnQ4_muw&uach_m=[]&cid=CAQSOwBpAlJWB1xpPKOwg8rqK4M_OXeN2H-4IQn7kr-eVynWbsjiAKtFxqUI_83lmwSg8zvRNKKRaK8UrcWrGAE&template_id=5000&cbvp=2 Requested by Host: yalla-shoots.tv URL: https://yalla-shoots.tv/live/11813/0/motogp-vs-motogp/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers
GET H2	200	montserrat-400.css static.criteo.net/design/googlefont/montserrat/ Frame 1DB4	2 KB 803 B	19ms 18ms	Stylesheet text/css	2a02:2638:d::2 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:43 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 08 Dec 2022 14:06:54 GMT server nginx cross-origin-embedder-policy require-corp etag W/"6391ef7e-675" content-type text/css access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 31 Jul 2024 09:25:43 GMT
GET H2	200	montserrat-400-latin.woff2 static.criteo.net/design/googlefont/montserrat/ Frame 1DB4	12 KB 13 KB	606ms 22ms	Font application/octet-stream	178.250.7.2
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/design/googlefont/montserrat/montserrat-400-latin.woff2 Requested by Host: static.criteo.net URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.7.2 -, , ASN (), Reverse DNS Software nginx / Resource Hash 5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css Origin https://ads.eu.criteo.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sun, 06 Aug 2023 09:25:43 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 08 Dec 2022 14:06:54 GMT server nginx cross-origin-embedder-policy require-corp etag W/"6391ef7e-31a4" content-type text/plain; charset=UTF-8 access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 31 Jul 2024 09:25:43 GMT
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame AB46	42 B 404 B	432ms 111ms	Fetch image/gif	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVnRkEeeD2mEU3kdixGR6wO29GiIAIxnTSfbcgtr5ra3Ps3DEXtSnSg50g1bycvkTX7qeVO1cNY0ckzc4rjcIanjNL1ziu6T8oXb4&sig=Cg0ArKJSzP-Mj-iuXK9xEAE&id=lidar2&mcvt=1000&p=220,288,500,1312&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230802&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4179791867&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691313942336&rpt=95&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sun, 06 Aug 2023 09:25:43 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v58/ Frame 9025	33 KB 34 KB	279ms 7ms	Font font/woff2	2a00:1450:4001:830::2003
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 -, , ASN (), Reverse DNS Software sffe / Resource Hash 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://yalla-shoots.tv accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 05 Aug 2023 06:16:50 GMT x-content-type-options nosniff age 97733 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34108 x-xss-protection 0 last-modified Tue, 23 May 2023 16:35:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 04 Aug 2024 06:16:50 GMT
