urlscan.io logo urlscan.io
SecurityTrails logo

www.yallakora.com Open in urlscan Pro
172.67.1.154  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://steth-claims.org/
Effective URL: https://www.yallakora.com/
Submission: On June 14 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 37 IPs in 6 countries across 25 domains to perform 133 HTTP transactions. The main IP is 172.67.1.154, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.yallakora.com. The Cisco Umbrella rank of the primary domain is 396316.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 8th 2023. Valid for: a year.
This is the only time www.yallakora.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
2 6 188.114.97.3 13335 (CLOUDFLAR...)
2 45 172.67.1.154 13335 (CLOUDFLAR...)
27 172.67.74.224 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 172.217.23.98 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 142.250.184.238 15169 (GOOGLE)
3 68.71.249.118 46562 (PERFORMIVE)
4 2600:9000:26e... 16509 (AMAZON-02)
1 2620:116:800d... 16509 (AMAZON-02)
2 3 185.89.210.20 29990 (ASN-APPNEX)
1 185.64.191.214 62713 (AS-PUBMATIC)
1 3 172.64.151.101 13335 (CLOUDFLAR...)
1 2607:f350:3:2... 27630 (AS-XFERNET)
1 8.39.36.142 26667 (RUBICONPR...)
2 2600:9000:223... 16509 (AMAZON-02)
1 145.40.97.66 54825 (PACKET)
1 185.64.189.112 ()
1 2602:803:c003... ()
1 34.98.64.218 ()
1 178.250.1.8 ()
2 142.250.186.66 ()
6 142.250.186.98 ()
1 2602:803:c003... ()
1 216.239.32.36 ()
1 142.250.185.198 ()
1 167.235.11.39 ()
1 88.221.169.246 ()
1 68.71.249.120 ()
133 37
6    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
steth-claims.org
45    172.67.1.154 (United States)

ASN13335 (CLOUDFLARENET, US)
yallakora.com
www.yallakora.com
27    172.67.74.224 (United States)

ASN13335 (CLOUDFLARENET, US)
media.gemini.media
2    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net
securepubads.g.doubleclick.net
4    2606:4700::6810:ff40 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnimg.izooto.com
cdn.izooto.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
3    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net
fundingchoicesmessages.google.com
3    68.71.249.118 (Scarborough, Canada)

ASN46562 (PERFORMIVE, US)
udmserve.net
4    2600:9000:26e8:2e00:5:c4ab:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
bid.underdog.media
1    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
3    185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
ib.adnxs.com
1    185.64.191.214 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
3    172.64.151.101 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
htlb.casalemedia.com
1    2607:f350:3:2569:0:10:0:d (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-west.rubiconproject.com
2    2600:9000:223c:7c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    185.64.189.112 (None, )

ASN- ()
hbopenbid.pubmatic.com
1    2602:803:c003:200::21 (None, )

ASN- ()
fastlane.rubiconproject.com
1    34.98.64.218 (None, )

ASN- ()
underdogmedia-d.openx.net
1    178.250.1.8 (None, )

ASN- ()
bidder.criteo.com
2    142.250.186.66 (None, )

ASN- ()
googleads.g.doubleclick.net
6    142.250.186.98 (None, )

ASN- ()
pagead2.googlesyndication.com
1    2602:803:c003:200::67 (None, )

ASN- ()
beacon-ams3.rubiconproject.com
1    216.239.32.36 (None, )

ASN- ()
region1.analytics.google.com
1    142.250.185.198 (None, )

ASN- ()
ad.doubleclick.net
1    167.235.11.39 (None, )

ASN- ()
ads.revjet.com
1    88.221.169.246 (None, )

ASN- ()
eus.rubiconproject.com
1    68.71.249.120 (None, )

ASN- ()
edge.udmserve.net
Apex Domain
Subdomains		 Transfer
45 yallakora.com
yallakora.com — Cisco Umbrella Rank: 343749
www.yallakora.com — Cisco Umbrella Rank: 396316
779 KB
27 gemini.media
media.gemini.media — Cisco Umbrella Rank: 213960
507 KB
9 googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 172
pagead2.googlesyndication.com
269 KB
8 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 726
region1.analytics.google.com — Cisco Umbrella Rank: 3078
124 KB
6 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
stats.g.doubleclick.net — Cisco Umbrella Rank: 132
googleads.g.doubleclick.net
ad.doubleclick.net
198 KB
6 steth-claims.org
steth-claims.org
8 KB
4 rubiconproject.com
pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 7167
fastlane.rubiconproject.com
beacon-ams3.rubiconproject.com
eus.rubiconproject.com
28 KB
4 underdog.media
bid.underdog.media — Cisco Umbrella Rank: 41325
188 KB
4 udmserve.net
udmserve.net — Cisco Umbrella Rank: 3777
edge.udmserve.net
7 KB
4 izooto.com
cdnimg.izooto.com — Cisco Umbrella Rank: 41836
cdn.izooto.com — Cisco Umbrella Rank: 12169
89 KB
3 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 571
htlb.casalemedia.com
2 KB
3 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 522
ib.adnxs.com
4 KB
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1551
1 KB
2 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 721
hbopenbid.pubmatic.com
157 B
2 gstatic.com
fonts.gstatic.com
173 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
203 KB
1 revjet.com
ads.revjet.com
24 KB
1 criteo.com
bidder.criteo.com
224 B
1 openx.net
underdogmedia-d.openx.net
592 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 785
184 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1152
399 B
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1587
9 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
6 KB
1 google.nl
www.google.nl — Cisco Umbrella Rank: 10667
408 B
0 crwdcntrl.net Failed
tags.crwdcntrl.net Failed
133 25
Domain Requested by
44 www.yallakora.com 1 redirects www.yallakora.com
27 media.gemini.media www.yallakora.com
6 pagead2.googlesyndication.com steth-claims.org
pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 steth-claims.org 2 redirects steth-claims.org
4 bid.underdog.media udmserve.net
bid.underdog.media
4 region1.analytics.google.com www.googletagmanager.com
4 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
3 udmserve.net steth-claims.org
bid.underdog.media
3 cdn.izooto.com www.yallakora.com
cdn.izooto.com
3 tpc.googlesyndication.com www.yallakora.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
2 googleads.g.doubleclick.net steth-claims.org
pagead2.googlesyndication.com
2 rules.quantcount.com secure.quantserve.com
2 ssum-sec.casalemedia.com 1 redirects
2 secure.adnxs.com 2 redirects
2 fonts.gstatic.com www.yallakora.com
2 securepubads.g.doubleclick.net www.yallakora.com
securepubads.g.doubleclick.net
2 www.googletagmanager.com www.yallakora.com
1 edge.udmserve.net bid.underdog.media
1 eus.rubiconproject.com www.yallakora.com
1 ads.revjet.com www.yallakora.com
1 ad.doubleclick.net www.yallakora.com
1 beacon-ams3.rubiconproject.com steth-claims.org
1 bidder.criteo.com bid.underdog.media
1 underdogmedia-d.openx.net bid.underdog.media
1 fastlane.rubiconproject.com bid.underdog.media
1 htlb.casalemedia.com bid.underdog.media
1 ib.adnxs.com bid.underdog.media
1 hbopenbid.pubmatic.com bid.underdog.media
1 prebid.a-mo.net bid.underdog.media
1 pixel-us-west.rubiconproject.com
1 sync.go.sonobi.com
1 image8.pubmatic.com
1 secure.quantserve.com udmserve.net
1 fonts.googleapis.com
1 www.google.nl www.yallakora.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 cdnimg.izooto.com www.yallakora.com
1 yallakora.com 1 redirects
0 tags.crwdcntrl.net Failed www.yallakora.com
133 39
Subject Issuer Validity Valid
steth-claims.org
GTS CA 1P5		 2024-05-18 -
2024-08-16		 3 months crt.sh
www.yallakora.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-08 -
2024-11-27		 a year crt.sh
gemini.media
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-04		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
izooto.com
E5		 2024-06-11 -
2024-09-09		 3 months crt.sh
*.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.google.nl
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
udmserve.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-30 -
2024-11-16		 10 months crt.sh
underdog.media
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-31 -
2024-11-20		 10 months crt.sh
quantserve.com
R3		 2024-04-25 -
2024-07-24		 3 months crt.sh
*.pubmatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-19 -
2025-04-19		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2023-12-07 -
2025-01-07		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-04 -
2025-04-03		 a year crt.sh
*.a-mo.net
R3		 2024-05-05 -
2024-08-03		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
casalemedia.com
E1		 2024-04-19 -
2024-07-18		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-15 -
2024-07-10		 3 months crt.sh
*.doubleclick.net
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.revjet.com
GlobalSign GCC R6 AlphaSSL CA 2023		 2024-03-27 -
2025-04-28		 a year crt.sh

This page contains 7 frames:

Primary Page: https://www.yallakora.com/
Frame ID: 7CEFC9C400F1C6BE25768700ACDD20A9
Requests: 115 HTTP requests in this frame

Frame: https://www.yallakora.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Frame ID: 23A3B72B48FF403E33184B060F4BD620
Requests: 2 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: 68FF7B523DF36D82ABC98C800CFB584F
Requests: 1 HTTP requests in this frame

Frame: https://udmserve.net/udm/img.fetch?sid=19740;tid=1;dt=7;p=1;rri=1718375115881_895150_95.211.199.157;mid=48884;zzz=%5B48884%2C1718375115%2C%22KDyEeyaOZ6TFugWa1DnN%2Bg%22%5D;version=v3.1.3;cb=0.5754061833143962;qqq=2.849002849002849;session=1;style=slider;vis=visible;traffic_info=%7B%7D;gdprApplies=true;consentGiven=false;consentData=undefined
Frame ID: 1916CCF8B8631654334E62418E918EE6
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGODu8oMCMAE&v=APEucNWne_yNXXVOiiGfnDz8xxMB_xY84C9UR-jKZgMn0gaACGYH0-zc6fPkPHfBPmg_-ReqZLN1LcKpgaeB5Iqw_SRnmToe92N2es0R1cLSePObVXhO8PQ
Frame ID: A0C344AD8A1988B4C45DA89D1EF6B58C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=nl
Frame ID: D82C01439DDA19B50F1C9BC792225CBD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F00C071B494C1FF16324E29AE96AE870
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

يلاكورة الموقع الرياضى الأول فى الشرق الأوسط

Page URL History Show full URLs

  1. http://steth-claims.org/ HTTP 307
    https://steth-claims.org/ Page URL
  2. https://steth-claims.org/cdn-cgi/phish-bypass?atok=KUhC3grEljRfevSTxXOjRiLhFdeSOGpl7gr0Nv1FskM-171837... HTTP 301
    https://steth-claims.org/ HTTP 307
    https://yallakora.com/ HTTP 301
    https://www.yallakora.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • /flickity(?:\.pkgd)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.izooto\.\w+
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

133
Requests

97 %
HTTPS

42 %
IPv6

25
Domains

39
Subdomains

37
IPs

6
Countries

2619 kB
Transfer

6509 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://steth-claims.org/ HTTP 307
    https://steth-claims.org/ Page URL
  2. https://steth-claims.org/cdn-cgi/phish-bypass?atok=KUhC3grEljRfevSTxXOjRiLhFdeSOGpl7gr0Nv1FskM-1718375108-0.0.1.1-%2F HTTP 301
    https://steth-claims.org/ HTTP 307
    https://yallakora.com/ HTTP 301
    https://www.yallakora.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://steth-claims.org/ HTTP 307
  • https://steth-claims.org/
Request Chain 86
  • https://www.yallakora.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.yallakora.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Request Chain 97
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.9359965 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.9359965 HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=7849394919632836198;cb=0.9359965
Request Chain 99
  • https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.9359965%3Bindx%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.9359965%3Bindx%3D&s=199174&C=1

133 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
steth-claims.org/
Redirect Chain
  • http://steth-claims.org/
  • https://steth-claims.org/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://steth-claims.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a95d77efea8d0a8b333c48041cd35b8ca1f9bef042e30fa7a7a00611ec33506
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cf-ray
893afcedcb3065a8-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 14 Jun 2024 14:25:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eMymiaChzSssFcFUVwZqoHRVzm88pf1Kd9mLVLkTxRxmjo9CUOvDtEWgd1av0gDhRCP8O8PyvdfdjGNc2lId7AIdoPVZ6Rcclmd8mRC9dPTkOZ3ZQiAVHE1%2B9aME%2FxZ1CIEo"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Location
https://steth-claims.org/
Non-Authoritative-Reason
HttpsUpgrades
cf.errors.css
steth-claims.org/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://steth-claims.org/cdn-cgi/styles/cf.errors.css
Requested by
Host: steth-claims.org
URL: https://steth-claims.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://steth-claims.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Jun 2024 17:31:42 GMT
server
cloudflare
etag
W/"666889fe-5df3"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
893afcedfb8365a8-FRA
expires
Fri, 14 Jun 2024 16:25:08 GMT
icon-exclamation.png
steth-claims.org/cdn-cgi/images/ 		452 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://steth-claims.org/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: steth-claims.org
URL: https://steth-claims.org/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://steth-claims.org/cdn-cgi/styles/cf.errors.css
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 11 Jun 2024 17:31:42 GMT
server
cloudflare
etag
"666889fe-1c4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
893afcee2bc065a8-FRA
content-length
452
expires
Fri, 14 Jun 2024 16:25:08 GMT
favicon.ico
steth-claims.org/ 		122 B
432 B 		Other
General
Check archive.org
Download Go to
Full URL
https://steth-claims.org/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6891520b4e852dbd23fdfdaa290e54766e39704083ba4b96c44d79ac46006cac

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://steth-claims.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:08 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N5OFikYBgxkY2NHUzF19cp4yISxYQ1DHFQEKLneJhCIZl5e7xUWPmbPnyjhNT0xuBP6b%2Bve0vgUGp%2BKnpP%2Blt4h%2FtWGH1lDNr67NrP5vV77CA1rTvvvH30IutskH7GwjcTC3"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
max-age=14400
cf-ray
893afcee9c6165a8-FRA
alt-svc
h3=":443"; ma=86400
Primary Request /
www.yallakora.com/
Redirect Chain
  • https://steth-claims.org/cdn-cgi/phish-bypass?atok=KUhC3grEljRfevSTxXOjRiLhFdeSOGpl7gr0Nv1FskM-1718375108-0.0.1.1-%2F
  • https://steth-claims.org/
  • https://yallakora.com/
  • https://www.yallakora.com/
216 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
90883a46876da1a33b973c0ed230260cfeaef632cf8fa94c4e6949709ea1f92e

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://steth-claims.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://ads.geminimedia-eg.com
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
893afd0798165d45-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 14 Jun 2024 14:25:13 GMT
expires
-1
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-powered-by
ASP.NET

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
893afd06ff455d45-FRA
content-length
167
content-type
text/html
date
Fri, 14 Jun 2024 14:25:12 GMT
expires
Fri, 14 Jun 2024 15:25:12 GMT
location
https://www.yallakora.com/
server
cloudflare
vary
Accept-Encoding
gmfwh5wxcaafom32024_6_14_17_3.jpg
media.gemini.media/img/yallakora/normal//2024/6/14/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gemini.media/img/yallakora/normal//2024/6/14/gmfwh5wxcaafom32024_6_14_17_3.jpg
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3f4264eb7e40e897016f8ddc1bb84f89977175f28aff87758b044b59a8513ebe

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
980
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
29082
cf-bgj
h2pri
last-modified
Fri, 14 Jun 2024 14:03:02 GMT
server
cloudflare
etag
"fa6e399263beda1:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://www.yallakora.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1uoXSovB%2BIfJgG2UTMPrb6Zjl8eZoU0aAJ1nrMs7uDR9WOJicjFBaNs0YPOcHfvGWMO7Au31NYoSFfIVJcVkRJ%2BbQhNorjylh0X%2BJ%2BVd1PXXXVHnz2oebQsWO3ALYN25EW9WPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
893afd0b697b925c-FRA
access-control-allow-headers
Content-Type, Cache-Control , x-requested-with
ykicons.woff2
www.yallakora.com//fonts/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.yallakora.com//fonts/ykicons.woff2?ver=1
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1968782fdfd86d61313838181807432aab7df8d8cfeb466a3903ee8a8b8cefac

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Origin
https://www.yallakora.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:13 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Jan 2024 19:47:57 GMT
server
cloudflare
age
180523
etag
"42989113c744da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd0b1d1c5d45-FRA
alt-svc
h3=":443"; ma=86400
content-length
6340
droidkufi-regular.woff2
www.yallakora.com//fonts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.yallakora.com//fonts/droidkufi-regular.woff2
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
487062b7e9d1c9af80e65f6dd6f25d73daa19dd68e16e0b47aac055cc4490720

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Origin
https://www.yallakora.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:13 GMT
cf-cache-status
HIT
last-modified
Mon, 29 May 2023 11:21:47 GMT
server
cloudflare
age
180523
etag
"e1fd5c11f92d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd0b2d225d45-FRA
alt-svc
h3=":443"; ma=86400
content-length
31372
droidkufi-bold.woff2
www.yallakora.com//fonts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.yallakora.com//fonts/droidkufi-bold.woff2
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
346d741ba0dc7cd5e83ae349cba98d00a4f67b59fd8a72e60deff970e264a72a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Origin
https://www.yallakora.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:13 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Jun 2024 15:36:50 GMT
server
cloudflare
age
180523
etag
"f583d924cbbda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd0b2d275d45-FRA
alt-svc
h3=":443"; ma=86400
content-length
31772
swiper-icons.woff2
www.yallakora.com//fonts/Stories/ 		932 B
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.yallakora.com//fonts/Stories/swiper-icons.woff2
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b93409f07daee085efb82a26ca9e7115139a7bfb645a99ef809b7a68223c4553

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Origin
https://www.yallakora.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:13 GMT
cf-cache-status
HIT
last-modified
Thu, 15 Feb 2024 14:52:54 GMT
server
cloudflare
age
180523
etag
"47e0c3a71e60da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd0b2d285d45-FRA
alt-svc
h3=":443"; ma=86400
content-length
932
StyleOnLoad.css
www.yallakora.com/Content/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.yallakora.com/Content/StyleOnLoad.css?ver=0.1
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0523b0ead380e6027f705ed7391cf6ca3a84153bdd9dd8517564457796e6dd1f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Origin
https://www.yallakora.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:13 GMT
content-encoding
br
cf-cache-status
HIT
age
180523
cf-polished
origSize=28179
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 30 Jan 2024 16:28:46 GMT
server
cloudflare
etag
W/"0b391659953da1:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
cf-ray
893afd0b2d295d45-FRA
Style.min.css
www.yallakora.com/Content/ 		1 MB
280 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.yallakora.com/Content/Style.min.css?ver=65.16
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
45716f61b98acd1eace6f120d8aa7768d4e5b06ffb12b79458aa567838fff869