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame B4A2	42 B 108 B	110ms 110ms	Fetch image/gif	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqZtoQvSDQxugeAwCs2uJ5t7ePoafLDdzCIiLuwloO_W9oLYl3eFDkJVL-tYppi_aOWG_z1d9Ali9MB1iC_Ga9zSiPO-IRiWQo8424&sig=Cg0ArKJSzHciKjgqUxkvEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1406&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230802&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3408584863&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691313942737&rpt=70&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sun, 06 Aug 2023 09:25:43 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	all csm.eu.criteo.net/ Frame 1DB4	0 127 B	17ms 17ms	Ping text/plain	2a02:2638:d::11 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://csm.eu.criteo.net/all?cppv=3&cpp=b007dhTtg5WKuW9vKEEXyCYX1-eNAuDaAso5Hy1cXb34E6bgZdQiuRDtG4IstMqWPWw1dkh6kBvKfiLOMl93uw8_Q_XORqNemKBfhYfDeN21Vab9sBfYeXnH539ICdsNkYQ-0HJicRYEdS3e8yqNmbZnud9mUgfDM9Pu6x8k3CoocvEr3Y4bn0ge4xRB4_4rrcaXdRXLy4WtEReHFgmTd4IORqhAHTT0WJBBY2hv4HupP8zVzHSiZIi9N3sjNoHLjagYXQ&sds=2&rev=87676.7&sendBeacon=true Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZM9nFgACS2kCJ7yNAAfG-peZbFiRI1kPr4z65g&u=%7Cxiu6U%2BruRPPgYxhzVZIt%2BgRszIbbma0TZAU%2FHqX1N6g%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE4gZxLPqF8tdWlhF6fxxdwmH3KJFqZ6yv8rcU1utKvsBNy9Ne_6AQdruMtK_-xsAx-zoDeWpoM1ORn2ReKvK1DjNXYTqbBps_3glcg5ql_ZKupldwpDxqKI0qtMDEi9sO285jQOhK7ROclyMNZTCxGeqbjbsBxdWHDBHOsnFlqwQVFunV28Ak8GFYpvXNuznI_0eDxqAy4hT1xRCVflD-iAATSqSvJrjzclgEe8ho5B-FdIT3oRII553k_JxCj3wFBdMBH99IuNCIfjo3-Uy0vjrkvqrL6CLU4-6fNp2feE0_4u_HyYSqT6_vxHLoBss51yBKngkPgSh9y-i36cKBfC_eDKlY8OJWMPZKKG2-6LyBMTs81bICdcyXDXXtc7vTT9AWU_5Ofi2Qf8munk5MR-8EflWOAr1dcy7ACF7WGGwqARv9SHDfboX3bd3678bk78avuquZKZuJRQ0mlX5H3oxgRdxiHnwAzdADGzCiQtqxqSfGcmic6mwkSUYdjkQ1dfDZWV45utUiLCsMNuTZlX5zSLGNIOwrCQsLQeEd2xx8qn6XLkiTtFlGbCkbjzqll66EejQAgpJmvHgMxbF0WyJI954kBq3y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3wwUFmfPZOmWCY35nsEP-o2fsAHJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS2Ak_QVzMfu1bKbA1957WwxTrCqBJ0LAM-4oUftoHC5pl0lIgbNdSy1ooekYZLIvB3-ecYOM51927ojfauPG3VwZZQxIxAnbrNr_WEQuqQ-aR2CpXm938_mrRRx6ieGt4NWwTDNtKbIbgSN7suNaeTWDlFBFFuxwY6f4naFan-SVdD5u_8GLnbm9rI3GE5SFTV3NKR3jde1ii-5QmybRNkMgznWHJ6nLgVv9LrD9HDZAdAzR36B1wtXUlRoAGOvVP-zv1w5nbelaEaaigtxeLn2gw2xz1aDunIetMo_7lAp51zeshMLSigkk5KP0Q9p3_Ufv9l3MEsvZrySrj_tuOAHDBe2Bw8wkrQUj2rR9fFrAYZpAMoKRzr4JcgfisXEeUTDUI757ThJFQkklURQ8zFTGXdO9UbvMvgBAGABqDimaLYpv231AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0biPOZ1bc6WKCGNA1nJWuDICfHyw%26client%3Dca-pub-3831894559014614%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.eu.criteo.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sun, 06 Aug 2023 09:25:43 GMT strict-transport-security max-age=31536000; preload; cross-origin-resource-policy cross-origin server Finatra content-length 0
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame 9025	42 B 64 B	118ms 118ms	Image image/gif	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttYqfOb_q0cAsDca5nvReZWwN9qiyo44jsEmVjlceD4VZdrKgpG789R6BytmQnM0VWHpA6EquZGTwCjScQ74jid6ReuGeIQeStB0Ks45kycujSZMIMzH59U35OJBDxIupGKWczT-724ZdAPcm5OTN0DOXj2ghGJvo8Nu4SBZI&sai=AMfl-YQ3Wg0CETHjt3J10U5qL1YlO3DngRy6qIm6LLe_yJ5jxHomKK4PnnUeOQdV47m8TQVImCP-U0u6RUWVsprnrAAOKZHLkigu8uhXxFLLgmxP27ynooL8ma39hd4&sig=Cg0ArKJSzI7aNkoeNNS3EAE&cid=CAQSOwBpAlJWB1xpPKOwg8rqK4M_OXeN2H-4IQn7kr-eVynWbsjiAKtFxqUI_83lmwSg8zvRNKKRaK8UrcWrGAE&id=ampim&o=274,680&d=1052,600&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=203&tls=1204&g=86.66666746139526&h=86.66666746139526&tt=1204&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0 Requested by Host: yalla-shoots.tv URL: https://yalla-shoots.tv/live/11813/0/motogp-vs-motogp/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://yalla-shoots.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Sun, 06 Aug 2023 09:25:44 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 2E37	0 0	50ms 50ms	Image text/html	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CkYaJFmfPZPRpwrOR1Q_v2KPQApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjU92kAEd7I-4AIAqAMByAMCqgS5Ak_Qy0T3GJwFiVxnKPffR-5qA3EaCuzYmopexnIu2iZEV06uDgnP76_YCLn17F8LvWYC87CXyJfVH03uL17oXnesWF3j47lXyeATNkDSzshaztZvXIPqmiI3B8b5RB9Lchi-P_7FAi8ydk36bfbxciVOrTgMsrj44GC9WqXsRD8B09ODoGda3bRaXmsmcuxjMxS-9eNXyIGbthgFoingdzluQ6ys42S5L3vb9mBLoPqUQ_VaOEhSKnysJ9Dg2wZ6sk6VUCOI29m5pK9zN0dn9uEDWm4oBx_WNBvQyWGUS6D1iyLJO86n78JvomWr-zVVkl5fH5Lk0hmzixJWbkStSeKQQunSRr9smO7aIvzbH4EKrrZMQBFfQ8sKIVNl0WDPC80iH5-uHq4Jps70_4Oqswx8SnE0yxzRc7rgBAGABsiuydS6xLrcJaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=rMVjIBVsTrI&uach_m=[UACH]&cid=CAQSOwBpAlJWCoKnwLmpDryuqCMLieqJuczPEDgaKRzExez7LnIITZdPyslmSQzvpdkox5e9z6zYW_wLmLtyGAE&cbvp=2&vis=1 Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers
GET H2	204	winResponse prod-rtb.ad4mat.net/ Frame 2E37	0 39 B	17ms 16ms	Image image/gif	2600:1901:0:76b9:: GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://prod-rtb.ad4mat.net/winResponse?a=1kzcw4dys6e6nwjnzj8sdqbpx4rf4zw0gts2sz0xfsagff0xq4z0yvf39tqzh8xbs3hcv3gsrqrq9p71x6h58a5att99zzyzkrt3vkhfjda276v0mxgcbx5c526kbr65dk7ykzt0sm10ezfydqg93yk5vqp5thrx0mw3nd1g52kyk94v9p32zkkmc5da4e4my94xc78zfnrvbdn6ytbqwmvgz1a861tr7xs7chyq8w0dk7ahekrberhx4ejdstcx84xs8kzjebdw79v5cjcyfhgyw0h0nqs1j8fmnmjqbvy58f0be4ev5ehr28tyneb62cv54d9aze5e0gegbwt1xwytp4xh24m2v63j6fq7wt2krwnn0c90j2m0btc2xccspvbk9e1zwazhkn57&b=ZM9nFgAANPQEpFnCAAjsb8ocWiKjDRTLbTTDSQ&cbvp=2 Requested by Host: 18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com URL: https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://18229b37791c33b23af6c2c8f69068e2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers access-control-allow-origin * date Sun, 06 Aug 2023 09:25:44 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