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 11 Jun 2024 14:01:56 GMT
server
cloudflare
age
180523
etag
"b2777aeb7bcda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
cf-ray
893afd0b2d2a5d45-FRA
alt-svc
h3=":443"; ma=86400
FontFaces.css
www.yallakora.com/Content/ 		2 KB
524 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.yallakora.com/Content/FontFaces.css?ver=0.07
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
305ea20ec2612ced7e0d3076b0e94aa8de23ffa3602a7e9fbdb6213d8a0be81d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:13 GMT
content-encoding
br
cf-cache-status
HIT
age
180523
cf-polished
origSize=1688
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 30 Jan 2024 16:28:43 GMT
server
cloudflare
etag
W/"e5ede3639953da1:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
cf-ray
893afd0b2d2b5d45-FRA
Sponsor21.css
www.yallakora.com/Content/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.yallakora.com/Content/Sponsor21.css?ver=2.26
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
edf02b92b41e82d2e8bdedc8155a29e03325929e1d540a7eee89f6a45da7e28b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:13 GMT
content-encoding
br
cf-cache-status
HIT
age
180523
cf-polished
origSize=11643
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 07 Nov 2023 15:07:17 GMT
server
cloudflare
etag
W/"8080cc188c11da1:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
cf-ray
893afd0b2d2d5d45-FRA
Smartbanner.css
www.yallakora.com/Content/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.yallakora.com/Content/Smartbanner.css?ref=0.4
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7af60381a77100924e59b5d18b0fe69234d2eca6e03592f22571a3c782729ae1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:13 GMT
content-encoding
br
cf-cache-status
HIT
age
180523
cf-polished
origSize=2860
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 24 Oct 2023 13:05:37 GMT
server
cloudflare
etag
W/"8066e0c77a6da1:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
cf-ray
893afd0b2d2e5d45-FRA
GutterStyle.min.css
www.yallakora.com/Content/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.yallakora.com/Content/GutterStyle.min.css?ver=0.65
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2ba004dac609260504122c3252555c45c7eb5edb611a2b35b52233a8a4e0dd12

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:13 GMT
content-encoding
gzip
cf-cache-status
HIT
age
176037
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
1063
last-modified
Mon, 29 May 2023 11:22:59 GMT
server
cloudflare
etag
"802b49ec1f92d91:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd0b2d2f5d45-FRA
js
www.googletagmanager.com/gtag/ 		325 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SS8RTJKBPS
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
19665f3b9d688e27a18628ad631ad99a524cc885204de72e42929f9aae950787
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
109587
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 14 Jun 2024 14:25:13 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		100 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
89668d0d4ba59cbcf25ac2ed46dbe2eb5e05cb4d7ee2a2cb858140c63cc7862f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32327
x-xss-protection
0
server
cafe
etag
279 / 19888 / 31084585 / config-hash: 13880094907017481449
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 14 Jun 2024 14:25:13 GMT
rocket-loader.min.js
www.yallakora.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yallakora.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Jun 2024 17:35:24 GMT
server
cloudflare
etag
W/"66688adc-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
893afd0b2d315d45-FRA
expires
Sun, 16 Jun 2024 14:25:13 GMT
hgd-v-2024_6_11_18_18.jpg
media.gemini.media/img/yallakora/Wide//2024/6/11/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gemini.media/img/yallakora/Wide//2024/6/11/hgd-v-2024_6_11_18_18.jpg
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c90c9b2c6cc47fb731137fc21fcc7bca965f809d2f1aaa29f0045c39ef0567db

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10499
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
22809
cf-bgj
h2pri
last-modified
Tue, 11 Jun 2024 15:18:33 GMT
server
cloudflare
etag
"e371b29f12bcda1:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://www.yallakora.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ctl6c15OZjOpFYJTVY71McLP8v6LYNwJtGvsw%2Bj4B4vCCS5NTmBVQChxDY1Gl0IQ5bMxpmCS1RvUj7ZxUs3dd7oLyMaoFSUriZ%2BCz7SSRMPypGlWVTHi1RMcmDQuW3V5Y9rLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
893afd0c9ae3925c-FRA
access-control-allow-headers
Content-Type, Cache-Control , x-requested-with
gk0u842x0aaq4th2024_4_10_20_42.jpg
media.gemini.media/img/yallakora/Wide//2024/4/10/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gemini.media/img/yallakora/Wide//2024/4/10/gk0u842x0aaq4th2024_4_10_20_42.jpg
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f6034deaabb06881554a4ecfef05fc3cc6bfb1a78ad76d92be99753f102e1a50

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19782
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
21436
cf-bgj
h2pri
last-modified
Wed, 10 Apr 2024 18:42:39 GMT
server
cloudflare
etag
"331431dd768bda1:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://www.yallakora.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tYT2KaD6%2FSgWDMGsJVAKwwqREq%2BYD7nDBo7RSHrVn80JyO8sJSrsXeIk34FHl2Vgbz37GqVZy4%2FyqO45gd64OgfdNHj2WqhW8SG6FowNh33b5MEwbEBBQIjWmJ62l%2B7YoCZ7ag%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
893afd0cfb62925c-FRA
access-control-allow-headers
Content-Type, Cache-Control , x-requested-with
capture2024_5_27_13_5.jpg
media.gemini.media/img/yallakora/Wide//2024/5/27/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gemini.media/img/yallakora/Wide//2024/5/27/capture2024_5_27_13_5.jpg
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
058cb6627903999f70f289a15acfe47378f98b1befb896772a32ceb089aeccd7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
72676
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
30603
cf-bgj
h2pri
last-modified
Mon, 27 May 2024 10:05:49 GMT
server
cloudflare
etag
"d1b143731db0da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://www.yallakora.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5YZukijfM2oQ1i0K1tlTZ%2FIjOQJYufI5r57wftroKWkBCn5I0XJ%2BPMd94UAeMvK8KTVkF38fkxVYSq2q7kc2yNmxzkh62sA8yWvcSKLTLjYqmRKOMR5aNiMV4cHctV1F4ZceIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
893afd0cfb65925c-FRA
access-control-allow-headers
Content-Type, Cache-Control , x-requested-with
jpdav4uudvmqtldjiq2vk4pr7u2024_3_8_13_57.jpg
media.gemini.media/img/yallakora/Wide//2024/3/8/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gemini.media/img/yallakora/Wide//2024/3/8/jpdav4uudvmqtldjiq2vk4pr7u2024_3_8_13_57.jpg
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
aa0cf3376627ffacdd10ff56d0fb3158a4de2da2ee0461b4e8f417481794358f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7838
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
16567
cf-bgj
h2pri
last-modified
Fri, 08 Mar 2024 11:57:24 GMT
server
cloudflare
etag
"8beccac84f71da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://www.yallakora.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4x%2BCt0bRoLln0fqT8SkaOGFqi6pQAVO1YKk29ayiC%2BkkoeGaNsaIVmjWtzmCe2xuBKyWTA87LO0v9EiZGiZ1dGUAuutTdyAJ8xwUfG2pO%2BW33HqfAHTRJBmUQILQ6FDXA2lfNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
893afd0d5bd3925c-FRA
access-control-allow-headers
Content-Type, Cache-Control , x-requested-with
joshua-zirkzee-14592024_6_14_14_3.jpg
media.gemini.media/img/yallakora/Wide//2024/6/14/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gemini.media/img/yallakora/Wide//2024/6/14/joshua-zirkzee-14592024_6_14_14_3.jpg
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
559204cb5d8dfe0b49c2297c57cdddfff3fc0244492aecc1bd0e498f0ca076dd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7838
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
14045
cf-bgj
h2pri
last-modified
Fri, 14 Jun 2024 11:03:15 GMT
server
cloudflare
etag
"3225a3744abeda1:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://www.yallakora.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=boJkb3cHO70GZpVkYH2vzC32hTw1s4%2FD9Xjb1%2FavpHa7I07RE84Sxz3JoDZawhqcs%2F4sAZGEvXlwD9voK1fPjF5%2BIbJjDUQW2hYKOVov4xNDl9FnMsiCd9jUyy4YEd0aEftIUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
893afd0dac32925c-FRA
access-control-allow-headers
Content-Type, Cache-Control , x-requested-with
countdown.png
www.yallakora.com/Images/Euro2024/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yallakora.com/Images/Euro2024/countdown.png?ver=0.1
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3e4e6ca8c530e819d0da6e64155939415947301a65baf8a7c55dec6af1c175bc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:13 GMT
cf-cache-status
HIT
age
180518
cf-polished
origSize=2863
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
1331
cf-bgj
imgq:85,h2pri
last-modified
Tue, 11 Jun 2024 14:01:25 GMT
server
cloudflare
etag
"736df7d87bcda1:0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd0b2d3b5d45-FRA
googleplaybanner.png
www.yallakora.com/Images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yallakora.com/Images/googleplaybanner.png?ver=0.1
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
38accd3e8604ad89be44af0772b2e05d8cecd5292ee89dfba98f687500b7c6b5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:13 GMT
cf-cache-status
HIT
age
180521
cf-polished
origSize=4912
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
2579
cf-bgj
imgq:85,h2pri
last-modified
Tue, 13 Feb 2024 12:53:21 GMT
server
cloudflare
etag
"8b377a9f7b5eda1:0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd0b5d7a5d45-FRA
appstorebanner.png
www.yallakora.com/Images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yallakora.com/Images/appstorebanner.png?ver=0.1
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7977d3cd67e83320cfd046f602cece53d77479bc1d33d37bfe8df89edba5cf9f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:13 GMT
cf-cache-status
HIT
age
180521
cf-polished
origSize=3896
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
1563
cf-bgj
imgq:85,h2pri
last-modified
Tue, 13 Feb 2024 12:53:20 GMT
server
cloudflare
etag
"990419f7b5eda1:0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd0bade15d45-FRA
huaweiappbanner.png
www.yallakora.com/Images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yallakora.com/Images/huaweiappbanner.png?ver=0.1
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
aa1e8a707905887761b5b2ae749dc98c56941c81619337d1ea808756ddaeafb0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:13 GMT
cf-cache-status
HIT
age
180521
cf-polished
origSize=4255
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
2223
cf-bgj
imgq:85,h2pri
last-modified
Tue, 13 Feb 2024 12:53:21 GMT
server
cloudflare
etag
"bfc0839f7b5eda1:0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd0bfe395d45-FRA
AppMob.png
www.yallakora.com/Images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yallakora.com/Images/AppMob.png?ver=0.2
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c141534a1ccc17930822b18407dbf508be53e518e011b6d3f9032d57d6c5b082

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:13 GMT
cf-cache-status
HIT
age
180521
cf-polished
origSize=22865
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
21607
cf-bgj
imgq:85,h2pri
last-modified
Tue, 13 Feb 2024 12:53:20 GMT
server
cloudflare
etag
"2b63439f7b5eda1:0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd0c6ecf5d45-FRA
iosIcon.png
www.yallakora.com/Images/ 		964 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yallakora.com/Images/iosIcon.png
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3766e0170820b7a33cccc3aa28fd3f2e7e5bb7524c228ab98f1b1beee6e2c5fb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:13 GMT
cf-cache-status
HIT
age
180522
cf-polished
origSize=2549
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
964
cf-bgj
imgq:85,h2pri
last-modified
Thu, 11 Jan 2024 19:54:16 GMT
server
cloudflare
etag
"6a976f5c744da1:0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd0da89f5d45-FRA
androidapp.png
www.yallakora.com/Images/ 		647 B
910 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yallakora.com/Images/androidapp.png
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
db3cb863e8656f46c2f4ce37fca19978438376cbf2da0bae4901ea8f421d5927

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:13 GMT
cf-cache-status
HIT
age
180521
cf-polished
origSize=909
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
647
cf-bgj
imgq:85,h2pri
last-modified
Sun, 28 Jan 2024 13:56:52 GMT
server
cloudflare
etag
"266972d8f151da1:0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd0df9125d45-FRA
huaweiapp.png
www.yallakora.com/Images/ 		935 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yallakora.com/Images/huaweiapp.png
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
398467f11681e46ebe862ed3e097f54e4a7fa3f49ee8754ba07a7a0540b72242

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:13 GMT
cf-cache-status
HIT
age
180521
cf-polished
origSize=1221
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
935
cf-bgj
imgq:85,h2pri
last-modified
Sun, 28 Jan 2024 13:56:52 GMT
server
cloudflare
etag
"69079d8f151da1:0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd0df9145d45-FRA
bell-icon.png
cdnimg.izooto.com/icons/7/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnimg.izooto.com/icons/7/bell-icon.png
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ff40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9acebc7da826b5c97db2b505eb9356d4612e4d0d927099480549e2b4035c2115
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Tue, 14 May 2024 16:51:55 GMT
server
cloudflare
age
253073
cf-polished
origSize=5865
etag
W/"664396ab-16e9"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=16070400
cf-ray
893afd0fde3d9f2f-FRA
x-xss-protection
1; mode=block
expires
Tue, 17 Dec 2024 14:25:14 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406120201/ 		467 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406120201/pubads_impl.js?cb=31084585
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
198541ad4236b9420f75c7669cf99c7c33b99827fe7bc758724d1a2b6819caa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:23:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
84
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
149147
x-xss-protection
0
server
cafe
etag
3115796513108237484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 14 Jun 2025 14:23:49 GMT
106213651
fundingchoicesmessages.google.com/i/ 		193 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/106213651?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406120201/pubads_impl.js?cb=31084585
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
962f89f8f7d5bff32086da18706a78935959a7515c6ea521c50e0ed18da967b2
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-InNRNYMUPuH2g9IMimiZvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-InNRNYMUPuH2g9IMimiZvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzj8tDikmJw05BiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViJP-nWctAuL2zxdYpwPxkoiLrIcSL7IKcXOcWrpxM5vAj12b85U0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDMwMDfUMzOMLDABeIDQk"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-SS8RTJKBPS&gtm=45je46c0v9118065173za200&_p=1718375113914&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=630542056.1718375114&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=%2Fmainpage&dp=%2Fmainpage&sid=1718375113&sct=1&seg=0&dr=https%3A%2F%2Fsteth-claims.org%2F&dt=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%89%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%20%D9%81%D9%89%20%D8%A7%D9%84%D8%B4%D8%B1%D9%82%20%D8%A7%D9%84%D8%A3%D9%88%D8%B3%D8%B7&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1366
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SS8RTJKBPS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 14:25:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.yallakora.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SS8RTJKBPS&cid=630542056.1718375114&gtm=45je46c0v9118065173za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SS8RTJKBPS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 14:25:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.yallakora.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SS8RTJKBPS&cid=630542056.1718375114&gtm=45je46c0v9118065173za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1224718021
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 14:25:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-SS8RTJKBPS&gtm=45je46c0v9118065173za200&_p=1718375113914&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=630542056.1718375114&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1718375113&sct=1&seg=0&dl=https%3A%2F%2Fwww.yallakora.com%2F&dr=https%3A%2F%2Fsteth-claims.org%2F&dt=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%89%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%20%D9%81%D9%89%20%D8%A7%D9%84%D8%B4%D8%B1%D9%82%20%D8%A7%D9%84%D8%A3%D9%88%D8%B3%D8%B7&en=scroll&epn.percent_scrolled=90&_et=37&tfd=1431
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SS8RTJKBPS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 14:25:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.yallakora.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ykLogo.png
www.yallakora.com/Images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yallakora.com/Images/ykLogo.png
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.min.css?ver=65.16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
303148261bbb2e2aa07a0a388402b49b52ceb6f4c72e921decf019aa4e174d52

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/Content/Style.min.css?ver=65.16
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
age
180522
cf-polished
origSize=8080
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
4137
cf-bgj
imgq:85,h2pri
last-modified
Thu, 11 Jan 2024 19:54:36 GMT
server
cloudflare
etag
"af4681c844da1:0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd0eaa085d45-FRA
tiktokMenu.png
www.yallakora.com/Images/ 		508 B
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yallakora.com/Images/tiktokMenu.png
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.min.css?ver=65.16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
51cf9821bf15d436fad9c0f05e5b7df08012e241454f44cc0178a15275743d42

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/Content/Style.min.css?ver=65.16
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
age
180522
cf-polished
origSize=896
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
508
cf-bgj
imgq:85,h2pri
last-modified
Thu, 11 Jan 2024 19:56:58 GMT
server
cloudflare
etag
"814f9855c844da1:0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd0eaa0d5d45-FRA
4085712816323043600
tpc.googlesyndication.com/pimgad/ 		145 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pimgad/4085712816323043600?
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c59a5a5b02a65d77944915245a0481e4cc9de0567bff244261f87aaa67c23a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 13 Jun 2025 03:26:03 GMT
date
Thu, 13 Jun 2024 03:26:03 GMT
x-content-type-options
nosniff
age
125951
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148001
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 19:48:39 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
droidkufi-bold.woff2
www.yallakora.com/fonts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.yallakora.com/fonts/droidkufi-bold.woff2?ver=0.30
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/Content/FontFaces.css?ver=0.07
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
346d741ba0dc7cd5e83ae349cba98d00a4f67b59fd8a72e60deff970e264a72a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/Content/FontFaces.css?ver=0.07
Origin
https://www.yallakora.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
last-modified
Mon, 29 May 2023 11:22:11 GMT
server
cloudflare
age
67447
etag
"332de9cf1f92d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd0eca315d45-FRA
alt-svc
h3=":443"; ma=86400
content-length
31772
ykicons.woff2
www.yallakora.com/fonts/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.yallakora.com/fonts/ykicons.woff2?ver=0.33
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/Content/FontFaces.css?ver=0.07
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1968782fdfd86d61313838181807432aab7df8d8cfeb466a3903ee8a8b8cefac

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/Content/FontFaces.css?ver=0.07
Origin
https://www.yallakora.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Jun 2024 15:36:49 GMT
server
cloudflare
age
180519
etag
"0d88a24cbbda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd0eca345d45-FRA
alt-svc
h3=":443"; ma=86400
content-length
6340
droidkufi-regular.woff2
www.yallakora.com/fonts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.yallakora.com/fonts/droidkufi-regular.woff2?ver=0.30
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/Content/FontFaces.css?ver=0.07
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
487062b7e9d1c9af80e65f6dd6f25d73daa19dd68e16e0b47aac055cc4490720

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/Content/FontFaces.css?ver=0.07
Origin
https://www.yallakora.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Jun 2024 15:36:49 GMT
server
cloudflare
age
180519
etag
"e785ba24cbbda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd0eca395d45-FRA
alt-svc
h3=":443"; ma=86400
content-length
31372
Germany2018_7_24_14_43.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/7/24/ 		488 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gemini.media/img/yallakora/IOSTeams//80//2018/7/24/Germany2018_7_24_14_43.jpg
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
adc9298b081d82615add870fde1e08d6e6a424b4cd3b4b15f89910b1e4c7504e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
333265
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
488
cf-bgj
h2pri
last-modified
Tue, 24 Jul 2018 12:45:33 GMT
server
cloudflare
etag
"fc986d364c23d41:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://www.yallakora.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mmtZX3ZFumbpOmwUjLv0F%2F7r%2FSc5z8QmmA13IdEU52idkh2lQvkoz%2BBndoSlBUfua3Xk7ozyIKqeE%2BylalzxE9yQOh8uq3NfNaDqpqbB1cgM6QzPh6m3dEF6d%2BBk8YxKcy9tpg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
893afd0ecdad925c-FRA
access-control-allow-headers
Content-Type, Cache-Control , x-requested-with
YK-Regular.woff2
www.yallakora.com/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.yallakora.com/fonts/YK-Regular.woff2?ver=0.30
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/Content/FontFaces.css?ver=0.07
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0a6094cd81b0a2c3fe75497ad6d25107db8ec8185cc1ca62a0cbc896c1264301

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/Content/FontFaces.css?ver=0.07
Origin
https://www.yallakora.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Jun 2024 15:36:49 GMT
server
cloudflare
age
180519
etag
"d7d5a924cbbda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd0f0a915d45-FRA
alt-svc
h3=":443"; ma=86400
content-length
15664
Scotland2018_9_10_18_27.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/9/10/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gemini.media/img/yallakora/IOSTeams//80//2018/9/10/Scotland2018_9_10_18_27.jpg
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e09eb548240dc8cf37b2d7bfa74f8fb150b26fd717e5385b65fe31ef912b5176

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
333265
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
1839
cf-bgj
h2pri
last-modified
Mon, 10 Sep 2018 16:27:43 GMT
server
cloudflare
etag
"74495c332349d41:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://www.yallakora.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ucIJVwAlqeFjG79W6oskecoxCdk6yd40YYhbYzy%2FwPBaUwaknMm0DHKtGuha9ZIjIYsFeinrBZs07PV%2BDIP1HV4Hus2BQ2cxwDw8vQ5nX%2BZ9H%2Fa45ggrEs1eoXmzcmd0YO%2F4Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
893afd0f0e12925c-FRA
access-control-allow-headers
Content-Type, Cache-Control , x-requested-with
Pharco2021_10_26_8_28.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2021/10/26/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gemini.media/img/yallakora/IOSTeams//80//2021/10/26/Pharco2021_10_26_8_28.jpg
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
266962cc76ea6231420ace35146f5ae2335fbdbbb345be5e5202128783522258

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62356
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
6473
cf-bgj
h2pri
last-modified
Tue, 26 Oct 2021 06:28:56 GMT
server
cloudflare
etag
"35baefc032cad71:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://www.yallakora.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=58OMnN%2BXtLuGqvNDXIXuvhbTThnSEaipTZb35BN76qWCxibemwF%2BJdJkvsNUbFx%2FYiN5b3E6gS5iP3puWurPBhd321v67RvdUWCtEFe7Vf4c1RFPWGEZvxgkwspDewIyu8d3lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
893afd0f0e1a925c-FRA
access-control-allow-headers
Content-Type, Cache-Control , x-requested-with
ahly12023_10_19_17_58.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2023/10/19/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gemini.media/img/yallakora/IOSTeams//80//2023/10/19/ahly12023_10_19_17_58.jpg
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ac6226e76d07374cb133b8eb6752253573d2b1d932009fac81a2ef21c15b859b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132907
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
8469
cf-bgj
h2pri
last-modified
Thu, 19 Oct 2023 14:58:04 GMT
server
cloudflare
etag
"4f62daa99c2da1:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://www.yallakora.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b2NPB7b1TDWVV8yy%2FUOj0%2FHC5f4hKu2huec92e73C5C6VlgDcjwjAwB0iX49IdY9fEyHcyNZZLMQ7nXts5Mb2PrINzJnHqtzS%2Fmcs5SOMyqoTNt2PW2cPTs%2BAGRXNZp%2F6cFvWg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
893afd0f0e1f925c-FRA
access-control-allow-headers
Content-Type, Cache-Control , x-requested-with
cliopatraFC2020_12_17_18_1.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2020/12/17/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gemini.media/img/yallakora/IOSTeams//80//2020/12/17/cliopatraFC2020_12_17_18_1.jpg
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6a4bda882c1ec7303a37399430837a069ae29b88fd3285f5e73ab9ff63fc190a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62356
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
13725
cf-bgj
h2pri
last-modified
Thu, 17 Dec 2020 16:01:05 GMT
server
cloudflare
etag
"fddb14d38dd4d61:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://www.yallakora.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ZT%2Bi3ubRMgNKNypQwAcIOaFQJVHaTgiaPb7efJIiz7dvV1fkdLyWbFENpsn4UJ%2BgG0MUOXLqo7dXmL6Zf5jR2Zk%2FAlZXWeE1WtP6%2BUv3eRfXXNzKkBWr%2F0LRoLtfRgzFBs6gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
893afd0f0e22925c-FRA
access-control-allow-headers
Content-Type, Cache-Control , x-requested-with
Zamalek2018_7_24_13_31.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/7/24/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gemini.media/img/yallakora/IOSTeams//80//2018/7/24/Zamalek2018_7_24_13_31.jpg
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4c5d9a2bb4c1a0f9661d19ef675c5646853154a3196260b6f25aa94b73e37f60

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
266451
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
7722
cf-bgj
h2pri
last-modified
Tue, 24 Jul 2018 11:33:12 GMT
server
cloudflare
etag
"3c15b91a4223d41:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://www.yallakora.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kvcv3SSu5oZU3EkAjFNF2pxMF1CABCJdvtC%2BtJWLpaBDk72qh8XugwPVTTpZDwI8TS9gRNIr8YK1mKZIgMrF04fHrmmXMcpGnShBPe7HQsNc5sOq1n7vcaU%2FtFnlB8KFiTjkkA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
893afd0f0e24925c-FRA
access-control-allow-headers
Content-Type, Cache-Control , x-requested-with
MouloudiaOujda2018_9_13_18_19.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/9/13/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gemini.media/img/yallakora/IOSTeams//80//2018/9/13/MouloudiaOujda2018_9_13_18_19.jpg
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8224fde3119dc9f8461aee0c6cf4801b4e52d4b349963d125a04ae8de3395293

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62356
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
9049
cf-bgj
h2pri
last-modified
Thu, 13 Sep 2018 16:19:40 GMT
server
cloudflare
etag
"1a9197927d4bd41:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://www.yallakora.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=153Il%2FHabNY5BFaqB0v%2FdJyvqcNOesXRGs%2FRV5h9BPCXUuSQuorR5JNGE92HqNtgucUd3D%2Bv3mDy7U40J2ZdBrN%2BLq6nH307FheLCJO36zxqCyKJgMFqbUMNH1vub4XWsRWdLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
893afd0f0e27925c-FRA
access-control-allow-headers
Content-Type, Cache-Control , x-requested-with
RajaCasablanca2018_7_24_12_33.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/7/24/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gemini.media/img/yallakora/IOSTeams//80//2018/7/24/RajaCasablanca2018_7_24_12_33.jpg
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c28d2045095db15d878611a6a2842bddc1b9334d8147ad7a9b7c9050e913150d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62356
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
8686
cf-bgj
h2pri
last-modified
Tue, 24 Jul 2018 10:35:28 GMT
server
cloudflare
etag
"ac32e693a23d41:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://www.yallakora.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SRmAmCPA99uTGJZ4j4oWCSLkAKb3Mkh3s2apTzDXDDJy3ZFUOFXI1kF6CgG%2B26hZ%2F9QCx1sA8mUt2bd73drLj9%2F82oa1QTNQJRl%2FTdorSK%2FHZBfeQ3sPInetKu9KGStf6uHGXg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
893afd0f0e2c925c-FRA
access-control-allow-headers
Content-Type, Cache-Control , x-requested-with
bff424f9-c4d2-4111-8f5d-cc480bcc528a2024_6_14_15_9.jpg
media.gemini.media/img/yallakora/Vertical//2024/6/14/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gemini.media/img/yallakora/Vertical//2024/6/14/bff424f9-c4d2-4111-8f5d-cc480bcc528a2024_6_14_15_9.jpg
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2fe4b6c4f584c422ea93f8b1bc62cc49c57bec5654a89e22997972f50d14fb33

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7251
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
34825
cf-bgj
h2pri
last-modified
Fri, 14 Jun 2024 12:09:16 GMT
server
cloudflare
etag
"aada8bad53beda1:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://www.yallakora.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZM90Hdzq3vXtbGwzpMQhIHAx1G1wUdX%2BWK293RjFB5xGdZf1arxFhPFvcHwt77ejLxKYplvWA8e09hPqRODNj2J7VvXo2tmN8YBGbLM9RsFIay3SI1m3eJCiI6jNg0Nxj0GQEw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
893afd0f0e2f925c-FRA
access-control-allow-headers
Content-Type, Cache-Control , x-requested-with
60d80943-912a-406a-81a7-a8563457075d2024_6_14_15_6.jpg
media.gemini.media/img/yallakora/Vertical//2024/6/14/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gemini.media/img/yallakora/Vertical//2024/6/14/60d80943-912a-406a-81a7-a8563457075d2024_6_14_15_6.jpg
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c4109a5f2ad3d6f7f72b3374ea8da30696da26a9200f81a71cb2ecd3624e0e90

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7251
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
33126
cf-bgj
h2pri
last-modified
Fri, 14 Jun 2024 12:06:34 GMT
server
cloudflare
etag
"40a544d53beda1:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://www.yallakora.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=by%2Fy9DV7Lqq%2F3eLMOzj0b1KEQKYrWYhw1KFw9MHvxXrwZNCeuEtpNDZX%2BmniW0ZhyOy5YjdmP%2BDXGGbk5E%2FKlkqDsPdpHXQBqyf54DNj%2BRg9bkQ%2BuiQTcIGUQPZPpIOCNh0k6g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
893afd0f0e32925c-FRA
access-control-allow-headers
Content-Type, Cache-Control , x-requested-with
12024_6_14_15_1.jpg
media.gemini.media/img/yallakora/Vertical//2024/6/14/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gemini.media/img/yallakora/Vertical//2024/6/14/12024_6_14_15_1.jpg
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
90aa6365d547e1e864af5ed5d583d2e50bb8c8f1136d69e8809f1b7b785a0567

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7251
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
20275
cf-bgj
h2pri
last-modified
Fri, 14 Jun 2024 12:01:31 GMT
server
cloudflare
etag
"17582b9852beda1:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://www.yallakora.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mYQ5fQryw8IDjOmLPWbPn6VWWaFZBxd32rCV43QgHcrBuwri%2BmpGp1DBGjHew8eEnNXJChbNJSX9SDoxRLfhfG5DmTpXsMmtPp4NZqCPJ2fN%2FHI0qktAOrmzZnJp50ftE7Dg6A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
893afd0f0e35925c-FRA
access-control-allow-headers
Content-Type, Cache-Control , x-requested-with
22024_6_14_14_55.jpg
media.gemini.media/img/yallakora/Vertical//2024/6/14/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gemini.media/img/yallakora/Vertical//2024/6/14/22024_6_14_14_55.jpg
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9374b026eb7a778c198086b37151a8f1e414c65f10e06556c8e16eb3a12b9f97

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8645
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
22900
cf-bgj
h2pri
last-modified
Fri, 14 Jun 2024 11:55:12 GMT
server
cloudflare
etag
"9e9497b651beda1:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://www.yallakora.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ih%2FZ4Xf45oYxI1iSloGnTKjuZm5b5ok0iNTfMBFhMeiZDD4m71po%2BGZ6S4dTSeGBbUNgyyOp0yS6cUvn53AY7zaoH0Ycin9umfg5WOHpN0cQ%2F0QXusbz%2BkuuPyEnnNFMFzsHLw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
893afd0f0e37925c-FRA
access-control-allow-headers
Content-Type, Cache-Control , x-requested-with
AppSection2.jpg
www.yallakora.com/Images/ 		120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yallakora.com/Images/AppSection2.jpg
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.min.css?ver=65.16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
de4090a2f1d550af64e1a4d5590255c29573f17ac8d78fb8c9aaeeee9743a35d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/Content/Style.min.css?ver=65.16
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
age
180521
cf-polished
degrade=85, origSize=933541
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
122445
cf-bgj
imgq:85,h2pri
last-modified
Tue, 13 Feb 2024 12:53:20 GMT
server
cloudflare
etag
"788a4a9f7b5eda1:0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd0f4af75d45-FRA
Frame.png
www.yallakora.com/Images/ 		544 B
808 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yallakora.com/Images/Frame.png
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.min.css?ver=65.16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
496e8a524c13189f9438758bed1a7107de9a16a8d0067e1bf8e62bf6d7ef5401

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/Content/Style.min.css?ver=65.16
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
age
180514
cf-polished
origSize=840
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
544
cf-bgj
imgq:85,h2pri
last-modified
Tue, 13 Feb 2024 12:53:20 GMT
server
cloudflare
etag
"b210739f7b5eda1:0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd0f4afd5d45-FRA
Ellipse.png
www.yallakora.com/Images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yallakora.com/Images/Ellipse.png
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.min.css?ver=65.16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4cc8676ab923198535d2d2169e8a3bc2b284128e044e61d06959cb5191110a1c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/Content/Style.min.css?ver=65.16
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
age
180514
cf-polished
origSize=3884
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
1462
cf-bgj
imgq:85,h2pri
last-modified
Tue, 13 Feb 2024 12:53:20 GMT
server
cloudflare
etag
"1b1519f7b5eda1:0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd0f4b045d45-FRA
geminiLogo.png
media.gemini.media/img/yallakora/staticimages/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gemini.media/img/yallakora/staticimages/geminiLogo.png
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.min.css?ver=65.16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
20968a95e5a911a40d373861cd5ec8215c6c9148a45e4ce53f7bca46033e2e4c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
297933
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
5572
last-modified
Mon, 28 Feb 2022 13:31:15 GMT
server
cloudflare
etag
"838e8c75a72cd81:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
https://www.yallakora.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iq3mQq1NO5HerrYAeR3cS%2B0DkwzsY7GOcbwSXdaxlZZ4Dizpuc1%2Bmv5le7el3%2BJqXgSfgMJNrgyyk7748KtQV1bAK0yGYmagFbEQw8DrArmwwZPo8lLMgLEksuANQcnMsSZyVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
893afd0f4e99925c-FRA
access-control-allow-headers
Content-Type, Cache-Control , x-requested-with
a0e1f72be7d69fe7b47acade32a261ad5c080d74.js
cdn.izooto.com/scripts/ 		1 KB
810 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/a0e1f72be7d69fe7b47acade32a261ad5c080d74.js
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ff40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6c7dfff51a94e515b3730b4e7c9e3f533a1b6bef86a98b3dd73ba26f135cfa8
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 14 May 2024 14:01:22 GMT
server
cloudflare
age
773460
etag
W/"66436eb2-46b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
893afd102eb69f2f-FRA
x-xss-protection
1; mode=block
expires
Sat, 15 Jun 2024 14:25:14 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/15758/ 		0
0
lazyload.min.js
www.yallakora.com//Scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yallakora.com//Scripts/lazyload.min.js
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6768464f893a4354a0eb3a6e86543ec23d2f9ed1b97e7bef0ca7f7ae2c32f978

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
content-encoding
gzip
cf-cache-status
HIT
age
180524
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
963
last-modified
Tue, 30 Jan 2024 16:28:38 GMT
server
cloudflare
etag
"674ae4609953da1:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd101bfe5d45-FRA
MenuScripts.js
www.yallakora.com//Scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yallakora.com//Scripts/MenuScripts.js?ver=1.0
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2a5806c3176b14faad2ad4d811ab74facb8aa5b0c2de1bfcaa279a1666f1cc3e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
content-encoding
gzip
cf-cache-status
HIT
age
180518
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
941
last-modified
Tue, 30 Jan 2024 16:28:38 GMT
server
cloudflare
etag
"32f632619953da1:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd101c025d45-FRA
flickity.min.js
www.yallakora.com//Scripts/ 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yallakora.com//Scripts/flickity.min.js?ver=0.03
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
70a71cb1534b0211a6a546deb79673ea255baf9e85746b034b93bab84e409d0a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
content-encoding
gzip
cf-cache-status
HIT
age
180524
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
20395
last-modified
Mon, 31 Jul 2023 13:32:00 GMT
server
cloudflare
etag
"83abe062b3c3d91:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd101c035d45-FRA
flickity.js
www.yallakora.com//Scripts/ 		88 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yallakora.com//Scripts/flickity.js?ver=0.03
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
05448ff0b902db11ea26f14168a4676a51c79f6095b2747fe2f191191e27b742

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
content-encoding
gzip
cf-cache-status
HIT
age
180524
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
24219
last-modified
Mon, 31 Jul 2023 13:32:03 GMT
server
cloudflare
etag
"5ec5764b3c3d91:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd101c055d45-FRA
AdSense.min.js
www.yallakora.com//Scripts/ 		2 KB
956 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yallakora.com//Scripts/AdSense.min.js?ver=1.14
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f46b9c352093577bb2c39fc21f91c796c98c527e84033ed4a72358599b77824b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
content-encoding
gzip
cf-cache-status
HIT
age
180524
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
728
last-modified
Wed, 09 Nov 2022 10:40:22 GMT
server
cloudflare
etag
"4adea6ab27f4d81:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd101c065d45-FRA
Layout
www.yallakora.com/bundles/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yallakora.com/bundles/Layout?v=pzpzCggWPh2a_58nMyja6xvLvAzuy4XYrqeomK0C83A1
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1ec423d358d2b39c3d11516cbfb538f1f6f2ef2b31769afae3545f248d54793b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 14 Jun 2024 14:25:14 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
public
cf-ray
893afd101c085d45-FRA
alt-svc
h3=":443"; ma=86400
content-length
2081
expires
Sat, 14 Jun 2025 14:25:14 GMT
jquery-3.5.0.min.js
www.yallakora.com//Scripts/ 		105 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yallakora.com//Scripts/jquery-3.5.0.min.js?ver=0.1
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4f01a4a673ec7010f3fa188cba985302f9909324e298bb0d81830cdfa7d9cd44

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
content-encoding
gzip
cf-cache-status
HIT
age
180524
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
33058
last-modified
Sun, 22 Oct 2023 12:01:17 GMT
server
cloudflare
etag
"80a44f76df4da1:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd101c0b5d45-FRA
AGSKWxVcIf_JSNFfexm5Q2J5pS75mmLMe81r04j8rVANbZqgGW1et2U4gwCL3W8HmLjzSE4QNK50pDj0DLNgDQEvIvu3RrFiGo_B9bEzSyd7KW2uBT-XwWgWgp7u_tnBN2qPyjX0VwZQ_Q==
fundingchoicesmessages.google.com/f/ 		372 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVcIf_JSNFfexm5Q2J5pS75mmLMe81r04j8rVANbZqgGW1et2U4gwCL3W8HmLjzSE4QNK50pDj0DLNgDQEvIvu3RrFiGo_B9bEzSyd7KW2uBT-XwWgWgp7u_tnBN2qPyjX0VwZQ_Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE4Mzc1MTE0LDM1NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cueWFsbGFrb3JhLmNvbS8iLG51bGwsW1s4LCJrYnZLZUljcUx5VSJdLFs5LCJubCJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.kbvKeIcqLyU.es5.O/am=AAM/d=1/rs=AJlcJMyD8g9LPHWfwwMuW-PLfJWwiA4Cvw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
94c53095b7d6a53f868c3d6ae4e9b3ab6805cbb9c3c58d3700d3c0cddee1782e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-FFKmUcLEJQ3TXzSe0AOgkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-FFKmUcLEJQ3TXzSe0AOgkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj8tDikmJw0ZBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViJP-nWctAuL2zxdYpwPxkoiLrIcSL7IK8XCcWrpxM5vAjZszLzEqaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRiYGRrqGZjHFxgAAI9-NGw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		109 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.kbvKeIcqLyU.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzrmIuVOkJGyASvb0uYNLvy7TBgNQ/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 14 Jun 2024 14:25:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 14 Jun 2024 14:25:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Jun 2024 14:25:14 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Origin
https://www.yallakora.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 03:20:55 GMT
x-content-type-options
nosniff
age
126259
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 03:20:55 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Origin
https://www.yallakora.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 04:49:38 GMT
x-content-type-options
nosniff
age
120936
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 04:49:38 GMT
AGSKWxXnKJcXao4JLUWACvg4q2sy0rEX18H8RQ1Z3fM-PQHOr13L3p4AgBeDMgvlY35TxegpN2Y1SG5vbTF8OfN4Z9PqBrIUYVwMuRtd6AMVbzalNg2k3_1CDvFlQCu4g-RbMIot36wpLw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXnKJcXao4JLUWACvg4q2sy0rEX18H8RQ1Z3fM-PQHOr13L3p4AgBeDMgvlY35TxegpN2Y1SG5vbTF8OfN4Z9PqBrIUYVwMuRtd6AMVbzalNg2k3_1CDvFlQCu4g-RbMIot36wpLw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.kbvKeIcqLyU.es5.O/am=AAM/d=1/rs=AJlcJMyD8g9LPHWfwwMuW-PLfJWwiA4Cvw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-EIblyWbpBVqgFUwNcTM0fQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-EIblyWbpBVqgFUwNcTM0fQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1pBicEqfwRoCxEsiLrIeSbzIKsTDcWrpxs1sAjsWPj7OpOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDMwMDfUMzOMLDAA6ECaa"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.yallakora.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXnKJcXao4JLUWACvg4q2sy0rEX18H8RQ1Z3fM-PQHOr13L3p4AgBeDMgvlY35TxegpN2Y1SG5vbTF8OfN4Z9PqBrIUYVwMuRtd6AMVbzalNg2k3_1CDvFlQCu4g-RbMIot36wpLw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXnKJcXao4JLUWACvg4q2sy0rEX18H8RQ1Z3fM-PQHOr13L3p4AgBeDMgvlY35TxegpN2Y1SG5vbTF8OfN4Z9PqBrIUYVwMuRtd6AMVbzalNg2k3_1CDvFlQCu4g-RbMIot36wpLw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.kbvKeIcqLyU.es5.O/am=AAM/d=1/rs=AJlcJMyD8g9LPHWfwwMuW-PLfJWwiA4Cvw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-QXTx1Uf0LoCx0-4bjpc-iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-QXTx1Uf0LoCx0-4bjpc-iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1JBicEqfwRoCxEsiLrIeSbzIKsTDcWrpxs1sAi96-04wKbkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTAzNDQz0D8_gCAwApkyZg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.yallakora.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
GetLocation
www.yallakora.com//General/ 		161 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.yallakora.com//General/GetLocation
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com//Scripts/jquery-3.5.0.min.js?ver=0.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
25cdcff33d9fd24ac8d1b5b87fa65173bea33765e60fa5a2abcaeb3541e4dfd8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json; charset=utf-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.yallakora.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
content-encoding
br
x-aspnetmvc-version
5.2
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
private
cf-ray
893afd1398725d45-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
www.yallakora.com//Images/Logo/ 		22 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.yallakora.com//Images/Logo/favicon.ico?ver=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5a6b9be7170ad1ab7fdf2fa3d14d448be9cdbf13ec9832843af2b3f653ba240f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Jan 2024 19:54:18 GMT
server
cloudflare
age
180511
etag
W/"fcd666f6c744da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/x-icon
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
cf-ray
893afd1398755d45-FRA
alt-svc
h3=":443"; ma=86400
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-SS8RTJKBPS&gtm=45je46c0v9118065173za200&_p=1718375113914&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=630542056.1718375114&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1718375113&sct=1&seg=0&dl=https%3A%2F%2Fwww.yallakora.com%2F&dr=https%3A%2F%2Fsteth-claims.org%2F&dt=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%89%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%20%D9%81%D9%89%20%D8%A7%D9%84%D8%B4%D8%B1%D9%82%20%D8%A7%D9%84%D8%A3%D9%88%D8%B3%D8%B7&en=Gutters&_ee=1&ep.event_category=YK%20Desktop-Homepage%20KFC%20%20Deal%20meals%20AW%201937%20%20%20&ep.event_label=View&ep.non_interaction=true&_et=14&tfd=2229
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SS8RTJKBPS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 14:25:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.yallakora.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
stripPattern.png
www.yallakora.com/Images/Euro2024/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yallakora.com/Images/Euro2024/stripPattern.png?ver=0.1
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.min.css?ver=65.16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
392554a6c9183a93eb97457f566ad70e694b07c056300773961f0dae132aec68

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/Content/Style.min.css?ver=65.16
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
age
180521
cf-polished
origSize=76121
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
45074
cf-bgj
imgq:85,h2pri
last-modified
Mon, 10 Jun 2024 15:39:28 GMT
server
cloudflare
etag
"251185614cbbda1:0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd13b89b5d45-FRA
striptitle.png
www.yallakora.com/Images/Euro2024/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yallakora.com/Images/Euro2024/striptitle.png
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.min.css?ver=65.16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cbef1a1cb40d4801e4b23cae00fbe3e4d9d33487852aaa1041ba2b4f4f7d2fe1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/Content/Style.min.css?ver=65.16
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
age
180523
cf-polished
origSize=2887
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
1294
cf-bgj
imgq:85,h2pri
last-modified
Tue, 11 Jun 2024 14:01:18 GMT
server
cloudflare
etag
"41d7efd47bcda1:0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd13b8a55d45-FRA
12024_6_14_14_52.jpg
media.gemini.media/img/yallakora/Vertical//2024/6/14/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gemini.media/img/yallakora/Vertical//2024/6/14/12024_6_14_14_52.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cee2af3d18df1705aeb69ca0a5050076aecdd4b4ab528b795280c17f7a0d8795

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8645
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
21043
cf-bgj
h2pri
last-modified
Fri, 14 Jun 2024 11:52:01 GMT
server
cloudflare
etag
"b817b4451beda1:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://www.yallakora.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B04GcBm%2BWOj%2Blu37LiGcqOjWXBXqhhC2%2Fb51w%2FRUllx2eIiYjYGph2aCl7Xnea7YZSxkPR8%2FHwcxK%2BTQV%2FFX0yymrwpbzZ%2BS5fUbEOnT%2FY5PqnikSbrQUwjTi3oiIRvckCyi%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
893afd140c5e925c-FRA
access-control-allow-headers
Content-Type, Cache-Control , x-requested-with
site%20cover2024_6_12_10_51.jpg
media.gemini.media/img/yallakora/Vertical//2024/6/12/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gemini.media/img/yallakora/Vertical//2024/6/12/site%20cover2024_6_12_10_51.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3c29cdfefa2b12ec0c7e2603bbb587635c655589f3e6138e1212b7067dcdbb94

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
195366
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
24758
cf-bgj
h2pri
last-modified
Wed, 12 Jun 2024 07:51:54 GMT
server
cloudflare
etag
"1edbc649dbcda1:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://www.yallakora.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oHansIZsA85Erh2XZfpxQn1kZykYQFZXX6Z7jKv6%2FWa3hJ%2F27PYqM6lHw1n9IiG45aRMJMkiK90X6NBD0h35AwM77M5J617KqACAQiovmVqHJbFMCroaCWgbBc1Sj%2FiFCotWPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
893afd140c62925c-FRA
access-control-allow-headers
Content-Type, Cache-Control , x-requested-with
site%20cover%20(27)2024_6_11_21_57.jpg
media.gemini.media/img/yallakora/Vertical//2024/6/11/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gemini.media/img/yallakora/Vertical//2024/6/11/site%20cover%20(27)2024_6_11_21_57.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
77aeaea79ee66bcc865bf9ff20b63a1c2d224535bb371dfb4c8019704e2928fa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
242614
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
22898
cf-bgj
h2pri
last-modified
Tue, 11 Jun 2024 18:57:25 GMT
server
cloudflare
etag
"4ea93231bcda1:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://www.yallakora.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AsnSH7yO%2FkFBKdJ26r%2FTlcMbLob3ygavhqvG4ZRP4L15nknltjf4nbNnGRpXPi4ZUSfn6BOYauuwwcysmG%2Fq9twwBpc0UBjj8t9lz7dXiDEoQeVY5Kv90OAKQYD575xHZ9y1tw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
893afd140c64925c-FRA
access-control-allow-headers
Content-Type, Cache-Control , x-requested-with
62024_6_11_20_35.jpg
media.gemini.media/img/yallakora/Vertical//2024/6/11/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gemini.media/img/yallakora/Vertical//2024/6/11/62024_6_11_20_35.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f0f97319e303c3092672435d4d0cda351ce46a61769cfd6df9d0a898d3d41b8a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
247611
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
26829
cf-bgj
h2pri
last-modified
Tue, 11 Jun 2024 17:35:16 GMT
server
cloudflare
etag
"b7815b925bcda1:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://www.yallakora.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IpdCRTDaNpPOpJohooYlfUszmqeLzUJU4UIg0VJSrZthKqb8eslRiqWSUQGAuVInVPo4iHWy9mNTBa%2FDwSkxYDmuLZzyuQGgh9HvKEMa2lc4sBlc7bGaJH4o6sWBm3iJztv71A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
893afd140c66925c-FRA
access-control-allow-headers
Content-Type, Cache-Control , x-requested-with
izooto.js
cdn.izooto.com/scripts/sdk/ 		354 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sdk/izooto.js
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/a0e1f72be7d69fe7b47acade32a261ad5c080d74.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ff40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d118e8db1b34fc46ec78500be6b4f6ddd1550be572fbb8943a27127fb852616
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 13 Jun 2024 07:19:23 GMT
server
cloudflare
age
111913
etag
W/"666a9d7b-587d8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1382400
cf-ray
893afd142dd19f2f-FRA
x-xss-protection
1; mode=block
expires
Sun, 30 Jun 2024 14:25:14 GMT
main.js
www.yallakora.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/ Frame 23A3
Redirect Chain
  • https://www.yallakora.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.yallakora.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yallakora.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Protocol
H3
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b86447ba911b9a5dbd464290955f36e5a02ff330bbf86f82558ad6a591209d40
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
893afd1469955d45-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 14 Jun 2024 14:25:14 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
cache-control
max-age=300, public
cf-ray
893afd1439465d45-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
%D8%B3%D8%AA%D8%A7%D8%AF2023_8_9_21_3.jpg
media.gemini.media/img/yallakora/Wide//2023/8/9/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gemini.media/img/yallakora/Wide//2023/8/9/%D8%B3%D8%AA%D8%A7%D8%AF2023_8_9_21_3.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
76eea5a3bc646292e49ef7301887a1bc2306a11cad483203c39319d662b30b4b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17782
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
15503
cf-bgj
h2pri
last-modified
Wed, 09 Aug 2023 18:03:43 GMT
server
cloudflare
etag
"e72676d5ebcad91:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://www.yallakora.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CDth1iMtu0ITGeVwvxDHDaDDDCR6XWmZPcLOTXQ%2Beez%2BQK45OF%2BASx3sU9bsr5wxPgycZJjuM4BZYxzIDvQsLHehRFvDq2StEiPRdtyxgc3YeKf9vTtgfMQY9Wx60tykADutzA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
893afd143ca1925c-FRA
access-control-allow-headers
Content-Type, Cache-Control , x-requested-with
122-221738-panenka-penalty-40-years-700x400-easy-resize-com2024_6_12_12_4.jpg
media.gemini.media/img/yallakora/Wide//2024/6/12/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gemini.media/img/yallakora/Wide//2024/6/12/122-221738-panenka-penalty-40-years-700x400-easy-resize-com2024_6_12_12_4.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
793faf5e6444c03f51ddc310206da45198093ee9dc3a3951f617371b3b399b87

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
190373
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
20861
cf-bgj
h2pri
last-modified
Wed, 12 Jun 2024 09:04:35 GMT
server
cloudflare
etag
"f83e128ca7bcda1:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://www.yallakora.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sWS%2FZk6k9UqIMF7dVUbYyoeSXXgiqYG26x54RUXdt2tg58JdATnkfBnGlj%2B4wat8jF7NrsHnW8BQG0mZVSQnImAGEouteGOnVJEqhgdgAcDoIQd4Vu%2BeSyt6Upgd%2BPNBlo96jg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
893afd143ca5925c-FRA
access-control-allow-headers
Content-Type, Cache-Control , x-requested-with
%D8%A7%D9%84%D9%8A%D9%88%D9%86%D8%A7%D9%862021_6_6_9_32.jpg
media.gemini.media/img/yallakora/Wide//2021/6/6/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gemini.media/img/yallakora/Wide//2021/6/6/%D8%A7%D9%84%D9%8A%D9%88%D9%86%D8%A7%D9%862021_6_6_9_32.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
227b2cf0048671acb1b5d32ddb780b9a2befa1a8fd00d97e7ab42f2315fe81c6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7837
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
31970
cf-bgj
h2pri
last-modified
Sun, 06 Jun 2021 07:32:02 GMT
server
cloudflare
etag
"9e7abbaa65ad71:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://www.yallakora.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LDOAKFGlU5UrYk%2BqcNT5MbVLISdqUAwLQYF5i%2BwHPDlcnWzG5yXtnkuDw9tafLj80kbHAo3c5%2BhMZopY%2FsHTmcII1FBPAuWa4HqBERJXK%2FG0bdV%2FQ6f6C6Qbui0gJtAQi7Lyhg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
893afd143ca6925c-FRA
access-control-allow-headers
Content-Type, Cache-Control , x-requested-with
capture2024_6_11_21_1.jpg
media.gemini.media/img/yallakora/Wide//2024/6/11/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gemini.media/img/yallakora/Wide//2024/6/11/capture2024_6_11_21_1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
653788610db2a7fa9d33577a8977c919859574b13a2968b66638fd52467a47ad

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21474
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
32117
cf-bgj
h2pri
last-modified
Tue, 11 Jun 2024 18:01:07 GMT
server
cloudflare
etag
"7ee37f5529bcda1:0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://www.yallakora.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g909jAyE7WC0Sx%2FQ58HvtCa5SEvDnkKawSuJnKb1SmQtM54l8hUyTNYMFKgTnn4Rr6nJQVfM1j2O1KZgyH5h0yb6LcQsjryx9QHOApACTrUfFRMFT5o8WlVv38znOC16T%2Bxd6A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
893afd143ca9925c-FRA
access-control-allow-headers
Content-Type, Cache-Control , x-requested-with
gtm.js
www.googletagmanager.com/ 		273 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NBQG46X
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/bundles/Layout?v=pzpzCggWPh2a_58nMyja6xvLvAzuy4XYrqeomK0C83A1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0bc88a252f8ccb932998fa4ba5ecfadec56d6917d762318f68949786ad48f2f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97886
x-xss-protection
0
last-modified
Fri, 14 Jun 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 14 Jun 2024 14:25:14 GMT
iz_setcid.html
cdn.izooto.com/scripts/sak/ Frame 68FF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ff40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://www.yallakora.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
age
320689
cache-control
public, max-age=2678400
cf-cache-status
HIT
cf-ray
893afd153dd1373f-FRA
content-encoding
br
content-type
text/html
date
Fri, 14 Jun 2024 14:25:15 GMT
expires
Mon, 15 Jul 2024 14:25:15 GMT
last-modified
Tue, 14 May 2024 14:09:56 GMT
server
cloudflare
vary
Accept-Encoding
x-xss-protection
1; mode=block
893afd0798165d45
www.yallakora.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 23A3 		0
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.yallakora.com/cdn-cgi/challenge-platform/h/g/jsd/r/893afd0798165d45
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 14 Jun 2024 14:25:15 GMT
server
cloudflare
cf-ray
893afd15eb875d45-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain; charset=UTF-8
img.fetch
udmserve.net/udm/ 		35 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=19740;tid=1;dt=6;
Requested by
Host: steth-claims.org
URL: https://steth-claims.org/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 Scarborough, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
401c56d379ef01a8811595d7c8ccd84db551e2afc12f11e4570a226ea5f00016

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Fri, 14 Jun 2024 14:25:15 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Type
application/x-javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Expires
0
udm-r3_v3.1.3.js
bid.underdog.media/ 		522 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/udm-r3_v3.1.3.js
Requested by
Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=19740;tid=1;dt=6;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:2e00:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3106c855736d9bed38684f5f61209b5b4b5b6b4ccf33f6691fd04747b5934bb1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 16:16:49 GMT
content-encoding
gzip
via
1.1 b61ff825a3ca0ff851caf7741034ca52.cloudfront.net (CloudFront)
last-modified
Tue, 04 Jun 2024 16:15:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P10
age
857309
etag
"611838b9cf4b3f1f5c8deb22bd5c72a9"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
173298
x-amz-cf-id
VmDm4ACw9iUO7D6Vh-9IYdVbOPOTP-GAeokjcbuDv6Y1jBlqEqxPfg==
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=19740;tid=1;dt=6;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:17 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 21 Jun 2024 14:25:17 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.9359965
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.9359965
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=7849394919632836198;cb=0.9359965
43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;apnid=7849394919632836198;cb=0.9359965
Protocol
HTTP/1.1
Server
68.71.249.118 Scarborough, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://www.yallakora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 14 Jun 2024 14:25:17 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 14 Jun 2024 14:25:17 GMT
an-x-request-uuid
2df371e4-f479-40c7-b9e3-2e355749fdb2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://udmserve.net/udm/fetch.pix?dt=1;apnid=7849394919632836198;cb=0.9359965
x-proxy-origin
95.211.199.157; 95.211.199.157; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.9359965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.214 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:15 GMT
content-length
0
usermatchredir
ssum-sec.casalemedia.com/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.9359965%3Bindx%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.9359965%3Bindx%3D&s=199174&C=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.9359965%3Bindx%3D&s=199174&C=1
Protocol
H3
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://www.yallakora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 14:25:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=paFn7aiPE32nqwgCt5W1V6cHnDxIiR6JEVm3LaCeTEKhEiKd0OHHc2Ap3M1F1Lg%2Fba72eulKHQzQuLU1PlVUX0yUnbh3ps5IH3AG%2BQ39T8ZFXAifYK6lS%2BC48gRO0NOkW8xni2S4M4u81A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
893afd21e92b3679-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 14 Jun 2024 14:25:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t7lKF1mkjNr5xNFGjaHZrk5ocpSYzmhFigQbGPyiaBj%2BGz7hqdeBjKIRNS1AHlG%2BVYvb5nNIqDNNrMrr%2BcxfjWKjrlOjx0XJHdbkPx6v%2BgD0p4ZGOlYv%2B7PHOF6ErfodyjXhAKrHvtZmEw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.9359965%3Bindx%3D&s=199174&C=1
cache-control
no-cache
cf-ray
893afd2188a53679-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
us
sync.go.sonobi.com/ 		0
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.9359965%3Bsonobi%3D%5BUID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 14:25:17 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-11
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync.php
pixel-us-west.rubiconproject.com/exchange/ 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=24042&cb=0.9359965
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
948563be522c07ceb297f9b507489bca
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rules-p-effSsmMYCbAck.js
rules.quantcount.com/ 		160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-effSsmMYCbAck.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:7c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4110d145ad25681a3ef677782ec9a807407fe09b028c2ea15648833ed9cac60

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 13:40:22 GMT
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2695
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 22:21:01 GMT
server
AmazonS3
etag
"435cbd9bc4b3440e866ad1f4f7d1ef02"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
O_T2UCqz0-C9WXEZgx9sHsNvEkLQWtfTAkNFHVA5UD9tTI8JPlw-Aw==
rules-p-Pz67dCqdsHfxh.js
rules.quantcount.com/ 		160 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:7c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
11b2088deff6ac044087d2ef9e23453bc600e5e505f5cca9bd62a4cfe6d11a74

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:05:05 GMT
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1213
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 23:00:33 GMT
server
AmazonS3
etag
"eee1bd1fc55b604b66cd9e63c4f811b8"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
O5k7nowd5gsrHkmxcybUsPpEaMzR6gCKfegq4-PQEVoTtSkEl28f6g==
bc_UZYxC75kqDLRiEd9GoEYOmovVVM.js
bid.underdog.media/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/bc_UZYxC75kqDLRiEd9GoEYOmovVVM.js
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v3.1.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:2e00:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
626dc19571b3505bedcf5576536a5e70209e9d9dd6bf5e8a0f0a792a8f8fa004

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:23:21 GMT
content-encoding
gzip
via
1.1 b61ff825a3ca0ff851caf7741034ca52.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jun 2024 14:00:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P10
age
117
etag
"6d5037a66f9e786b3c9d06f9663afe3a"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=1800
accept-ranges
bytes
content-length
1408
x-amz-cf-id
Lt7hpjJA05J1NEp06ZgVVTnTPpoMaz5JUi_iwLv0WZGD1dsFSmF13A==
rrv7.js
bid.underdog.media/ 		1 KB
912 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/rrv7.js
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v3.1.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:2e00:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
547f74bbb948978ad401eef5a8dc2a8b39cf4edfec49d72a7926eda31aaec8ab

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 13:13:35 GMT
content-encoding
gzip
via
1.1 b61ff825a3ca0ff851caf7741034ca52.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jun 2024 13:00:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P10
age
4303
etag
"e77703fd9e1e6dd75b6ff610e8b47f49"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
accept-ranges
bytes
content-length
521
x-amz-cf-id
uB2a0iGESmKhi7SMYq3uReK7r-i_rMBUhJoMpAXbbjSJl8-Bdy3iGg==
c
prebid.a-mo.net/a/ 		0
184 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v3.1.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

x-nbr
1
date
Fri, 14 Jun 2024 14:25:18 GMT
server
envoy
vary
origin, accept-encoding, Accept-Encoding
access-control-allow-origin
https://www.yallakora.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
translator
hbopenbid.pubmatic.com/ 		0
115 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v3.1.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.yallakora.com
date
Fri, 14 Jun 2024 14:25:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v3.1.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
7b389bec01167a9eb00c6766c3dd9c35c66f4428a64b5bdac69acf934db66774
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 14:25:19 GMT
content-encoding
gzip
an-x-request-uuid
4e24034d-e3c2-470d-b131-a53bce786f65
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.yallakora.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
95.211.199.157; 95.211.199.157; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
509 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1078428
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v3.1.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83d08e075c9885fe2743199a7ebf0078005c1e7838589676ec8f2ca4d4718dcd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 14 Jun 2024 14:25:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
observe-browsing-topics
?1
alt-svc
h3=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BfNTV6QKNL0uzHCWj7pvPXgIsrQSTJLw%2BMIK26PrgYgwAj26YCd46S%2BYVsZ9lCi9Nde4En7G9aD9xy8A0sE674ClLomJN5jM4YHlEpO8A8m0%2BAMCUiV%2Fjrovz3YtScCIgtxeQxqP"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.yallakora.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
893afd2ce9213679-FRA
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		73 KB
27 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24042&site_id=533724&zone_id=3270106%3B3270106%3B3270106%3B3270106%3B3270112&size_id=2%3B2%3B2%3B2%3B9&p_pos=atf&gdpr=0&rp_schain=1.0,1!udmserve.net,4244,1,,,&eid_pubcid.org=89b41f27-5ca7-49e9-aea0-157767ff0f25%5E1&rf=https%3A%2F%2Fwww.yallakora.com%2F&tg_i.domain=yallakora.com&tg_i.page=https%3A%2F%2Fwww.yallakora.com%2F&tg_i.ref=https%3A%2F%2Fsteth-claims.org%2F&tg_i.pbadslot=slider-middle-728x90%3Bslider-middle-728x90%3Bslider-middle-728x90%3Bslider-middle-728x90%3Bslider-160x600&tk_flint=pbjs_lite_v8.49.0&l_pb_bid_id=29185da72721cf4%3B30101aaec05d9fd%3B313d84c06b879b5%3B324c9478c214015%3B333bed4e95fb9d4&p_screen_res=1600x1200&rp_floor=0.05%3B0.05%3B0.05%3B0.05%3B0.1&rp_secure=1&rp_hard_floor=0.04%3B0.04%3B0.04%3B0.04%3B0.1&rp_maxbids=1&p_gpid=slider-middle-728x90%3Bslider-middle-728x90%3Bslider-middle-728x90%3Bslider-middle-728x90%3Bslider-160x600&m_ch_ua=%22Google%20Chrome%22%7Cv%3D%22126%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22126%22&m_ch_full_ver=%22Google%20Chrome%22%7Cv%3D%22126%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22126%22&m_ch_mobile=%3F0&m_ch_platform=Win32&slots=5&rand=0.6107939369914557
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v3.1.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 -, , ASN (),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
755790092d17e751c6c8977b0cacf7cf65ba730480b56b6c70c3dd67e6f7c98b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 14:25:19 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.yallakora.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
underdogmedia-d.openx.net/w/1.0/ 		173 B
592 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://underdogmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.yallakora.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=%2C%2C%2C&nocache=1718375118860&sua=%7B%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22Win32%22%7D%2C%22browsers%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%5B%22126%22%5D%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%5B%228%22%5D%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%5B%22126%22%5D%7D%5D%2C%22mobile%22%3A0%7D&gdpr=0&pubcid=89b41f27-5ca7-49e9-aea0-157767ff0f25&schain=1.0%2C1!udmserve.net%2C4244%2C1%2C%2C%2C&aus=728x90%7C728x90%7C728x90%7C160x600&divids=slider-middle-728x90%2Cslider-middle-728x90%2Cslider-middle-728x90%2Cslider-160x600&aucs=slider-middle-728x90%2Cslider-middle-728x90%2Cslider-middle-728x90%2Cslider-160x600&auid=558951699%2C558951699%2C558951699%2C558951701&aumfs=40%2C40%2C40%2C100
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v3.1.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
4d9fec3a828219e8265a5b7117fa8df31cfcda5e02cffd72ffe71caaa904c138

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 14:25:18 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.yallakora.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		0
224 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.49.0&cb=54101047319&lsavail=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v3.1.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 14 Jun 2024 14:25:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
observe-browsing-topics
?1
vary
Origin
access-control-allow-origin
https://www.yallakora.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
check-radio-img.png
www.yallakora.com/Images/ 		763 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yallakora.com/Images/check-radio-img.png
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.min.css?ver=65.16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.1.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7bf752f12b03048b622e2fd3f97fe2e1d79d7dd7747f5fa06681cdd72a7af521

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/Content/Style.min.css?ver=65.16
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:19 GMT
cf-cache-status
HIT
age
180394
cf-polished
origSize=1385
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
763
cf-bgj
imgq:85,h2pri
last-modified
Thu, 11 Jan 2024 19:56:33 GMT
server
cloudflare
etag
"777ec47c844da1:0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
https://ads.geminimedia-eg.com
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
893afd2e7c3a5d45-FRA
img.fetch
udmserve.net/udm/ Frame 1916 		0
808 B 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=19740;tid=1;dt=7;p=1;rri=1718375115881_895150_95.211.199.157;mid=48884;zzz=%5B48884%2C1718375115%2C%22KDyEeyaOZ6TFugWa1DnN%2Bg%22%5D;version=v3.1.3;cb=0.5754061833143962;qqq=2.849002849002849;session=1;style=slider;vis=visible;traffic_info=%7B%7D;gdprApplies=true;consentGiven=false;consentData=undefined
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v3.1.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 Scarborough, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Type
application/x-javascript
Date
Fri, 14 Jun 2024 14:25:19 GMT
Expires
-1d
Connection
Keep-Alive
Content-Length
0
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A0C3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGODu8oMCMAE&v=APEucNWne_yNXXVOiiGfnDz8xxMB_xY84C9UR-jKZgMn0gaACGYH0-zc6fPkPHfBPmg_-ReqZLN1LcKpgaeB5Iqw_SRnmToe92N2es0R1cLSePObVXhO8PQ
Requested by
Host: steth-claims.org
URL: https://steth-claims.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://www.yallakora.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 14 Jun 2024 14:25:19 GMT
expires
Fri, 14 Jun 2024 14:25:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 1916 		99 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: steth-claims.org
URL: https://steth-claims.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
4b69a3f605576e2a0cdb6abd74d3efdf893c4b6124ace390559d62437b9553d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35122
x-xss-protection
0
server
cafe
etag
2418474175030562626
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 14 Jun 2024 14:25:19 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1916 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DDg365mvdMThBlS5qYJxZbuDnEH1EJDPiAoqCgjkjqUH7MRNKZXT2xrZytWPlgmxRcMcWmg5pRA-W9wvrjCZVDtd0b1tYmiHFJpr4_k07KJ9pR80Q
Requested by
Host: steth-claims.org
URL: https://steth-claims.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 14:25:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
786753eb-9c7e-4cd6-9e72-cd654d3dc68e
beacon-ams3.rubiconproject.com/beacon/d/ Frame 1916 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/786753eb-9c7e-4cd6-9e72-cd654d3dc68e?oo=0&accountId=24042&siteId=533724&zoneId=3270106&sizeId=2&e=6A1E40E384DA563BB38313FE4054E280B28BFBE92FC1E8323768C89BDED2D8CE5075DE82F557437AC6192DDD0F2BB2E89F0BE1F8337FD75DE8CE86A2C82C21FF26EE63F454CEE285D249CF67B62954F9873A248D66E930A58A9AD7A0162124057F4D6B2DCFE4BE017A1595D67A1F8217A55220547A4451A6818F7977C77C5F2F4E6FC96756E5E571E913529E390E613E1218934C8AE187187A90ADF9BB4883E724D87BEDBD9894DFCB2B71D28AD44AA5D12A018C4BF2FF7ACDA10306204D320B
Requested by
Host: steth-claims.org
URL: https://steth-claims.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::67 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 14:25:18 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
edge-logo-white.png
bid.underdog.media/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bid.underdog.media/edge-logo-white.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:2e00:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d443235c5040b9e5a2461f69bcef0930f5820c356830bb0c59a4953d16f8a59e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 22:27:50 GMT
via
1.1 b61ff825a3ca0ff851caf7741034ca52.cloudfront.net (CloudFront)
last-modified
Tue, 17 Nov 2020 21:08:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P10
age
57450
etag
"876f68d4ff152e17573c3a8f3cc1a580"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
15804
x-amz-cf-id
avUAWGBtfTml_wL3iGMAIQeveG99CWgBIPvdm7_CKU8ffKR_7RW15w==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1916 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5294043467290&version=m202406030101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 14:25:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1916 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5294043467290&version=m202406030101&ct=77&x=8&cor=11167113459046517000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 14:25:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1916 		37 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BQVoTG7hbRhD21TN6brX1PUyOlBjF-TGeonI3p589aa_4rMgdi2AVMz-Jjj3GCfjz7vbZaAWAcCwxCymIqt7D9r8IAnxNONXImZqmYzGBrtZ4KDD9Pk3SMqewXVUnRGsmEqkCLwcsqN3Vpkkc0VM6v5u-n6qFQgNH46QCxCXyVkyl84-C-YyzLWWQZEzejPBeMrEtH_k6Dqw25CzytnumwzpVwhjJYqiYB3PofEorFzfD4P-s&cry=1&dbm_d=AKAmf-BubF2LVgJTm2ipc8y9yKgnK3-RKu2UV2_jFxqVZETjY41rvYQQK_dCwgyOvtCWhOEhK4z-tbzKkjz-EaAyqZdBLbpHWylu3eEG517YO3WtVPMUzu8KqMbEiWLqyqK_kCynilBO6rJOkOWkuBvHJJlaxF1qtkqVG8Y3-vg-12gBvmE5HE1io62DFZUMknmnEiy3tDOjtuXMs1fdhs0BjSLOQhslfuabECR9McoBNspPFyjVZkoBbQOwL0FxrncSiaHorR5m28eMKydxY00m-2ylhpCprkwqZh3_Ir96M5cRR8MHQfVVib0bWwq22vashbgUf_TEQNppAlH8lCnzY9TMEJwmbpdCDepR7UhgW-mftac8hEKSIK8W7nOUXZMTzpEY0gdBn6i-ujdp2D3EjHrDDP4E_HkaimWknM8Ug-TDIkAzrO4wPSxoYem84VF5GlOhonP05e453ks0wXj62ddwcrVDunIn-AvmdYUi5drogiohhWG9RkrSsugrnihYuOoTsZWYDIBhCdNEy7EMIWPLzm46SuGR4bAE5tToq6UcGubLKsRkdf-0fiz7h-V4RO-GdDE0w8wbVtehj0V-fWLFmFTIMSmfNn1bNHS29ADIdgIkD6a0fv6K_sUxRd27V9v_FD8iibtEYxQ9QbleNsRHokM1nMQXarZylgJv733BEnsS8feD9tu9HivjYgnNUFv3S9VaUIfekdPKQ5U4ofUQpIBARf9YyihSqXYwbih671RabhrHx1p0Wxq-kn88IS229V5BIbxeWH1AMmIiXSdRdjllDcVckNw3kiZwKni5A0z-ByydOpxI3i1OqhJl20eclRlY4j1F_GN3qhCASRxdDAgvqeSNdtG52z05pIFh7P30usTP4vhbM6laJXNSldwz6SGkCpZ1foBb8SJnslHH2KSa3FwvfVBsaEnNNc-qJ4cmImxxGdT1Cp_UvCLibeXgJnephzX6xAVIwOhHzbd7M8-8jRdGB6LTLcG5I4Kp3es9tZnmCYVUVvrJqNX4z3GXuGEV3OhAW3E4YYmypTcNq9pByIGsq8e4ZrhjuBSemU_pcNePapWah-81Y2j_UvRnsV-O281QoL174g1KVHu2A_sPO939f9QNOs_4zFPCx4l8z0yofsk5OcAUWpxDcYC90Xp3yPCHY1VLj5nQMb_sruSVShnEf_jnuW0kbJiwfFd_cqs25gg77AQQ52I5GQTuR0Y1ue3jw0aaocofRZQs1rXFr3N2bUxU6HgGwYT_4OFCvs0k6Hoz4NhME0X5UO939hjDgyWBzvuMcItWktbbKA7gQUl8brqXsPWwE42Z6YLvTtMbvHOoPeMCMZ9NHu4EzbTxuKPmCUqA50PA3cxcHwo0kBo0EmW2GxMA8RiIHEDavJgM6v3asyipAXdCzG8AsG0nVaFnhMirpCTbLh0hbw6BbXmKMY6g-EzOU7ZEdzx7mJaSvhdLhq08RZQFBQn6Qwn0evA9uQQNWFiqLaIqnW2yP0sZmLMn4E6bCjYjLItV8mrRtJpzgm6KbnXWJekNuqXCb29jviEUkXeblJd3WZTjvwXe3iJ0Qlz9iEI_XLzVxVxLKloMfWp7rhWubWVP-slzfU-HccLeSc4d7mowcJUrESjtN0HBIoxkSNjESD-ZQrsl9IYdWoLQhtCT1NDemUQzVlXQN23y4zAvtDxw2HJ8RAdP5TLNybAeOsdnH2q0Yv3dT98isA6WrSQfIxVZeHElN3BZHau7COmBO-KxwP0h_tSWQesYXZdgjGHs_AiVMTuV5yxifWsDbtisqKWfNXebBvzLowKq-WwdOg_A7578RnaHBt9kTFplVELxfb5rxUIynJnYDPe1Z2YRcEIu-o4L-bqK_WVtoPIuwMWGBxdtja8gUTCx1WRVJYMGebkheSaXxtnu0KscpAwDZDj40v4HJuwc_LFK1hI5dOCjGMfBf2x1Qk1ASV7fJ4uvvZCxWc47vm2p_SXk1CzisKX_-7eutpv5mIc-7RwButQkEwaNZ50xxCRzqVLgj2gMF-YVD7Y04wob2h_TmTjHzR2KlOBWc0tIS_OPivX9f9RCm-S2g-kPl7Ne9DjSaMEFvmd_Bo9ZGcVC3hHOOsuM_GAAk80GahajybsT8V4g9ZajWffT0ZcP6nNCk8CQtvOU_L4QfM5Qla0-iGuIxOosFnnPrf_gJWiY4-Y-PWdgychMrEJsDgxQffjif_dMvgG1hMXtybuKnGNg1g7ZkHgokPb3enXvXlt9vwhJmVa3Gc33yAPXjL6sZV9X1FbfqjzWJMZ2qavqgTXcxNb_NyoRvJsydgqM_nhqnL2fqJGBRmgXPtFnVKbxmrbxZZAYlE6XwFXwMn3YtvE32YsAKLdWVHd0gYOgMAnPy56D-WGhJser7L-QKWO6jjdlStYuurZrnKHaX03KWkV8TyYtLedlU1aToOqKyrIG-vghyZnlVHcQW9NBR1kuYIfIzBuczH6OorJBpWacRzwoFB_6i8fn31Lv3i3FeCbnFSF1qyOc0qdMFs3pReTxaR6EUxNixdAZhjZcpY9Txoqam3VPwcLTER7R5nADCV5hYlRnbEAJkYx2BF7A54sOopuZ4_VBZLIbN9WWADLvDd7kHHM4dDJrttkiIw4xkTNxG22Vid3kSBR49FbTJ9BWA9JnLHE82ASS1fq8cRUMWcVLevMgDWWSUnZW7jR2fUTQBBeTLLOE5mQaK7wDzNwRFmXe5Dlj8Kq_soKtspKOdqYIgvdvlxcPL2je2G2LnU2IL6WfO2e1loIEoDp6RXs4gwFtRop7_xciYyOMdGcgYWhkHjDwbS4-bAbK7d6tZV4w8vJBDsiGvYBhryo4ZPQakPVhhn0-HEe855NMg1DKoHZdqMLkmeBQoZ_-9sA9_STJ5zlQsvRMhL5nov1xV3BVE8fy9pqM8wqUW_90v3nYpGji7lvRXlnIkaN8xPzG-VY3zr91DE9FeCLLu_rb9atxyfrB8Rruco0opxrrBJrR1blzyOR3vIk4cyYBIe5Dv86cD0oobgNw7JOYiCUlXoxl3V2eHJqI1oIEiGdEPwYC1oEb43W9GorlNLKNpR0WZN05zcNtAqRgngeCByytiyzdLBjZ9xJU7h0eGSwsNYAMzFOqhh5IJxckl9pvTOpwln_WCanHk2suEW_X8QckDxHnQY2xkKQtKJOlFctYmekhvvGt40hgGLeg7kRiYV4Heq1gdhi1rkPXnvzWkH54q-b90IzEgogYWlo1VTmYyi0U_BWPKZJeOPNCEqpp8XJAXf0uPo9xQv1Yk5RnOH2sgkYh3_vviWd0c3Be3EO06uoHQJa2t_3V4BFxEC2wvDPmRC-XG5TErrG3gLbEjn6-icyHVz6R91xQVhnNZLhSzzIxee8UnNFiD3xuEP8c0nQdWvjj-QS_WVbhtZdVYWWOa3om3Naj54RZpMtK3AZHJT7j7MnGGewiW2gp5pRD2C4nUWc8D7OkzybcRBcN8EHbVDVW-J2qUGec3Wr037vL6B0MkCwY-j36WyqxwDF4Wg5M51nDCAXUkgVadLKlHjNbozIZuRCLhIJiV0F-XMxFy_NGptTzFV1eXQTJEMqELpmKU_IyhvpLlYiVIYzj-V2-mLNNCsgndKlux0jW5QC4zoTRbXyvvaJGAFU50VSNKYSuJI2ZJt_QKr-_8u7o-Zfv3DC-IFyMQC4cVdZE9nLk3l1WzqXL8W61eb1Do7WBNTw4Nsut2iUEx301-18vXI9IPvq-42owTdUOMEFdGyotcgB0HgBEhVdmPL0RKNd5gc9gnI_0eiifaAmeVDqu9I_kBQ&pr=8%3A85C0D400189B0631&cid=CAQSMgDaQooLDkcAiM0QoruMxa1iDPYQntgHl1SKgBYmLPYx-xYmm6Uq0wGHPjBbKwcuapBnGAE&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dv3_ver=m202406030101&nel=1&rfl=https%3A%2F%2Fwww.yallakora.com%2F&ds=l&xdt=0&iif=1&cor=11167113459046517000&adk=2482413094&idt=136&cac=0&dtd=62
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
72ed99ac85ceb061ea8be23de55ee3c919cf72505e64b6a0a50fc5465ddcb719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 14:25:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21367
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-SS8RTJKBPS&gtm=45je46c0v9118065173za200&_p=1718375113914&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&cid=630542056.1718375114&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&sid=1718375113&sct=1&seg=0&dl=https%3A%2F%2Fwww.yallakora.com%2F&dr=https%3A%2F%2Fsteth-claims.org%2F&dt=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%89%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%20%D9%81%D9%89%20%D8%A7%D9%84%D8%B4%D8%B1%D9%82%20%D8%A7%D9%84%D8%A3%D9%88%D8%B3%D8%B7&_s=4&tfd=7231
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SS8RTJKBPS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.36 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 14:25:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.yallakora.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240612/r20110914/ Frame 1916 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240612/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BQVoTG7hbRhD21TN6brX1PUyOlBjF-TGeonI3p589aa_4rMgdi2AVMz-Jjj3GCfjz7vbZaAWAcCwxCymIqt7D9r8IAnxNONXImZqmYzGBrtZ4KDD9Pk3SMqewXVUnRGsmEqkCLwcsqN3Vpkkc0VM6v5u-n6qFQgNH46QCxCXyVkyl84-C-YyzLWWQZEzejPBeMrEtH_k6Dqw25CzytnumwzpVwhjJYqiYB3PofEorFzfD4P-s&cry=1&dbm_d=AKAmf-BubF2LVgJTm2ipc8y9yKgnK3-RKu2UV2_jFxqVZETjY41rvYQQK_dCwgyOvtCWhOEhK4z-tbzKkjz-EaAyqZdBLbpHWylu3eEG517YO3WtVPMUzu8KqMbEiWLqyqK_kCynilBO6rJOkOWkuBvHJJlaxF1qtkqVG8Y3-vg-12gBvmE5HE1io62DFZUMknmnEiy3tDOjtuXMs1fdhs0BjSLOQhslfuabECR9McoBNspPFyjVZkoBbQOwL0FxrncSiaHorR5m28eMKydxY00m-2ylhpCprkwqZh3_Ir96M5cRR8MHQfVVib0bWwq22vashbgUf_TEQNppAlH8lCnzY9TMEJwmbpdCDepR7UhgW-mftac8hEKSIK8W7nOUXZMTzpEY0gdBn6i-ujdp2D3EjHrDDP4E_HkaimWknM8Ug-TDIkAzrO4wPSxoYem84VF5GlOhonP05e453ks0wXj62ddwcrVDunIn-AvmdYUi5drogiohhWG9RkrSsugrnihYuOoTsZWYDIBhCdNEy7EMIWPLzm46SuGR4bAE5tToq6UcGubLKsRkdf-0fiz7h-V4RO-GdDE0w8wbVtehj0V-fWLFmFTIMSmfNn1bNHS29ADIdgIkD6a0fv6K_sUxRd27V9v_FD8iibtEYxQ9QbleNsRHokM1nMQXarZylgJv733BEnsS8feD9tu9HivjYgnNUFv3S9VaUIfekdPKQ5U4ofUQpIBARf9YyihSqXYwbih671RabhrHx1p0Wxq-kn88IS229V5BIbxeWH1AMmIiXSdRdjllDcVckNw3kiZwKni5A0z-ByydOpxI3i1OqhJl20eclRlY4j1F_GN3qhCASRxdDAgvqeSNdtG52z05pIFh7P30usTP4vhbM6laJXNSldwz6SGkCpZ1foBb8SJnslHH2KSa3FwvfVBsaEnNNc-qJ4cmImxxGdT1Cp_UvCLibeXgJnephzX6xAVIwOhHzbd7M8-8jRdGB6LTLcG5I4Kp3es9tZnmCYVUVvrJqNX4z3GXuGEV3OhAW3E4YYmypTcNq9pByIGsq8e4ZrhjuBSemU_pcNePapWah-81Y2j_UvRnsV-O281QoL174g1KVHu2A_sPO939f9QNOs_4zFPCx4l8z0yofsk5OcAUWpxDcYC90Xp3yPCHY1VLj5nQMb_sruSVShnEf_jnuW0kbJiwfFd_cqs25gg77AQQ52I5GQTuR0Y1ue3jw0aaocofRZQs1rXFr3N2bUxU6HgGwYT_4OFCvs0k6Hoz4NhME0X5UO939hjDgyWBzvuMcItWktbbKA7gQUl8brqXsPWwE42Z6YLvTtMbvHOoPeMCMZ9NHu4EzbTxuKPmCUqA50PA3cxcHwo0kBo0EmW2GxMA8RiIHEDavJgM6v3asyipAXdCzG8AsG0nVaFnhMirpCTbLh0hbw6BbXmKMY6g-EzOU7ZEdzx7mJaSvhdLhq08RZQFBQn6Qwn0evA9uQQNWFiqLaIqnW2yP0sZmLMn4E6bCjYjLItV8mrRtJpzgm6KbnXWJekNuqXCb29jviEUkXeblJd3WZTjvwXe3iJ0Qlz9iEI_XLzVxVxLKloMfWp7rhWubWVP-slzfU-HccLeSc4d7mowcJUrESjtN0HBIoxkSNjESD-ZQrsl9IYdWoLQhtCT1NDemUQzVlXQN23y4zAvtDxw2HJ8RAdP5TLNybAeOsdnH2q0Yv3dT98isA6WrSQfIxVZeHElN3BZHau7COmBO-KxwP0h_tSWQesYXZdgjGHs_AiVMTuV5yxifWsDbtisqKWfNXebBvzLowKq-WwdOg_A7578RnaHBt9kTFplVELxfb5rxUIynJnYDPe1Z2YRcEIu-o4L-bqK_WVtoPIuwMWGBxdtja8gUTCx1WRVJYMGebkheSaXxtnu0KscpAwDZDj40v4HJuwc_LFK1hI5dOCjGMfBf2x1Qk1ASV7fJ4uvvZCxWc47vm2p_SXk1CzisKX_-7eutpv5mIc-7RwButQkEwaNZ50xxCRzqVLgj2gMF-YVD7Y04wob2h_TmTjHzR2KlOBWc0tIS_OPivX9f9RCm-S2g-kPl7Ne9DjSaMEFvmd_Bo9ZGcVC3hHOOsuM_GAAk80GahajybsT8V4g9ZajWffT0ZcP6nNCk8CQtvOU_L4QfM5Qla0-iGuIxOosFnnPrf_gJWiY4-Y-PWdgychMrEJsDgxQffjif_dMvgG1hMXtybuKnGNg1g7ZkHgokPb3enXvXlt9vwhJmVa3Gc33yAPXjL6sZV9X1FbfqjzWJMZ2qavqgTXcxNb_NyoRvJsydgqM_nhqnL2fqJGBRmgXPtFnVKbxmrbxZZAYlE6XwFXwMn3YtvE32YsAKLdWVHd0gYOgMAnPy56D-WGhJser7L-QKWO6jjdlStYuurZrnKHaX03KWkV8TyYtLedlU1aToOqKyrIG-vghyZnlVHcQW9NBR1kuYIfIzBuczH6OorJBpWacRzwoFB_6i8fn31Lv3i3FeCbnFSF1qyOc0qdMFs3pReTxaR6EUxNixdAZhjZcpY9Txoqam3VPwcLTER7R5nADCV5hYlRnbEAJkYx2BF7A54sOopuZ4_VBZLIbN9WWADLvDd7kHHM4dDJrttkiIw4xkTNxG22Vid3kSBR49FbTJ9BWA9JnLHE82ASS1fq8cRUMWcVLevMgDWWSUnZW7jR2fUTQBBeTLLOE5mQaK7wDzNwRFmXe5Dlj8Kq_soKtspKOdqYIgvdvlxcPL2je2G2LnU2IL6WfO2e1loIEoDp6RXs4gwFtRop7_xciYyOMdGcgYWhkHjDwbS4-bAbK7d6tZV4w8vJBDsiGvYBhryo4ZPQakPVhhn0-HEe855NMg1DKoHZdqMLkmeBQoZ_-9sA9_STJ5zlQsvRMhL5nov1xV3BVE8fy9pqM8wqUW_90v3nYpGji7lvRXlnIkaN8xPzG-VY3zr91DE9FeCLLu_rb9atxyfrB8Rruco0opxrrBJrR1blzyOR3vIk4cyYBIe5Dv86cD0oobgNw7JOYiCUlXoxl3V2eHJqI1oIEiGdEPwYC1oEb43W9GorlNLKNpR0WZN05zcNtAqRgngeCByytiyzdLBjZ9xJU7h0eGSwsNYAMzFOqhh5IJxckl9pvTOpwln_WCanHk2suEW_X8QckDxHnQY2xkKQtKJOlFctYmekhvvGt40hgGLeg7kRiYV4Heq1gdhi1rkPXnvzWkH54q-b90IzEgogYWlo1VTmYyi0U_BWPKZJeOPNCEqpp8XJAXf0uPo9xQv1Yk5RnOH2sgkYh3_vviWd0c3Be3EO06uoHQJa2t_3V4BFxEC2wvDPmRC-XG5TErrG3gLbEjn6-icyHVz6R91xQVhnNZLhSzzIxee8UnNFiD3xuEP8c0nQdWvjj-QS_WVbhtZdVYWWOa3om3Naj54RZpMtK3AZHJT7j7MnGGewiW2gp5pRD2C4nUWc8D7OkzybcRBcN8EHbVDVW-J2qUGec3Wr037vL6B0MkCwY-j36WyqxwDF4Wg5M51nDCAXUkgVadLKlHjNbozIZuRCLhIJiV0F-XMxFy_NGptTzFV1eXQTJEMqELpmKU_IyhvpLlYiVIYzj-V2-mLNNCsgndKlux0jW5QC4zoTRbXyvvaJGAFU50VSNKYSuJI2ZJt_QKr-_8u7o-Zfv3DC-IFyMQC4cVdZE9nLk3l1WzqXL8W61eb1Do7WBNTw4Nsut2iUEx301-18vXI9IPvq-42owTdUOMEFdGyotcgB0HgBEhVdmPL0RKNd5gc9gnI_0eiifaAmeVDqu9I_kBQ&pr=8%3A85C0D400189B0631&cid=CAQSMgDaQooLDkcAiM0QoruMxa1iDPYQntgHl1SKgBYmLPYx-xYmm6Uq0wGHPjBbKwcuapBnGAE&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dv3_ver=m202406030101&nel=1&rfl=https%3A%2F%2Fwww.yallakora.com%2F&ds=l&xdt=0&iif=1&cor=11167113459046517000&adk=2482413094&idt=136&cac=0&dtd=62
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
da563995c8336482dcbb5111f35e29613d82abeb5f6b6cdf1b553077d644f3de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
321
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11747
x-xss-protection
0
server
cafe
etag
6973848925928707074
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 28 Jun 2024 14:19:58 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1916 		211 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BQVoTG7hbRhD21TN6brX1PUyOlBjF-TGeonI3p589aa_4rMgdi2AVMz-Jjj3GCfjz7vbZaAWAcCwxCymIqt7D9r8IAnxNONXImZqmYzGBrtZ4KDD9Pk3SMqewXVUnRGsmEqkCLwcsqN3Vpkkc0VM6v5u-n6qFQgNH46QCxCXyVkyl84-C-YyzLWWQZEzejPBeMrEtH_k6Dqw25CzytnumwzpVwhjJYqiYB3PofEorFzfD4P-s&cry=1&dbm_d=AKAmf-BubF2LVgJTm2ipc8y9yKgnK3-RKu2UV2_jFxqVZETjY41rvYQQK_dCwgyOvtCWhOEhK4z-tbzKkjz-EaAyqZdBLbpHWylu3eEG517YO3WtVPMUzu8KqMbEiWLqyqK_kCynilBO6rJOkOWkuBvHJJlaxF1qtkqVG8Y3-vg-12gBvmE5HE1io62DFZUMknmnEiy3tDOjtuXMs1fdhs0BjSLOQhslfuabECR9McoBNspPFyjVZkoBbQOwL0FxrncSiaHorR5m28eMKydxY00m-2ylhpCprkwqZh3_Ir96M5cRR8MHQfVVib0bWwq22vashbgUf_TEQNppAlH8lCnzY9TMEJwmbpdCDepR7UhgW-mftac8hEKSIK8W7nOUXZMTzpEY0gdBn6i-ujdp2D3EjHrDDP4E_HkaimWknM8Ug-TDIkAzrO4wPSxoYem84VF5GlOhonP05e453ks0wXj62ddwcrVDunIn-AvmdYUi5drogiohhWG9RkrSsugrnihYuOoTsZWYDIBhCdNEy7EMIWPLzm46SuGR4bAE5tToq6UcGubLKsRkdf-0fiz7h-V4RO-GdDE0w8wbVtehj0V-fWLFmFTIMSmfNn1bNHS29ADIdgIkD6a0fv6K_sUxRd27V9v_FD8iibtEYxQ9QbleNsRHokM1nMQXarZylgJv733BEnsS8feD9tu9HivjYgnNUFv3S9VaUIfekdPKQ5U4ofUQpIBARf9YyihSqXYwbih671RabhrHx1p0Wxq-kn88IS229V5BIbxeWH1AMmIiXSdRdjllDcVckNw3kiZwKni5A0z-ByydOpxI3i1OqhJl20eclRlY4j1F_GN3qhCASRxdDAgvqeSNdtG52z05pIFh7P30usTP4vhbM6laJXNSldwz6SGkCpZ1foBb8SJnslHH2KSa3FwvfVBsaEnNNc-qJ4cmImxxGdT1Cp_UvCLibeXgJnephzX6xAVIwOhHzbd7M8-8jRdGB6LTLcG5I4Kp3es9tZnmCYVUVvrJqNX4z3GXuGEV3OhAW3E4YYmypTcNq9pByIGsq8e4ZrhjuBSemU_pcNePapWah-81Y2j_UvRnsV-O281QoL174g1KVHu2A_sPO939f9QNOs_4zFPCx4l8z0yofsk5OcAUWpxDcYC90Xp3yPCHY1VLj5nQMb_sruSVShnEf_jnuW0kbJiwfFd_cqs25gg77AQQ52I5GQTuR0Y1ue3jw0aaocofRZQs1rXFr3N2bUxU6HgGwYT_4OFCvs0k6Hoz4NhME0X5UO939hjDgyWBzvuMcItWktbbKA7gQUl8brqXsPWwE42Z6YLvTtMbvHOoPeMCMZ9NHu4EzbTxuKPmCUqA50PA3cxcHwo0kBo0EmW2GxMA8RiIHEDavJgM6v3asyipAXdCzG8AsG0nVaFnhMirpCTbLh0hbw6BbXmKMY6g-EzOU7ZEdzx7mJaSvhdLhq08RZQFBQn6Qwn0evA9uQQNWFiqLaIqnW2yP0sZmLMn4E6bCjYjLItV8mrRtJpzgm6KbnXWJekNuqXCb29jviEUkXeblJd3WZTjvwXe3iJ0Qlz9iEI_XLzVxVxLKloMfWp7rhWubWVP-slzfU-HccLeSc4d7mowcJUrESjtN0HBIoxkSNjESD-ZQrsl9IYdWoLQhtCT1NDemUQzVlXQN23y4zAvtDxw2HJ8RAdP5TLNybAeOsdnH2q0Yv3dT98isA6WrSQfIxVZeHElN3BZHau7COmBO-KxwP0h_tSWQesYXZdgjGHs_AiVMTuV5yxifWsDbtisqKWfNXebBvzLowKq-WwdOg_A7578RnaHBt9kTFplVELxfb5rxUIynJnYDPe1Z2YRcEIu-o4L-bqK_WVtoPIuwMWGBxdtja8gUTCx1WRVJYMGebkheSaXxtnu0KscpAwDZDj40v4HJuwc_LFK1hI5dOCjGMfBf2x1Qk1ASV7fJ4uvvZCxWc47vm2p_SXk1CzisKX_-7eutpv5mIc-7RwButQkEwaNZ50xxCRzqVLgj2gMF-YVD7Y04wob2h_TmTjHzR2KlOBWc0tIS_OPivX9f9RCm-S2g-kPl7Ne9DjSaMEFvmd_Bo9ZGcVC3hHOOsuM_GAAk80GahajybsT8V4g9ZajWffT0ZcP6nNCk8CQtvOU_L4QfM5Qla0-iGuIxOosFnnPrf_gJWiY4-Y-PWdgychMrEJsDgxQffjif_dMvgG1hMXtybuKnGNg1g7ZkHgokPb3enXvXlt9vwhJmVa3Gc33yAPXjL6sZV9X1FbfqjzWJMZ2qavqgTXcxNb_NyoRvJsydgqM_nhqnL2fqJGBRmgXPtFnVKbxmrbxZZAYlE6XwFXwMn3YtvE32YsAKLdWVHd0gYOgMAnPy56D-WGhJser7L-QKWO6jjdlStYuurZrnKHaX03KWkV8TyYtLedlU1aToOqKyrIG-vghyZnlVHcQW9NBR1kuYIfIzBuczH6OorJBpWacRzwoFB_6i8fn31Lv3i3FeCbnFSF1qyOc0qdMFs3pReTxaR6EUxNixdAZhjZcpY9Txoqam3VPwcLTER7R5nADCV5hYlRnbEAJkYx2BF7A54sOopuZ4_VBZLIbN9WWADLvDd7kHHM4dDJrttkiIw4xkTNxG22Vid3kSBR49FbTJ9BWA9JnLHE82ASS1fq8cRUMWcVLevMgDWWSUnZW7jR2fUTQBBeTLLOE5mQaK7wDzNwRFmXe5Dlj8Kq_soKtspKOdqYIgvdvlxcPL2je2G2LnU2IL6WfO2e1loIEoDp6RXs4gwFtRop7_xciYyOMdGcgYWhkHjDwbS4-bAbK7d6tZV4w8vJBDsiGvYBhryo4ZPQakPVhhn0-HEe855NMg1DKoHZdqMLkmeBQoZ_-9sA9_STJ5zlQsvRMhL5nov1xV3BVE8fy9pqM8wqUW_90v3nYpGji7lvRXlnIkaN8xPzG-VY3zr91DE9FeCLLu_rb9atxyfrB8Rruco0opxrrBJrR1blzyOR3vIk4cyYBIe5Dv86cD0oobgNw7JOYiCUlXoxl3V2eHJqI1oIEiGdEPwYC1oEb43W9GorlNLKNpR0WZN05zcNtAqRgngeCByytiyzdLBjZ9xJU7h0eGSwsNYAMzFOqhh5IJxckl9pvTOpwln_WCanHk2suEW_X8QckDxHnQY2xkKQtKJOlFctYmekhvvGt40hgGLeg7kRiYV4Heq1gdhi1rkPXnvzWkH54q-b90IzEgogYWlo1VTmYyi0U_BWPKZJeOPNCEqpp8XJAXf0uPo9xQv1Yk5RnOH2sgkYh3_vviWd0c3Be3EO06uoHQJa2t_3V4BFxEC2wvDPmRC-XG5TErrG3gLbEjn6-icyHVz6R91xQVhnNZLhSzzIxee8UnNFiD3xuEP8c0nQdWvjj-QS_WVbhtZdVYWWOa3om3Naj54RZpMtK3AZHJT7j7MnGGewiW2gp5pRD2C4nUWc8D7OkzybcRBcN8EHbVDVW-J2qUGec3Wr037vL6B0MkCwY-j36WyqxwDF4Wg5M51nDCAXUkgVadLKlHjNbozIZuRCLhIJiV0F-XMxFy_NGptTzFV1eXQTJEMqELpmKU_IyhvpLlYiVIYzj-V2-mLNNCsgndKlux0jW5QC4zoTRbXyvvaJGAFU50VSNKYSuJI2ZJt_QKr-_8u7o-Zfv3DC-IFyMQC4cVdZE9nLk3l1WzqXL8W61eb1Do7WBNTw4Nsut2iUEx301-18vXI9IPvq-42owTdUOMEFdGyotcgB0HgBEhVdmPL0RKNd5gc9gnI_0eiifaAmeVDqu9I_kBQ&pr=8%3A85C0D400189B0631&cid=CAQSMgDaQooLDkcAiM0QoruMxa1iDPYQntgHl1SKgBYmLPYx-xYmm6Uq0wGHPjBbKwcuapBnGAE&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dv3_ver=m202406030101&nel=1&rfl=https%3A%2F%2Fwww.yallakora.com%2F&ds=l&xdt=0&iif=1&cor=11167113459046517000&adk=2482413094&idt=136&cac=0&dtd=62
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e680f15ef156077429b715ace513107f66461727a57814c75b32246ed87e6f07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:19:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
323
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65820
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 14 Jun 2024 15:19:56 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 1916 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BQVoTG7hbRhD21TN6brX1PUyOlBjF-TGeonI3p589aa_4rMgdi2AVMz-Jjj3GCfjz7vbZaAWAcCwxCymIqt7D9r8IAnxNONXImZqmYzGBrtZ4KDD9Pk3SMqewXVUnRGsmEqkCLwcsqN3Vpkkc0VM6v5u-n6qFQgNH46QCxCXyVkyl84-C-YyzLWWQZEzejPBeMrEtH_k6Dqw25CzytnumwzpVwhjJYqiYB3PofEorFzfD4P-s&cry=1&dbm_d=AKAmf-BubF2LVgJTm2ipc8y9yKgnK3-RKu2UV2_jFxqVZETjY41rvYQQK_dCwgyOvtCWhOEhK4z-tbzKkjz-EaAyqZdBLbpHWylu3eEG517YO3WtVPMUzu8KqMbEiWLqyqK_kCynilBO6rJOkOWkuBvHJJlaxF1qtkqVG8Y3-vg-12gBvmE5HE1io62DFZUMknmnEiy3tDOjtuXMs1fdhs0BjSLOQhslfuabECR9McoBNspPFyjVZkoBbQOwL0FxrncSiaHorR5m28eMKydxY00m-2ylhpCprkwqZh3_Ir96M5cRR8MHQfVVib0bWwq22vashbgUf_TEQNppAlH8lCnzY9TMEJwmbpdCDepR7UhgW-mftac8hEKSIK8W7nOUXZMTzpEY0gdBn6i-ujdp2D3EjHrDDP4E_HkaimWknM8Ug-TDIkAzrO4wPSxoYem84VF5GlOhonP05e453ks0wXj62ddwcrVDunIn-AvmdYUi5drogiohhWG9RkrSsugrnihYuOoTsZWYDIBhCdNEy7EMIWPLzm46SuGR4bAE5tToq6UcGubLKsRkdf-0fiz7h-V4RO-GdDE0w8wbVtehj0V-fWLFmFTIMSmfNn1bNHS29ADIdgIkD6a0fv6K_sUxRd27V9v_FD8iibtEYxQ9QbleNsRHokM1nMQXarZylgJv733BEnsS8feD9tu9HivjYgnNUFv3S9VaUIfekdPKQ5U4ofUQpIBARf9YyihSqXYwbih671RabhrHx1p0Wxq-kn88IS229V5BIbxeWH1AMmIiXSdRdjllDcVckNw3kiZwKni5A0z-ByydOpxI3i1OqhJl20eclRlY4j1F_GN3qhCASRxdDAgvqeSNdtG52z05pIFh7P30usTP4vhbM6laJXNSldwz6SGkCpZ1foBb8SJnslHH2KSa3FwvfVBsaEnNNc-qJ4cmImxxGdT1Cp_UvCLibeXgJnephzX6xAVIwOhHzbd7M8-8jRdGB6LTLcG5I4Kp3es9tZnmCYVUVvrJqNX4z3GXuGEV3OhAW3E4YYmypTcNq9pByIGsq8e4ZrhjuBSemU_pcNePapWah-81Y2j_UvRnsV-O281QoL174g1KVHu2A_sPO939f9QNOs_4zFPCx4l8z0yofsk5OcAUWpxDcYC90Xp3yPCHY1VLj5nQMb_sruSVShnEf_jnuW0kbJiwfFd_cqs25gg77AQQ52I5GQTuR0Y1ue3jw0aaocofRZQs1rXFr3N2bUxU6HgGwYT_4OFCvs0k6Hoz4NhME0X5UO939hjDgyWBzvuMcItWktbbKA7gQUl8brqXsPWwE42Z6YLvTtMbvHOoPeMCMZ9NHu4EzbTxuKPmCUqA50PA3cxcHwo0kBo0EmW2GxMA8RiIHEDavJgM6v3asyipAXdCzG8AsG0nVaFnhMirpCTbLh0hbw6BbXmKMY6g-EzOU7ZEdzx7mJaSvhdLhq08RZQFBQn6Qwn0evA9uQQNWFiqLaIqnW2yP0sZmLMn4E6bCjYjLItV8mrRtJpzgm6KbnXWJekNuqXCb29jviEUkXeblJd3WZTjvwXe3iJ0Qlz9iEI_XLzVxVxLKloMfWp7rhWubWVP-slzfU-HccLeSc4d7mowcJUrESjtN0HBIoxkSNjESD-ZQrsl9IYdWoLQhtCT1NDemUQzVlXQN23y4zAvtDxw2HJ8RAdP5TLNybAeOsdnH2q0Yv3dT98isA6WrSQfIxVZeHElN3BZHau7COmBO-KxwP0h_tSWQesYXZdgjGHs_AiVMTuV5yxifWsDbtisqKWfNXebBvzLowKq-WwdOg_A7578RnaHBt9kTFplVELxfb5rxUIynJnYDPe1Z2YRcEIu-o4L-bqK_WVtoPIuwMWGBxdtja8gUTCx1WRVJYMGebkheSaXxtnu0KscpAwDZDj40v4HJuwc_LFK1hI5dOCjGMfBf2x1Qk1ASV7fJ4uvvZCxWc47vm2p_SXk1CzisKX_-7eutpv5mIc-7RwButQkEwaNZ50xxCRzqVLgj2gMF-YVD7Y04wob2h_TmTjHzR2KlOBWc0tIS_OPivX9f9RCm-S2g-kPl7Ne9DjSaMEFvmd_Bo9ZGcVC3hHOOsuM_GAAk80GahajybsT8V4g9ZajWffT0ZcP6nNCk8CQtvOU_L4QfM5Qla0-iGuIxOosFnnPrf_gJWiY4-Y-PWdgychMrEJsDgxQffjif_dMvgG1hMXtybuKnGNg1g7ZkHgokPb3enXvXlt9vwhJmVa3Gc33yAPXjL6sZV9X1FbfqjzWJMZ2qavqgTXcxNb_NyoRvJsydgqM_nhqnL2fqJGBRmgXPtFnVKbxmrbxZZAYlE6XwFXwMn3YtvE32YsAKLdWVHd0gYOgMAnPy56D-WGhJser7L-QKWO6jjdlStYuurZrnKHaX03KWkV8TyYtLedlU1aToOqKyrIG-vghyZnlVHcQW9NBR1kuYIfIzBuczH6OorJBpWacRzwoFB_6i8fn31Lv3i3FeCbnFSF1qyOc0qdMFs3pReTxaR6EUxNixdAZhjZcpY9Txoqam3VPwcLTER7R5nADCV5hYlRnbEAJkYx2BF7A54sOopuZ4_VBZLIbN9WWADLvDd7kHHM4dDJrttkiIw4xkTNxG22Vid3kSBR49FbTJ9BWA9JnLHE82ASS1fq8cRUMWcVLevMgDWWSUnZW7jR2fUTQBBeTLLOE5mQaK7wDzNwRFmXe5Dlj8Kq_soKtspKOdqYIgvdvlxcPL2je2G2LnU2IL6WfO2e1loIEoDp6RXs4gwFtRop7_xciYyOMdGcgYWhkHjDwbS4-bAbK7d6tZV4w8vJBDsiGvYBhryo4ZPQakPVhhn0-HEe855NMg1DKoHZdqMLkmeBQoZ_-9sA9_STJ5zlQsvRMhL5nov1xV3BVE8fy9pqM8wqUW_90v3nYpGji7lvRXlnIkaN8xPzG-VY3zr91DE9FeCLLu_rb9atxyfrB8Rruco0opxrrBJrR1blzyOR3vIk4cyYBIe5Dv86cD0oobgNw7JOYiCUlXoxl3V2eHJqI1oIEiGdEPwYC1oEb43W9GorlNLKNpR0WZN05zcNtAqRgngeCByytiyzdLBjZ9xJU7h0eGSwsNYAMzFOqhh5IJxckl9pvTOpwln_WCanHk2suEW_X8QckDxHnQY2xkKQtKJOlFctYmekhvvGt40hgGLeg7kRiYV4Heq1gdhi1rkPXnvzWkH54q-b90IzEgogYWlo1VTmYyi0U_BWPKZJeOPNCEqpp8XJAXf0uPo9xQv1Yk5RnOH2sgkYh3_vviWd0c3Be3EO06uoHQJa2t_3V4BFxEC2wvDPmRC-XG5TErrG3gLbEjn6-icyHVz6R91xQVhnNZLhSzzIxee8UnNFiD3xuEP8c0nQdWvjj-QS_WVbhtZdVYWWOa3om3Naj54RZpMtK3AZHJT7j7MnGGewiW2gp5pRD2C4nUWc8D7OkzybcRBcN8EHbVDVW-J2qUGec3Wr037vL6B0MkCwY-j36WyqxwDF4Wg5M51nDCAXUkgVadLKlHjNbozIZuRCLhIJiV0F-XMxFy_NGptTzFV1eXQTJEMqELpmKU_IyhvpLlYiVIYzj-V2-mLNNCsgndKlux0jW5QC4zoTRbXyvvaJGAFU50VSNKYSuJI2ZJt_QKr-_8u7o-Zfv3DC-IFyMQC4cVdZE9nLk3l1WzqXL8W61eb1Do7WBNTw4Nsut2iUEx301-18vXI9IPvq-42owTdUOMEFdGyotcgB0HgBEhVdmPL0RKNd5gc9gnI_0eiifaAmeVDqu9I_kBQ&pr=8%3A85C0D400189B0631&cid=CAQSMgDaQooLDkcAiM0QoruMxa1iDPYQntgHl1SKgBYmLPYx-xYmm6Uq0wGHPjBbKwcuapBnGAE&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dv3_ver=m202406030101&nel=1&rfl=https%3A%2F%2Fwww.yallakora.com%2F&ds=l&xdt=0&iif=1&cor=11167113459046517000&adk=2482413094&idt=136&cac=0&dtd=62
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:23:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
137
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Jun 2025 14:23:02 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcxODM3NTExOTc1ODA0NwogIHNlcnZlcl9pcDogMTQ2NTI1OTkzCiAgcHJvY2Vzc19pZDogNDE5NDgzNzA0NAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3...
ad.doubleclick.net/ddm/activity/ Frame 1916 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcxODM3NTExOTc1ODA0NwogIHNlcnZlcl9pcDogMTQ2NTI1OTkzCiAgcHJvY2Vzc19pZDogNDE5NDgzNzA0NAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly96YWxhbmRvLmRlIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDIKZXZlbnRfaW1wcmVzc2lvbl9pZDogNDU5NTY2OTUxMzE0OTU5MDcyNgpkZWJ1Z19rZXk6IDExODY0NDg2MjQwNTM4NzAyMzM2CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wNi0xNCIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMyNzY4MTcKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX01PQklMRV9CUk9XU0VSX0NMQVNTCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiTkwiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzg1OTU2MjA2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTExNzk5NzQwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIwOTkyNjQ3MjgwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNTQ1MDQ0MzIwCiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKZmxvb2RsaWdodF9hY3Rpdml0aWVzX2Zvcl9iaWRkaW5nOiA5NDY4MzMwCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly96YWxhbmRvLmRlIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vemFsYW5kby5wbCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3phbGFuZG8ubmwiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3ODA0NzYwODgzMgpkbWFfcHJvZHVjdF9pZDogMTIyNzE1ODM3CnhmYV9hdHRyaWJ1dGlvbl9hcGlfdHlwZTogWEZBX0FUVFJJQlVUSU9OX0FQSV9UWVBFX1dFQgplY2hvX3NlcnZlcl9hY3Rpb246IEVDSE9fU0VSVkVSX0FDVElPTl9VU0VfQkVTVF9BVkFJTEFCTEVfQVJBCmV2ZW50X3JlcG9ydGluZ193aW5kb3dzIHsKICBlbmRfdGltZXNfc2Vjb25kczogODY0MDAKICBlbmRfdGltZXNfc2Vjb25kczogMzQ1NjAwCn0KbWF4X2V2ZW50X2xldmVsX3JlcG9ydHM6IDIK
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 14:25:20 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
attribution-reporting-info
preferred-platform=os
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xbd6de55519e33e300000000000000000","13":"0x37fe5eedd2bef5ea0000000000000000","14":"0x84444d0f2dfe4430000000000000000","15":"0xf482b57273b3784a0000000000000000"},"debug_key":"11864486240538702336","debug_reporting":true,"destination":["https://zalando.de","https://zalando.pl","https://zalando.nl"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"172800","filter_data":{"14":["9468330"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["3276817"]},"max_event_level_reports":2,"priority":"0","source_event_id":"4595669513149590726"}
server
cafe
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bg
ads.revjet.com/ Frame 1916 		61 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.revjet.com/bg
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.235.11.39 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
7470ea5b6672edad975a8cd9c629ab96e0218d69c3571d907027712a8fb177e2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

p3p
CP="CAO PSA OUR"
date
Fri, 14 Jun 2024 14:25:20 GMT
cache-control
max-age=10800
content-encoding
gzip
content-type
application/javascript
server
nginx
expires
Fri, 14 Jun 2024 17:25:20 GMT
usync.html
eus.rubiconproject.com/ Frame D82C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=nl
Requested by
Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://www.yallakora.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
224
Content-Type
text/html; charset=UTF-8
Date
Fri, 14 Jun 2024 14:25:20 GMT
ETag
"28052a-10d-6142d69a886c0"
Last-Modified
Thu, 21 Mar 2024 15:32:19 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
radApi
edge.udmserve.net/ 		20 B
160 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.udmserve.net/radApi
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v3.1.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.120 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.yallakora.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 14 Jun 2024 14:25:20 GMT
Content-Length
20
Content-Type
application/json
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame F00C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://www.yallakora.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
137
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 14 Jun 2024 14:23:03 GMT
expires
Sat, 14 Jun 2025 14:23:03 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tags.crwdcntrl.net
URL
https://tags.crwdcntrl.net/lt/c/15758/lt.min.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 undefined| event object| fence object| sharedStorage object| google_tag_manager object| google_tag_data object| dataLayer object| googletag object| ggeac boolean| google_plmetrics object| google_js_reporting_queue undefined| google_measure_js_timing object| google_reactive_ads_global_state function| gtag function| onYouTubeIframeAPIReady object| gaGlobal string| pagePath number| _sf_startpt string| AppPath string| IsGoRealTimeApiApplied string| HubBaseurl function| TrackEvent function| TrackEventInteraction function| TrackEventGA4 number| AddsenseTimeOut string| campName function| SponsorDTScript number| countDownDate object| now number| x object| __cfQR object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NGJkZmQyYzc0NTRkMzEwMGxvYWRlcl9qcw== string| NGJkZmQyYzc0NTRkMzEwMGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| Strip function| $ function| jQuery function| setCookie function| getCookie function| GTMInit object| General object| IP2Location undefined| loc boolean| HeadTagRenderd string| HeadTag object| Adsense object| AdsenseLeaderboard function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| imagesLoaded object| t function| e function| n function| openTab function| setHeight function| Search function| LazyLoader object| lotame_15758 string| pageTourId function| trackPageView function| trackPageViewGA4 object| _izq object| izConfig boolean| __cfRLUnblockHandlers function| _izooto function| postscribe object| google_tag_manager_external function| GetCurrentAd function| Fill function| GetRandomInteger string| AdProvider object| s boolean| r undefined| docvar undefined| outstream undefined| dt undefined| adUnit undefined| p undefined| height undefined| foxpush_account_id undefined| foxpush_child_id undefined| foxpush_unit_name undefined| parentElement undefined| firstChild function| DeviceType string| country object| GccCountries boolean| GCC boolean| Europe boolean| USA boolean| Egypt boolean| GccCountryConditons object| countries boolean| countryConditons string| footerCountry string| AdProviderFooter function| GetCurrentFooterAd function| isScriptLoaded object| udm_ads_queue boolean| udm_edge_init object| _qoptions object| _qevents function| quantserve function| __qc object| ezt object| udm_r3Chunk object| udm_r3 object| mnet function| endedHandler function| udmPbcsRun function| udm_process_ads_queue function| delete_udm_edge function| reload_udm_edge object| udmRenderRates function| izootoEmailSubcriptionCallBack function| izootoEmailEventsCallback object| udmCompiledBlockedCreativeIds object| udmDefinedBlockedCreativeIds

25 Cookies

Domain/Path Name / Value
.steth-claims.org/ Name: __cf_mw_byp
Value: KUhC3grEljRfevSTxXOjRiLhFdeSOGpl7gr0Nv1FskM-1718375108-0.0.1.1-/
.steth-claims.org/ Name: GOOGLE_ADS_IDENTIFIER
Value: NrP2kF0Cfr8i6Xc+yrxU3XvyJ99Jj943oPqZWhyQ2EY1vhq9Ype0TmHZ2NYUIAWnBRBGKE3XjElVaiLeCkYEFXZBThJKp8a/
www.yallakora.com/ Name: ASP.NET_SessionId
Value: jskre5q5rsfqyxvotfqby0ec
www.yallakora.com/ Name: FGTServer
Value: B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA3DA1D2
.yallakora.com/ Name: _ga
Value: GA1.1.630542056.1718375114
www.yallakora.com/ Name: EuroStrip
Value: true
.yallakora.com/ Name: _ga_SS8RTJKBPS
Value: GS1.1.1718375113.1.0.1718375114.59.0.0
www.yallakora.com/ Name: Location
Value: Netherlands
.izooto.com/ Name: IZCID
Value: 3ebf1767-7bbd-4e6a-831a-2cdeafbc1cb5
.yallakora.com/ Name: _gcl_au
Value: 1.1.214157088.1718375115
.yallakora.com/ Name: cf_clearance
Value: nLfvCNIhs1PYhyJrqWowrNNGIoh69G6XodEFGg2dMns-1718375115-1.0.1.1-JxMhuo3hZeEZqj_x_gAv5ftgCaYbDUREq2D6wKafCqapWlSyeUr2JMDsMXYkm_2taU_ZYtEFhr9LumYmh8S_Ng
.udmserve.net/ Name: dt
Value: 593511E6-D656-396A-BEAE-68B5D9C93615
.casalemedia.com/ Name: CMID
Value: ZmxSzbmqPToAABnzASizqwAA
.casalemedia.com/ Name: CMPS
Value: 2237
.casalemedia.com/ Name: CMPRO
Value: 2237
.adnxs.com/ Name: XANDR_PANID
Value: unxr11cb0t-e4beeLSBquG7IomQlZgqT5wW7GvH5Tb7dYoOzdRCYPgOUlTZnaikzMroBbKT_Huc0nU-sNgICvBlyPnm0buah9u_XvFuZOZg.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 7849394919632836198
www.yallakora.com/ Name: udmsrc
Value: %7B%7D
.udmserve.net/ Name: udmts
Value: 1718375117.0
.udmserve.net/ Name: apnid
Value: 7849394919632836198
.yallakora.com/ Name: _sharedid
Value: 89b41f27-5ca7-49e9-aea0-157767ff0f25
.yallakora.com/ Name: _sharedid_cst
Value: zix7LPQsHA%3D%3D
.go.sonobi.com/ Name: HAPLB8G
Value: s8511|ZmxS0
.openx.net/ Name: i
Value: 89b41f27-5ca7-49e9-aea0-157767ff0f25|1718375118

4 Console Messages

Source Level URL
Text
network error URL: https://steth-claims.org/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406120201/pubads_impl.js?cb=31084585, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406120201/pubads_impl.js?cb=31084585, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security warning URL: https://bid.underdog.media/udm-r3_v3.1.3.js(Line 11)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.revjet.com
beacon-ams3.rubiconproject.com
bid.underdog.media
bidder.criteo.com
cdn.izooto.com
cdnimg.izooto.com
edge.udmserve.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
image8.pubmatic.com
media.gemini.media
pagead2.googlesyndication.com
pixel-us-west.rubiconproject.com
prebid.a-mo.net
region1.analytics.google.com
rules.quantcount.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
stats.g.doubleclick.net
steth-claims.org
sync.go.sonobi.com
tags.crwdcntrl.net
tpc.googlesyndication.com
udmserve.net
underdogmedia-d.openx.net
www.google.nl
www.googletagmanager.com
www.yallakora.com
yallakora.com
tags.crwdcntrl.net
142.250.184.238
142.250.185.198
142.250.186.66
142.250.186.98
145.40.97.66
167.235.11.39
172.217.23.98
172.64.151.101
172.67.1.154
172.67.74.224
178.250.1.8
185.64.189.112
185.64.191.214
185.89.210.20
188.114.97.3
2001:4860:4802:32::36
216.239.32.36
2600:9000:223c:7c00:6:44e3:f8c0:93a1
2600:9000:26e8:2e00:5:c4ab:c3c0:93a1
2602:803:c003:200::21
2602:803:c003:200::67
2606:4700::6810:ff40
2607:f350:3:2569:0:10:0:d
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:80f::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::2008
2a00:1450:4001:81d::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:831::200e
2a00:1450:400c:c07::9c
34.98.64.218
68.71.249.118
68.71.249.120
8.39.36.142
88.221.169.246
0523b0ead380e6027f705ed7391cf6ca3a84153bdd9dd8517564457796e6dd1f
05448ff0b902db11ea26f14168a4676a51c79f6095b2747fe2f191191e27b742
058cb6627903999f70f289a15acfe47378f98b1befb896772a32ceb089aeccd7
0a6094cd81b0a2c3fe75497ad6d25107db8ec8185cc1ca62a0cbc896c1264301
0bc88a252f8ccb932998fa4ba5ecfadec56d6917d762318f68949786ad48f2f2
11b2088deff6ac044087d2ef9e23453bc600e5e505f5cca9bd62a4cfe6d11a74
19665f3b9d688e27a18628ad631ad99a524cc885204de72e42929f9aae950787
1968782fdfd86d61313838181807432aab7df8d8cfeb466a3903ee8a8b8cefac
198541ad4236b9420f75c7669cf99c7c33b99827fe7bc758724d1a2b6819caa7
1ec423d358d2b39c3d11516cbfb538f1f6f2ef2b31769afae3545f248d54793b
20968a95e5a911a40d373861cd5ec8215c6c9148a45e4ce53f7bca46033e2e4c
227b2cf0048671acb1b5d32ddb780b9a2befa1a8fd00d97e7ab42f2315fe81c6
25cdcff33d9fd24ac8d1b5b87fa65173bea33765e60fa5a2abcaeb3541e4dfd8
266962cc76ea6231420ace35146f5ae2335fbdbbb345be5e5202128783522258
2a5806c3176b14faad2ad4d811ab74facb8aa5b0c2de1bfcaa279a1666f1cc3e
2ba004dac609260504122c3252555c45c7eb5edb611a2b35b52233a8a4e0dd12
2d118e8db1b34fc46ec78500be6b4f6ddd1550be572fbb8943a27127fb852616
2fe4b6c4f584c422ea93f8b1bc62cc49c57bec5654a89e22997972f50d14fb33
303148261bbb2e2aa07a0a388402b49b52ceb6f4c72e921decf019aa4e174d52
305ea20ec2612ced7e0d3076b0e94aa8de23ffa3602a7e9fbdb6213d8a0be81d
3106c855736d9bed38684f5f61209b5b4b5b6b4ccf33f6691fd04747b5934bb1
346d741ba0dc7cd5e83ae349cba98d00a4f67b59fd8a72e60deff970e264a72a
3766e0170820b7a33cccc3aa28fd3f2e7e5bb7524c228ab98f1b1beee6e2c5fb
38accd3e8604ad89be44af0772b2e05d8cecd5292ee89dfba98f687500b7c6b5
392554a6c9183a93eb97457f566ad70e694b07c056300773961f0dae132aec68
398467f11681e46ebe862ed3e097f54e4a7fa3f49ee8754ba07a7a0540b72242
3c29cdfefa2b12ec0c7e2603bbb587635c655589f3e6138e1212b7067dcdbb94
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e4e6ca8c530e819d0da6e64155939415947301a65baf8a7c55dec6af1c175bc
3f4264eb7e40e897016f8ddc1bb84f89977175f28aff87758b044b59a8513ebe
401c56d379ef01a8811595d7c8ccd84db551e2afc12f11e4570a226ea5f00016
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
45716f61b98acd1eace6f120d8aa7768d4e5b06ffb12b79458aa567838fff869
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
487062b7e9d1c9af80e65f6dd6f25d73daa19dd68e16e0b47aac055cc4490720
496e8a524c13189f9438758bed1a7107de9a16a8d0067e1bf8e62bf6d7ef5401
4b69a3f605576e2a0cdb6abd74d3efdf893c4b6124ace390559d62437b9553d7
4c5d9a2bb4c1a0f9661d19ef675c5646853154a3196260b6f25aa94b73e37f60
4cc8676ab923198535d2d2169e8a3bc2b284128e044e61d06959cb5191110a1c
4d9fec3a828219e8265a5b7117fa8df31cfcda5e02cffd72ffe71caaa904c138
4f01a4a673ec7010f3fa188cba985302f9909324e298bb0d81830cdfa7d9cd44
51cf9821bf15d436fad9c0f05e5b7df08012e241454f44cc0178a15275743d42
547f74bbb948978ad401eef5a8dc2a8b39cf4edfec49d72a7926eda31aaec8ab
559204cb5d8dfe0b49c2297c57cdddfff3fc0244492aecc1bd0e498f0ca076dd
5a6b9be7170ad1ab7fdf2fa3d14d448be9cdbf13ec9832843af2b3f653ba240f
626dc19571b3505bedcf5576536a5e70209e9d9dd6bf5e8a0f0a792a8f8fa004
653788610db2a7fa9d33577a8977c919859574b13a2968b66638fd52467a47ad
6768464f893a4354a0eb3a6e86543ec23d2f9ed1b97e7bef0ca7f7ae2c32f978
6891520b4e852dbd23fdfdaa290e54766e39704083ba4b96c44d79ac46006cac
6a4bda882c1ec7303a37399430837a069ae29b88fd3285f5e73ab9ff63fc190a
70a71cb1534b0211a6a546deb79673ea255baf9e85746b034b93bab84e409d0a
70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3
72ed99ac85ceb061ea8be23de55ee3c919cf72505e64b6a0a50fc5465ddcb719
7470ea5b6672edad975a8cd9c629ab96e0218d69c3571d907027712a8fb177e2
755790092d17e751c6c8977b0cacf7cf65ba730480b56b6c70c3dd67e6f7c98b
76eea5a3bc646292e49ef7301887a1bc2306a11cad483203c39319d662b30b4b
77aeaea79ee66bcc865bf9ff20b63a1c2d224535bb371dfb4c8019704e2928fa
793faf5e6444c03f51ddc310206da45198093ee9dc3a3951f617371b3b399b87
7977d3cd67e83320cfd046f602cece53d77479bc1d33d37bfe8df89edba5cf9f
7a95d77efea8d0a8b333c48041cd35b8ca1f9bef042e30fa7a7a00611ec33506
7af60381a77100924e59b5d18b0fe69234d2eca6e03592f22571a3c782729ae1
7b389bec01167a9eb00c6766c3dd9c35c66f4428a64b5bdac69acf934db66774
7bf752f12b03048b622e2fd3f97fe2e1d79d7dd7747f5fa06681cdd72a7af521
8224fde3119dc9f8461aee0c6cf4801b4e52d4b349963d125a04ae8de3395293
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
83d08e075c9885fe2743199a7ebf0078005c1e7838589676ec8f2ca4d4718dcd
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
89668d0d4ba59cbcf25ac2ed46dbe2eb5e05cb4d7ee2a2cb858140c63cc7862f
90883a46876da1a33b973c0ed230260cfeaef632cf8fa94c4e6949709ea1f92e
90aa6365d547e1e864af5ed5d583d2e50bb8c8f1136d69e8809f1b7b785a0567
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
9374b026eb7a778c198086b37151a8f1e414c65f10e06556c8e16eb3a12b9f97
94c53095b7d6a53f868c3d6ae4e9b3ab6805cbb9c3c58d3700d3c0cddee1782e
962f89f8f7d5bff32086da18706a78935959a7515c6ea521c50e0ed18da967b2
9acebc7da826b5c97db2b505eb9356d4612e4d0d927099480549e2b4035c2115
9c59a5a5b02a65d77944915245a0481e4cc9de0567bff244261f87aaa67c23a2
aa0cf3376627ffacdd10ff56d0fb3158a4de2da2ee0461b4e8f417481794358f
aa1e8a707905887761b5b2ae749dc98c56941c81619337d1ea808756ddaeafb0
ac6226e76d07374cb133b8eb6752253573d2b1d932009fac81a2ef21c15b859b
adc9298b081d82615add870fde1e08d6e6a424b4cd3b4b15f89910b1e4c7504e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6c7dfff51a94e515b3730b4e7c9e3f533a1b6bef86a98b3dd73ba26f135cfa8
b86447ba911b9a5dbd464290955f36e5a02ff330bbf86f82558ad6a591209d40
b93409f07daee085efb82a26ca9e7115139a7bfb645a99ef809b7a68223c4553
c141534a1ccc17930822b18407dbf508be53e518e011b6d3f9032d57d6c5b082
c28d2045095db15d878611a6a2842bddc1b9334d8147ad7a9b7c9050e913150d
c4109a5f2ad3d6f7f72b3374ea8da30696da26a9200f81a71cb2ecd3624e0e90
c90c9b2c6cc47fb731137fc21fcc7bca965f809d2f1aaa29f0045c39ef0567db
cbef1a1cb40d4801e4b23cae00fbe3e4d9d33487852aaa1041ba2b4f4f7d2fe1
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cee2af3d18df1705aeb69ca0a5050076aecdd4b4ab528b795280c17f7a0d8795
d443235c5040b9e5a2461f69bcef0930f5820c356830bb0c59a4953d16f8a59e
da563995c8336482dcbb5111f35e29613d82abeb5f6b6cdf1b553077d644f3de
db3cb863e8656f46c2f4ce37fca19978438376cbf2da0bae4901ea8f421d5927
de4090a2f1d550af64e1a4d5590255c29573f17ac8d78fb8c9aaeeee9743a35d
e09eb548240dc8cf37b2d7bfa74f8fb150b26fd717e5385b65fe31ef912b5176
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e680f15ef156077429b715ace513107f66461727a57814c75b32246ed87e6f07
edf02b92b41e82d2e8bdedc8155a29e03325929e1d540a7eee89f6a45da7e28b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f97319e303c3092672435d4d0cda351ce46a61769cfd6df9d0a898d3d41b8a
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f4110d145ad25681a3ef677782ec9a807407fe09b028c2ea15648833ed9cac60
f46b9c352093577bb2c39fc21f91c796c98c527e84033ed4a72358599b77824b
f6034deaabb06881554a4ecfef05fc3cc6bfb1a78ad76d92be99753f102e1a50