live.shoot-yalla.tv

URL

https://live.shoot-yalla.tv/uploads/img/telegram.svg

Domain

securepubads.g.doubleclick.net

URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbRutC1S3RcMd-H-mhxu0zNChva_wLs3-XIz_QmMb41NR07K84QFe8C2XA7zXMVtO46CjwrnCoUSMJbRvYnrnjHpURQkUnA9ePUfdLSBZqn56mgfYTRYvRvYsvh-4x27RTQ2v7Jm0qxi__HnToUpvrkZDN3evllTGGzGHNCLug--2XyrY4UW1WZz2uo7j9bRFH3OeaN58Iyk8VBwCG6JdjEbwxLoSb88vqhvVcaTD87hLAHpG01UeFsWTbOvPzjpaY33ERqr6S_6tBYpGMyfNfrMA3h4JCGDVjPGNqG5pa4qxW8BbN8v_XfW4J2KMqxjt3zqYe53Moh_29ub7HgFB6oJcQk3SLVbaInunPu0S5lJ59FpMULfrHqFoF24fCgtJixuXLITyYDMaeOD4&sai=AMfl-YQg4ZvtHSH7eky8RVRKfHI0h1YgabI8qNwt7KMlslNc14ElGCP2plJdMKOyU0W5XZ6SlA_BcDJoqxsIMiHxTsU35XpmiM7ZvWdZCgcpraqCAkUlbOQXVeNOj1Es4g&sig=Cg0ArKJSzPnm5WqT2zQKEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain

www.googletagservices.com

URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain

securepubads.g.doubleclick.net

URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssodOPpa0ZmI-HAcAYIgI9UfGdbLTFV_F4lo5dLTxlYgLbv4XEch36PZ7H51aFHz4dQ925pxY2YxgfwpmrneOW2ntnE3S3YFniOFbalREXfPU2xXXTjHJWprBEd_GTmC-TBDAFA1uW4niVL2V7v85qI1EMQkLowIcBJf82f3RwFtvNdNt_g6L6lV9Ej4JYZOj-kmAp8D4FTjQm3mEZEJCwG1sb9-YRN447tg_evrlqVANoSwEORK4tXXMIHCESP_CKeqhX2QpxAholq-OC1RcAdjBgm9yDc8iwTUooHEYb18r1KB_WLupMVTGPcheSncCEjDS381PuvI-89Z67sQK8E5LE_euwcIEw2c_kBm9BsLwzUrdAvOzvaICetYhLPOksmr1L1VXr_86F7RA&sai=AMfl-YSBerS7eLZhnvfJbk8253br2VxuyKAXOwCPZZ5p7H6CRcVmRf6eSLpz04bWBtjm-gjqfUsHfgXpSZNeDFASZGOsNEzehrAXP8KjucDqB7WUubklNtfHCO2sH2Wicw&sig=Cg0ArKJSzC6_XdJGzQ_5EAE&uach_m=[UACH]&urlfix=1&adurl=

Domain

www.googletagservices.com

URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain

securepubads.g.doubleclick.net

URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvblC0nxoVmzYCGHqBJFJmZWA-VpCakN9H68lemgm5tgAnCwW2ZhihQG2wbpv-6PaAgTA6X2gnnfRgIuqfPyGs7kwA90zgm6EbZbkMF-PGUPprz11IitLxzlRcYSoK1P31XOCE-CxlYI7QYRP4u7AfJ8w_JzH6Yj-opoYjY2GWNVcyoiVU1ZoAupqWfxC-BZBH1hAqmXhYtvktxGIWuCuaX00nLkCnUwJuCigUo1Rrxb4zx6Ax6kIKldVPFEswihjh5FrpP2DtkzjHOM-AsIEZGz7GHAYNJINOqaCcSf4KcVUqT6bZg3mEWD7mOYFB-wVeEEWGeqLjea4fZZbQYAbzx2lN6USm7g8Y2t-xfhteuZwyB63SIgfdcry_x6Ewt_B8yhL1tv_D5YktTsmc&sai=AMfl-YQ9Cv6IajC36_iUMsNGylt3m8Mj8WDQOBXaCr3Mgs0ouIe8Ja4BVOxsgaoQtQ61U26--PE537SDqK43z2rTo0pTLsOsAzI_362KXj71UJOafOpODvSb0OrMDEHN1A&sig=Cg0ArKJSzMfOXZmNR63jEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain

www.googletagservices.com

URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain

www.restposten.de

URL

https://www.restposten.de/?utm_source=ADCELL&utm_medium=Text&utm_campaign=Standard&bid=309583-46690-oneid7YmUqfzfArBzFrHXHgtAtBD95u4S1TQPbCEZQxoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY