www.yallakora.com Open in urlscan Pro
104.20.26.67 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.yallakora.com/
Submission: On October 20 via manual (October 20th 2021, 2:27:20 pm UTC) from SA — Scanned from DE

Summary HTTP 259 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 42 IPs in 6 countries across 34 domains to perform 259 HTTP transactions. The main IP is 104.20.26.67, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.yallakora.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 4th 2020. Valid for: a year.

This is the only time www.yallakora.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	104.20.26.67 104.20.26.67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
3	143.204.98.4 143.204.98.4	16509 (AMAZON-02) (AMAZON-02)
42	104.26.5.169 104.26.5.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.19.148.8 104.19.148.8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.185.142 142.250.185.142	15169 (GOOGLE) (GOOGLE)
1	142.250.185.104 142.250.185.104	15169 (GOOGLE) (GOOGLE)
3	172.67.74.224 172.67.74.224	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	52.19.22.209 52.19.22.209	16509 (AMAZON-02) (AMAZON-02)
2	142.251.5.156 142.251.5.156	15169 (GOOGLE) (GOOGLE)
2	23.32.238.104 23.32.238.104	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	68.71.249.118 68.71.249.118	20093 (ZEROLAG) (ZEROLAG)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
11 49	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
5	142.250.185.129 142.250.185.129	15169 (GOOGLE) (GOOGLE)
1 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	3.251.5.34 3.251.5.34	16509 (AMAZON-02) (AMAZON-02)
1 2	3.220.38.221 3.220.38.221	14618 (AMAZON-AES) (AMAZON-AES)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	46.228.164.13 46.228.164.13	56396 (AMOBEE) (AMOBEE)
19	142.250.181.225 142.250.181.225	15169 (GOOGLE) (GOOGLE)
3	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
4	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
1	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
2	142.250.186.74 142.250.186.74	15169 (GOOGLE) (GOOGLE)
6 12	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
6 9	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
36	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
3	143.204.98.23 143.204.98.23	16509 (AMAZON-02) (AMAZON-02)
3	91.228.74.189 91.228.74.189	16509 (AMAZON-02) (AMAZON-02)
1 1	185.33.220.242 185.33.220.242	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	193.122.174.27 193.122.174.27	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 1	204.62.13.72 204.62.13.72	46636 (NATCOWEB) (NATCOWEB)
1 1	88.214.206.247 88.214.206.247	46636 (NATCOWEB) (NATCOWEB)
2	142.251.129.67 142.251.129.67	15169 (GOOGLE) (GOOGLE)
2	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
2	143.204.98.9 143.204.98.9	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
2	172.217.130.74 172.217.130.74	15169 (GOOGLE) (GOOGLE)
2	2.18.233.67 2.18.233.67	16625 (AKAMAI-AS) (AKAMAI-AS)
6	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	148.251.50.176 148.251.50.176	24940 (HETZNER-AS) (HETZNER-AS)
2	144.76.185.38 144.76.185.38	24940 (HETZNER-AS) (HETZNER-AS)
6	136.243.2.209 136.243.2.209	24940 (HETZNER-AS) (HETZNER-AS)
6	148.251.194.218 148.251.194.218	24940 (HETZNER-AS) (HETZNER-AS)
1	82.113.101.132 82.113.101.132	6805 (TDDE-ASN1) (TDDE-ASN1)
259	42

23 104.20.26.67 (United States)

ASN13335 (CLOUDFLARENET, US)

www.yallakora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.4 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-4.fra50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 104.26.5.169 (United States)

ASN13335 (CLOUDFLARENET, US)

media.gemini.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.gemini.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.148.8 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.74.224 (United States)

ASN13335 (CLOUDFLARENET, US)

ads.gemini.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.19.22.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.5.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.238.104 (United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-238-104.deploy.static.akamaitechnologies.com

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 68.71.249.118 (Atlanta, United States)

ASN20093 (ZEROLAG, US)

udmserve.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 142.250.185.226 (United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net

30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.251.5.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-251-5-34.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.220.38.221 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-38-221.compute-1.amazonaws.com

thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2.18.234.21 (Ascension Island) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.33.220.241 (Netherlands) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.23 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-23.fra50.r.cloudfront.net

bid.underdog.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.228.74.189 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.242 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.79 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.122.174.27 (Seattle, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.62.13.72 (Clifton, United States) 1 redirects

ASN46636 (NATCOWEB, US)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.206.247 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)
PTR: buycheapfags.com

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.129.67 (United States)

ASN15169 (GOOGLE, US)
PTR: rio07s07-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.9 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-9.fra50.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.78 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.130.74 (United States)

ASN15169 (GOOGLE, US)
PTR: prg03s08-in-f10.1e100.net

r5---sn-2gb7sn7r.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.67 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-67.deploy.static.akamaitechnologies.com

s79.mxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.50.176 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h571.meetrics.de

stat.meetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.76.185.38 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h374.meetrics.de

s79.research.de.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 136.243.2.209 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h563.meetrics.de

b36.s79.research.de.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 148.251.194.218 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h351.meetrics.de

b33.s79.research.de.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.132 (Ingelheim am Rhein, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	293 KB
45	gemini.media media.gemini.media ads.gemini.media	1 MB
39	2mdn.net 1 redirects s0.2mdn.net gcdn.2mdn.net r5---sn-2gb7sn7r.c.2mdn.net	3 MB
34	doubleclick.net 11 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net bid.g.doubleclick.net googleads4.g.doubleclick.net	286 KB
23	yallakora.com www.yallakora.com	396 KB
14	de.com s79.research.de.com b36.s79.research.de.com b33.s79.research.de.com	4 KB
12	casalemedia.com 6 redirects dsum-sec.casalemedia.com	11 KB
10	adnxs.com 7 redirects ib.adnxs.com secure.adnxs.com	8 KB
7	crwdcntrl.net tags.crwdcntrl.net bcp.crwdcntrl.net sync.crwdcntrl.net	19 KB
6	udmserve.net udmserve.net	9 KB
5	pubmatic.com 5 redirects image8.pubmatic.com image2.pubmatic.com image4.pubmatic.com	2 KB
5	google.com adservice.google.com www.google.com	1 KB
4	gstatic.com csi.gstatic.com fonts.gstatic.com	32 KB
4	google-analytics.com www.google-analytics.com	20 KB
3	quantserve.com secure.quantserve.com pixel.quantserve.com	10 KB
3	underdog.media bid.underdog.media	258 KB
3	googleapis.com fonts.googleapis.com imasdk.googleapis.com	127 KB
3	googletagservices.com www.googletagservices.com	112 KB
2	meetrics.net stat.meetrics.net	702 B
2	mxcdn.net s79.mxcdn.net	115 KB
2	quantcount.com rules.quantcount.com	1 KB
2	thrtle.com 1 redirects thrtle.com	769 B
2	exelator.com 1 redirects loadm.exelator.com	2 KB
2	createjs.com code.createjs.com	125 KB
2	crazyegg.com script.crazyegg.com	3 KB
1	o2online.de portal.o2online.de	609 B
1	admanmedia.com 1 redirects cs.admanmedia.com	490 B
1	admixer.net 1 redirects inv-nets.admixer.net	472 B
1	technoratimedia.com sync.technoratimedia.com	297 B
1	turn.com 1 redirects d.turn.com	411 B
1	rubiconproject.com token.rubiconproject.com	214 B
1	krxd.net beacon.krxd.net	338 B
1	google.de adservice.google.de	716 B
1	googletagmanager.com www.googletagmanager.com	41 KB
259	34

	Domain	Requested by
38	media.gemini.media	www.yallakora.com
36	s0.2mdn.net	www.yallakora.com s0.2mdn.net 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
27	pagead2.googlesyndication.com	30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.yallakora.com securepubads.g.doubleclick.net www.googletagservices.com
23	www.yallakora.com	www.yallakora.com
19	tpc.googlesyndication.com	30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com tpc.googlesyndication.com imasdk.googleapis.com s0.2mdn.net securepubads.g.doubleclick.net
15	cm.g.doubleclick.net	11 redirects bcp.crwdcntrl.net googleads.g.doubleclick.net
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
9	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
7	ads.gemini.media	www.yallakora.com ads.gemini.media code.createjs.com
6	b33.s79.research.de.com	30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
6	b36.s79.research.de.com	30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
6	googleads4.g.doubleclick.net	www.yallakora.com
6	googleads.g.doubleclick.net	30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com www.yallakora.com
6	udmserve.net	www.yallakora.com bid.underdog.media
5	30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	securepubads.g.doubleclick.net	www.yallakora.com securepubads.g.doubleclick.net 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
4	www.google.com	30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com tpc.googlesyndication.com
4	www.google-analytics.com	www.yallakora.com www.google-analytics.com
3	image8.pubmatic.com	3 redirects
3	bid.underdog.media	udmserve.net bid.underdog.media
3	www.googletagservices.com	30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
3	bcp.crwdcntrl.net	tags.crwdcntrl.net
3	tags.crwdcntrl.net	www.yallakora.com tags.crwdcntrl.net
2	s79.research.de.com	s79.mxcdn.net
2	stat.meetrics.net	s79.mxcdn.net
2	pixel.quantserve.com	www.yallakora.com
2	s79.mxcdn.net	s0.2mdn.net
2	r5---sn-2gb7sn7r.c.2mdn.net	30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
2	rules.quantcount.com	secure.quantserve.com
2	fonts.gstatic.com	fonts.googleapis.com
2	csi.gstatic.com	imasdk.googleapis.com
2	imasdk.googleapis.com	30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
2	thrtle.com	1 redirects bcp.crwdcntrl.net
2	loadm.exelator.com	1 redirects bcp.crwdcntrl.net
2	code.createjs.com	ads.gemini.media
2	script.crazyegg.com	www.yallakora.com script.crazyegg.com
1	portal.o2online.de	www.yallakora.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	cs.admanmedia.com	1 redirects
1	inv-nets.admixer.net	1 redirects
1	sync.technoratimedia.com	www.yallakora.com
1	image4.pubmatic.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	secure.adnxs.com	1 redirects
1	secure.quantserve.com	udmserve.net
1	fonts.googleapis.com	30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
1	sync.crwdcntrl.net	bcp.crwdcntrl.net
1	d.turn.com	1 redirects
1	token.rubiconproject.com	bcp.crwdcntrl.net
1	beacon.krxd.net	bcp.crwdcntrl.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	www.yallakora.com
259	55

This site contains links to these domains. Also see Links.

Domain
te.eg
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
www.yallakora.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-04` - `2021-11-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-12-06` - `2021-12-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh
udmserve.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-08-21`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.thrtle.com Go Daddy Secure Certificate Authority - G2	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
underdog.media DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-08-21`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.technoratimedia.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-17` - `2022-10-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-10-12` - `2021-12-21`	2 months	crt.sh
*.mxcdn.net DigiCert SHA2 Secure Server CA	`2021-10-16` - `2022-10-18`	a year	crt.sh
meetrics.net R3	`2021-09-22` - `2021-12-21`	3 months	crt.sh
*.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-02-19`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://www.yallakora.com/
Frame ID: ECDABEF2697BBEEBA80FC7F052C7F84A
Requests: 98 HTTP requests in this frame

Frame: https://ads.gemini.media/2021/Oct/WE/change-WE/change-stage/Gutter/Untitled-2.html
Frame ID: 09E4D897BC69B91E4C67EB523D1CBFDF
Requests: 4 HTTP requests in this frame

Frame: https://ads.gemini.media/2021/Oct/WE/change-WE/change-stage/Gutter/Untitled-2.html
Frame ID: 0E8B3C1340A2620A74740F3271EF79A9
Requests: 4 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15758
Frame ID: 3C06350B250DBD34FE34A65691289189
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=22%2C100%2C80%2C125%2C31%2C3&c=15758
Frame ID: C3F10E897DFD4A0BE672A1508E4F7F22
Requests: 7 HTTP requests in this frame

Frame: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A9B47D2EA30E723B7A66CD98F8888A63
Requests: 1 HTTP requests in this frame

Frame: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E075BFB81095A8FF097A59468AB79C6B
Requests: 24 HTTP requests in this frame

Frame: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FD9F5F9F54B3D0A56D96751B802CE948
Requests: 14 HTTP requests in this frame

Frame: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DF48F0A92CF8C516DD6CCDBFA3ABC80E
Requests: 18 HTTP requests in this frame

Frame: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EC42191BE751DDC7E9F0807E39414DBC
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj1nOe1ATAB&v=APEucNWwrENVUWOHz32JmZJH6PwGaPyw853zZWvuMEZVRuhFQCNVUqv5rXFmeM5gzbsd2wiPETIDcVdjdhZewTWyUj8kqBsfHgSTWNkxCzj-zfTizqTF6Pq7cDw-tSff5fbGcVl1Amhgrxo2kvr9js8mIDx_8vh7rElgqhq1i8I81Jn9Sm7CJWc
Frame ID: 0C7D552F12075C307DFCEF32DA06448E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiQjIyqATAB&v=APEucNVfGJjb6-F7mhdxLLEvADdAErf9HdTYLcLMQQIObrcG3MHeYBT6nf5vGs1jsF53sAo64IHxd4DrQApCAiQOvDlbDiK8c1C-KMPNieJVb60tFrKIVeSDv6k8lZUvc6TIRZ4iE_iWUSnyZSoY49C4UI1teT6xba9hebhZ91m_6u39KVDrv9Y
Frame ID: 712E09115AA0E03C299E1C4A24002DDD
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj6nOe1ATAB&v=APEucNUOTywCn6aZ-mhizclV2aOnHO5PpgbDKu3SNglg72iOvFxo1PyG7ixS7S11pk1bAuU4LYhqjAt8aKWDUFOpOp-CGf-KOxstuRxQFJ12-VrTUKEUtYyTDMMdB_sg2WjoPn_VMSokAiYoOlCxwRrXakzLe7YO66cHYWLRzrF9beZlqnx1ka8
Frame ID: 5705E8046A8D71B152371C126D382B88
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D8506BF3D9A4B0B4C200B1A2328DED23
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C7D07B1B1AADD4A7F7CEFA2113403631
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 17527CC7F8194C9D02D862D511DE08B4
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html
Frame ID: 8E4E8554010B904313E49AB9CA2BEC47
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/index.html
Frame ID: 70DE8E615F839F01E233571445134033
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61693850/20210607064301236/728x090.html?e=69&leftOffset=0&topOffset=0&c=jeV24bGAun&t=1&renderingType=2
Frame ID: EF3D4A4BE49F3DB93464EFF37080AC80
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 60560862C6F11F7088513DDC404881FC
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Frame ID: B8B8F56C17367876CFC1656E3AA5674E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 902B19B4B7BB2BF7BA4B1FB7DAC3E331
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A97B3EBC48DF3BECC6950E16E2053F49
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

يلاكورة الموقع الرياضى الأول فى الشرق الأوسط

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Flickity (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/flickity(?:\.pkgd)?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

259
Requests

100 %
HTTPS

0 %
IPv6

34
Domains

55
Subdomains

42
IPs

6
Countries

5984 kB
Transfer

10328 kB
Size

46
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://te.eg/wps/portal/te/Personal/Mobile/KIX/!ut/p/z1/lZFBU4MwEIX_ipceM7sESsiRKWNFrJ2K2pKLgyRoLARao1P_vaHTGU_FaW5J3u5-7y0I2IAw5bd-K63uTNm4eyHClykmNMUc76Ign-EqpMxL8xuKiLA-CrJVQr3lHLNldu9jvOAJzq5DDxcMxHj9MwgQlbG9fYfCqgnu1aeWylhdNhNsu1fdqKu2k1-N-6s6Y_ede9_qw1DXV1pCUfmcKcYjUkqpSFDRKYmCwCcykH4dspq6eSfOEZCBE8-cePApjpI_pzzkzmmaIH9gFCN6Eoz0yJWBwnGwsxxzCvmFxm7_S9itUH_sdiJ2Obv81MHC5qKg-_apjfwfsq2Tx7pdx796cFU3/dz/d5/L0lHSkovd0RNQUZrQUVnQSEhLzROVkUvYXI!/?1dmy&urile=wcm%3apath%3a%2FTE%2FResidential%2FMobile%2BModule%2FControl%2FControl_Tazbeet%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Yallakora

Search URL Search Domain Scan URL

URL: https://twitter.com/yallakoranow

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC7N7DXktAhFpRpYb3B6Hnxg

Search URL Search Domain Scan URL

URL: https://www.instagram.com/yallakora/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_tc=

Request Chain 90

https://loadm.exelator.com/load/?p=204&g=260&buid=617f4c97f8030216f005d10bd1409a6a&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=260&buid=617f4c97f8030216f005d10bd1409a6a&j=0&xl8blockcheck=1

Request Chain 92

https://thrtle.com/insync?vxii_pid=10014&vxii_pdid=617f4c97f8030216f005d10bd1409a6a HTTP 302
https://thrtle.com/insync?vxii_pdid=617f4c97f8030216f005d10bd1409a6a&vxii_pid=12&vxii_pid1=10014&vxii_rcid=74f9a9fb-3edb-4d9f-b32b-cc0486add510

Request Chain 94

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/617f4c97f8030216f005d10bd1409a6a/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4568298086877471621

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxUtIIXTCkrL6lMRKxWWC4&google_cver=1

Request Chain 126

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXAnQVtIaD2m2OritK1dwgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBkrg69Fz5KBNLH920mtnE0&google_cver=1

Request Chain 127

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBbxLoJ_uLea9jAcDM6bp10&google_cver=1

Request Chain 128

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYyNTM5NDYyODEzNTcxNzQyMA%3D%3D

Request Chain 129

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxUtIIXTCkrL6lMRKxWWC4&google_cver=1

Request Chain 130

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXAnQVtIaD2m2OritK1dwgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBkrg69Fz5KBNLH920mtnE0&google_cver=1

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBbxLoJ_uLea9jAcDM6bp10&google_cver=1

Request Chain 132

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYyNTM5NDYyODEzNTcxNzQyMA%3D%3D

Request Chain 133

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEESw-kk2d_I82vOuMykedw4&google_cver=1

Request Chain 134

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXAnQVtIaD2m2OritK1dxAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBkrg69Fz5KBNLH920mtnE0&google_cver=1

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPC2YwxSfsVpzN11m1UzS9o&google_cver=1

Request Chain 136

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYyNTM5NDYyODEzNTcxNzQyMA%3D%3D

Request Chain 150

https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;apnid=7625394628135717420

Request Chain 151

https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjYxNzFEREMtRkYwMi00RDI4LUFCMzctREE3Qzk3N0QwODg5&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D26171DDC-FF02-4D28-AB37-DA7C977D0889 HTTP 302
https://udmserve.net/udm/fetch.pix?pmid=26171DDC-FF02-4D28-AB37-DA7C977D0889

Request Chain 153

https://inv-nets.admixer.net/adxcm.aspx?ssp=F74A1705-8854-4390-959E-C24FA4349F88&rurl=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Badmix%3D%24%24visitor_cookie%24%24 HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;admix=dd3641ceeaec41cc979e74192bd0d685

Request Chain 154

https://cs.admanmedia.com/sync/underdog?redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bacu%3D%7B%24UID%7D HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;acu=c51a0226b29a26829241b4e9c1396e1f596feea2

Request Chain 173

https://gcdn.2mdn.net/videoplayback/id/693eea397406125d/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666276033/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/0F3A2EBA20DB3796369ABF3BAE794645C10C1AB6.0471C9E81AABC2E6C0B5038BC589E944E4C77967/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-2gb7sn7r.c.2mdn.net/videoplayback/id/693eea397406125d/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666276033/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5FEC6946133A190CC762187123CAC1FA4EC34D5C.668E08D6A048A8CECF64C7B306869BD2C02BED9D/key/cms1/cms_redirect/yes/mh/IZ/mip/216.131.111.149/mm/42/mn/sn-2gb7sn7r/ms/onc/mt/1634739650/mv/m/mvi/5/pl/24/file/file.mp4

259 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.yallakora.com/ 135 KB
20 KB 594ms
545ms Document
text/html 104.20.26.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.26.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 18cfced909f1979e2af7f83ced5f8caf4fb68e224b8be8073b11a1859c72b278

Request headers

:method: GET
:authority: www.yallakora.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache
pragma: no-cache
expires: -1
vary: Accept-Encoding
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-origin: https://ads.geminimedia-eg.com
set-cookie: FGTServer=B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA55A1D2; Version=1; Max-Age=3600
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a12ecef98862175-DUS
content-encoding: br

GET
H2 200 Smartbanner.min.css
www.yallakora.com/Content/ 3 KB
956 B 36ms
34ms Stylesheet
text/css 104.20.26.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/Content/Smartbanner.min.css?ref=0.1
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.26.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c5c8590321b0680f694b47009031a831113a05acee54ae1e1a935cd6d72cfadd

Request headers

:path: /Content/Smartbanner.min.css?ref=0.1
pragma: no-cache
cookie: FGTServer=B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA55A1D2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.yallakora.com
referer: https://www.yallakora.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Jan 2021 09:27:57 GMT
server: cloudflare
age: 1807758
x-powered-by: ASP.NET
etag: W/"4cfa3b4d7efd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 6a12ecf329e92175-DUS

GET
H2 200 Style.min.css
www.yallakora.com/Content/ 1 MB
136 KB 49ms
47ms Stylesheet
text/css 104.20.26.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/Content/Style.min.css?ver=53.08
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.26.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 576ea27f3989da5d7864d8a8246a757cc86abd9cfb18bdfafe39002b64708d47

Request headers

:path: /Content/Style.min.css?ver=53.08
pragma: no-cache
cookie: FGTServer=B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA55A1D2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.yallakora.com
referer: https://www.yallakora.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Oct 2021 15:30:12 GMT
server: cloudflare
age: 1205265
x-powered-by: ASP.NET
etag: W/"05a97dc7bad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 6a12ecf329eb2175-DUS

GET
H2 200 Sponsor21.css
www.yallakora.com/Content/ 8 KB
1 KB 37ms
36ms Stylesheet
text/css 104.20.26.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/Content/Sponsor21.css?ver=2.0
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.26.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e1e90dcd393bdacce9fc1cc34ddd54ff48b8c2348e29b1357e4e54ad3dcbff3b

Request headers

:path: /Content/Sponsor21.css?ver=2.0
pragma: no-cache
cookie: FGTServer=B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA55A1D2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.yallakora.com
referer: https://www.yallakora.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
content-encoding: br
cf-cache-status: HIT
age: 1220498
x-powered-by: ASP.NET
last-modified: Sun, 05 Sep 2021 11:13:42 GMT
server: cloudflare
etag: W/"077a11547a2d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-polished: origSize=10624
cf-ray: 6a12ecf329ee2175-DUS
cf-bgj: minify

GET
H2 200 GutterStyle.css
www.yallakora.com/Content/ 5 KB
1 KB 36ms
34ms Stylesheet
text/css 104.20.26.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/Content/GutterStyle.css?ver=0.60
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.26.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2f3b2886fda5858396c03552fe284f77796c807dd48a70bb07d40a89133d02a1

Request headers

:path: /Content/GutterStyle.css?ver=0.60
pragma: no-cache
cookie: FGTServer=B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA55A1D2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.yallakora.com
referer: https://www.yallakora.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
content-encoding: br
cf-cache-status: HIT
age: 1807757
x-powered-by: ASP.NET
last-modified: Fri, 11 Jun 2021 13:13:12 GMT
server: cloudflare
etag: W/"7ba3eb87c35ed71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-polished: origSize=7034
cf-ray: 6a12ecf329f02175-DUS
cf-bgj: minify

GET
H2 200 jquery-3.5.1.min.js Show response
www.yallakora.com/Scripts/ 105 KB
33 KB 60ms
58ms Script
application/javascript 104.20.26.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/Scripts/jquery-3.5.1.min.js
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.26.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e2075dacbcf097ebf6ca41703bc5d835515a440e994e3b48a824c4613c671337

Request headers

sec-fetch-mode: cors
origin: https://www.yallakora.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: script
cookie: FGTServer=B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA55A1D2
:path: /Scripts/jquery-3.5.1.min.js
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.yallakora.com
referer: https://www.yallakora.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.yallakora.com/
Origin: https://www.yallakora.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jul 2021 08:19:43 GMT
server: cloudflare
age: 1807891
x-powered-by: ASP.NET
etag: W/"8079fa26c082d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 6a12ecf329f12175-DUS

GET
H2 200 General.js Show response
www.yallakora.com/Scripts/ 6 KB
1 KB 69ms
68ms Script
application/javascript 104.20.26.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/Scripts/General.js?ver=0.5
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.26.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bb3ea64c83eb71a91b659d68906aa9332e59e84147e3cc3fa6af9d40423d73ea

Request headers

:path: /Scripts/General.js?ver=0.5
pragma: no-cache
cookie: FGTServer=B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA55A1D2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.yallakora.com
referer: https://www.yallakora.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 06 Jun 2021 14:49:14 GMT
server: cloudflare
age: 1807794
x-powered-by: ASP.NET
etag: W/"1891a41ee35ad71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 6a12ecf329f42175-DUS

GET
H2 200 AdSense.min.js Show response
www.yallakora.com/Scripts/ 2 KB
631 B 36ms
35ms Script
application/javascript 104.20.26.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/Scripts/AdSense.min.js?ver=0.4
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.26.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f46b9c352093577bb2c39fc21f91c796c98c527e84033ed4a72358599b77824b

Request headers

:path: /Scripts/AdSense.min.js?ver=0.4
pragma: no-cache
cookie: FGTServer=B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA55A1D2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.yallakora.com
referer: https://www.yallakora.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 29 Aug 2021 14:56:12 GMT
server: cloudflare
age: 1808012
x-powered-by: ASP.NET
etag: W/"db42a2e69cd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 6a12ecf329f62175-DUS

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 101ms
38ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

170426b1ccbf16d163b36333bb291cebb26c5288224706ed42bec87e72eb972f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1019 / 842 of 1000 / last-modified: 1634727954"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27181
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Oct 2021 14:27:12 GMT

GET
H2 200 sender.script.js Show response
www.yallakora.com/Yogo/scripts/ 848 B
463 B 72ms
71ms Script
application/javascript 104.20.26.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/Yogo/scripts/sender.script.js
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.26.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4f7d5b4af81b4bf579dc4aa285da528826c46e8dddebc86270d0b0771b371055

Request headers

:path: /Yogo/scripts/sender.script.js
pragma: no-cache
cookie: FGTServer=B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA55A1D2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.yallakora.com
referer: https://www.yallakora.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 24 Jun 2019 16:35:25 GMT
server: cloudflare
age: 5226
x-powered-by: ASP.NET
etag: W/"db6f37d3aa2ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=691200
cf-ray: 6a12ecf329f82175-DUS

GET
H2 200 IP2Location.js Show response
www.yallakora.com/Scripts/ 1 KB
702 B 36ms
35ms Script
application/javascript 104.20.26.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/Scripts/IP2Location.js?ver=0.1
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.26.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b41d4ac96513549e132985d530ceba973ad90fd6567139437f3b27866f39980c

Request headers

:path: /Scripts/IP2Location.js?ver=0.1
pragma: no-cache
cookie: FGTServer=B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA55A1D2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.yallakora.com
referer: https://www.yallakora.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 09 Nov 2020 12:03:15 GMT
server: cloudflare
age: 1807794
x-powered-by: ASP.NET
etag: W/"9029da4d90b6d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 6a12ecf329fc2175-DUS

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/15758/ 42 KB
13 KB 56ms
11ms Script
text/javascript 143.204.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/15758/lt.min.js
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.4 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-4.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 833eed745c34aa91e1805487482c20a3b780337fdada5d5a6c1683bc432dc6c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 19 Oct 2021 15:25:10 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 15:09:57 GMT
server: AmazonS3
age: 82923
etag: W/"421eb3f46e703f2270b1d20442dad792"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: HV0d2bJ8FUvhaRy92MgHzJUhSGwaJTnGZchdMKTvder2qrIxMP8JAw==

GET
H2 200 api.js Show response
www.yallakora.com/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 19ms
14ms Script
text/javascript 104.20.26.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.yallakora.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.26.67 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/bm/cv/669835187/api.js
pragma: no-cache
cookie: FGTServer=B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA55A1D2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.yallakora.com
referer: https://www.yallakora.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6a12ecf44d2e2175-DUS

GET
H2 200 ykLogo.png
www.yallakora.com/Images/ 5 KB
6 KB 33ms
28ms Image
image/png 104.20.26.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yallakora.com/Images/ykLogo.png
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.26.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b14a34709a0c86f49406dd0436c235e930d2866cb38059f7d949a9d493ed3e37

Request headers

:path: /Images/ykLogo.png
pragma: no-cache
cookie: FGTServer=B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA55A1D2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.yallakora.com
referer: https://www.yallakora.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
cf-cache-status: HIT
age: 1807794
x-powered-by: ASP.NET
content-length: 5505
last-modified: Wed, 30 May 2018 20:47:06 GMT
server: cloudflare
etag: "ae7f195f57f8d31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-polished: origSize=8080
accept-ranges: bytes
cf-ray: 6a12ecf44d312175-DUS
cf-bgj: imgq:85,h2pri

GET
H2 200 Barcelona2018_7_29_14_44.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/ 7 KB
8 KB 135ms
75ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/Barcelona2018_7_29_14_44.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fdc9e0f7357afc15265e987dd003b371cc55ae48a410fe2205b419d682a18189

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 585368
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7413
last-modified: Sun, 29 Jul 2018 12:46:29 GMT
server: cloudflare
etag: "e1a3bd2b3a27d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ty4MeeyWj4tzd2oEPhs3fGhudUVw5U%2FRDLoGyoWM4%2FkSHs8T11ffkAqmfBwdG7iQGHLgSHjcRdXyRbVI9BV%2Bomkv5ZARHVDJkU2Cv5zgqJkGpcQdh%2F8cS6Na3b0ydD%2FpHhFijQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf4ba690075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 DynamoKyiv2018_8_12_13_1.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/8/12/ 6 KB
6 KB 120ms
60ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2018/8/12/DynamoKyiv2018_8_12_13_1.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1a4dcd43e464872906c7c4692489ea00267db156a330f632e55a29195d9ffc63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59219
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5788
last-modified: Sun, 12 Aug 2018 11:01:13 GMT
server: cloudflare
etag: "bb18a2c82b32d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOts8UZ2c7fhN1mdHXQcF%2BJ6KoEQCAAtyczhU9UZcqmfDk9DjVJyVcZw5eNbbFaRBMQiOA8L63lCaQYCmVAsQv%2FHRxHr%2F18F%2FV21pichthNRP5IsFsVZj2JU%2FcJZ84DO21sUiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf4ba650075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 ManchesterUnited2018_7_29_15_29.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/ 10 KB
10 KB 135ms
75ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/ManchesterUnited2018_7_29_15_29.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 48b238fc114e9a69a592ad9a3c56f73cdd2c007fe674e60231044f92afb153fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 585354
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10228
last-modified: Sun, 29 Jul 2018 13:31:11 GMT
server: cloudflare
etag: "12e566a4027d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IeWYr956E5%2BWVrXQZi31VcgOgpW8FpzdjemWQXtc1Czh2F0dLGj7OeGhzrkXfBYngVseovXnm9Xn6D6g%2F3%2BbzMAYkuX5V7PAXMn9Y7F%2Bk3fP1Rtf7BJX3ZTm5CEtbJvj2psKWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf4ba630075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 Atalanta2018_7_29_15_5.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/ 6 KB
6 KB 136ms
76ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/Atalanta2018_7_29_15_5.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4a71579d8453c21c8d02744168960e564591beac933f59817902f1f2d422c9b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2486259
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5876
last-modified: Sun, 29 Jul 2018 13:07:43 GMT
server: cloudflare
etag: "c13533233d27d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZOHmgXFWZ4TM6bDLmYG%2BG66JUCxw1j%2B%2FfC1VadGJDRpqouGrfGmXSkpUJlVD%2F0mkJnhqmaqTGyky9MZmQnLZIbu6sD7BcqMf6DSp3RR85uHKFH5UBYrO1%2Fzk6QfcgTXSEhbcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf4ba5d0075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 Chelsea2018_7_29_15_28.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/ 12 KB
13 KB 117ms
57ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/Chelsea2018_7_29_15_28.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: abe6d9e199a77244081ad5fdcfc79109a4c0e63df88151dab5f87713da4304c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 413144
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12230
last-modified: Sun, 29 Jul 2018 13:30:10 GMT
server: cloudflare
etag: "417e17464027d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATrNFEUbEweKyOZ5GSDFGmelqj2AOuoL5BeokSRsb9FfZrzN2Pah6QpsPIkJKdIv1u404AOcKqODAW92ZShVT26qQwfIPdfIcFSc5HaRJe9sRbC0Ma5oYakBGly%2B%2BXz7A%2BaTgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf4aa350075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 Malmo2018_8_12_13_5.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/8/12/ 4 KB
4 KB 102ms
42ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2018/8/12/Malmo2018_8_12_13_5.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ca611de46d09dc3854c2cad7588557c1ce40d0f5a7073f58b93fb2ec066d73b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59219
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4023
last-modified: Sun, 12 Aug 2018 11:05:57 GMT
server: cloudflare
etag: "bf3252722c32d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgRpQ7nBwArrWr2wvd9Gd0Yz7%2BhTBFZm7n6Z7wKutxclL4HXwdLWq0NaebJG7UAuDOjuRZYVOIaj3KCiCXOovAG0AFzuqMnvokhLBxrElX%2FcybaubjI5FQ43XwqZt4xTKi2Gzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf4aa340075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 Zenit2018_9_13_12_40.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/9/13/ 3 KB
4 KB 74ms
43ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2018/9/13/Zenit2018_9_13_12_40.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dfe00ebcaa0d9f6ab2c95471a3f4a9dc2892f85445ab21dfb02c31601aa7bfb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59219
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3556
last-modified: Thu, 13 Sep 2018 10:40:29 GMT
server: cloudflare
etag: "469cb304e4bd41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHPs0Kek9Yq9Ve33%2FDDAagB7Wbv9NJeVNwsNZzRk0wVUaO7CghacQY%2FzI7j1tuLsER8fpEzimHfD4tjyeiz6mh3TV%2FO6ssgnmevC485dCCV9L5UFvnqBqk6FgQya0tgp%2FE93vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf4aa300075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 Juventus12021_7_14_17_22.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2021/7/14/ 3 KB
4 KB 69ms
39ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2021/7/14/Juventus12021_7_14_17_22.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fea6c01963db10b8d2218d03b8fbfe253de7fa5e9d444162aacce1bc0d93621d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 585354
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2928
last-modified: Wed, 14 Jul 2021 15:22:54 GMT
server: cloudflare
etag: "8b404f1ec478d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dH%2B%2BYekHjXRw8l3dX72EoHNq6md%2Fh8KrrGW1DutrACqyN3G29lBJHGu7SjcGHYS%2FU5AqZbmTI%2BpMGDkM9Ld89qsWBjXPaWypce6fugoM0s34%2BAtajykzP6YQxccp9UC6qFwlJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf4aa2e0075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 Benfica2018_8_12_13_8.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/8/12/ 10 KB
11 KB 71ms
41ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2018/8/12/Benfica2018_8_12_13_8.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a090ca218ee05535e42c4072a0cf21ee85d3aa65141ec03314c0e93897966d00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 954380
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10556
last-modified: Sun, 12 Aug 2018 11:08:47 GMT
server: cloudflare
etag: "abf69cd72c32d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C23yk6Ssu4g7IaVBbwoEo0rq4OD1q%2BWaZhaLvXR85brZKv6Vnn5gZhHFG%2FLUKij9aL2WemGq7c7rdJfXthZypGqJ%2Bp0ot6E6ow7IguCQqed53xtPKuxnPt9ijrCx1qrO%2B6EqFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf4aa330075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 BayernMunchen2018_7_29_16_3.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/ 11 KB
11 KB 70ms
39ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/BayernMunchen2018_7_29_16_3.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 099208ecdf0afafc4133bec9d5b4b1641e6d81f38092cd02a4c4567cf839fb2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 869411
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11395
last-modified: Sun, 29 Jul 2018 14:05:11 GMT
server: cloudflare
etag: "e15c282a4527d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGDU4u0pkuGTQAT23P%2B03VwMzL%2BnGsrP5HR4Fx%2F0GPH%2FkkV%2B6DmDg848ht51MvDCWmBnUyQ5MTe1VZhhsaJjjf6HD8CNutIGBksEVXTQTrwimYekeT2t0W6L5WDdl6zRy5tiLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf4aa310075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 SpartakMoscow2018_8_12_13_4.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/8/12/ 5 KB
5 KB 105ms
74ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2018/8/12/SpartakMoscow2018_8_12_13_4.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 45ef2fe71bb1c3281ab8ec1aabbfc3772ea33456e5daf57f4c4630338a871dce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59219
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4678
last-modified: Sun, 12 Aug 2018 11:04:07 GMT
server: cloudflare
etag: "1ff2b6302c32d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42PpTH3wSm%2FPiCjuCdZySuHVLDU%2BZt4MjD7bum%2FJ6%2B%2BCPHXHqwP8CtVA1%2FZP4QHp8hX7xaUfDGZB6HsZS6nsKOmpvwX52BBV%2BvJW32Y4tOE1PaOkjuXWhYJmXLnBOoMQHUDVRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf4aa2f0075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 LiesterCity2018_7_29_15_32.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/ 11 KB
12 KB 74ms
44ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/LiesterCity2018_7_29_15_32.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1183779c959bf5c331df4294bc7abab06690caa3f42803839ac244edb2e2e7a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 585368
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11574
last-modified: Sun, 29 Jul 2018 13:33:59 GMT
server: cloudflare
etag: "c1c67ace4027d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fmQwbCdlh8nZMvFIHWYOV1kBvKKkim1yibW05zAfxEb91%2B7Y8u68iUMc3Htgq76lZ2qYi8m6gHzQPZaqfSB9IzDP0X9evQtnjldD74au2tdcydofnfTLGw6TAqBIESadl%2BHs%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf4aa2d0075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 flickity.min.js Show response
www.yallakora.com/Scripts/ 60 KB
15 KB 29ms
28ms Script
application/javascript 104.20.26.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/Scripts/flickity.min.js?ver=0.03
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.26.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5dc1c679fa665e35aca83143b494288e9c4e3f3ae62be11a331d890612e53885

Request headers

:path: /Scripts/flickity.min.js?ver=0.03
pragma: no-cache
cookie: FGTServer=B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA55A1D2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.yallakora.com
referer: https://www.yallakora.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:39:32 GMT
server: cloudflare
age: 1807981
x-powered-by: ASP.NET
etag: W/"08a67ed5146d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 6a12ecf3bb7d2175-DUS

GET
H2 200 Untitled-128-9-2021-18-44-30.jpg
media.gemini.media/img/yallakora/Players//Players/ 44 KB
45 KB 75ms
74ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Players//Players/Untitled-128-9-2021-18-44-30.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: adecb105e15f7126ca378479d83c986ac71797ef5ad9d44a3aa387c100ed48d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1891784
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45240
last-modified: Tue, 28 Sep 2021 16:44:31 GMT
server: cloudflare
etag: "41a4571c88b4d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hnwSBo0ccH6QD5855P1ZSQcMG9gpasxI3BDgKhmFiTbELJJ3VCks7JYrw2kQBovxlqm5Dv0eHMPWu%2Bad2H82TP5L70IhK9t5ybP7gyGAzYOM7P2OKoZVCbGKgg9U7E7FFH%2FZXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf4ba6b0075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 1123-9-2021-17-55-58.png
media.gemini.media/img/yallakora/Players//Players/ 309 KB
310 KB 89ms
87ms Image
image/png 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Players//Players/1123-9-2021-17-55-58.png
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 529c55d3a9c2539b1027ede2d827a13c8da73168a2e41e3072b46c2155cc1973

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2324187
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 316269
last-modified: Thu, 23 Sep 2021 15:55:58 GMT
server: cloudflare
etag: "56f2f8093b0d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PpMgT%2FyqhR2PM5vNpoXwzc9qU8R9uhJc5F1f1clPM%2BYqUGd5zrCixZR0hM%2BAeMuvIDDnVXY63DN24vJZMubTIU7YoRuveSkQs5mu3%2FrX5g%2BlCY7Vur1bTomP8mv2SL1NAyKfWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf4ba6d0075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 200 Untitled-117-1-2021-23-4-51.jpg
media.gemini.media/img/yallakora/Players//Players/ 21 KB
22 KB 88ms
87ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Players//Players/Untitled-117-1-2021-23-4-51.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d358769f44383ee03143573ba2f7b37feba22b2cd2dd34230f3b296d464e2bb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1470036
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21701
last-modified: Sun, 17 Jan 2021 21:05:00 GMT
server: cloudflare
etag: "358deb6a14edd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uhu7ARNaB%2BsKt3og8ZY741yrzIK4jDmvv%2BYzDoCPRqXF9b4T772lw2mEFYITkG42VaYH2hHSiBszhv9wLkPAfNQf8HaYc1XolJjoEQ5ec8j00ThXlcl2oV4LmfQuQPSiz87aVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf4ba6f0075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 Untitled-128-9-2021-18-51-35.jpg
media.gemini.media/img/yallakora/Players//Players/ 27 KB
27 KB 76ms
74ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Players//Players/Untitled-128-9-2021-18-51-35.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8f560f369008d44dd4feed75a4eb71b246c09023d200d698af5d7c2fc875eb05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1891784
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27593
last-modified: Tue, 28 Sep 2021 16:51:35 GMT
server: cloudflare
etag: "6dd771989b4d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HGepadsWOlK7x7ENEDenbItAYiqUS7rkKH0C5n26GTOtNYjBqSspiWW8rDjk0nTet8MxZixWRMJiJLuoNylPpNFFqm1W7S4%2BrAn9CA8MyLSEB0HegZtquB5WTpeQBeaonVeOHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf4ba730075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 bruno121-10-2020-16-51-59.png
media.gemini.media/img/yallakora/Players//Players/ 44 KB
45 KB 77ms
75ms Image
image/png 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Players//Players/bruno121-10-2020-16-51-59.png
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 60c38461a4692549f19e5a892f2080b1a7a8960d4562d70b445341bafaea6025

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2257319
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45567
last-modified: Wed, 21 Oct 2020 14:52:18 GMT
server: cloudflare
etag: "e45ec1c5b9a7d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJu5Qiy%2B9m2aVFNerdPw%2FPdVA1CJ6NHWW7vpNt0qvaJs6yTnoc%2BaYBNHle0xLv88K%2FSIFmeXx7TwDBSyNk4Gl4Cl9HkmbBFM8fmIvilQ4X7x%2BJnZp6awmW6METdxGddgFM78OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf4ba7e0075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 200 428-9-2021-19-25-6.png
media.gemini.media/img/yallakora/Players//Players/ 208 KB
208 KB 77ms
76ms Image
image/png 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Players//Players/428-9-2021-19-25-6.png
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9375d880979b826a0850e8b5769b451418a0f8b0a8993674114801fd51e3be35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1881088
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 212731
last-modified: Tue, 28 Sep 2021 17:25:06 GMT
server: cloudflare
etag: "4293dbc78db4d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5TkvL6tMGNzW7da%2BW0xmavgzlyXG1vZxSslF%2Fm8q0AskTq5vkmOcEqBrPB3w930Rlklm9KqAwjxnPOQYBKVYLNHG5y8EmEZeKKBjfEcJESYpTMoTeofOROBtZsY0ITibK%2BM8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf4ba800075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 200 RedBullSalzburg2018_8_12_13_7.jpg
media.gemini.media/img/yallakora/IOSTeams/40//2018/8/12/ 3 KB
3 KB 77ms
76ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams/40//2018/8/12/RedBullSalzburg2018_8_12_13_7.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: def17a9929e2b75569dfa2845defb61924532916e195a570db7fbf4f6e60e9fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 70013
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3116
last-modified: Sun, 12 Aug 2018 11:07:08 GMT
server: cloudflare
etag: "dd33609c2c32d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2H6Bzhl0LL0rrPfPC6uCdl7jSADkCUtoeSm9E80ivkn%2B3gMVW7HiL0R%2FlnolBrN8RyAeNqooopL448q688nyIUUTcRAEZ7zOFNrt9oQqD6SByQsLm7fIvI4QHL%2FzAX139k8Oxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf4ba820075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 Wolfsburg2018_7_29_16_6.jpg
media.gemini.media/img/yallakora/IOSTeams/40//2018/7/29/ 2 KB
2 KB 75ms
74ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams/40//2018/7/29/Wolfsburg2018_7_29_16_6.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d7df2584f3bfde841e879878347bad7c8a6aa671349909e8cdfa7a42581d27df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 232350
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1732
last-modified: Sun, 29 Jul 2018 14:08:35 GMT
server: cloudflare
etag: "a176f2a34527d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pEEbWCqZP42gi2B7iPfgdF9W6hQQ7GFKQuHriGVnbARNXIIzFQllZYulOuBBK%2FFAKmEVw4iV4GKAKmMYuW7pLaoTqRM0AmooWNVaOIAfJCrUvGStFmugui1irXtTrXxhg%2FOLRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf4ba830075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 Barcelona2018_7_29_14_44.jpg
media.gemini.media/img/yallakora/IOSTeams/40//2018/7/29/ 3 KB
3 KB 76ms
74ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams/40//2018/7/29/Barcelona2018_7_29_14_44.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7c25bdec69af55ac234d81e65edcb747e9504ad2c47af094b236d9dc449141e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 70003
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3192
last-modified: Sun, 29 Jul 2018 12:46:29 GMT
server: cloudflare
etag: "c17fb62b3a27d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSzUIQ8ySrm4cXanLT8lF6k97vsZPBH7DnGJiZQ5vm4%2B4QdXnRFJBsDL9GkeHNFTIvYHmRsqAscIxrilaXtg0IK72gVOqrYVt4yFPISIwvj3NIiw2DAaVZrSDDdwxYULzFZ2zA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf4ba840075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 DynamoKyiv2018_8_12_13_1.jpg
media.gemini.media/img/yallakora/IOSTeams/40//2018/8/12/ 2 KB
2 KB 76ms
75ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams/40//2018/8/12/DynamoKyiv2018_8_12_13_1.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c536ddedda7332ad4f5403a00395fff326023d228d522677b96be8b42277f16f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 70003
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2155
last-modified: Sun, 12 Aug 2018 11:01:13 GMT
server: cloudflare
etag: "61b79fc82b32d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ny762T28I0gSs283jjYjt3prZZTpa%2BTqm2wwTajR%2F%2BVatO61BfY48fhv4Eyhv8ri9BZJ01ZGjSIx3W%2FSo0yX4xw8SAvKA8TCsvEpc0j6osrHpdpfp5JivJm6JkYnrOqjqaUQgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf4ba850075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 YoungBoys2018_10_31_13_32.jpg
media.gemini.media/img/yallakora/IOSTeams/40//2018/10/31/ 3 KB
4 KB 75ms
74ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams/40//2018/10/31/YoungBoys2018_10_31_13_32.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c1aba37f940e5efa1f34b70b89f2fb91a7e535ba9f491eb7a2c6942c58f238b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 70013
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3410
last-modified: Wed, 31 Oct 2018 11:32:41 GMT
server: cloudflare
etag: "32d5f16ed71d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eg37TAYqSpJpHwcJXaFIYMry8Z2CEhQhneOXaY5damkckQKsadmP%2F8b4RO0bOGA9emHu9iSDv1W11gYoVkbvadbOO6dmEHwftljMSq905hPutS9P9VaeblkPPRPUBuhRZSeFCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf4ba860075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 Villareal2018_7_29_14_53.jpg
media.gemini.media/img/yallakora/IOSTeams/40//2018/7/29/ 3 KB
4 KB 77ms
76ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams/40//2018/7/29/Villareal2018_7_29_14_53.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7a3e9caf9cadd4a50b4c4cd9c41d1169289a9d0a6640a9d1b7234eae334a3935

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 70003
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3382
last-modified: Sun, 29 Jul 2018 12:55:30 GMT
server: cloudflare
etag: "8192456e3b27d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBnu51yvwqLH6bKHdRL%2F1C%2BPLkF0%2FjR0w%2FVON0hvMY0tThyN%2FwjcCpEYok0KNmbmUKxtdCwRJ7rU6oWPNKO%2B%2B4xfFtpdXoPFyW1Z%2Bm7IjEwWFN9WMmm7VmQ29itZELRsnXWRPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf4ba870075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 1078.js Show response
script.crazyegg.com/pages/scripts/0069/ 5 KB
2 KB 53ms
23ms Script
text/javascript 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0069/1078.js
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.148.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5361674d0bb84a1bca85b48c7b68483dea2374b4efc38a8e8a160360d642d9d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 523913
cf-polished: origSize=4899
cf-ray: 6a12ecf47d14876a-DUS
ce-version: 11.1.331
last-modified: Thu, 14 Oct 2021 12:53:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

GET
H2 200 lazyload.min.js Show response
www.yallakora.com/Scripts/ 2 KB
791 B 32ms
32ms Script
application/javascript 104.20.26.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/Scripts/lazyload.min.js
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.26.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6768464f893a4354a0eb3a6e86543ec23d2f9ed1b97e7bef0ca7f7ae2c32f978

Request headers

:path: /Scripts/lazyload.min.js
pragma: no-cache
cookie: FGTServer=B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA55A1D2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.yallakora.com
referer: https://www.yallakora.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Aug 2018 12:42:22 GMT
server: cloudflare
age: 1807908
x-powered-by: ASP.NET
etag: W/"63e4bc179529d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 6a12ecf3dba62175-DUS

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 87ms
25ms Script
text/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 6015
date: Wed, 20 Oct 2021 12:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19887
expires: Wed, 20 Oct 2021 14:46:57 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 104 KB
41 KB 92ms
32ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NBQG46X

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2593388c7ec187a438a2c99499e4b34c5d2a1177addd2ef736f323bd699ada0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 41498
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Oct 2021 14:27:12 GMT

GET
H2 200 Untitled-2.html Show response
ads.gemini.media/2021/Oct/WE/change-WE/change-stage/Gutter/ Frame 09E4 3 KB
1 KB 127ms
81ms Document
text/html 172.67.74.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.gemini.media/2021/Oct/WE/change-WE/change-stage/Gutter/Untitled-2.html
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dc6049eb7f8486a4a8b7e7c4ebcf0b15c58418f3917affeaa241c0e943366486

Request headers

:method: GET
:authority: ads.gemini.media
:scheme: https
:path: /2021/Oct/WE/change-WE/change-stage/Gutter/Untitled-2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.yallakora.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
content-type: text/html
cache-control: max-age=1296000
last-modified: Wed, 13 Oct 2021 13:46:31 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FMCjgqIWS7wvNwVJzLYqGeTAsbogOMbpmjBh6X8IwgMhCgJJn8v272IYt90gjG%2BhlnxnYpgkzMusK3CHGPfx4pU9PVotANAhX1TEChL0l1d5BVoWKmSlGtKSMZie5FdQK8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a12ecf49b383ba3-CDG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 Untitled-2.html Show response
ads.gemini.media/2021/Oct/WE/change-WE/change-stage/Gutter/ Frame 0E8B 3 KB
1 KB 129ms
83ms Document
text/html 172.67.74.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.gemini.media/2021/Oct/WE/change-WE/change-stage/Gutter/Untitled-2.html
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dc6049eb7f8486a4a8b7e7c4ebcf0b15c58418f3917affeaa241c0e943366486

Request headers

:method: GET
:authority: ads.gemini.media
:scheme: https
:path: /2021/Oct/WE/change-WE/change-stage/Gutter/Untitled-2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.yallakora.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
content-type: text/html
cache-control: max-age=1296000
last-modified: Wed, 13 Oct 2021 13:46:31 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KiBHahgKxzb9GA%2BgYujuIaOCK66rZx%2ButR70bkzm1369TGn%2FH2oNGiZMrT5kEBdVPwrg0nkyeNSQAT%2BEIpF1aScPyMisk9Pq79rPtx3vr1EnjzmrGmPe5utPnW1Q%2F3hOQLk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a12ecf49b3c3ba3-CDG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 yallakora-gutters.jpg
ads.gemini.media/2021/Oct/WE/change-WE/change-stage/Gutter/ 67 KB
67 KB 64ms
26ms Image
image/jpeg 172.67.74.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.gemini.media/2021/Oct/WE/change-WE/change-stage/Gutter/yallakora-gutters.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f4ee33c6fb29773f90c8eec4265a17786e6fe9bcda10e61d926ef1fde8ee7fc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 605832
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 68157
last-modified: Wed, 13 Oct 2021 13:46:39 GMT
server: cloudflare
etag: "a41c73bf38c0d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVJIUMXKbJOPB9HKx%2F2LVTUoc97VkBvt8%2BQH2sFSu5knVXyV%2BUQj0ScXgOGEwpvffS2fDeIp4hAmphKuN%2BXh9XM%2Bbvj3he0YZ0%2BmMvoR%2Bv70cDcZwPostP0hfa6E%2BSP%2Bcqw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6a12ecf49b3e3ba3-CDG
cf-bgj: h2pri

GET
H2 200 droidkufi-regular.woff
www.yallakora.com/fonts/ 42 KB
42 KB 42ms
42ms Font
application/font-woff 104.20.26.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/fonts/droidkufi-regular.woff
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.min.css?ver=53.08
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.26.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 693dade10b46065ed48dbd1908c839ad28e666649be40350de16010e8abaf3f5

Request headers

sec-fetch-mode: cors
origin: https://www.yallakora.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: FGTServer=B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA55A1D2
:path: /fonts/droidkufi-regular.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.yallakora.com
referer: https://www.yallakora.com/Content/Style.min.css?ver=53.08
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.yallakora.com/Content/Style.min.css?ver=53.08
Origin: https://www.yallakora.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Jun 2021 15:42:11 GMT
server: cloudflare
age: 251606
x-powered-by: ASP.NET
etag: W/"8a68d92df5ed71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 6a12ecf45d562175-DUS

GET
H2 200 ykicons.woff
www.yallakora.com/fonts/ 7 KB
7 KB 42ms
42ms Font
application/font-woff 104.20.26.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/fonts/ykicons.woff?ref=1.1
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.min.css?ver=53.08
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.26.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 02a92ce771f33813104c08b966aea0d1e771084ee81014481e815e4a1a99c5c4

Request headers

sec-fetch-mode: cors
origin: https://www.yallakora.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: FGTServer=B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA55A1D2
:path: /fonts/ykicons.woff?ref=1.1
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.yallakora.com
referer: https://www.yallakora.com/Content/Style.min.css?ver=53.08
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.yallakora.com/Content/Style.min.css?ver=53.08
Origin: https://www.yallakora.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 05 Sep 2021 15:34:24 GMT
server: cloudflare
age: 251418
x-powered-by: ASP.NET
etag: W/"230c816ba2d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 6a12ecf45d5c2175-DUS

GET
H2 200 droidkufi-bold.woff
www.yallakora.com/fonts/ 42 KB
42 KB 27ms
27ms Font
application/font-woff 104.20.26.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/fonts/droidkufi-bold.woff
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.min.css?ver=53.08
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.26.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b5feee7a5d40a953995b630a5c85e83d3f173baa845310b5b4c66336cdd89cac

Request headers

sec-fetch-mode: cors
origin: https://www.yallakora.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: FGTServer=B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA55A1D2
:path: /fonts/droidkufi-bold.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.yallakora.com
referer: https://www.yallakora.com/Content/Style.min.css?ver=53.08
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.yallakora.com/Content/Style.min.css?ver=53.08
Origin: https://www.yallakora.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Jun 2021 15:42:26 GMT
server: cloudflare
age: 250691
x-powered-by: ASP.NET
etag: W/"34448336f5ed71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 6a12ecf46d832175-DUS

GET
H2 200 CenturyGothicLight.woff
www.yallakora.com/fonts/ 68 KB
69 KB 25ms
24ms Font
application/font-woff 104.20.26.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/fonts/CenturyGothicLight.woff
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.min.css?ver=53.08
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.26.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e5a3e7a5241d076d56fd7f0accbcc20a89bd047eea36c1eebeca9b10ea1018b2

Request headers

sec-fetch-mode: cors
origin: https://www.yallakora.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: FGTServer=B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA55A1D2
:path: /fonts/CenturyGothicLight.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.yallakora.com
referer: https://www.yallakora.com/Content/Style.min.css?ver=53.08
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.yallakora.com/Content/Style.min.css?ver=53.08
Origin: https://www.yallakora.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Jun 2021 15:42:11 GMT
server: cloudflare
age: 251418
x-powered-by: ASP.NET
etag: W/"e4f1e22df5ed71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 6a12ecf46d862175-DUS

GET
H2 200 lazyLoadBG.jpg
www.yallakora.com/Images/ 4 KB
4 KB 33ms
33ms Image
image/jpeg 104.20.26.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yallakora.com/Images/lazyLoadBG.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.min.css?ver=53.08
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.26.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7ac95d4c745a0715ed63d1eadd4a553cd1cd25426d51aabbb53e62212c2beecf

Request headers

:path: /Images/lazyLoadBG.jpg
pragma: no-cache
cookie: FGTServer=B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA55A1D2
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.yallakora.com
referer: https://www.yallakora.com/Content/Style.min.css?ver=53.08
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/Content/Style.min.css?ver=53.08
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
cf-cache-status: HIT
age: 1807792
x-powered-by: ASP.NET
content-length: 4273
last-modified: Wed, 18 Jul 2018 09:30:22 GMT
server: cloudflare
etag: "522770f3791ed41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-polished: degrade=85, origSize=8459
accept-ranges: bytes
cf-ray: 6a12ecf4ae252175-DUS
cf-bgj: imgq:85,h2pri

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 449 B
1 KB 136ms
56ms XHR
application/json 52.19.22.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15758/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 1c40f0fdfa596f3e5eee5941b314509d8a88e75671d2a0a0c3d88951f01fe73b

Request headers

Referer: https://www.yallakora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:12 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.yallakora.com
cache-control: no-cache
x-server: 10.45.31.130
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 449
expires: 0

GET
H2 200 1078.json Show response
script.crazyegg.com/pages/data-scripts/0069/ 752 B
604 B 50ms
27ms XHR
application/json 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0069/1078.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0069/1078.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.148.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c25cff6e956cde4f2041074809159fad757d135edcf7398b3ef8ffbec7e2863e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 523992
ce-version: 11.1.331
content-length: 258
timing-allow-origin: *
last-modified: Thu, 14 Oct 2021 12:53:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6a12ecf52c702187-DUS

GET
H2 200 GetMenu Show response
www.yallakora.com//General/ 22 KB
3 KB 396ms
395ms XHR
text/html 104.20.26.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com//General/GetMenu
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Scripts/jquery-3.5.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.26.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5bb6bf1b005187f1a9fa1f65ba20064bb8c98d1d498ae853f5f75198525b1f38

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: FGTServer=B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA55A1D2; lotame_domain_check=yallakora.com
:path: //General/GetMenu
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json; charset=utf-8
accept: text/html, */*; q=0.01
cache-control: no-cache
:authority: www.yallakora.com
referer: https://www.yallakora.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/html, */*; q=0.01
Referer: https://www.yallakora.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Wed, 20 Oct 2021 14:27:13 GMT
content-encoding: br
x-aspnetmvc-version: 5.2
last-modified: Wed, 20 Oct 2021 14:27:02 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: *
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: public, max-age=49
cf-ray: 6a12ecf50f772175-DUS
cf-cache-status: DYNAMIC
expires: Wed, 20 Oct 2021 14:28:02 GMT

GET
H2 200 GetFooter Show response
www.yallakora.com//General/ 16 KB
2 KB 156ms
156ms XHR
text/html 104.20.26.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com//General/GetFooter
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Scripts/jquery-3.5.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.26.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7fb7b62bc128f6efc518b8ae99f265081bbab8bcf370ad7a8aec8469fe31ec9c

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: FGTServer=B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA55A1D2; lotame_domain_check=yallakora.com
:path: //General/GetFooter
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json; charset=utf-8
accept: text/html, */*; q=0.01
cache-control: no-cache
:authority: www.yallakora.com
referer: https://www.yallakora.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/html, */*; q=0.01
Referer: https://www.yallakora.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-aspnetmvc-version: 5.2
last-modified: Wed, 20 Oct 2021 14:26:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: *
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: public, max-age=13
set-cookie: FGTServer=B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA49A1D2; Version=1; Max-Age=3600
cf-ray: 6a12ecf50f792175-DUS
expires: Wed, 20 Oct 2021 14:27:26 GMT

GET
H2 200 GetLocation Show response
www.yallakora.com//General/ 99 B
366 B 99ms
99ms XHR
application/json 104.20.26.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com//General/GetLocation
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Scripts/jquery-3.5.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.26.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c26a5e574a133bdf9fd516ab1ae07bf50ab4392444257ae2389248efa8259a2f

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: FGTServer=B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA55A1D2; lotame_domain_check=yallakora.com
:path: //General/GetLocation
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json; charset=utf-8
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.yallakora.com
referer: https://www.yallakora.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.yallakora.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
content-encoding: br
x-aspnetmvc-version: 5.2
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: private
set-cookie: ASP.NET_SessionId=1m4krrpuegegt5tvs3fsxbek; path=/; secure; HttpOnly; SameSite=Lax FGTServer=B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA37A1D2; Version=1; Max-Age=3600
cf-ray: 6a12ecf50f7d2175-DUS
cf-cache-status: DYNAMIC

GET
H2 200 img-20210914-wa0042-6140ec3b205352021_9_14_22_9.jpg
media.gemini.media/img/yallakora/normal//2021/9/14/ 30 KB
30 KB 46ms
43ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/normal//2021/9/14/img-20210914-wa0042-6140ec3b205352021_9_14_22_9.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ddbfac7224880cfcb0cf48a15bf0c08f445a9da0929a79d37a31b18ae8c8898d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5952
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30669
last-modified: Tue, 14 Sep 2021 20:09:45 GMT
server: cloudflare
etag: "34c13376a4a9d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2B6cWu9y0SmNj30NX%2FhlRZTL6TvVuHLQfCl6GdCikp279Sl1Sjrx%2BYg4SYtq0LZX0YtrJTjSVTuK2ixxS%2BAVql9crdqWelciN20DJ0iRfGndDT2gPHYpu98b7t335odCC%2BEuuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf51adf0075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 fseojcew2021_10_20_16_2.jpg
media.gemini.media/img/yallakora/Normal//2021/10/20/ 56 KB
57 KB 45ms
43ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Normal//2021/10/20/fseojcew2021_10_20_16_2.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: db7320daad40217391cb8dbd40917cc727e6ad971c6fa2040989f7579ce758c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1420
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 57511
last-modified: Wed, 20 Oct 2021 14:02:22 GMT
server: cloudflare
etag: "2cb4721abbc5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2BWqz%2BQZH9f73SLdOGOUBX%2Bhzs3PVfqt1ONYYoJ21IJ9cbXYSW%2Fz47eJ%2FwTra5itfNkg9CY7kOOd4QQNyiBk5OUQfhHkPjwXuDEhDEErZ36KyIZD5jVMdEaKf1TsEGbqHmA1xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf51ae30075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 fcjmhcjxoacmd6b2021_10_20_15_6.jpg
media.gemini.media/img/yallakora/Normal//2021/10/20/ 33 KB
34 KB 52ms
49ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Normal//2021/10/20/fcjmhcjxoacmd6b2021_10_20_15_6.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f3584a3386f75e08ad50d3f853e988adbaff178f7340415e9fc43b9c3a16be59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4635
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 34240
last-modified: Wed, 20 Oct 2021 13:06:27 GMT
server: cloudflare
etag: "103f974ab3c5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=txbjRpuZskNQI1oUHhal%2Fl6KNKT7%2BqL577cJBjO%2Bgt48ACHt75uEDD2QOw%2FS6ffGJkkgqYFSTlFqtWIYOMEyrgV7J5Vurkq94Kd5rUEM4Iqf4xJZktNm7Jehgup7FM2u4z5nEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf51ae60075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 1670152019_12_26_10_47.jpg
media.gemini.media/img/yallakora/Normal//2019/12/26/ 55 KB
56 KB 46ms
44ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Normal//2019/12/26/1670152019_12_26_10_47.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e8eec151dd0c0df89052454f9dc9ba57860a8948be433fcf6fe711b0928d30fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1112538
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 56582
last-modified: Thu, 26 Dec 2019 08:47:19 GMT
server: cloudflare
etag: "17bade14c9bbd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8MWejv6O793NPHt5AY25u4VrWvm0i%2FtMC%2BndBsGZKnxmU91mmXynXzLbqHOliHB4OJLKND52Mu0T6ae8N8jKLNCJvZxoN0llrRMLN5vCvqEmkoCI36vgpXjg%2FAZRUu7jk1CIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf51aea0075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 22021_10_19_21_14.jpg
media.gemini.media/img/yallakora/Normal//2021/10/19/ 52 KB
52 KB 45ms
43ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Normal//2021/10/19/22021_10_19_21_14.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 783e7bd3b3b9fbfbcb518a51066721a9efbe7abd1489b06e9e5b407bf71e94fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 68281
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 52805
last-modified: Tue, 19 Oct 2021 19:14:26 GMT
server: cloudflare
etag: "fecf71881dc5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVkIOCxBFShEvDFsvwx00gMY0qKRFqu60uzj7QhMVogvG702wsh6wHcyv5kMaEo5eB48dO%2FmCM5aWCXwJ39fIChmyXpDyRTUDLl54%2BugPcxIoWrlZzSfZgoyh3bnWVPTkn0LAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf51af00075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 1112018_7_21_16_24.jpg
media.gemini.media/img/yallakora/Normal//2018/7/21/ 50 KB
51 KB 46ms
44ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Normal//2018/7/21/1112018_7_21_16_24.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 242679301a213c7f4791da6c2147dbf7991e29d734c51d70e59f7d2ef4e0e517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11961
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 51510
last-modified: Sat, 21 Jul 2018 14:25:54 GMT
server: cloudflare
etag: "53bf7ebbfe20d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QfRdYvyW1WM08qMPlTdnuZugm5b9I6AHyZzlg4OkQkSzni1eaFbE5b0joC0B12rHonQKAQezfnTF1973GFOjwRDwVDE91SHiRw8aTIUGQ2exMEA1G4Tpj2UrBSvJGU9%2F1ifxXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf51af20075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 a00lhek02021_10_19_23_30.jpg
media.gemini.media/img/yallakora/Normal//2021/10/19/ 29 KB
30 KB 46ms
44ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Normal//2021/10/19/a00lhek02021_10_19_23_30.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0ad698d3d4a50b43cced038f0bf5e1255e996a4d87ef5bdb9ab1a8137b6868a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60526
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29858
last-modified: Tue, 19 Oct 2021 21:30:09 GMT
server: cloudflare
etag: "2354cf7d30c5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtdGS%2FT9zS68xixDGUm1IPPAEnDUrEVwxM0k9TeyWgqQ36q%2BMr1c06FlEj8bYAfAJ2BC%2ByckyuF6yh1x9HSONQL6G90n5Z7q3VevPF7%2FVQTtW3nn9yLOooFNAd9Nm8Zolmt8wA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf51af40075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 %D9%8A%D9%88%D8%B1%D9%8A%D9%86%D8%AA%D9%8A2021_10_20_15_26.jpg
media.gemini.media/img/yallakora/Normal//2021/10/20/ 41 KB
41 KB 50ms
48ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Normal//2021/10/20/%D9%8A%D9%88%D8%B1%D9%8A%D9%86%D8%AA%D9%8A2021_10_20_15_26.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 013ea5d439732a8095eb604a16783b39420103ad43645148c86342960b78708a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2838
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 41756
last-modified: Wed, 20 Oct 2021 13:26:22 GMT
server: cloudflare
etag: "3fa3fa12b6c5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QTSooqgvQL9mvZiR3MbWJlHxu0vdhmezERWda%2FtrPpmJ9MVpU7QViy7Iz8%2BHiDkD6sX6j2VDykIw1BSJCrTxD3HEWfjb%2FfujXeK72p3t20PBU2wFYPKKrrUhqELHULsTtisqBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf51af80075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 12021_6_17_21_58.jpg
media.gemini.media/img/yallakora/Normal//2021/6/17/ 31 KB
32 KB 51ms
50ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Normal//2021/6/17/12021_6_17_21_58.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8036c39a4878d0f83a392d5bbe6c027d1807ecccd58082d466ac5e16ca1b0c56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 235797
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 32119
last-modified: Thu, 17 Jun 2021 19:58:41 GMT
server: cloudflare
etag: "8fa4a22bb363d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hqYENV5%2BcM2BbWNkPHtmw%2BrfueE7dDkEzTFP31Mz%2F4TY5rYgS2%2FbMSwATwAl8Yv9B8AXfFexEGsK6y2fGaadQQfb%2FkJQYDDhkn5nNTmwJTP1%2B%2B%2BCOWp5MC3Bh4ZwQ3DRhvjFRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf51af90075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 d-qhl4yx4aau1202019_7_17_11_56.jpg
media.gemini.media/img/yallakora/Normal//2019/7/17/ 22 KB
22 KB 51ms
50ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Normal//2019/7/17/d-qhl4yx4aau1202019_7_17_11_56.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2044568b0583878bc7d990bc23de963d4f1e5234a11a9fc66d40125d227ffee2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16241
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 22203
last-modified: Wed, 17 Jul 2019 09:56:39 GMT
server: cloudflare
etag: "de96fced853cd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDbDVG%2FfksGCMdGI0ssJfyXzfegFyrPSO9Uo8SwWzOyPI1WI0O7EApJKHfy0eIQwJWBAxGpJfxuI%2FJ1oA7dwStQ4CLYWrN8vTS2VRAyYeyC2K509dZpsWQ8%2FQCPnrfJDogWhow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf51aff0075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 e6-hmlgwuauojip2021_7_23_11_22.jpg
media.gemini.media/img/yallakora/Normal//2021/7/23/ 43 KB
43 KB 52ms
50ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Normal//2021/7/23/e6-hmlgwuauojip2021_7_23_11_22.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2ddf58ff665a88562045bcb0a13e8ba0f0f950f239744f92016f4d7186cf404c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14440
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43802
last-modified: Fri, 23 Jul 2021 09:22:35 GMT
server: cloudflare
etag: "8e9eb745a47fd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=it0y4R2ws%2BNwrpn0Q9Z6q973VnsjS%2BVFosAPg8TlpDh1FHSuk%2B%2F6l3ONSgtE5zCbJqAImg8MpO8cHDr3Fjnh%2FPiFMVU33CCID3cie0VytQDiwZIuyUcSZ2fiZZR05Gf7er8IoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf51b000075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 %D8%A7%D9%84%D8%A7%D8%AA%D8%AD%D8%A7%D8%AF-%D8%A7%D9%84%D8%A2%D8%B3%D9%8A%D9%88%D9%8A-%D9%84%D9%83%D8%B1%D8%A9-%D8%A7%D9%84%D9%82%D8%AF%D9%852019-8-2-11-272020_5_21_11_9.jpg
media.gemini.media/img/yallakora/Normal//2020/5/21/ 23 KB
23 KB 50ms
49ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Normal//2020/5/21/%D8%A7%D9%84%D8%A7%D8%AA%D8%AD%D8%A7%D8%AF-%D8%A7%D9%84%D8%A2%D8%B3%D9%8A%D9%88%D9%8A-%D9%84%D9%83%D8%B1%D8%A9-%D8%A7%D9%84%D9%82%D8%AF%D9%852019-8-2-11-272020_5_21_11_9.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b20e00fef1721c27b58933ed5f5049817fe779f917b64ff02093dba8aa59f8e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15703
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23078
last-modified: Thu, 21 May 2020 09:09:01 GMT
server: cloudflare
etag: "ea72bf774f2fd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HvhnucnKLPcjYbB6%2B2SPWoIed9M04N%2BWUoYxx9YmGFs%2Bbw7aVT4g8Dn5rvUrNGKGhoaU9rNf%2FXCTQglxM8oBUxBzAVYBTjki8XRb0HlhGwJhmGNKLalZzvd%2BKugGShKCpR3UGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf51b020075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 fce7mtgweakq7mb-1-2021_10_19_19_2.jpg
media.gemini.media/img/yallakora/Normal//2021/10/19/ 65 KB
65 KB 50ms
49ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Normal//2021/10/19/fce7mtgweakq7mb-1-2021_10_19_19_2.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e8e82ea46a762c9c70b9bdd03170fc13739f48361e531979e84d6561b84f9aa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 76980
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 66450
last-modified: Tue, 19 Oct 2021 17:02:44 GMT
server: cloudflare
etag: "268022bc5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zoPlCW3JZG6IW%2F9V9L6rGBdshiToAB83G5KPkDmRYDOpgGMxXCj17%2BsDLVvgJ0QNi%2BGI%2FokEXYYsm3j9ddhcgFP7A%2BC6VLSYHPSwnEB8juHKmGtgkDip9rsGQ%2Fyty9Wf%2FP02lw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf51b040075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

GET
H2 200 %D8%A5%D8%B3%D9%84%D8%A7%D9%85-%D8%B9%D9%8A%D8%B3%D9%892021_10_20_10_21.jpg
media.gemini.media/img/yallakora/Normal//2021/10/20/ 42 KB
43 KB 45ms
44ms Image
image/jpeg 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Normal//2021/10/20/%D8%A5%D8%B3%D9%84%D8%A7%D9%85-%D8%B9%D9%8A%D8%B3%D9%892021_10_20_10_21.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f5214e6f7d0bef426b99617ee7051b9829a7434bb5faabeb9ae88baffb0d7045

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21718
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43203
last-modified: Wed, 20 Oct 2021 08:21:05 GMT
server: cloudflare
etag: "8014a6d8bc5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7boUiWkkcZNG4TR0ZMUC0qMiFqmLPBaVw91BL14mWoqbrL2wrbeXDNy0UyjpEOAFjeCP8BroLjhMPXmXwiOHYCLmB%2Fz9OZvtkOSBbr6RKi%2F4UbFGWZqm1VtvkYSSp6rzrDQfIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a12ecf51b050075-LHR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
cf-bgj: h2pri

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 60ms
29ms XHR
text/plain 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1087437387&t=pageview&_s=1&dl=https%3A%2F%2Fwww.yallakora.com%2F&dp=%2Fmainpage&ul=en-us&de=UTF-8&dt=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%89%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%20%D9%81%D9%89%20%D8%A7%D9%84%D8%B4%D8%B1%D9%82%20%D8%A7%D9%84%D8%A3%D9%88%D8%B3%D8%B7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=201018531&gjid=1566862380&cid=1977680690.1634740033&tid=UA-53252402-1&_gid=279893577.1634740033&_r=1&_slc=1&z=741516885

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.yallakora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.yallakora.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=1087437387&t=pageview&_s=2&dl=https%3A%2F%2Fwww.yallakora.com%2F&dp=Gutters%2FWE-Stage%20-%20Desktop%20-HP&ul=en-us&de=UTF-8&dt=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%89%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%20%D9%81%D9%89%20%D8%A7%D9%84%D8%B4%D8%B1%D9%82%20%D8%A7%D9%84%D8%A3%D9%88%D8%B3%D8%B7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1977680690.1634740033&tid=UA-53252402-1&_gid=279893577.1634740033&z=494144154

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 12:39:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6436
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2021101201.js Show response
securepubads.g.doubleclick.net/gpt/ 361 KB
122 KB 70ms
36ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 124532
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 08:35:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Oct 2021 14:27:12 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 368 B
198 B 67ms
35ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.yallakora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

8da49bce1739b0393f3d2abbb6520b84854cd866c5c084e0044a43ecb9c7f3c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 14:27:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 173
x-xss-protection: 0
expires: Wed, 20 Oct 2021 14:27:12 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
412 B 66ms
23ms XHR
text/plain 142.251.5.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-53252402-1&cid=1977680690.1634740033&jid=201018531&gjid=1566862380&_gid=279893577.1634740033&_u=IEBAAEAAAAAAAC~&z=1962940486

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.5.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.yallakora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 20 Oct 2021 14:27:12 GMT
content-type: text/plain
access-control-allow-origin: https://www.yallakora.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame 3C06 2 KB
1 KB 7ms
7ms Document
text/html 143.204.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15758
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15758/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.4 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-4.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

:method: GET
:authority: tags.crwdcntrl.net
:scheme: https
:path: /lt/shared/2/lt.iframe.html?c=15758
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.yallakora.com/
accept-encoding: gzip, deflate, br
cookie: _cc_dc=1; _cc_id=617f4c97f8030216f005d10bd1409a6a; _cc_cc="ACZ4XmNQMDM0TzNJtjRPszAwNjAyNEszMDBNMTRISjE0MbBMNEtkAILEAnUHEA0B3O%2BWzGFh7Ktm%2BM%2FIyLBmw1NuGPvSqUdsMPbufZcFYOyPny1hzONHDzHD2BM%2FTtCGsQ8vRhh5fNMUuPHTT6jDlCz%2FUwhjAgAuRTe4"; _cc_aud="ABR4XmNgYGBILFB3AFIQwMTA2FQCYnK%2FKQOSADK3A58%3D"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/

Response headers

content-type: text/html
date: Tue, 19 Oct 2021 15:25:11 GMT
last-modified: Mon, 01 Feb 2021 20:35:17 GMT
etag: W/"6fcf4f5197ab24c92d090f6ac8d87e01"
x-amz-server-side-encryption: AES256
cache-control: max-age: 86400
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: g_pmy0yQG5_u14qN6STI8V0HE2BmbRjwWeYiOi8nGs3z4Zk5KrppuQ==
age: 82922

POST
H2 204 result Show response
www.yallakora.com/cdn-cgi/bm/cv/ 0
262 B 14ms
14ms XHR
text/plain 104.20.26.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/cdn-cgi/bm/cv/result?req_id=6a12ecef98862175
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.26.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: cors
origin: https://www.yallakora.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: FGTServer=B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA55A1D2; lotame_domain_check=yallakora.com; _ga=GA1.2.1977680690.1634740033; _gid=GA1.2.279893577.1634740033; _gat=1; ASP.NET_SessionId=1m4krrpuegegt5tvs3fsxbek; _cc_id=617f4c97f8030216f005d10bd1409a6a; _cc_cc=ACZ4XmNQMDM0TzNJtjRPszAwNjAyNEszMDBNMTRISjE0MbBMNEtkAILEAnUHEA0B3O%2BWzGFh7Ktm%2BM%2FIyLBmw1NuGPvSqUdsMPbufZcFYOyPny1hzONHDzHD2BM%2FTtCGsQ8vRhh5fNMUuPHTT6jDlCz%2FUwhjAgAuRTe4; _cc_aud=ABR4XmNgYGBILFB3AFIQwMTA2FQCYnK%2FKQOSADK3A58%3D
content-length: 424
:path: /cdn-cgi/bm/cv/result?req_id=6a12ecef98862175
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.yallakora.com
referer: https://www.yallakora.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.yallakora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 20 Oct 2021 14:27:12 GMT
server: cloudflare
set-cookie: __cf_bm=UaPUuv4F8wlyQQnCe8Z0V8xh2U.zihMvP7s1W09Y0fc-1634740032-0-AZ6aLEqcxUmVzhHco54MVccP0pt8msooBCm5cA8KoG1/yuL5E1FB0Yzm08yaWq3dTzfuMiPJ03FtGBtNnRpmrp/j7AerLirtES4aolZQxF4GpaA5z1G0TifEXmCSf7M08g==; path=/; expires=Wed, 20-Oct-21 14:57:12 GMT; domain=.yallakora.com; HttpOnly; Secure; SameSite=None
cf-ray: 6a12ecf62abe2175-DUS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 09E4 236 KB
63 KB 68ms
23ms Script
text/javascript 23.32.238.104
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: ads.gemini.media
URL: https://ads.gemini.media/2021/Oct/WE/change-WE/change-stage/Gutter/Untitled-2.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.238.104 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-104.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.gemini.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:13 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Wed, 20 Oct 2021 14:42:13 GMT

GET
H3 200 Untitled-2.js Show response
ads.gemini.media/2021/Oct/WE/change-WE/change-stage/Gutter/ Frame 09E4 3 KB
2 KB 30ms
29ms Script
application/javascript 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.gemini.media/2021/Oct/WE/change-WE/change-stage/Gutter/Untitled-2.js
Requested by: Host: ads.gemini.media
URL: https://ads.gemini.media/2021/Oct/WE/change-WE/change-stage/Gutter/Untitled-2.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 087abbb11d5f2dda8e2313957da666ad3f9d07a07793469c20594bd439cc9190

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.gemini.media/2021/Oct/WE/change-WE/change-stage/Gutter/Untitled-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 605884
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 13 Oct 2021 13:46:31 GMT
server: cloudflare
etag: W/"31b7afba38c0d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fLERleJ%2Bbe2J9qdcA3ReM5lFlUM2oOqir%2BIVRI4vkm7fgPuVvxF8ZMho7Oj%2B3nOGTPWIDWpC5UV1Jz5zT%2FZpvx2Ko5X6%2FRt8p5jydzc7owDM36oYBQ4D6zrkHE1zEAkAx0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-polished: origSize=3917
cf-ray: 6a12ecf638ee06e9-LHR
cf-bgj: minify

GET
H/1.1 200
OK img.fetch Show response
udmserve.net/udm/ 41 KB
7 KB 778ms
326ms Script
application/x-javascript 68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to

Full URL: https://udmserve.net/udm/img.fetch?sid=15647;tid=1;dt=6;
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 Atlanta, United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: 0a6cd57018fe721034f2e7d56cf45714cd06c1476fa0da75108508a49a89d1c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 14:27:13 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: application/x-javascript
Expires: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
22ms Image
image/gif 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=1087437387&t=event&ni=true&_s=3&dl=https%3A%2F%2Fwww.yallakora.com%2F&ul=en-us&de=UTF-8&dt=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%89%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%20%D9%81%D9%89%20%D8%A7%D9%84%D8%B4%D8%B1%D9%82%20%D8%A7%D9%84%D8%A3%D9%88%D8%B3%D8%B7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=GoogleTagManager&ea=Underdog&el=Imported&_u=KEBAAEABAAAAAC~&jid=&gjid=&cid=1977680690.1634740033&tid=UA-53252402-1&_gid=279893577.1634740033&z=2052494202

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 12:39:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6437
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 0E8B 236 KB
63 KB 52ms
27ms Script
text/javascript 23.32.238.104
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: ads.gemini.media
URL: https://ads.gemini.media/2021/Oct/WE/change-WE/change-stage/Gutter/Untitled-2.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.238.104 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-104.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.gemini.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:13 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Wed, 20 Oct 2021 14:42:13 GMT

GET
H3 200 Untitled-2.js Show response
ads.gemini.media/2021/Oct/WE/change-WE/change-stage/Gutter/ Frame 0E8B 3 KB
2 KB 33ms
33ms Script
application/javascript 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.gemini.media/2021/Oct/WE/change-WE/change-stage/Gutter/Untitled-2.js
Requested by: Host: ads.gemini.media
URL: https://ads.gemini.media/2021/Oct/WE/change-WE/change-stage/Gutter/Untitled-2.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 087abbb11d5f2dda8e2313957da666ad3f9d07a07793469c20594bd439cc9190

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.gemini.media/2021/Oct/WE/change-WE/change-stage/Gutter/Untitled-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 605884
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 13 Oct 2021 13:46:31 GMT
server: cloudflare
etag: W/"31b7afba38c0d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVvVzuCVVoTLBrzn6NkC5MksCa70puAHDIOtf%2FEr3ZVYnqeMfgFxIa0M6x7vty5qqF37jx2hZcbTynBoquLwyg4F1mpiIZtVyD7QIa4h1nkjAVjgyTutgsHe2YhD3MtqESo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-polished: origSize=3917
cf-ray: 6a12ecf6592106e9-LHR
cf-bgj: minify

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame C3F1 849 B
1 KB 30ms
29ms Document
text/html 52.19.22.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?s=22%2C100%2C80%2C125%2C31%2C3&c=15758
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15758
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 03ad300cc2361677a75e18eaa9cf82702d9f80958e30af7ecbe34269144ac7fc

Request headers

:method: GET
:authority: bcp.crwdcntrl.net
:scheme: https
:path: /pixels?s=22%2C100%2C80%2C125%2C31%2C3&c=15758
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tags.crwdcntrl.net/
accept-encoding: gzip, deflate, br
cookie: _cc_dc=1; _cc_id=617f4c97f8030216f005d10bd1409a6a; _cc_cc="ACZ4XmNQMDM0TzNJtjRPszAwNjAyNEszMDBNMTRISjE0MbBMNEtkAILEAnUHEA0B3O%2BWzGFh7Ktm%2BM%2FIyLBmw1NuGPvSqUdsMPbufZcFYOyPny1hzONHDzHD2BM%2FTtCGsQ8vRhh5fNMUuPHTT6jDlCz%2FUwhjAgAuRTe4"; _cc_aud="ABR4XmNgYGBILFB3AFIQwMTA2FQCYnK%2FKQOSADK3A58%3D"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tags.crwdcntrl.net/

Response headers

date: Wed, 20 Oct 2021 14:27:13 GMT
content-type: text/html
content-length: 849
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.31.150
server: Jetty(9.4.38.v20210224)

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
716 B 66ms
25ms Script
application/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.yallakora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 14:27:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 93ms
38ms Script
application/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.yallakora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 14:27:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 101 KB
32 KB 417ms
417ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3052706556598195&correlator=816090792170825&output=ldjh&impl=fifs&eid=31063136%2C31063213%2C31063139&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211020&iu_parts=96551095%2CV3_Yallakora%2CDesktop%2CLeaderBoard%2CMediumRectangle&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F4&prev_iu_szs=728x250%7C728x90%7C970x250%7C970x150%2C728x250%7C728x90%7C970x250%7C970x150%2C300x600%7C300x250%2C300x600%7C300x250&prev_scp=Position%3DPos1%7CPosition%3DPos2%7CPosition%3DPos2%7CPosition%3DPos1&cust_params=Yallakora%3DHome&cookie_enabled=1&bc=31&abxe=1&lmt=1634740033&dt=1634740033082&dlt=1634740032475&idt=579&frm=20&biw=1600&bih=1200&oid=2&adxs=1324%2C1164%2C562%2C562&adys=758%2C1845%2C1885%2C238&adks=454233659%2C454233652%2C733384376%2C733384379&ucis=1%7C2%7C3%7C4&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.yallakora.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0%7C0x0%7C0x0%7C0x0&msz=0x0%7C0x0%7C0x0%7C0x0&ga_vid=1977680690.1634740033&ga_sid=1634740033&ga_hid=1087437387&ga_fc=false&fws=4%2C4%2C4%2C4&ohw=1600%2C1600%2C300%2C300&btvi=0%7C1%7C2%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

785246383d63461e6a98d7588a78aab242265d3f943c78bf0b5275c0a4b81a44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 32637
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.yallakora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A9B4 6 KB
4 KB 109ms
34ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.yallakora.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 20 Oct 2021 14:27:13 GMT
expires: Thu, 20 Oct 2022 14:27:13 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 left.png
ads.gemini.media/2021/Oct/WE/change-WE/change-stage/Gutter/images/ Frame 09E4 16 KB
17 KB 32ms
32ms Image
image/png 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.gemini.media/2021/Oct/WE/change-WE/change-stage/Gutter/images/left.png
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1fa591cfca1007fd91fbbc1677e88a228b579a2c3f3bae2095ee076fe05b5e1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.gemini.media/2021/Oct/WE/change-WE/change-stage/Gutter/Untitled-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 605883
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16672
last-modified: Wed, 13 Oct 2021 13:46:39 GMT
server: cloudflare
etag: "de3067bf38c0d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ILrXjeFSKQRG6xQiXWleR6pROvF2q6%2F9IbeaGspJqgb%2BzD2XoJA4EEwj8AMRlVT8RNnnMPdAbwVIHC9lMhS8CBpdppcxsAa5UuoCioHYx8a6INXaTBqvLtcuyhAtVKKdFCQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6a12ecf71a7906e9-LHR

GET
H3 200 left.png
ads.gemini.media/2021/Oct/WE/change-WE/change-stage/Gutter/images/ Frame 0E8B 16 KB
17 KB 43ms
43ms Image
image/png 104.26.5.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.gemini.media/2021/Oct/WE/change-WE/change-stage/Gutter/images/left.png
Requested by: Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1fa591cfca1007fd91fbbc1677e88a228b579a2c3f3bae2095ee076fe05b5e1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.gemini.media/2021/Oct/WE/change-WE/change-stage/Gutter/Untitled-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 605883
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16672
last-modified: Wed, 13 Oct 2021 13:46:39 GMT
server: cloudflare
etag: "de3067bf38c0d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTxir8y%2Fya0Titpws01gJu5v56GTHpOHRHG6VgvBUvHjbXrTBEztMF3Vx6CICG3sEtyeUotac5cdcwHnVfVCf0%2F3FzNg1CoRBJYSzallz7wggKNh2VewSZxTKCHrERQZ5AY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6a12ecf72a8506e9-LHR

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C3F1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_tc=

170 B
188 B

63ms
32ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_tc=

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C100%2C80%2C125%2C31%2C3&c=15758

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 302
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
loadm.exelator.com/load/ Frame C3F1
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=260&buid=617f4c97f8030216f005d10bd1409a6a&j=0
https://loadm.exelator.com/load/?p=204&g=260&buid=617f4c97f8030216f005d10bd1409a6a&j=0&xl8blockcheck=1

0
755 B

39ms
39ms

Image
text/plain

34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=260&buid=617f4c97f8030216f005d10bd1409a6a&j=0&xl8blockcheck=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C100%2C80%2C125%2C31%2C3&c=15758
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:13 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Wed, 20 Oct 2021 14:27:13 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=260&buid=617f4c97f8030216f005d10bd1409a6a&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame C3F1 0
338 B 89ms
29ms Image
text/plain 3.251.5.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=617f4c97f8030216f005d10bd1409a6a
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C100%2C80%2C125%2C31%2C3&c=15758
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.251.5.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-251-5-34.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:13 GMT
cache-control: private, no-cache, no-store
x-request-time: D=46 t=1634740033
x-served-by: beacon-n019-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

insync
thrtle.com/ Frame C3F1
Redirect Chain

https://thrtle.com/insync?vxii_pid=10014&vxii_pdid=617f4c97f8030216f005d10bd1409a6a
https://thrtle.com/insync?vxii_pdid=617f4c97f8030216f005d10bd1409a6a&vxii_pid=12&vxii_pid1=10014&vxii_rcid=74f9a9fb-3edb-4d9f-b32b-cc0486add510

43 B
348 B

96ms
96ms

Image
image/gif

3.220.38.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thrtle.com/insync?vxii_pdid=617f4c97f8030216f005d10bd1409a6a&vxii_pid=12&vxii_pid1=10014&vxii_rcid=74f9a9fb-3edb-4d9f-b32b-cc0486add510

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C100%2C80%2C125%2C31%2C3&c=15758

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.220.38.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-220-38-221.compute-1.amazonaws.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:13 GMT
server
p3p: CP="NOI OUR BUS UNI COM NAV"
content-length: 43
strict-transport-security: max-age=63072000; includeSubDomains
content-type: image/gif

Redirect headers

location: https://thrtle.com/insync?vxii_pdid=617f4c97f8030216f005d10bd1409a6a&vxii_pid=12&vxii_pid1=10014&vxii_rcid=74f9a9fb-3edb-4d9f-b32b-cc0486add510
date: Wed, 20 Oct 2021 14:27:13 GMT
server
content-type: text/html; charset=utf-8
content-length: 178
strict-transport-security: max-age=63072000; includeSubDomains
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame C3F1 0
214 B 30ms
9ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=7&puid=617f4c97f8030216f005d10bd1409a6a&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C100%2C80%2C125%2C31%2C3&c=15758
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

tpid=4568298086877471621
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame C3F1
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/617f4c97f8030216f005d10bd1409a6a/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4568298086877471621

49 B
264 B

64ms
33ms

Image
image/gif

52.19.22.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4568298086877471621
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C100%2C80%2C125%2C31%2C3&c=15758
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:13 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.6.75
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4568298086877471621
pragma: no-cache
date: Wed, 20 Oct 2021 14:27:12 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3 200 container.html Show response
30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E075 6 KB
3 KB 55ms
24ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.yallakora.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 20 Oct 2021 14:27:13 GMT
expires: Thu, 20 Oct 2022 14:27:13 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FD9F 6 KB
3 KB 54ms
26ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.yallakora.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 20 Oct 2021 14:27:13 GMT
expires: Thu, 20 Oct 2022 14:27:13 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DF48 6 KB
3 KB 36ms
27ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.yallakora.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 20 Oct 2021 14:27:13 GMT
expires: Thu, 20 Oct 2022 14:27:13 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EC42 6 KB
3 KB 35ms
28ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.yallakora.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 20 Oct 2021 14:27:13 GMT
expires: Thu, 20 Oct 2022 14:27:13 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0C7D 624 B
640 B 34ms
33ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj1nOe1ATAB&v=APEucNWwrENVUWOHz32JmZJH6PwGaPyw853zZWvuMEZVRuhFQCNVUqv5rXFmeM5gzbsd2wiPETIDcVdjdhZewTWyUj8kqBsfHgSTWNkxCzj-zfTizqTF6Pq7cDw-tSff5fbGcVl1Amhgrxo2kvr9js8mIDx_8vh7rElgqhq1i8I81Jn9Sm7CJWc

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CLOokgEQ4p3QAhj1nOe1ATAB&v=APEucNWwrENVUWOHz32JmZJH6PwGaPyw853zZWvuMEZVRuhFQCNVUqv5rXFmeM5gzbsd2wiPETIDcVdjdhZewTWyUj8kqBsfHgSTWNkxCzj-zfTizqTF6Pq7cDw-tSff5fbGcVl1Amhgrxo2kvr9js8mIDx_8vh7rElgqhq1i8I81Jn9Sm7CJWc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 20 Oct 2021 14:27:13 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUlhc6FpG9gDr5yQEIX2qja9Elzc6C-Wh_hKSaZHVq6cFuqPSTJVjutf0Cpr; expires=Mon, 14-Nov-2022 14:27:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 20 Oct 2021 14:27:13 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E075 71 KB
29 KB 58ms
58ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYS4SEX_PZHLrIbqoj37815Tz0khVaeiwehYeU89XMu0lBsy0JiKGP-G1UAicmCtTLQzBSdIvWc91Eqt8SEw2wHFWdzVhcZnvXeBEikbNLflLePn54eDggKHKJN9Ck9f1ExpIcVzE3iBqR4uYRweTdSJVdTQ&dbm_d=AKAmf-ABlVt_BAzE5WlboIdvoclFAGS6OXZMnd0URluDU2fC_Nol2DKMlcHWbyZuRTxbI8f-ryeNN04K3EhjJ-gdQvlDtZG_rXkYHQggCO7o9OapvI_jo1jsp67FUWW4ZjUauDS4fIbUM9u-mPfYQxKt6GBK8uBl98fqUTMI8VGChimZMDpPjEhEDg5cpw-Hm43ytAam0-YnqWUWOEd_wv7XvoTVMSL2UuFKEoTNA30PaaxCzAqpBKsEqZH9sTwlAPMXwuZIAapqHnkAMZXaaas6tKz-LGjFoXJ37HSRA5yYlzoBJyUuesPfmqpIj2J--00a6vHAgd9OKei0nOuR6G2coq2zxbzXblCJbry_MJn4ZAMr9RAYdcF4dYBut74maRKzYA-bN6riOgYim1h9BAPWaBsCSNmNHYljGt2j4nOef9Zme4dQBQCiYt4x5R7qhuKyzQO38P7uOA7uIQtyfYvQlEZilFGYT7AaHfpheC4b3TZmS7PLDKdS-vsHmOximkZunRbqpeT13sEehB5Ja5Sn2dBBzm10RMnIBLQ1_1KL_MXCJFfWphRFoBe0EJs6EtFpYL-dBQTHN8ySdvZSlMhAk2GZpdzqGKPeKmoyjxn5Xk1ku7PxCU4yqvLExgm5cBG7A-ksmRmGPg5PPLa62VRLrspgQUtTQS5allJdxaWmuLCypEau7822FeI21lpazbzf62HBNSoL_sCognFphHD4wGEa4zpJC4nBwosQ20cG-kDxQySO9QoJJdj5MgpkwTOhjwxhF9RyaVwp6KS_q6tUqS3yFC3eeAPcw66BhqTW-QIg1Y7baANwR59amyYsHOalqkkw4zWGWmDssz6zVSup65TpJxVjnbShWfTAmalAM4AIO0y9yi3ktamoM1kyuXC5BW8eXR-NDsHfJ19qtqBqmmOhQVS6uwETOXB3dbrRKBILCtJ-dFaFW8a2k_MRsptPrZZviWzmqVM3uwVBzqZzWuwq1ZecWHNMxcMOyU31Gs-YNjYKVdSZIsofS2lp5um4yzd_DHLiN1zbuA7kKIqjm6F7H2mwh8caqP663ilk7Ba6WSVWsRCDFwYZUCYkCHVL7b8oxCKhgUsvI5DCDNtjyivJ2LxLZtb21euCpDk3DuVm1IVuJQpaezN5sjFIaarfJ1ifYE2JYyDkVEkxB4jVQ87gSa2iei0MubK8sDQnE4sEWchMCM8Pq7W8g5WpAR-NwkzkG97aKCHM1Qr1wky6H8h5BbKpm2Z-yEeuh4H7CE6yRGMPoK7AXA0yn6jbogPW7W2ybAiF8-7fIfQaZraJz7FTrFZKKhLqcaHjBlEqAi2SddrrWbaxs367U0WSx3UsCL9Gg6TVrviHgrC-Zcw7RsiwXTPE5E1hEHvd2-r-geCMJzuTOeuKPuUbR1v7FN5gKPdoeSRFgpFGt-P1nheQuHuwqr5M5tXJZhb-uO0_LmzxxJ6psODljB5dKbne8--kjSHiKQbrATora_c0iHCiwkB2Xins4yqALTEAa-eASpcdgqFg8pPiqGdTKf1I6Z7WbKgZt3AU8e1i4aAIgRkU-k-h648F1GRC0WQXjPDDq08va3KD2BymhEZtI5Kk-EepveqXm5Fk8s7206UU3QZR95vfkhQQILqlgI6BSdx_ExvAbUO5q1wjSfWyeGngpXI30xU7kTRtlMwRViYZF9flzzkJoPb-XWOLZNSipjdednQSUz_GWQNaBaSHZyxh2KhOJilZ9WVAuZOVxER8gzZBHUvmLlwbHEy4vzq8oldzqIrc5r9rfgsUHC9USwGzzIfaqVp3N3S_DQ7ONsfwb-M6qEyr9H3a9knkP7ysPoVSNAIELF3qGAyaol_MNrMRKlavln7X8dpdUwzdYi9W4d8raCUaNnv9lgmfyqekQpuvxmRL3ImfvRPqxSi51rnxdDEKFtY_mt_oujGdWlAk9RkQMPUDxl2ZyPg0We5nnMpSmLLZeqpEjYa3Jr4_NDVwFzp9zv2toYmk5Oiw3gttx6c8eOdsfvmV_v0N2DNjCEb-PcmvCdTcqA2F-fiAzb3cyqh6Ku-OcbSsd7dg-YBqP1ejwtnDCj-yO4Gw0ELIR97ebQAYQunUFzyryaVv22_ZeVRzmp07kvvPAU4XBAIOhdRm_2zi_grCkvDr9T7-fCMde-ynX6GxVkuVP14klvTzF6VzSh24gj67RajJznYMD0i17YvqqEVnLAj0LV3Uwns0IS9l0EJiG5HHlJB43eaE6WrPxVkbVBMp4I_HXtvaKpjpn8bzu9gD5uemS4i3RdQaL5d9QLIuGUA15VMLMwcv3LpBVrHKq_muaxdLTpvyPkPXxt61j9njMVxVOrpUebxgrgDbqEuIRLE3FiYN5stcXGlNfky8GxFK77XVAfFUsC7CeETAI2jUsfnNjKhFlYMs56YO5IMzTG9NSGvjAodgmDuP6IqDL4LbIbgigsYFWkEQGiOB9yT1eQsKARsCjBv13EEjcviBl5-DmdkB53FixSZlEQ0sNpjIlmphbs89YFbgIjABHs5-CFomD0Q7owOxxmGrqTBqpcG02yP8JcnjJQ5WoaC6qlaLRRNTCsjorsV5gj8Pda0e90mZ5hDZKtd7jRWM1HyC4PqzkbkX14bvLTcMQ7rU1ShiApmYN5C4ZbQMzPbrx_JXnRMgybfaDogwcUyxOYBKZ0xycFhgiuTOdyrvEoyh3u9dBlZOB09xxWi3mP6FakisTc7sc4KNXiYmBC7uqgMq2fb3HHhK5K-BV1GRrrIUlxOipAxIdn1ldgZu5xYbnOslFV6zyuKmyAx4XpFTPTwXH_mbhHDjPd_tLnv3NTpk5nnZLoagstJ3baGCtZ0YR12KrThZ_y7viGQBy9CwFGRyxtvHdxzWTm34awlA3Lb2bRqcp9QXRvtf0Ww5JaUl-8zNmzDmmbFELZ4kSZr9RTRtLb5zugZo75QQNRz2dRQPUffEV0c5CWk-6TJsX3oID9XV-DH0XvOOaqCAfxFzAk7TvmP-KTHPJ0LonbD5aIBMWuFubuwNmWUFqxc9qq_ERRWTQFNT0rrgMr1fDM0NiQcQNl0Am4dTreDvfMYoELTnoNuE7vRyqYHH_yrlfvKtLmmIE60WNPDjLSLmd7fa0rtl8bYDq8_EwqXF8ART2Le26TRZWORtC9MZl_Gd-ijgjEY_5H2p3IjbnrjhnGOa8M9Tz81UmtfgUwMTYWHRpw8c8idK7sml3nlGLG8WmWhdS5Rjc3pLQORfv_HQEvHmSOiWV2JJsrVzh1YeY_8dunHTzbEWCtyDaSNs1XNNs0RPiukyIoGt1HC1JxnOD8Cni4MPWCnlSdELHp3InXvkk90yAEljZzFcEDyNga6J5zeX8sMNUg&cid=CAASFeRoOZIEUQnlAryh2l6c1rBFV8uGCw&rfl=1%2Chttps%253A%252F%252Fwww.yallakora.com%252F%240

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

2927cbfea89854448f3661eb8779caae68567aff81373f8c44045d963332714e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28956
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E075 42 B
207 B 79ms
78ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C3-Lp0XXAFiPtXs-WR0mSJH-AGZgGtpR-Rng34Q8ZpNM7r-ybh7r4UVykSKZlpa59aZuoHtWA5j08Vb9aLRKKkuoexYEAhfXzY_f7q0PtPgb-L2oo

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/ Frame E075 3 KB
1 KB 99ms
49ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/window_focus_fy2019.js

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Nov 2021 14:16:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E075 122 KB
38 KB 415ms
365ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37884
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634556853496587"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Oct 2021 14:27:14 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/ Frame E075 14 KB
7 KB 70ms
20ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

bf14bee270a7c9237cc9e28deb028998a04f08aa59309ce22ef92f3ba54ac03d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:26:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6290
x-xss-protection: 0
server: cafe
etag: 5128541104351419840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Nov 2021 14:26:32 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E075 0
0 87ms
29ms Image
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS-07Qj4JHH7NkqqJdA4nrv7F34xo3whh7wnINkPV5i8ZESnlsl3Or5JEB1iirSbPk0n502Q-KMMHcs7OUJ_D6kH-ktRg
Requested by: Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 712E 624 B
561 B 34ms
33ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiQjIyqATAB&v=APEucNVfGJjb6-F7mhdxLLEvADdAErf9HdTYLcLMQQIObrcG3MHeYBT6nf5vGs1jsF53sAo64IHxd4DrQApCAiQOvDlbDiK8c1C-KMPNieJVb60tFrKIVeSDv6k8lZUvc6TIRZ4iE_iWUSnyZSoY49C4UI1teT6xba9hebhZ91m_6u39KVDrv9Y

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CPvjgQEQ_aOOARiQjIyqATAB&v=APEucNVfGJjb6-F7mhdxLLEvADdAErf9HdTYLcLMQQIObrcG3MHeYBT6nf5vGs1jsF53sAo64IHxd4DrQApCAiQOvDlbDiK8c1C-KMPNieJVb60tFrKIVeSDv6k8lZUvc6TIRZ4iE_iWUSnyZSoY49C4UI1teT6xba9hebhZ91m_6u39KVDrv9Y
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 20 Oct 2021 14:27:13 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUmTOzuaYPmrlHBZNJdFWGzInNFggp71S_PALB3XRwYDtBM-nT9jzVLPZWxB; expires=Mon, 14-Nov-2022 14:27:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 20 Oct 2021 14:27:13 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FD9F 74 KB
29 KB 77ms
75ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BNaqca9I7i_lKczluGoMiKQU7LSfjsyZ_KmIZ3q5Ah8k7aqZKuFCszu2Jtf-8mDPPRMJG5ixPrMZporQWoRSi0VWyWmVX5uaLeEKaJyFzjddQ-RyG1BnFmgGXGBKzWEOZfBlgZGfRjZwLOHuY3it66w-DUYQ&dbm_d=AKAmf-DXUALJ_JT5vjgql5VbwZavLsND7-UgvYg6Mf0jb6zZjmi48jTPNGiyD5hz9EgOsF9KV6oT0XLuq24MX_UQweDRgKSI_ZKrDXzoW4bis38O7D0wpcvA0lZx-rAr3WjKgcrOl8kK9xjTMzI6rW5UtrqFZoB4sTxH9jE1RFkKKrP9Qf9O-ilkH4j07fTn5HmUH2LLQfOl8lAf1ECortnw6_BmpmvjgpcPvDjG_-Cq-rOii0EJORNNVNr7UvGpYe_gwIbHj7-jVubetalQf1NKudoWxxnIMm6digZyfblgbjAccfY8qM7vTRQbW4Oc_21jGQasXjqhUnJOUPg8VPj-Vyhn4DCj37-Mr5Tre_uSXClgfDreT1lJQm3vvZPL9bbljmvKj8NxPCfos-gLdM_UyZ2Vp3dnpwBpd10jTd5lXwEqEzeWOe9tGda8csFye5V5hFNhtNeoyLSjJ79sVeieEml0UFAwpro1KKLGPZf6r3g0neNQwJ687fH03d8EOgn5wW5nYWaLiO-6AdfCYEp4qdwlJc4S2BxuTAy0Hado5kKS2-kTH3oiWsIqpUuhTBbiyyyPPK9d9vLh8nc5ekr4FDL-uZLllOzDKAmG_oXt1-zsSfQGFGfBjZJxvAgXaa7_Zwc8PHDCMWjVF8GpRP5H8qJcbPZGpNC3TJ_TupVGHr_TvxwmyoQ63bFlk9QPK820wBK-pMbPZYINHB5whEoYeAIvJ6vuwhttNDXBTlh4483Q1TnkZC4GSqrwZC_wst-DYwfJQkTyE532G3WVIbf17zATgLFWQN_GqayZKOeDqjQt7VRUFch_lzEkfpiYOY7NvHAlG48dJL8Av-gHhL_HsyTnq8nC-MMZsl0yqwUpTaF_lQxVn26xyg-INTkYfLDgZtC2_sPN4kRiY5BYQfVDwQvRYmBbkykh4wLqi8C4Z27ZZQjZTJFVGAV-Fj3kclE-X9lweJxLTH4yHT8SsHLHa8hlFTWFq5pr4eHveiYs7joGQJ-AoxDJ6xTv5iMu5qusfO_02dO6hT2XIdjDWtN5_HZAsP6_LycqNRlv80o26BDvwAk3ycaQfsQTnZfzWYiVEsXcz1VW987OKLz6IvMft-Zf5luQYZ8ShCSAkzRBgBWqBXD-ouIhu9pqsNT2Vr5FyqZI2gjXNFzPzY5soEp7yTwr6FiqaqMVcbGtxDYPx_sHFZX2T5XRo6YPHkNouNF-9nmfQWQauKgn30Id1Dgo_MHcMBLg3RopnFv8Y-9uKctRN7Gr_5-RzmsIbivpjNNjY2vUqU7UnDyzDWgv699hKEVvQQDmnG9gnWBVMvtnigpPxIYbLuLbm5Ya0I74Mqg5LpGfWPdNRuRpICyyE78KAOBj42YZXIUfdR7jBltND9jdWJQ9h0O-BVVhEAiGBXyDA0G0TOvp4FFsYar2SRVWyAX1VFQdlZJ2RKQJdqLMyts_Ckd0COY_7vt38fsOFI4ZTjzDFQUsmxZdJmWH8VkiYr_8jqRdPg_cIWmlDLBp8iDx8BnAP7YvNJ_-_x8xKKtgk9aKZHnqFobbFywBNxGHEMx4AVxq4xa8pprBM4WwFESrG_Z48h5oyDC0Et_Z88frMcA7vozO9wXzTi6JQXWSlMPSb8-ruQF8057Cx5BvYdb9-uGo3d0J9ipG4MEdN5PTiWQyogU_EdIoJJYdveGB8uBuQtGrcL7h2QPTmEthts1hvyYllv2JVQ5UycmonVGQPxEzoOIHCeO8TR8XIz66VZCHtbkXGsHtq-rphFhS-5k4sCzBuJ6Ga518aCBJIF0UYrCwoRVMWdZscmkyhr92aXaPTtbkFstkInP3sdD4OsUIOLoxqPRbWsTMCwW4HTy1djcz9Z-t1YRagp2UbWDB6b03ApVbtFT1l3__7ccKfJIIxo7uE_m8sHvUpgbFHNI912qMRWRXCSlAIm3Fy-tKZuJ3AM2a_DUcTD-k5NboeBj_J7H-CjeONgeRFZC81fm6Mb05A1Zm1IxNga_MJG_UDUlZ-HILgGTHT4jIaNnbekWR8hoDFYn3KU87Iy_SIoTBdxIvRXH5kRfSTvnjXN3O0MOIBZj6D7vTGf86eGOa0AmQiFJKYbSWebWJWsCL-2oSjADtC8jnHrmU12uJIsyEIJov_VhO0zcwEPKXPlz7IsmADuKzTkodG1QGCXB0zVx5qqCF1Z-WLa2dY4R9gFNQnM6-bK7pWX_xsdljDMmEsNW51b_l5FeRnyfx_wJuBB1YN1HpU8oxQ8rBDB02EVUhe0iF7fjCcdNwFp0tFWX_K-xv0JvWxxdztc3Ne1EcY1Vzwi6Zsv6Ue3nPYrzIdAStjHj3tOGfMTSrJGi30kpnNaToBUTRYuoy8Ur-eDLhVGxmD2V93etRwzOeQIgJQFsuM2v3C59kTm7NQcU7pKYA7gnLVdXwtT4sM8LCQhbwVVjNlBoQ9__ByKUj8kWwOD5oH4tB3TSKtb1zUc9_7dJyInhllQVQFoqIRG_dAPxWN0pcPyoBF07VD7aKU9_QE6LyZuru2hl5tIbV0FDB06O7OsrvY1IOVe_5jwtE3W9HUH9HKdlHPdnoMKNPCTsK9acyBwGjj_IPogkk8xJ-vfDfDwz0QoCr4C8IDsoSTp0-7kniDPhPL8-FkayVSMRt9RPrMa2eSrJYwar1sVOPNrjGg2RV_dXF_H9YwXLBOwYWQ9gdG3qWotjziMsWlAx4p5H3G_i4IUYX62VENyuC2Lw5ETVabWKu83bHX-7yOIvs-wyzn1SDhxAFTEvOFZlixI0xlOvwedaLnfTL1b3BduapW8R4USDASkgJEnerXWeciZPFSzVOOTmZxFIPmWernYwTMloFtrC5JoQt7Q_VBlaYcRAKzo-MW6uAk4aFnv64QGNI-rX_6ibJWu_iuwyeWhuLO5QSvv2wdYlSlm7xtTffMiBALSf4qqggJXuo83GBGD9hVMpRJFi10ikkzWCAapET3L1-D6VOhkFsk8EwBRBhNpofa8KGpYkbNm8N_XbKK6ZA3lMKAWi7UN-PxeVv2Bo6VG5gW4VS3r7XepxKIKnndaE6abScPGXfmujNDDzSFXc1LI2YDmOtTXqPjYYTq5y_9oxBZVw-lRYsBmqJ4ZLt111xogKHUWADbYMrUVdSEn1RbrT7y-Y_momA8YJqIqdJa67UJ0c5u0wmlK4PerNxad6HA4U4MnTpAx2D6yzWSr8eSl9rwbm6YTadAkpa3YrF5ap_ZmBVvQ&cid=CAASFeRoHspCuUq0SLfeF1N4gjjhon2xQQ&rfl=1%2Chttps%253A%252F%252Fwww.yallakora.com%252F%240

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

4b7e8bfacb963b4142a05b651ec336d2fd92d1cd1225d0e73952fb9dec2142b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29571
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FD9F 42 B
107 B 76ms
75ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D7d3TD5nGxhQXEpsEAD2hA2lql4D8N-SPTlbFtVYeMjIKRAhwsqy50_i2xq2EhltQ0qfOFPVRkVAMtFuM71W2cQUFzUjjBNbgSYwxHrDYWjkYYpo0

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/ Frame FD9F 3 KB
1 KB 96ms
48ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/window_focus_fy2019.js

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Nov 2021 14:16:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FD9F 122 KB
37 KB 463ms
417ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37884
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634556853496587"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Oct 2021 14:27:14 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/ Frame FD9F 14 KB
6 KB 70ms
23ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

bf14bee270a7c9237cc9e28deb028998a04f08aa59309ce22ef92f3ba54ac03d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:26:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6290
x-xss-protection: 0
server: cafe
etag: 5128541104351419840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Nov 2021 14:26:32 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FD9F 0
0 83ms
29ms Image
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTcZhKnKssKkdQKy-MAAvWmPTR3NXccKPnPmTvAHbSR98xqAuN43ivbGHO599pB2ldTBwpx-S89UQbBsApDwjCGH5UNiA
Requested by: Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/ Frame DF48 18 KB
8 KB 89ms
43ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/abg_lite_fy2019.js

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

8bfd018bb29e8c00faffeb3660e5cbcec66c0ba1dff56f8d2f9a1bcc47c11852

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7699
x-xss-protection: 0
server: cafe
etag: 16022440550062051545
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Nov 2021 14:22:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DF48 8 KB
1 KB 88ms
31ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 13:23:51 GMT
server: ESF
date: Wed, 20 Oct 2021 14:27:13 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 20 Oct 2021 14:27:13 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/ Frame DF48 14 KB
3 KB 76ms
22ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.css

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 12:30:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 10:37:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Thu, 20 Oct 2022 12:30:35 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/ Frame DF48 353 KB
122 KB 76ms
23ms Script
text/javascript 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

sffe /

Resource Hash

c39f8588079e72fbf6af0e9c8f25cfe8367a233950984638ff6f8f8c5416ac21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 12:30:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125199
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 10:37:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Thu, 20 Oct 2022 12:30:35 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/ Frame DF48 14 KB
6 KB 85ms
40ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

bf14bee270a7c9237cc9e28deb028998a04f08aa59309ce22ef92f3ba54ac03d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:26:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6290
x-xss-protection: 0
server: cafe
etag: 5128541104351419840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Nov 2021 14:26:32 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5705 624 B
559 B 47ms
45ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj6nOe1ATAB&v=APEucNUOTywCn6aZ-mhizclV2aOnHO5PpgbDKu3SNglg72iOvFxo1PyG7ixS7S11pk1bAuU4LYhqjAt8aKWDUFOpOp-CGf-KOxstuRxQFJ12-VrTUKEUtYyTDMMdB_sg2WjoPn_VMSokAiYoOlCxwRrXakzLe7YO66cHYWLRzrF9beZlqnx1ka8

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CLOokgEQ4p3QAhj6nOe1ATAB&v=APEucNUOTywCn6aZ-mhizclV2aOnHO5PpgbDKu3SNglg72iOvFxo1PyG7ixS7S11pk1bAuU4LYhqjAt8aKWDUFOpOp-CGf-KOxstuRxQFJ12-VrTUKEUtYyTDMMdB_sg2WjoPn_VMSokAiYoOlCxwRrXakzLe7YO66cHYWLRzrF9beZlqnx1ka8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 20 Oct 2021 14:27:13 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUl7ZDCEaozxlfgt2aoWxwVCyE53jDUPNW2vQchFSGDCyFD2dV94_xNSesZP; expires=Mon, 14-Nov-2022 14:27:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 20 Oct 2021 14:27:13 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame EC42 71 KB
28 KB 87ms
85ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ACL0lT3nJGGSrSDMB6FM_TY4W9uehpbNSnpfZvqWrkVSxWH8XKhI_DjUoT8je_t3eQSO4o8Osb9G0ylZ_PnxF6tKkMhraTd82pgxN-pR5JCS3P6-VvRrAGnpKhApg5cUElISVQCteAA-1RXdtRiT8BGDAdIQ&dbm_d=AKAmf-B-pxbLkRNWb2GRHCmPQdlN5aEAkbOgFELZRU4NyNmRtNP_GEjXJTsLTE-0tD-I6wmDy-UVmKPT87xvfI0HoqNb2tLOFkD69B4rxsE4NrbApR-AdOu76xlT3-avNPNz7laz3aKnL0CX1XqKx37iD_Rt06sY2RYw4MLLvQv3g25Qgj4KhCQjJl9TZEhcmn1nkUchITJVtB3PPB2q7ODWxhx_ANo2KZ_f8txhuhYWfrDmvmABGb0v8V0HsTUfcMkle_G1vEOAEdZfmAooqU7R7Wr2sGm9vgSzhDqA6Quoow7wsAheTWA37NYHoMefDUgcZI9IuUcqBEE0-k5HwOr_L1uTzpNFV7hMSLr8-6kowgSa4yvp-oczcGrkV18UFNqeE7ZbzXYMFhthMCkqNOijbXxPcp35OFO9XCkJ2a2VslQHsBYjlyf_Szu1diMQPx1SziyiQJt4ACe5F-OM0qPoOvQvlYwkSm1u9HaFDZklEqzIWPs8-zCkv2tJto4ckyUmFoe7UdWivTu2H4vxvthzrJ1g58ADoRk9X2L5TCMGHnc-uWiZFcya7CufeO8Ye6Q3dPB3m6P6CIZhSm94KEhtDzcchMrKjv3DTCdo6QbXY2yiVQN8nqpvQqsfPlMy72GWkyTt1jYgC_IghgbY4ep6kRoPH_SM4n8uKhgvfjJbOGFZn510VeSxScpmObKk6c2HUVUK0-TrR99fWtUUQ3bEz9NoMhFt0Ys7OocGVkB5JY_JQ7eh72b0ovr_jylSWoBcAKNbU1GuLOuaF1fFpXUqN-dbTN4lac0MU1ImEe_y4NHQHbIMKpcqOxbG_GhCI-2Y3jrRxQQ8doJEwRUhQYJ6X4S0jSeJGQUKpnIggy0G7NY-yh-ARaLfnqt0Hnp_gqkY532MRfBv5JwfIerGYVrpVfRnIUk6BGFg74DRmXTeVqnOfFel-NoprwRRSiXSylqvoBUyRoXOAah5papRjdDSg1UV-Tf6o5IiElUdLIssp7MYzgntOiOhSWUBeRZmWihO6lmclhcXfPGBOzsD6rbCLbNo4tXXIc1tK8ZC9xTVvEFGzCmh_tFSJuwhOsCfSYnAXjwaICHEFlyj5pJ29LasPTaHzBcVwaWCw-wClDxOK9qG8VMNmBDwInUZAtyiudauURr2MO2t8UqyUu76vBwgs3QRC6tagdKUFrVwSYLen93_Bv4JFhVQi3acDZ1TQjJo8PlTX_kfu_saCyL4gUuoq9_MNEHoGXOps4ZRMxvAGpzfckOW4yN6kF2biizuHz9QtWJA-4cNdyHYEoXx76AHfZypakOVTDsXcurtBydCvLg9ehLEa3tMoY971qc9C38E0oc5wtY5hCID0Z9w38ow2T3SYUG1R16t7YsmwJQ0EN7hQHG6tKkRWa3mK20_TPZ2pEIQSk5h6n81EPT57giVG6UHmPNEE5QbfdBEbC4xB-j8IB4Jew5ANPyU0u3za60NB3gtwlUdmstFcAFJlZOwZIyNSAgM2Sd8mYWVbEO6GU32TU1bZQy_Qxwpjnx2hgUDdBlrrHO5vip4IVmdVZClqw1ADpKOoRnHLvfCg5ZRNNhyQTrZuiguGm4UA5Ju7RP_jfEcYr-mUMTa3oApowaZeBwYBBArQOwl3Wctxl6z7RSaH35SDG3fpQfUH2wh-qxkM7lSRr_4EjE3HY1ACSlg60F4yyKqAGefDw8fRTZX4VgzETcW4eSsmGbScQ_ro5zGCERmOE7fhej7z9WS4MNZ_apIm-77HqANE0AL_YJy3gpbr7WP3F1gMGK9MIZSor-YBnJb2UxZu2hhNrzTHgCYtbhQYdD_UooEfvN-Tz8xMqMva91J30wCI2egTAm3gTscbYmXValM662dyZXJKsYGSIfuEY1vNj1PhefvGpCcDG9Re5mCs7xPyfJuKzvDy7mw4gYThDP8WwLBRcgNYuZk7Y4lFS5M4FFYAbs79S9zU-2Mg0PqmYRMvSko5gv5oNE3GCbj40lPZ1CfCIv-cgzVR6YFyjC-2cuJqxe5kJOWcWkiY9TDvUFzrV2Bkkw7Z018GeQmzE9LXorU-9a3zTgKunpNjbScBXpTg0TuD6pijsBYVe7hU2QjjSxmNySSXsJIX_72w8S_Gw_q5SrweXoBL8dj6HOT_hZOyI5wJCfRs8t_Ddy4Cwwd2oJmA5qcc_1uvYpW6xq9yP6FmzvDxksFMMS2s4cBN7zcdds59FZdNA21jlwllDoh0cLQTC998I9RXJ1fiV2jAb3yK0c_qbXNLMnw40HphSIRF8tEQi3svEo0tW9douJOY7it4O-TH3N_6tCeEkcRK6GsEa8vH0fvdTDFNfpttt77MesnRlxeM9jJa-ok_yb1xWOmR0j_qcD7Yf4cTTT5MAQSeFsqg4Jw6j8okrdTBKKnxb4lUt91bVQhl8FK4sGFiRQKrlZ82EcAOegv8wXOZyOZiV2cfnDMkz_2oQoi7VuhLJhvvD5UVVK8HBDnSTVFAnn7L6gQbvwvsS7j12gd4kzyl5eyzV1pP5kbbvNgM47YCIXkS28Mv8iMsW7AwGIreL18MHJUlhs4t1sMnGheuIA0m6B-HgKAVpo6WXidFHW1YA2f0pAagJWKio4V1QtpEkj6KpEQODYhIfS8nzcpg72boDhwiVtW55HfdEw5C80RECbwW9YoH2VcrbFZCqjmZ3FrUhEaYxsBOXTcZFUPjfOSNBruZKc9dlbvDoo-Ra4NZ-jhlYC0cwnJni50x79CZEWW_X-RrsgZ_h6AWtDGSqc7O4O3IISYEtaWll64j19oDMca-Um6dsVezUrsePbJPQNWs9zrZxxed76uQxT0PeJLOFhAVDnNRwGJmUD8RA1EhHXGqEVMtXJBwXNadCsO9cM_NGXQAv_kqyOYI3E1Fc5hW8ssRBek6XjR9On8fbf6G-tn5HuvCQmBbx-N9vdV6l9CvvQYFUKF23FqnNO3xx-1zeI6S_v0Im9dmreiBfXva745ImnMRo3Kn0dp8KDXqGGbd8Eis3ITjrs5fIadlNu3vbY6auLvh6yaQD6b3fIQjdAD7an9hfRhjDKCo26_-2hzTN2cyDQYuNi43Hv2YBltjWZ-qbgKwemy__zvb8Zhlzg4U9koCWZcAP7qz1sXtw1eFgWjqXGYNeDI884aHEiqn7Nt53e0Ul3EAeZHebbdG1osE96UmaGhsuPJTpFs3itovP4qgh0GnZS2z8Gk68UGypcn3gC_EPOKNzEAiw0NuMuT3ECTEfQ0C3MF_G_obiKx7X7JXp3S5oG0bmSBIctHo9YCyWshvN-AJvHrElryNKQ_WueBzUuY9YjK69OlFDj_67wWj4LyeZZ8HIGSCUSxjGMeTJz5KUljjVRlayz4oDErREL-5bN9scU9zgo&cid=CAASFeRohqLT7Tm9nsGqZB-HTQkpa5cJHQ&rfl=1%2Chttps%253A%252F%252Fwww.yallakora.com%252F%240

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ecb93c85c895b6250e0a6d9d5b7e3672d2bf25f02d0d6ab9d280b96c8d92afab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28853
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame EC42 42 B
107 B 86ms
85ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D8H67TbqwshuV4zXtSq47EnaE3PJG8D6xS0J0p6XwJfyinpRDM2z11bqyWbkcSkpR66rgsni1D1E0OcGOpxreLN3F8SeSKDMBZnbInESqz-BLm6QI

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/ Frame EC42 3 KB
1 KB 89ms
47ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/window_focus_fy2019.js

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Nov 2021 14:16:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EC42 122 KB
37 KB 438ms
397ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37884
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634556853496587"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Oct 2021 14:27:14 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/ Frame EC42 14 KB
6 KB 67ms
25ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211018/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

bf14bee270a7c9237cc9e28deb028998a04f08aa59309ce22ef92f3ba54ac03d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:26:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6290
x-xss-protection: 0
server: cafe
etag: 5128541104351419840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Nov 2021 14:26:32 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame EC42 0
0 79ms
29ms Image
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR-8UeXDokU2OF__dUXAaFVWewP0TGNCYqN5IUSYUHHZVUBV1Jsgkdy3dGxUb31tTk01_ByJ2au_tRKrheZQxfkOGaHJw
Requested by: Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0C7D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxUtIIXTCkrL6lMRKxWWC4&google_cver=1

43 B
1014 B

1068ms
1062ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxUtIIXTCkrL6lMRKxWWC4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj1nOe1ATAB&v=APEucNWwrENVUWOHz32JmZJH6PwGaPyw853zZWvuMEZVRuhFQCNVUqv5rXFmeM5gzbsd2wiPETIDcVdjdhZewTWyUj8kqBsfHgSTWNkxCzj-zfTizqTF6Pq7cDw-tSff5fbGcVl1Amhgrxo2kvr9js8mIDx_8vh7rElgqhq1i8I81Jn9Sm7CJWc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 14:27:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Oct 2021 14:27:14 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxUtIIXTCkrL6lMRKxWWC4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0C7D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXAnQVtIaD2m2OritK1dwgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBkrg69Fz5KBNLH920mtnE0&google_cver=1

43 B
894 B

13ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBkrg69Fz5KBNLH920mtnE0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj1nOe1ATAB&v=APEucNWwrENVUWOHz32JmZJH6PwGaPyw853zZWvuMEZVRuhFQCNVUqv5rXFmeM5gzbsd2wiPETIDcVdjdhZewTWyUj8kqBsfHgSTWNkxCzj-zfTizqTF6Pq7cDw-tSff5fbGcVl1Amhgrxo2kvr9js8mIDx_8vh7rElgqhq1i8I81Jn9Sm7CJWc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 14:27:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Oct 2021 14:27:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBkrg69Fz5KBNLH920mtnE0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0C7D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBbxLoJ_uLea9jAcDM6bp10&google_cver=1

0
580 B

33ms
13ms

Image
text/html

185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBbxLoJ_uLea9jAcDM6bp10&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj1nOe1ATAB&v=APEucNWwrENVUWOHz32JmZJH6PwGaPyw853zZWvuMEZVRuhFQCNVUqv5rXFmeM5gzbsd2wiPETIDcVdjdhZewTWyUj8kqBsfHgSTWNkxCzj-zfTizqTF6Pq7cDw-tSff5fbGcVl1Amhgrxo2kvr9js8mIDx_8vh7rElgqhq1i8I81Jn9Sm7CJWc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 14:27:13 GMT
X-Proxy-Origin: 216.131.111.149; 216.131.111.149; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: cebd38b2-893b-4824-a35b-233c3095d037
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBbxLoJ_uLea9jAcDM6bp10&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C7D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYyNTM5NDYyODEzNTcxNzQyMA%3D%3D

170 B
188 B

37ms
36ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYyNTM5NDYyODEzNTcxNzQyMA%3D%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 14:27:13 GMT
X-Proxy-Origin: 216.131.111.149; 216.131.111.149; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c61b9aaf-9988-4aa8-a193-4bbd9ed88bc6
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYyNTM5NDYyODEzNTcxNzQyMA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 712E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxUtIIXTCkrL6lMRKxWWC4&google_cver=1

43 B
1014 B

26ms
25ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxUtIIXTCkrL6lMRKxWWC4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiQjIyqATAB&v=APEucNVfGJjb6-F7mhdxLLEvADdAErf9HdTYLcLMQQIObrcG3MHeYBT6nf5vGs1jsF53sAo64IHxd4DrQApCAiQOvDlbDiK8c1C-KMPNieJVb60tFrKIVeSDv6k8lZUvc6TIRZ4iE_iWUSnyZSoY49C4UI1teT6xba9hebhZ91m_6u39KVDrv9Y
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 14:27:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Oct 2021 14:27:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENxUtIIXTCkrL6lMRKxWWC4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 712E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXAnQVtIaD2m2OritK1dwgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBkrg69Fz5KBNLH920mtnE0&google_cver=1

43 B
894 B

14ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBkrg69Fz5KBNLH920mtnE0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiQjIyqATAB&v=APEucNVfGJjb6-F7mhdxLLEvADdAErf9HdTYLcLMQQIObrcG3MHeYBT6nf5vGs1jsF53sAo64IHxd4DrQApCAiQOvDlbDiK8c1C-KMPNieJVb60tFrKIVeSDv6k8lZUvc6TIRZ4iE_iWUSnyZSoY49C4UI1teT6xba9hebhZ91m_6u39KVDrv9Y
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 14:27:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Oct 2021 14:27:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBkrg69Fz5KBNLH920mtnE0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 712E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBbxLoJ_uLea9jAcDM6bp10&google_cver=1

0
580 B

51ms
35ms

Image
text/html

185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBbxLoJ_uLea9jAcDM6bp10&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiQjIyqATAB&v=APEucNVfGJjb6-F7mhdxLLEvADdAErf9HdTYLcLMQQIObrcG3MHeYBT6nf5vGs1jsF53sAo64IHxd4DrQApCAiQOvDlbDiK8c1C-KMPNieJVb60tFrKIVeSDv6k8lZUvc6TIRZ4iE_iWUSnyZSoY49C4UI1teT6xba9hebhZ91m_6u39KVDrv9Y

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 14:27:13 GMT
X-Proxy-Origin: 216.131.111.149; 216.131.111.149; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1ab00917-fb0d-4241-971f-16b06594977d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBbxLoJ_uLea9jAcDM6bp10&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 712E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYyNTM5NDYyODEzNTcxNzQyMA%3D%3D

170 B
188 B

55ms
55ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYyNTM5NDYyODEzNTcxNzQyMA%3D%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 14:27:13 GMT
X-Proxy-Origin: 216.131.111.149; 216.131.111.149; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9aa0849c-efb3-4881-b06f-850e6287e17a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYyNTM5NDYyODEzNTcxNzQyMA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5705
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEESw-kk2d_I82vOuMykedw4&google_cver=1

43 B
1014 B

25ms
17ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEESw-kk2d_I82vOuMykedw4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj6nOe1ATAB&v=APEucNUOTywCn6aZ-mhizclV2aOnHO5PpgbDKu3SNglg72iOvFxo1PyG7ixS7S11pk1bAuU4LYhqjAt8aKWDUFOpOp-CGf-KOxstuRxQFJ12-VrTUKEUtYyTDMMdB_sg2WjoPn_VMSokAiYoOlCxwRrXakzLe7YO66cHYWLRzrF9beZlqnx1ka8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 14:27:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Oct 2021 14:27:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEESw-kk2d_I82vOuMykedw4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5705
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXAnQVtIaD2m2OritK1dxAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBkrg69Fz5KBNLH920mtnE0&google_cver=1

43 B
894 B

13ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBkrg69Fz5KBNLH920mtnE0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj6nOe1ATAB&v=APEucNUOTywCn6aZ-mhizclV2aOnHO5PpgbDKu3SNglg72iOvFxo1PyG7ixS7S11pk1bAuU4LYhqjAt8aKWDUFOpOp-CGf-KOxstuRxQFJ12-VrTUKEUtYyTDMMdB_sg2WjoPn_VMSokAiYoOlCxwRrXakzLe7YO66cHYWLRzrF9beZlqnx1ka8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 14:27:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Oct 2021 14:27:13 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBkrg69Fz5KBNLH920mtnE0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 5705
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPC2YwxSfsVpzN11m1UzS9o&google_cver=1

0
580 B

60ms
52ms

Image
text/html

185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPC2YwxSfsVpzN11m1UzS9o&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj6nOe1ATAB&v=APEucNUOTywCn6aZ-mhizclV2aOnHO5PpgbDKu3SNglg72iOvFxo1PyG7ixS7S11pk1bAuU4LYhqjAt8aKWDUFOpOp-CGf-KOxstuRxQFJ12-VrTUKEUtYyTDMMdB_sg2WjoPn_VMSokAiYoOlCxwRrXakzLe7YO66cHYWLRzrF9beZlqnx1ka8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 14:27:13 GMT
X-Proxy-Origin: 216.131.111.149; 216.131.111.149; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ebfd6e07-ae4f-4c48-a16a-18d6a8941b2e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPC2YwxSfsVpzN11m1UzS9o&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5705
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYyNTM5NDYyODEzNTcxNzQyMA%3D%3D

170 B
188 B

31ms
29ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYyNTM5NDYyODEzNTcxNzQyMA%3D%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 14:27:13 GMT
X-Proxy-Origin: 216.131.111.149; 216.131.111.149; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 32182e19-91a9-41aa-988c-b302394c7fbf
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYyNTM5NDYyODEzNTcxNzQyMA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame E075 106 KB
38 KB 82ms
24ms Script
text/javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
Origin: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 14:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Oct 2021 14:35:23 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211018/r20110914/elements/html/ Frame E075 8 KB
3 KB 21ms
20ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211018/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYS4SEX_PZHLrIbqoj37815Tz0khVaeiwehYeU89XMu0lBsy0JiKGP-G1UAicmCtTLQzBSdIvWc91Eqt8SEw2wHFWdzVhcZnvXeBEikbNLflLePn54eDggKHKJN9Ck9f1ExpIcVzE3iBqR4uYRweTdSJVdTQ&dbm_d=AKAmf-ABlVt_BAzE5WlboIdvoclFAGS6OXZMnd0URluDU2fC_Nol2DKMlcHWbyZuRTxbI8f-ryeNN04K3EhjJ-gdQvlDtZG_rXkYHQggCO7o9OapvI_jo1jsp67FUWW4ZjUauDS4fIbUM9u-mPfYQxKt6GBK8uBl98fqUTMI8VGChimZMDpPjEhEDg5cpw-Hm43ytAam0-YnqWUWOEd_wv7XvoTVMSL2UuFKEoTNA30PaaxCzAqpBKsEqZH9sTwlAPMXwuZIAapqHnkAMZXaaas6tKz-LGjFoXJ37HSRA5yYlzoBJyUuesPfmqpIj2J--00a6vHAgd9OKei0nOuR6G2coq2zxbzXblCJbry_MJn4ZAMr9RAYdcF4dYBut74maRKzYA-bN6riOgYim1h9BAPWaBsCSNmNHYljGt2j4nOef9Zme4dQBQCiYt4x5R7qhuKyzQO38P7uOA7uIQtyfYvQlEZilFGYT7AaHfpheC4b3TZmS7PLDKdS-vsHmOximkZunRbqpeT13sEehB5Ja5Sn2dBBzm10RMnIBLQ1_1KL_MXCJFfWphRFoBe0EJs6EtFpYL-dBQTHN8ySdvZSlMhAk2GZpdzqGKPeKmoyjxn5Xk1ku7PxCU4yqvLExgm5cBG7A-ksmRmGPg5PPLa62VRLrspgQUtTQS5allJdxaWmuLCypEau7822FeI21lpazbzf62HBNSoL_sCognFphHD4wGEa4zpJC4nBwosQ20cG-kDxQySO9QoJJdj5MgpkwTOhjwxhF9RyaVwp6KS_q6tUqS3yFC3eeAPcw66BhqTW-QIg1Y7baANwR59amyYsHOalqkkw4zWGWmDssz6zVSup65TpJxVjnbShWfTAmalAM4AIO0y9yi3ktamoM1kyuXC5BW8eXR-NDsHfJ19qtqBqmmOhQVS6uwETOXB3dbrRKBILCtJ-dFaFW8a2k_MRsptPrZZviWzmqVM3uwVBzqZzWuwq1ZecWHNMxcMOyU31Gs-YNjYKVdSZIsofS2lp5um4yzd_DHLiN1zbuA7kKIqjm6F7H2mwh8caqP663ilk7Ba6WSVWsRCDFwYZUCYkCHVL7b8oxCKhgUsvI5DCDNtjyivJ2LxLZtb21euCpDk3DuVm1IVuJQpaezN5sjFIaarfJ1ifYE2JYyDkVEkxB4jVQ87gSa2iei0MubK8sDQnE4sEWchMCM8Pq7W8g5WpAR-NwkzkG97aKCHM1Qr1wky6H8h5BbKpm2Z-yEeuh4H7CE6yRGMPoK7AXA0yn6jbogPW7W2ybAiF8-7fIfQaZraJz7FTrFZKKhLqcaHjBlEqAi2SddrrWbaxs367U0WSx3UsCL9Gg6TVrviHgrC-Zcw7RsiwXTPE5E1hEHvd2-r-geCMJzuTOeuKPuUbR1v7FN5gKPdoeSRFgpFGt-P1nheQuHuwqr5M5tXJZhb-uO0_LmzxxJ6psODljB5dKbne8--kjSHiKQbrATora_c0iHCiwkB2Xins4yqALTEAa-eASpcdgqFg8pPiqGdTKf1I6Z7WbKgZt3AU8e1i4aAIgRkU-k-h648F1GRC0WQXjPDDq08va3KD2BymhEZtI5Kk-EepveqXm5Fk8s7206UU3QZR95vfkhQQILqlgI6BSdx_ExvAbUO5q1wjSfWyeGngpXI30xU7kTRtlMwRViYZF9flzzkJoPb-XWOLZNSipjdednQSUz_GWQNaBaSHZyxh2KhOJilZ9WVAuZOVxER8gzZBHUvmLlwbHEy4vzq8oldzqIrc5r9rfgsUHC9USwGzzIfaqVp3N3S_DQ7ONsfwb-M6qEyr9H3a9knkP7ysPoVSNAIELF3qGAyaol_MNrMRKlavln7X8dpdUwzdYi9W4d8raCUaNnv9lgmfyqekQpuvxmRL3ImfvRPqxSi51rnxdDEKFtY_mt_oujGdWlAk9RkQMPUDxl2ZyPg0We5nnMpSmLLZeqpEjYa3Jr4_NDVwFzp9zv2toYmk5Oiw3gttx6c8eOdsfvmV_v0N2DNjCEb-PcmvCdTcqA2F-fiAzb3cyqh6Ku-OcbSsd7dg-YBqP1ejwtnDCj-yO4Gw0ELIR97ebQAYQunUFzyryaVv22_ZeVRzmp07kvvPAU4XBAIOhdRm_2zi_grCkvDr9T7-fCMde-ynX6GxVkuVP14klvTzF6VzSh24gj67RajJznYMD0i17YvqqEVnLAj0LV3Uwns0IS9l0EJiG5HHlJB43eaE6WrPxVkbVBMp4I_HXtvaKpjpn8bzu9gD5uemS4i3RdQaL5d9QLIuGUA15VMLMwcv3LpBVrHKq_muaxdLTpvyPkPXxt61j9njMVxVOrpUebxgrgDbqEuIRLE3FiYN5stcXGlNfky8GxFK77XVAfFUsC7CeETAI2jUsfnNjKhFlYMs56YO5IMzTG9NSGvjAodgmDuP6IqDL4LbIbgigsYFWkEQGiOB9yT1eQsKARsCjBv13EEjcviBl5-DmdkB53FixSZlEQ0sNpjIlmphbs89YFbgIjABHs5-CFomD0Q7owOxxmGrqTBqpcG02yP8JcnjJQ5WoaC6qlaLRRNTCsjorsV5gj8Pda0e90mZ5hDZKtd7jRWM1HyC4PqzkbkX14bvLTcMQ7rU1ShiApmYN5C4ZbQMzPbrx_JXnRMgybfaDogwcUyxOYBKZ0xycFhgiuTOdyrvEoyh3u9dBlZOB09xxWi3mP6FakisTc7sc4KNXiYmBC7uqgMq2fb3HHhK5K-BV1GRrrIUlxOipAxIdn1ldgZu5xYbnOslFV6zyuKmyAx4XpFTPTwXH_mbhHDjPd_tLnv3NTpk5nnZLoagstJ3baGCtZ0YR12KrThZ_y7viGQBy9CwFGRyxtvHdxzWTm34awlA3Lb2bRqcp9QXRvtf0Ww5JaUl-8zNmzDmmbFELZ4kSZr9RTRtLb5zugZo75QQNRz2dRQPUffEV0c5CWk-6TJsX3oID9XV-DH0XvOOaqCAfxFzAk7TvmP-KTHPJ0LonbD5aIBMWuFubuwNmWUFqxc9qq_ERRWTQFNT0rrgMr1fDM0NiQcQNl0Am4dTreDvfMYoELTnoNuE7vRyqYHH_yrlfvKtLmmIE60WNPDjLSLmd7fa0rtl8bYDq8_EwqXF8ART2Le26TRZWORtC9MZl_Gd-ijgjEY_5H2p3IjbnrjhnGOa8M9Tz81UmtfgUwMTYWHRpw8c8idK7sml3nlGLG8WmWhdS5Rjc3pLQORfv_HQEvHmSOiWV2JJsrVzh1YeY_8dunHTzbEWCtyDaSNs1XNNs0RPiukyIoGt1HC1JxnOD8Cni4MPWCnlSdELHp3InXvkk90yAEljZzFcEDyNga6J5zeX8sMNUg&cid=CAASFeRoOZIEUQnlAryh2l6c1rBFV8uGCw&rfl=1%2Chttps%253A%252F%252Fwww.yallakora.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Nov 2021 14:25:20 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211018/r20110914/ Frame E075 23 KB
9 KB 20ms
20ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211018/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

aec3c70712c7a884d31367dae26cb48a945fa820eeb4da17f38cf6b731ba820a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9301
x-xss-protection: 0
server: cafe
etag: 16386632828078567238
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Nov 2021 14:25:06 GMT

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame FD9F 169 KB
59 KB 116ms
76ms Script
text/javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
Origin: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 02:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41685
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Oct 2021 02:52:28 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211018/r20110914/elements/html/ Frame FD9F 8 KB
3 KB 20ms
20ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211018/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BNaqca9I7i_lKczluGoMiKQU7LSfjsyZ_KmIZ3q5Ah8k7aqZKuFCszu2Jtf-8mDPPRMJG5ixPrMZporQWoRSi0VWyWmVX5uaLeEKaJyFzjddQ-RyG1BnFmgGXGBKzWEOZfBlgZGfRjZwLOHuY3it66w-DUYQ&dbm_d=AKAmf-DXUALJ_JT5vjgql5VbwZavLsND7-UgvYg6Mf0jb6zZjmi48jTPNGiyD5hz9EgOsF9KV6oT0XLuq24MX_UQweDRgKSI_ZKrDXzoW4bis38O7D0wpcvA0lZx-rAr3WjKgcrOl8kK9xjTMzI6rW5UtrqFZoB4sTxH9jE1RFkKKrP9Qf9O-ilkH4j07fTn5HmUH2LLQfOl8lAf1ECortnw6_BmpmvjgpcPvDjG_-Cq-rOii0EJORNNVNr7UvGpYe_gwIbHj7-jVubetalQf1NKudoWxxnIMm6digZyfblgbjAccfY8qM7vTRQbW4Oc_21jGQasXjqhUnJOUPg8VPj-Vyhn4DCj37-Mr5Tre_uSXClgfDreT1lJQm3vvZPL9bbljmvKj8NxPCfos-gLdM_UyZ2Vp3dnpwBpd10jTd5lXwEqEzeWOe9tGda8csFye5V5hFNhtNeoyLSjJ79sVeieEml0UFAwpro1KKLGPZf6r3g0neNQwJ687fH03d8EOgn5wW5nYWaLiO-6AdfCYEp4qdwlJc4S2BxuTAy0Hado5kKS2-kTH3oiWsIqpUuhTBbiyyyPPK9d9vLh8nc5ekr4FDL-uZLllOzDKAmG_oXt1-zsSfQGFGfBjZJxvAgXaa7_Zwc8PHDCMWjVF8GpRP5H8qJcbPZGpNC3TJ_TupVGHr_TvxwmyoQ63bFlk9QPK820wBK-pMbPZYINHB5whEoYeAIvJ6vuwhttNDXBTlh4483Q1TnkZC4GSqrwZC_wst-DYwfJQkTyE532G3WVIbf17zATgLFWQN_GqayZKOeDqjQt7VRUFch_lzEkfpiYOY7NvHAlG48dJL8Av-gHhL_HsyTnq8nC-MMZsl0yqwUpTaF_lQxVn26xyg-INTkYfLDgZtC2_sPN4kRiY5BYQfVDwQvRYmBbkykh4wLqi8C4Z27ZZQjZTJFVGAV-Fj3kclE-X9lweJxLTH4yHT8SsHLHa8hlFTWFq5pr4eHveiYs7joGQJ-AoxDJ6xTv5iMu5qusfO_02dO6hT2XIdjDWtN5_HZAsP6_LycqNRlv80o26BDvwAk3ycaQfsQTnZfzWYiVEsXcz1VW987OKLz6IvMft-Zf5luQYZ8ShCSAkzRBgBWqBXD-ouIhu9pqsNT2Vr5FyqZI2gjXNFzPzY5soEp7yTwr6FiqaqMVcbGtxDYPx_sHFZX2T5XRo6YPHkNouNF-9nmfQWQauKgn30Id1Dgo_MHcMBLg3RopnFv8Y-9uKctRN7Gr_5-RzmsIbivpjNNjY2vUqU7UnDyzDWgv699hKEVvQQDmnG9gnWBVMvtnigpPxIYbLuLbm5Ya0I74Mqg5LpGfWPdNRuRpICyyE78KAOBj42YZXIUfdR7jBltND9jdWJQ9h0O-BVVhEAiGBXyDA0G0TOvp4FFsYar2SRVWyAX1VFQdlZJ2RKQJdqLMyts_Ckd0COY_7vt38fsOFI4ZTjzDFQUsmxZdJmWH8VkiYr_8jqRdPg_cIWmlDLBp8iDx8BnAP7YvNJ_-_x8xKKtgk9aKZHnqFobbFywBNxGHEMx4AVxq4xa8pprBM4WwFESrG_Z48h5oyDC0Et_Z88frMcA7vozO9wXzTi6JQXWSlMPSb8-ruQF8057Cx5BvYdb9-uGo3d0J9ipG4MEdN5PTiWQyogU_EdIoJJYdveGB8uBuQtGrcL7h2QPTmEthts1hvyYllv2JVQ5UycmonVGQPxEzoOIHCeO8TR8XIz66VZCHtbkXGsHtq-rphFhS-5k4sCzBuJ6Ga518aCBJIF0UYrCwoRVMWdZscmkyhr92aXaPTtbkFstkInP3sdD4OsUIOLoxqPRbWsTMCwW4HTy1djcz9Z-t1YRagp2UbWDB6b03ApVbtFT1l3__7ccKfJIIxo7uE_m8sHvUpgbFHNI912qMRWRXCSlAIm3Fy-tKZuJ3AM2a_DUcTD-k5NboeBj_J7H-CjeONgeRFZC81fm6Mb05A1Zm1IxNga_MJG_UDUlZ-HILgGTHT4jIaNnbekWR8hoDFYn3KU87Iy_SIoTBdxIvRXH5kRfSTvnjXN3O0MOIBZj6D7vTGf86eGOa0AmQiFJKYbSWebWJWsCL-2oSjADtC8jnHrmU12uJIsyEIJov_VhO0zcwEPKXPlz7IsmADuKzTkodG1QGCXB0zVx5qqCF1Z-WLa2dY4R9gFNQnM6-bK7pWX_xsdljDMmEsNW51b_l5FeRnyfx_wJuBB1YN1HpU8oxQ8rBDB02EVUhe0iF7fjCcdNwFp0tFWX_K-xv0JvWxxdztc3Ne1EcY1Vzwi6Zsv6Ue3nPYrzIdAStjHj3tOGfMTSrJGi30kpnNaToBUTRYuoy8Ur-eDLhVGxmD2V93etRwzOeQIgJQFsuM2v3C59kTm7NQcU7pKYA7gnLVdXwtT4sM8LCQhbwVVjNlBoQ9__ByKUj8kWwOD5oH4tB3TSKtb1zUc9_7dJyInhllQVQFoqIRG_dAPxWN0pcPyoBF07VD7aKU9_QE6LyZuru2hl5tIbV0FDB06O7OsrvY1IOVe_5jwtE3W9HUH9HKdlHPdnoMKNPCTsK9acyBwGjj_IPogkk8xJ-vfDfDwz0QoCr4C8IDsoSTp0-7kniDPhPL8-FkayVSMRt9RPrMa2eSrJYwar1sVOPNrjGg2RV_dXF_H9YwXLBOwYWQ9gdG3qWotjziMsWlAx4p5H3G_i4IUYX62VENyuC2Lw5ETVabWKu83bHX-7yOIvs-wyzn1SDhxAFTEvOFZlixI0xlOvwedaLnfTL1b3BduapW8R4USDASkgJEnerXWeciZPFSzVOOTmZxFIPmWernYwTMloFtrC5JoQt7Q_VBlaYcRAKzo-MW6uAk4aFnv64QGNI-rX_6ibJWu_iuwyeWhuLO5QSvv2wdYlSlm7xtTffMiBALSf4qqggJXuo83GBGD9hVMpRJFi10ikkzWCAapET3L1-D6VOhkFsk8EwBRBhNpofa8KGpYkbNm8N_XbKK6ZA3lMKAWi7UN-PxeVv2Bo6VG5gW4VS3r7XepxKIKnndaE6abScPGXfmujNDDzSFXc1LI2YDmOtTXqPjYYTq5y_9oxBZVw-lRYsBmqJ4ZLt111xogKHUWADbYMrUVdSEn1RbrT7y-Y_momA8YJqIqdJa67UJ0c5u0wmlK4PerNxad6HA4U4MnTpAx2D6yzWSr8eSl9rwbm6YTadAkpa3YrF5ap_ZmBVvQ&cid=CAASFeRoHspCuUq0SLfeF1N4gjjhon2xQQ&rfl=1%2Chttps%253A%252F%252Fwww.yallakora.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Nov 2021 14:25:20 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211018/r20110914/ Frame FD9F 23 KB
9 KB 20ms
20ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211018/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

aec3c70712c7a884d31367dae26cb48a945fa820eeb4da17f38cf6b731ba820a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9301
x-xss-protection: 0
server: cafe
etag: 16386632828078567238
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Nov 2021 14:25:06 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame EC42 106 KB
37 KB 78ms
54ms Script
text/javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
Origin: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 14:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Oct 2021 14:35:23 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211018/r20110914/elements/html/ Frame EC42 8 KB
3 KB 21ms
20ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211018/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ACL0lT3nJGGSrSDMB6FM_TY4W9uehpbNSnpfZvqWrkVSxWH8XKhI_DjUoT8je_t3eQSO4o8Osb9G0ylZ_PnxF6tKkMhraTd82pgxN-pR5JCS3P6-VvRrAGnpKhApg5cUElISVQCteAA-1RXdtRiT8BGDAdIQ&dbm_d=AKAmf-B-pxbLkRNWb2GRHCmPQdlN5aEAkbOgFELZRU4NyNmRtNP_GEjXJTsLTE-0tD-I6wmDy-UVmKPT87xvfI0HoqNb2tLOFkD69B4rxsE4NrbApR-AdOu76xlT3-avNPNz7laz3aKnL0CX1XqKx37iD_Rt06sY2RYw4MLLvQv3g25Qgj4KhCQjJl9TZEhcmn1nkUchITJVtB3PPB2q7ODWxhx_ANo2KZ_f8txhuhYWfrDmvmABGb0v8V0HsTUfcMkle_G1vEOAEdZfmAooqU7R7Wr2sGm9vgSzhDqA6Quoow7wsAheTWA37NYHoMefDUgcZI9IuUcqBEE0-k5HwOr_L1uTzpNFV7hMSLr8-6kowgSa4yvp-oczcGrkV18UFNqeE7ZbzXYMFhthMCkqNOijbXxPcp35OFO9XCkJ2a2VslQHsBYjlyf_Szu1diMQPx1SziyiQJt4ACe5F-OM0qPoOvQvlYwkSm1u9HaFDZklEqzIWPs8-zCkv2tJto4ckyUmFoe7UdWivTu2H4vxvthzrJ1g58ADoRk9X2L5TCMGHnc-uWiZFcya7CufeO8Ye6Q3dPB3m6P6CIZhSm94KEhtDzcchMrKjv3DTCdo6QbXY2yiVQN8nqpvQqsfPlMy72GWkyTt1jYgC_IghgbY4ep6kRoPH_SM4n8uKhgvfjJbOGFZn510VeSxScpmObKk6c2HUVUK0-TrR99fWtUUQ3bEz9NoMhFt0Ys7OocGVkB5JY_JQ7eh72b0ovr_jylSWoBcAKNbU1GuLOuaF1fFpXUqN-dbTN4lac0MU1ImEe_y4NHQHbIMKpcqOxbG_GhCI-2Y3jrRxQQ8doJEwRUhQYJ6X4S0jSeJGQUKpnIggy0G7NY-yh-ARaLfnqt0Hnp_gqkY532MRfBv5JwfIerGYVrpVfRnIUk6BGFg74DRmXTeVqnOfFel-NoprwRRSiXSylqvoBUyRoXOAah5papRjdDSg1UV-Tf6o5IiElUdLIssp7MYzgntOiOhSWUBeRZmWihO6lmclhcXfPGBOzsD6rbCLbNo4tXXIc1tK8ZC9xTVvEFGzCmh_tFSJuwhOsCfSYnAXjwaICHEFlyj5pJ29LasPTaHzBcVwaWCw-wClDxOK9qG8VMNmBDwInUZAtyiudauURr2MO2t8UqyUu76vBwgs3QRC6tagdKUFrVwSYLen93_Bv4JFhVQi3acDZ1TQjJo8PlTX_kfu_saCyL4gUuoq9_MNEHoGXOps4ZRMxvAGpzfckOW4yN6kF2biizuHz9QtWJA-4cNdyHYEoXx76AHfZypakOVTDsXcurtBydCvLg9ehLEa3tMoY971qc9C38E0oc5wtY5hCID0Z9w38ow2T3SYUG1R16t7YsmwJQ0EN7hQHG6tKkRWa3mK20_TPZ2pEIQSk5h6n81EPT57giVG6UHmPNEE5QbfdBEbC4xB-j8IB4Jew5ANPyU0u3za60NB3gtwlUdmstFcAFJlZOwZIyNSAgM2Sd8mYWVbEO6GU32TU1bZQy_Qxwpjnx2hgUDdBlrrHO5vip4IVmdVZClqw1ADpKOoRnHLvfCg5ZRNNhyQTrZuiguGm4UA5Ju7RP_jfEcYr-mUMTa3oApowaZeBwYBBArQOwl3Wctxl6z7RSaH35SDG3fpQfUH2wh-qxkM7lSRr_4EjE3HY1ACSlg60F4yyKqAGefDw8fRTZX4VgzETcW4eSsmGbScQ_ro5zGCERmOE7fhej7z9WS4MNZ_apIm-77HqANE0AL_YJy3gpbr7WP3F1gMGK9MIZSor-YBnJb2UxZu2hhNrzTHgCYtbhQYdD_UooEfvN-Tz8xMqMva91J30wCI2egTAm3gTscbYmXValM662dyZXJKsYGSIfuEY1vNj1PhefvGpCcDG9Re5mCs7xPyfJuKzvDy7mw4gYThDP8WwLBRcgNYuZk7Y4lFS5M4FFYAbs79S9zU-2Mg0PqmYRMvSko5gv5oNE3GCbj40lPZ1CfCIv-cgzVR6YFyjC-2cuJqxe5kJOWcWkiY9TDvUFzrV2Bkkw7Z018GeQmzE9LXorU-9a3zTgKunpNjbScBXpTg0TuD6pijsBYVe7hU2QjjSxmNySSXsJIX_72w8S_Gw_q5SrweXoBL8dj6HOT_hZOyI5wJCfRs8t_Ddy4Cwwd2oJmA5qcc_1uvYpW6xq9yP6FmzvDxksFMMS2s4cBN7zcdds59FZdNA21jlwllDoh0cLQTC998I9RXJ1fiV2jAb3yK0c_qbXNLMnw40HphSIRF8tEQi3svEo0tW9douJOY7it4O-TH3N_6tCeEkcRK6GsEa8vH0fvdTDFNfpttt77MesnRlxeM9jJa-ok_yb1xWOmR0j_qcD7Yf4cTTT5MAQSeFsqg4Jw6j8okrdTBKKnxb4lUt91bVQhl8FK4sGFiRQKrlZ82EcAOegv8wXOZyOZiV2cfnDMkz_2oQoi7VuhLJhvvD5UVVK8HBDnSTVFAnn7L6gQbvwvsS7j12gd4kzyl5eyzV1pP5kbbvNgM47YCIXkS28Mv8iMsW7AwGIreL18MHJUlhs4t1sMnGheuIA0m6B-HgKAVpo6WXidFHW1YA2f0pAagJWKio4V1QtpEkj6KpEQODYhIfS8nzcpg72boDhwiVtW55HfdEw5C80RECbwW9YoH2VcrbFZCqjmZ3FrUhEaYxsBOXTcZFUPjfOSNBruZKc9dlbvDoo-Ra4NZ-jhlYC0cwnJni50x79CZEWW_X-RrsgZ_h6AWtDGSqc7O4O3IISYEtaWll64j19oDMca-Um6dsVezUrsePbJPQNWs9zrZxxed76uQxT0PeJLOFhAVDnNRwGJmUD8RA1EhHXGqEVMtXJBwXNadCsO9cM_NGXQAv_kqyOYI3E1Fc5hW8ssRBek6XjR9On8fbf6G-tn5HuvCQmBbx-N9vdV6l9CvvQYFUKF23FqnNO3xx-1zeI6S_v0Im9dmreiBfXva745ImnMRo3Kn0dp8KDXqGGbd8Eis3ITjrs5fIadlNu3vbY6auLvh6yaQD6b3fIQjdAD7an9hfRhjDKCo26_-2hzTN2cyDQYuNi43Hv2YBltjWZ-qbgKwemy__zvb8Zhlzg4U9koCWZcAP7qz1sXtw1eFgWjqXGYNeDI884aHEiqn7Nt53e0Ul3EAeZHebbdG1osE96UmaGhsuPJTpFs3itovP4qgh0GnZS2z8Gk68UGypcn3gC_EPOKNzEAiw0NuMuT3ECTEfQ0C3MF_G_obiKx7X7JXp3S5oG0bmSBIctHo9YCyWshvN-AJvHrElryNKQ_WueBzUuY9YjK69OlFDj_67wWj4LyeZZ8HIGSCUSxjGMeTJz5KUljjVRlayz4oDErREL-5bN9scU9zgo&cid=CAASFeRohqLT7Tm9nsGqZB-HTQkpa5cJHQ&rfl=1%2Chttps%253A%252F%252Fwww.yallakora.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Nov 2021 14:25:20 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211018/r20110914/ Frame EC42 23 KB
9 KB 20ms
20ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211018/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

aec3c70712c7a884d31367dae26cb48a945fa820eeb4da17f38cf6b731ba820a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9301
x-xss-protection: 0
server: cafe
etag: 16386632828078567238
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Nov 2021 14:25:06 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E075 41 KB
15 KB 50ms
20ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13212
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 20 Oct 2022 10:47:01 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FD9F 41 KB
15 KB 49ms
23ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13212
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 20 Oct 2022 10:47:01 GMT

GET
H2 200 udm-r3_v2.9.3.js Show response
bid.underdog.media/ 485 KB
147 KB 47ms
8ms Script
application/javascript 143.204.98.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/udm-r3_v2.9.3.js
Requested by: Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=15647;tid=1;dt=6;
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.23 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-23.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d930f14b6682cd1f5163c46c9a1dad1503d9992804cd0218a3d07bbb31cb87d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 21:45:36 GMT
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 21:40:55 GMT
server: AmazonS3
age: 146498
etag: "730e4bc5a80f60f1207a45d0fa055bad"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 150157
x-amz-cf-id: OF3Z-vmL6zx68cbR2ixUrgiNTufWLH1CGpzJ8kBc6_-G6jK6Lv2v8w==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 34ms
8ms Script
application/javascript 91.228.74.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=15647;tid=1;dt=6;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2d452ca7bf499867307ebfa48373084a42e1f56ec0a26e5bb2e12f01888c3cc9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:13 GMT
content-encoding: gzip
etag: "XUylRaJiJNdi08iU32oNYQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 27 Oct 2021 14:27:13 GMT

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID
https://udmserve.net/udm/fetch.pix?dt=1;apnid=7625394628135717420

43 B
595 B

260ms
148ms

Image
image/gif

68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;apnid=7625394628135717420
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 Atlanta, United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 14:27:14 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 14:27:13 GMT
X-Proxy-Origin: 216.131.111.149; 216.131.111.149; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 48a9c819-7f86-4f6a-8321-976997fbca97
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://udmserve.net/udm/fetch.pix?dt=1;apnid=7625394628135717420
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjYxNzFEREMtRkYwMi00RDI4LUFCMzctREE3Qzk3N0QwODg5&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D26171DDC-FF02-4D28-AB37-DA7C977D0889
https://udmserve.net/udm/fetch.pix?pmid=26171DDC-FF02-4D28-AB37-DA7C977D0889

43 B
611 B

161ms
148ms

Image
image/gif

68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?pmid=26171DDC-FF02-4D28-AB37-DA7C977D0889
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 Atlanta, United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 14:27:14 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://udmserve.net/udm/fetch.pix?pmid=26171DDC-FF02-4D28-AB37-DA7C977D0889
date: Wed, 20 Oct 2021 14:27:14 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 services
sync.technoratimedia.com/ 0
297 B 311ms
98ms Image
text/plain 193.122.174.27
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=54&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bsncr%3D[USER_ID]
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.174.27 Seattle, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:14 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 776143356
access-control-allow-origin: https://www.yallakora.com/
access-control-allow-credentials: true

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://inv-nets.admixer.net/adxcm.aspx?ssp=F74A1705-8854-4390-959E-C24FA4349F88&rurl=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Badmix%3D%24%24visitor_cookie%24%24
https://udmserve.net/udm/fetch.pix?dt=1;admix=dd3641ceeaec41cc979e74192bd0d685

43 B
608 B

320ms
148ms

Image
image/gif

68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;admix=dd3641ceeaec41cc979e74192bd0d685
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 Atlanta, United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 14:27:14 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Date: Wed, 20 Oct 2021 14:27:14 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://udmserve.net/udm/fetch.pix?dt=1;admix=dd3641ceeaec41cc979e74192bd0d685
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://cs.admanmedia.com/sync/underdog?redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bacu%3D%7B%24UID%7D
https://udmserve.net/udm/fetch.pix?dt=1;acu=c51a0226b29a26829241b4e9c1396e1f596feea2

43 B
614 B

248ms
145ms

Image
image/gif

68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;acu=c51a0226b29a26829241b4e9c1396e1f596feea2
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 Atlanta, United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 14:27:14 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://udmserve.net/udm/fetch.pix?dt=1;acu=c51a0226b29a26829241b4e9c1396e1f596feea2
Date: Wed, 20 Oct 2021 14:27:14 GMT
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
X-Frame-Options: DENY
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame EC42 41 KB
15 KB 47ms
28ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13212
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 20 Oct 2022 10:47:01 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame DF48 0
348 B 754ms
267ms Ping
image/gif 142.251.129.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kuzm0av2&c=4176412476895&slotId=2088206238447.5&qqid=CLio55eZ2fMCFTrYEQgdIagJQQ&fb=outstream-lima&sei=44714743%2C44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.129.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: rio07s07-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:14 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame DF48 15 KB
16 KB 74ms
23ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:31:45 GMT
x-content-type-options: nosniff
age: 597328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:31:45 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame DF48 15 KB
15 KB 91ms
43ms Font
font/woff2 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:31:41 GMT
x-content-type-options: nosniff
age: 597332
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:31:41 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF48 0
20 B 56ms
55ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C4YN-QSdwYfiDCbqwx_APodCmiASX8YfRZbaO7-q6DvAuEAEgh77eP2CV4pCCoAegAYbD7rwCyAEFqQKD3d5XsoCzPqgDAcgDmwSqBPsBT9DtCFalBqTyvFUzUq3k1pW4GXHe_Hi36qQSyUHSrema0aldvJtfHWFGVmv0CPbwrAiaY-sgGTdS0TizTNkCUC7n3KOJ1aBR01VaylfELaYTIODI1QIMThceZpTBcC3tS18B7NcdfXF0nZE54wTc3tnnh0ifJZgAesjfRNib6VeQx7eDA8byhp--kiw9l-Xkzzj4vQN5zoLXubC3FrJi2szChE7gg1825OPlzxBiabSn1VwoCunHolu7fRDZh3Jswd2-V-yYwjh9PySSeSILKkyf3wrViCXiOypAXUjIKYB_BLyWGIMP0a2jovl26XroMfzDA-27HY8xQA3ABPfSz9TnA-AEA5AGAaAGdoAH4ryRwwGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA8gLAeALAYAMAbATqOfvDMgTwMXJ3gPQEwDYEwqIFPoB2BQB0BUBgBcB&eventType=clickstring&clientTime=1634740033795&ai=C4YN-QSdwYfiDCbqwx_APodCmiASX8YfRZbaO7-q6DvAuEAEgh77eP2CV4pCCoAegAYbD7rwCyAEFqQKD3d5XsoCzPqgDAcgDmwSqBPsBT9DtCFalBqTyvFUzUq3k1pW4GXHe_Hi36qQSyUHSrema0aldvJtfHWFGVmv0CPbwrAiaY-sgGTdS0TizTNkCUC7n3KOJ1aBR01VaylfELaYTIODI1QIMThceZpTBcC3tS18B7NcdfXF0nZE54wTc3tnnh0ifJZgAesjfRNib6VeQx7eDA8byhp--kiw9l-Xkzzj4vQN5zoLXubC3FrJi2szChE7gg1825OPlzxBiabSn1VwoCunHolu7fRDZh3Jswd2-V-yYwjh9PySSeSILKkyf3wrViCXiOypAXUjIKYB_BLyWGIMP0a2jovl26XroMfzDA-27HY8xQA3ABPfSz9TnA-AEA5AGAaAGdoAH4ryRwwGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA8gLAeALAYAMAbATqOfvDMgTwMXJ3gPQEwDYEwqIFPoB2BQB0BUBgBcB

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF48 0
20 B 56ms
55ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&eventType=canary_version_20211013_RC00&clientTime=1634740033797&ai=C4YN-QSdwYfiDCbqwx_APodCmiASX8YfRZbaO7-q6DvAuEAEgh77eP2CV4pCCoAegAYbD7rwCyAEFqQKD3d5XsoCzPqgDAcgDmwSqBPsBT9DtCFalBqTyvFUzUq3k1pW4GXHe_Hi36qQSyUHSrema0aldvJtfHWFGVmv0CPbwrAiaY-sgGTdS0TizTNkCUC7n3KOJ1aBR01VaylfELaYTIODI1QIMThceZpTBcC3tS18B7NcdfXF0nZE54wTc3tnnh0ifJZgAesjfRNib6VeQx7eDA8byhp--kiw9l-Xkzzj4vQN5zoLXubC3FrJi2szChE7gg1825OPlzxBiabSn1VwoCunHolu7fRDZh3Jswd2-V-yYwjh9PySSeSILKkyf3wrViCXiOypAXUjIKYB_BLyWGIMP0a2jovl26XroMfzDA-27HY8xQA3ABPfSz9TnA-AEA5AGAaAGdoAH4ryRwwGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA8gLAeALAYAMAbATqOfvDMgTwMXJ3gPQEwDYEwqIFPoB2BQB0BUBgBcB

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame DF48 30 KB
14 KB 64ms
63ms XHR
text/xml 142.251.5.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DplXNDIRHfpEKMfLFKNIjmJbL0HW-gVj8jEWKx3Potf2raRbNtk6HwK1XSy2imGV5VVjj1cB0ZarOnxxNmTXxwcOapCQ&cry=1&dbm_d=AKAmf-ApEE18YJ6z4Jr-G7I9rDxhorARa68Zk1SY91AFXZY2dmMMOTfgsQV6VaoITnhb_Ys47_tjNb3E1VjUOqNMg_cxujDWiIIFfmQxc1rjcinDxtJ8AB8HmL3eAjlXrjGs6zc5CfQtPCUrpP_ABxKTzZYN_YYlf6hEISVJOgNMomnaer9Ax7Sur0yqro5VLG1pGzBbyvCvdjAKaLspKzPB64jlpMOWbNFndNRgOQ3hp1tutJIxUdcz6NkAFXaNUsuyvCX3fHNLIHKYekeFv7xzK2v6MyBA2sEcVHB5ZpQ48W5LUFjjuJnqcbVj_w1m-lT1SvydTYeJlxgdzjYVVHBZTWZHSKy57EvtEWNKgQg9SDuR8EDPD6YVeqYAPwekEBuZUhPT94dHpNDEATMsCRk_sF5MN9bIDt6mWpbykoNIl8tNaN0pMeC2KTnb2ePkRpb7yqeNcwkerNWwCpjtEoGyDi6vVFcN1nIdKSRfAIka72GoXlDe3M1eluacl63h_Eesk66WNyyl8br-rvDC6KcC18Vy_tCI2rhiLcXWT3Yc_-7r_WIyEqcDBZMqKvCiN3fXZJQC5SSHeiJiIpvO0RWbXBXUEhqToApJgpqL_B_f2K5B1ZZMgNc7z0r2u9-ZNunfkJOLITpIuWmF17Bcl5wntknfa8XzjiD43lBqQzctYda8lmo0tsysIHzBhEcjCNAIY3kREv-nKaM0QzLDqm-FuzWGYE4V6aMQiZf2cZubfkwtjYsLqBl4Img493OcWxvZv4BofagWGuiViEy9TZdjFI2gC9gkZJgzx3I5AoD5lDdVKai2T_AE-ZKjAbg7fp9esGhNNb7XJRXegOL8Nur9BQp_6-NNJEe6EHzc7mLnuJxXG1kBCpdkcWhsA8hvkeLT_Q7epHCshIhO2pbWU8Ng58cL_adnEDEtZlUMa4Ig0zhoBRU0uO4-30VetxE3lxC-bffTM2jxxNCk_WdZtjZjaRDE7DehxnPBEJg4bX1MYS0Z7kYwM9KNrekWZ6LJqDbb9bsCQj9-SI58Nn4Ay4Hw0GsLtWu5rurHi_2n7qBb5EeNJ4vy6PoB2GmlTxjg0DcnSmqTkj0sVHNPuJfjchcHtCLLoyCoR5770-_EowNqcxsQhYhg6Q-MHVqyqsIP64bGXicHcex0ZVeU7MCDldtqE3vjL31OQRQKa-e6k_aEpqAS-2AWcN1ft-l2BuFJ-_ltTJhsGFjTobdP-MWo21Zyut4B6NtAT21soC2n2JmGOVh83wLpvkDKbsCRj1yu1bBxiqQNVTNxPTK-OleOopipbswKT8_8d2Il_My8ve2szVdp1Mqmy0hrN3pwe5TCiSytMLL-4nLWIytdoQiendo-c1IGgWjQzJ7xJS-uwMQ35Gt_IGUGGFTEB-y0OmUhZFL1OqijJtKO0eS-1KCA-V3kehenc50tegtJKOk_BIhv-LWpfUKm6SSo5IAl7jPyg5hxFpHaNDCYc0lcG9OTClsDg73omFS8KExrbDeJkNstyvej950LWeLaayRgiXdePIsnLgG-9u91kEQpZm4B_xdBbO98Q6PYqy2MVt8D598aX-sXjbJGh3OAZnEmNe4ZDIpjQLfqSze00dP9R9Kbp-qFz3uER0FvpnAskSteInBaI5XFzyMV8I1RifEIT6QMXWs0qlKMFYhV-qWJ4Kqr-gQm7SD8Z0stYo-re_aChf5aKUd2y4A7rMHztlw9Jn422rTtPVzkBBLYroYblpbcFS4TzcsRyztusKTRyOhf-MXL5y0_5Ln4LGNwkqrJhQCDaRoowTo1bnhrIqFBimyP6UUMULAwLH0c-ZY7WZSmzzLBvNkxtbaf1mE8foIMzYnVDZ4qs5QGjw8Ss4_wFrJzqMDE98OnYmy24tkYSRvsB-6TgBKzgcegIwK0P8rdi_ttdEdwTXIaLtx3oaVG7pbHeHnr1hRv69Pz4PZkoMU5ZHsoj8e1_5PW2Ob4n4NDxI5UgeP_z4cSudFkSuOblAe8RffwIatfAkzVzPc_QtEbkKtud4u92_dE0BPop7cbTXHWZcxKnXVWOFTV1TM8Pf8ts2TcyC9qTN0MptKIigrZ14OQkjN5RQfRQs3hu7fg_Asnk0OQ544f6bMK9plZmwVVEkjJi5UN98gmLT9BT26ratRn76NV4taO-63Kbvgl-jgV3FXAwf5gw-nSa8l7e-k5p1GjPul7t-k5vZweze4da2dx1ufeuwM0aWnzrGRdDAPXcFNd4vzXnhHjpwj-K826W5-D9RVFmyF3_U1obpBwZtStvVMe4tdtUvCZHHjfl3txKFcUezH_zm4Knn7NQ-TbLPKhm34mrxOsb8m6SgJUxIkkYe---nLoKiYseHrk5uIeOF5-LVKc0RwozsEfwUcBZqDQg0aXo4s_EO1sKR2Z-SFESYRvkReq8n4yvNZ10tfe6Jbnb8IQeayzu6MIyf3zempGREWGnu4vXSTpeM-DqdmT1JR6I0udfmipdyb4vXMGcXexO6NSOuquTF6mbVlF7yjCtQAaFUVznWjonaaPU3CmMPcM35v6snhfrlyKAid6dgid-kGHJr1W4lEqN_4Xjj_c9Vx2rM6Qc4eCTQvs0zafidKJhTx5x0CExmuV2rH0sAKTCvXUmzJdW9J7YeOY603-6EgYO60H1ztbZ3igZOPa3ZHOmYIeKSSRSyKUyRptxkC7D4LLJHPxRk389GCDolRjayY7uvhajX3sk6Z9LRhbBKx_QlNwPIu-b9ct_sg6H9E00c1pX0Vjh1EHS0n7seNPFy0XgnGu662vgIOzgKqXMCFT3Zh6pJ0GatVcjoueNAWEoVjUi7PjFdR3QlSp_VlruROWwQEtOv_VKwJp1CLCmbLcnN4wDLFT8NmIW2i9F4dBNPrT6hdBxdTDlpupjfg8Wj10x3WlwZKAYEax6g84yNZfSFxPnaSIWa1g6uJ0w50YX2pmRd89nO7N5OVKby5YKGr7PUhGRIebHEyL6MSga7p475zsUenEgSB1hcmrAabjYmsSHbhHoOGv5c_XG1ZpkIpJFlJ5CfP5CjY-4_JG2h7tGAMZg3Ca7zh744vQonmP6tvySCHbYD3MNk1VQfuwMkrRGSARL2kx1d1DU-9PDrI-PcfcII-xvOeR618SUeAcz-HGgWmOF9uSNCBCZEOLm7UQXp3JOBsWNxcP4KrZjg3bls7Ij2jjNRFz1Y0MyDl6Ll9YDKILktqU1mbA4xlOWgKcYMu_jjSJGNsCHQ6hf2LCQ50CZL9nfUyYp00OoMCiKoFGdF2lebLZ7eMkd-sYL_KxUmU5XN71X8Zjx1eCax6b9ixdYHhxT08zlrQrsZfgQOOKPUvHcyS1-xSl1Py3DhsZ58zImLf8rnUZIQmifFj_B_mSZ3Wk0RW9aNRHFc0Tv7TFF4wMl2P9isKLrx-yQf2uZTz-_FBGLW4jErwtjTHx48zg6ZyqD_enq5-bNzp0CwoQWv1HQijjehtOphxONF_pnnAbpNRclf_R1AwinUV2tiCffGjDrsi6ZsAcEoCL37LWAQaK1XJjS9HCIYWRpe0lqUszu5-NdI4fUYD2EmuXHbE8jD9TQHuv9E8nsn3j43a12wGi72CU4vvQx_C3TyWdSOLO6cEvPIhGLKRWvvLzVEIpCe1Q0sy2mFlNZDuphrHiUFfZqfSgq4h3CDtbzLt_H0Lk5g&cid=CAASFeRowy2_ohy_RGthjjjhyGwk7i8Rmw&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.5.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f156.1e100.net

Software

cafe /

Resource Hash

263a59b0a9e2487ac95c1fc309a0818365d703eb57dc7c69a4b009f87bbf0fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14444
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DF48 0
0 35ms
35ms Fetch
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4ZdHQSdwYfiDCbqwx_APodCmiASX8YfRZbaO7-q6DvAuEAEgh77eP2CV4pCCoAegAYbD7rwCyAEFqQKD3d5XsoCzPqgDAaoE-AFP0O0IVqUGpPK8VTNSreTWlbgZcd78eLfqpBLJQdKt6ZrRqV28m18dYUZWa_QI9vCsCJpj6yAZN1LROLNM2QJQLufco4nVoFHTVVrKV8QtphMg4MjVAgxOFx5mlMFwLe1LXwHs1x19cXSdkTnjBNze2eeHSJ8lmAB6yN9E2JvpV5DHt4MDxvKGn76SLD2X5eTPOPi9A3nOgte5sLcWsmLazMKETuCDXzbk4-XPEGJptKfVXCgK6ceiW7t9ENmHKm0VKC2LqgoF8pl8y3Z-5_glg2zGgX2ZrmIeNEr-QuExF-u0rR2SBRv_tSJ1Enkmq2Yl0NvGEkdeYMAE99LP1OcD4AQDiAX-5aW0N5IFBggDEAMYA5IFBggbEAMYA5IFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAH4ryRwwGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcA8gcKELjmFBj0s6i3AdIICQiI4YAQEAEYHYAKA8gLAbATqOfvDMgTwMXJ3gPQEwDYEwqIFPoB2BQB0BUBgBcBshceChwIABIUcHViLTM2OTIxNjQyNjA5NTgwNzcYj5ko&sigh=fW2AuEzdVgc&cid=CAQSPwCNIrLMbTnJkUuj0eqyFGASRF0vAfQIFe1N5rpo4J8BphhbdrAfQJPog3FG3piccwzPy0YfSELH6ySmpJFzRw&vt=10
Requested by: Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame DF48 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afc3627079f77e9746a0cf1531565b42a783bd22c53b5001ec996867718029ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 rules-p-effSsmMYCbAck.js Show response
rules.quantcount.com/ 3 B
428 B 39ms
7ms Script
application/javascript 143.204.98.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-effSsmMYCbAck.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-9.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 11:51:33 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
age: 9341
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 21:04:20 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 9xDwN_i_XBqvZsswx5VEV01a7r-6UvP4ojzH3ElYfSoikpwK1XXh2A==

GET
H2 200 rules-p-Pz67dCqdsHfxh.js Show response
rules.quantcount.com/ 147 B
603 B 39ms
8ms Script
application/javascript 143.204.98.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-9.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 57b7f2b2bcdd983268775ebc6ee71d208510b285d79dd058f2717248079c59d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 13:37:57 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
age: 2957
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 147
last-modified: Tue, 27 Apr 2021 19:10:31 GMT
server: AmazonS3
etag: "f7c84b69d3abe411fbfc06992543fbe2"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: TEceCQr6JmQKmm_fIWg0ZOZFZtbA_vP9GXWK1zQ-EU-wzOe5h8ul_A==

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D850 22 KB
8 KB 20ms
20ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 20 Oct 2021 10:47:01 GMT
expires: Thu, 20 Oct 2022 10:47:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 13212
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C7D0 22 KB
8 KB 20ms
20ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 20 Oct 2021 10:47:01 GMT
expires: Thu, 20 Oct 2022 10:47:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 13212
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1752 22 KB
8 KB 21ms
21ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 20 Oct 2021 10:47:01 GMT
expires: Thu, 20 Oct 2022 10:47:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 13212
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bcv1.js Show response
bid.underdog.media/ 268 KB
105 KB 10ms
9ms Script
application/x-javascript 143.204.98.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/bcv1.js
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.9.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.23 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-23.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f772cac6ecffa22c11192fb15b10f518ed0ce9d3dd38814a56ecefa146632e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:05 GMT
content-encoding: gzip
last-modified: Wed, 20 Oct 2021 14:00:05 GMT
server: AmazonS3
age: 9
etag: "bd3bf194aaf6fd983c93ff61228ecd52"
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: max-age=1800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 106531
x-amz-cf-id: RglXEnolkoJpaneey271W0Gm93JnWX1wPhLUdDcBklsPjARfSnlyJA==

GET
H2 200 rrv7.js Show response
bid.underdog.media/ 13 KB
6 KB 7ms
7ms Script
application/x-javascript 143.204.98.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/rrv7.js
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.9.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.23 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-23.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c3ec64c0ba8af874f0fad229caad4baca5dccbaec90671978994b4f8fea5b067

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 13:08:36 GMT
content-encoding: gzip
last-modified: Wed, 20 Oct 2021 13:00:03 GMT
server: AmazonS3
age: 4718
etag: "f650c90e1ec844c315137d4f826ec3ed"
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 5876
x-amz-cf-id: mzbE48NaAbwJPpPKQq4upSOPcIK_PhkFl8wXzCHmV_rA-tVk6Jj1_A==

GET
H/1.1 200
OK img.fetch Show response
udmserve.net/udm/ 1 B
470 B 150ms
150ms Script
application/x-javascript 68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to

Full URL: https://udmserve.net/udm/img.fetch?sid=15647;tid=1;dt=6;gdprApplies=true;consentGiven=false;consentData=cmpMissing
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.9.3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 Atlanta, United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 14:27:14 GMT
Connection: Keep-Alive
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Length: 1
Content-Type: application/x-javascript

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame DF48 41 KB
15 KB 21ms
21ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 14:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 14 Oct 2022 14:24:06 GMT

HEAD
H/1.1

200
OK

file.mp4
r5---sn-2gb7sn7r.c.2mdn.net/videoplayback/id/693eea397406125d/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666276033/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame DF48
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/693eea397406125d/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666276033/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r5---sn-2gb7sn7r.c.2mdn.net/videoplayback/id/693eea397406125d/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666276033/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

89ms
15ms

Fetch
video/mp4

172.217.130.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-2gb7sn7r.c.2mdn.net/videoplayback/id/693eea397406125d/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666276033/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5FEC6946133A190CC762187123CAC1FA4EC34D5C.668E08D6A048A8CECF64C7B306869BD2C02BED9D/key/cms1/cms_redirect/yes/mh/IZ/mip/216.131.111.149/mm/42/mn/sn-2gb7sn7r/ms/onc/mt/1634739650/mv/m/mvi/5/pl/24/file/file.mp4

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

172.217.130.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s08-in-f10.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 14:27:14 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2219947
Last-Modified: Mon, 11 Oct 2021 08:09:13 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 20 Oct 2021 14:27:14 GMT

Redirect headers

date: Wed, 20 Oct 2021 14:27:14 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 645
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r5---sn-2gb7sn7r.c.2mdn.net/videoplayback/id/693eea397406125d/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666276033/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5FEC6946133A190CC762187123CAC1FA4EC34D5C.668E08D6A048A8CECF64C7B306869BD2C02BED9D/key/cms1/cms_redirect/yes/mh/IZ/mip/216.131.111.149/mm/42/mn/sn-2gb7sn7r/ms/onc/mt/1634739650/mv/m/mvi/5/pl/24/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK mtrcs_220434.js Show response
s79.mxcdn.net/bb-mx/serve/ Frame E075 148 KB
57 KB 41ms
10ms Script
text/javascript 2.18.233.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.67 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0e5b69da40b0a2ea196d225b715d78a9b5e87fbbb20ee75902cda02ac2537d66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 14:27:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 13:02:38 GMT
Server: nginx
ETag: "\W00000582821634562158776"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control: public, max-age=1800
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 58282
Expires: Wed, 20 Oct 2021 14:57:14 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/ Frame 8E4E 6 KB
2 KB 53ms
23ms Document
text/html 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

f89afa533ee24b3e3e335bc5c0660e1c89d95e0fa11beca8da9fc8862a221ef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 1913
date: Wed, 20 Oct 2021 11:55:27 GMT
expires: Thu, 21 Oct 2021 11:55:27 GMT
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 9107
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E075 0
542 B 133ms
67ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssKscZjZpb0YkVBgEPXpYRrIJl5n7rkaE0eYhgQr8HXnPlWgxME-gNup19YY8tM-JpGhcj9Pe7VQrtHQryatS3A5_A-3C9C8VkjLRXMJxu_GmMxt-Ge106jUSA7R5LZV91oN6eCM9pxxtXMOWtCkC8bmQHocMZWb2RoKgWhrcuVuow5_b4XqsR07ac9AEJdnOSvYbd-KEvEy2QcSxMM_2zql3vvGQJ41xxXl0tXNxrck1B7UVy7kFySGrWxp173MrUZukuVe6Kyku_xk-m-n9n1KrSEfJ9_V8DG2khOaFndSXJ88-Ze9vWlnVs6Dgy0-rEwq9XRXnre2bpIvKhcA8GVYqKC6zzXzuzhmFCfwLrP_3AzYiB87olRfVnSfCeTbbGK-R5GCCXtybgc5oYne56lwyFnKqY9FxERr5XBJOear3mLHTrITYJVy0GXktiWpakP9TU9ZkIW8t8j-r4PTIhi_xXZCh4yvB1Ipix7ZyIy9CClgCHGptW6SSCkbw_EEQlwKVShbz7gghE-_6BcR2yYFivts8Cve01BYufsKCRTL2ziw1NmXb1UvdSGXKo0NATBe9R1kBNvxLDv5rh3TI184f4FZvyqg-uLmMZ1x-Zjqwd7UsHgshnWDnfdHKDZ6xWzuDbdjuvC53s78wHpmSVdOuRpo_r6sv21NiILB_EBPIkoSt7st1Pl0i1_JlfvrbL75Thuo7DDC_w14Z8tAZ2iTNkK839AUmtj_La4v2HsF3YL0qVUa7rgy0UirdafmwhJwhcdqW5IA5YHft6K0Z13Dv2u-TBpOBVFZPcLgL9ocDm3TZXIbIS-R7xKA0HP-Ju2WGJxtk1b51DF5g1ieq7AfcIvSS-ccT6rnpg75XLQTDSrvmrXievvEXxlS856Nt6JxRTE15BI_MO7iWypJ6zFMXO3jRsJn9EghK1rk7gWpRuK4t3OGNceMBQW9hxIZUtEslGlRJrJJ0efJuVJcPGIUcfzp-TgKyi99NhOCv1bmxRZ3-zi0X7lwbOgfEqH0ipK9jCNntdjgvai9Pz67xzAI6MmktoTmrohgi1S3aOgUA_MAFRuoxGidBqzFwNuvt1LBeDMhd-ENwnDc4Dvi3m0j90_84RgG1Z-wo-hEoGF0WAwEWKyVCU472AFN0mW79oMdxG0QohxPXeyCTZfkkVycsLlsVtz3qXppNeADA&sai=AMfl-YQMWuGqs7R9Z4pyyF8J_58IN0Bp7QAWbxaueH7SMh3VP3WsYu7TdpKTGXb1fafs8PRsB2RL8ftgTLagcOQIUKeDzpy-DUxd0QLGDFbieAtppHS7l9KW2AEkxFFklJhhVjxBz8vFDmikvG_5SwfcFlXSGDptbrPcWmt43i4&sig=Cg0ArKJSzKPSJx555E43EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=264&cbvp=1&cstd=262&cisv=r20211018.51894&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 20 Oct 2021 14:27:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK mtrcs_220434.js Show response
s79.mxcdn.net/bb-mx/serve/ Frame EC42 148 KB
57 KB 34ms
9ms Script
text/javascript 2.18.233.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.67 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0e5b69da40b0a2ea196d225b715d78a9b5e87fbbb20ee75902cda02ac2537d66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 14:27:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2021 13:02:38 GMT
Server: nginx
ETag: "\W00000582821634562158776"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control: public, max-age=1800
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 58282
Expires: Wed, 20 Oct 2021 14:57:14 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/ Frame 70DE 6 KB
2 KB 47ms
21ms Document
text/html 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

ac1e6d15b63403700f2748b80b53df9534307d7f02314259554cd32745c4b03b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 1925
date: Tue, 19 Oct 2021 15:10:46 GMT
expires: Wed, 20 Oct 2021 15:10:46 GMT
last-modified: Mon, 27 Sep 2021 15:27:51 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 83788
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EC42 0
61 B 166ms
104ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssgiMdrJ2PKktGRIETGoFQPm-hHIyTROkD6b5CHRk9UfAxJ5A8xlyfCN1BpGF6uVG6ba3HPsUHGRCwJsVWU-kurXu4ttbE-vJ88eyO974RyMs1mf9420LHrxt16oZDh-ihZZtTkeb-W2k9rSKNw38F3Qk8yfCXFdEIZ-_6H0aZ0EgeiwXf1rENFqRHzAr45Rh59FYbhYf_0UwVDcB_nYGZpjh3JiTGC1dDmHw7ocDaHTFQwr1k9Jcuz2i5AvjtuoHndkdeWREByH1sxusG568StxOqbxPbnVNZwHvX_rJOT9ImY0ruz-mnJCDmGJN96xC1fW3K5zmyL_NCgaWqgRk-tR30t9FWYGkBgVdY0gSpN8gXtbGKsuMj0XrybbpEO3QBYrCSeUKjLWbN7TJwsIEU4yW8UzE06sG14jgL1rtgDI76X5d9d-ptTezFpEZ5blUYSislmuEhgNnURjZ5qGviHkh0CEfB-j4deRUbb0bzVEH9pna8nPKhqPziiu6-BMQ-IoqsVAugD_DEdHpL4umwfVtWP5C5Q5rNlbRqKFmvVrJlydv5EU5yJkXJBodOqIxwhPL1GaGCuPrgYv7vMRHhTbgUuKqS3DLWvxLctS7_44eSM5Gb-0bz3hI_NnqGXiCQVZcKo4cygxtEJRNCAFzbC-1soWP9tvzO_Hwhfsg9TO-XYT_r4svGGzJRylTjAsmfPebcDZY3oOzmop-DN5Q7RmHdT9lqCDq9RAIPYu3DBD3Owpafop0VvreFoVOnsfqoF-kSis2iT7uUHDdrM1bZuFkYDhEufGogTWUveek_HJR0qlj79GQAhID0whSrwq5Qrb94_H0aUEcCaw4wSxu-7H7quMjW6FaOo-6Gcdw8B-ddRGh8ZuHohLmI9z9fsw2bCUnK3e0XsdRiMOhGy_EofjUB9DD4hq-bkM4uSTKglQ7OooegvzNAV6HoG2oW17Epj5303MyOtca8zb9qSlqfRVxefHql35YcqABBtbylb3CnXotPDNore89JLyeNpVPFstfaEV_3ynefjffCixBZRH0QcGmP4rqsNejZMIoLog684yl6RQW4zDrBdJOo7xpfowoNbvFz33S9pWNcqT3usbMfoMJNws-7WNNM400HYqsrV80WY9rrlX44FNCCt4aC_eUp2vUJbi8xtY6J7Z5DDquJUizOLWxKOlCupdbobp4WZ-9Tm&sai=AMfl-YRIRa3-Jdv4FOx3Es3xHtQdEN1Ck_Q2xz5we6kyuKBsJy189ZtQlmU268qVGDm-P8RwFZ4vejcyjuEQp0vbtiNFHIUqgC23EWtu47mcVpaHinGoqSnhSOBwALOdUUzKRtQkEf6mdZMqaC6gOopOKgMEyXb3SevpB2CxTHM&sig=Cg0ArKJSzFQW87G71EVJEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=236&cbvp=1&cstd=235&cisv=r20211018.73457&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 20 Oct 2021 14:27:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 728x090.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61693850/20210607064301236/ Frame EF3D 42 KB
10 KB 34ms
28ms Document
text/html 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61693850/20210607064301236/728x090.html?e=69&leftOffset=0&topOffset=0&c=jeV24bGAun&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

cdd0982100eac29820bbd1d8197c0e8c2c5957c07c69991a97ce89ebd19e6930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /ads/richmedia/studio/pv2/61693850/20210607064301236/728x090.html?e=69&leftOffset=0&topOffset=0&c=jeV24bGAun&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 10141
date: Wed, 20 Oct 2021 14:27:14 GMT
expires: Thu, 21 Oct 2021 14:27:14 GMT
cache-control: public, max-age=86400
last-modified: Mon, 07 Jun 2021 13:43:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FD9F 0
61 B 142ms
104ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvS9KxTWKslz-MBqjO_u4L8HD25scWmroTvM4466a3JtZnHDMbey6uzbWd_eS9UBLooL9siTKDZdZcEnb97aj7WSCUZznR4znaQ5vab6zO8f8CkFC0lKFP-oe_d6MpJQbh4NqHwKukCkQAUdCUNax9tOG4fvMEcquGEwtELwLympjfkzLSZYL7_Hv3G_VbN4ODf5_OATvA32F5Up1ZQZ4o2fYIHT_XgtTv18tkYckrtxPwCpP6jmJj9-qehGfkF_Cs8PcSWk-z5L05dGhkrPrGnbApuTko0MrnxeJu9LFRZ6BEI-QPT-P4jkYLvAZ3_1r0vxsdYG-LWLsbBLX9Sjy89iEXVppbbTHjKSzObqkD87LguKPUUv5dxao4PD75792v3u7Ol8tALsyLEpEPHXgpTHTuTx3QeEIZmWxZKl58IqucJswFfMF2RTewmpbDhWZ9aGVxEAwCqrJSUXleshyoQ9Xc6kq63Fyf24UcFbWQ3k_wBVVHH6R47WmLDXQVVldvu0g7kTm409iSFloHRvfZdc5ccMlQEUku3MCucGtlhIRPScIWtX0lQ1TLSjOMa2qJgWeqCa0xCIJkfXy9BkUeYujiJXTl34wmpiBQv6Sh1m6swQo2stVNJbkI0lLIFyZ0DqHq9chZ1_-sB4E8bNe10NOxjNDRT5v0iiiExH0yhL4Nj8_wPiKO3KlKW7J770il11Tu_b2_LOxUjQ7z9bNiL7LL3_uZ5_mx1oyirRDtuB9xj8vBDYwJWY_sZ7BJhdUJEzVnD76bgcgtXKk2AVHsHhPL2z_P0hykZxlHJH0jWiEZD7_XKFL-t_pR-bgMQvCDsto5NCJrZHIttsV_glzWxj_6isIytv6YwcE2k92RqlyFu9z7TiKvRgnc1wwLt4GXzHR3GaBeulVliHjCKENuPQqS8goT9A5ii9nTtd6slwFftJpRBEki2iCbr_WEpoaq1eZVIQA3fLWg8iz3F7KgjrJ6DrheAUYpl6lINOyJl8rYeonP38kq0hO_TzkOM2OV4rYp2eCaXZwDccHgYp_AfEmGawOtSalbLnGVofKx24O8Jyp3CuuuZMZpw-qMhRfmI28FVMhqHOzlRY2HUpjpLcZpLmjXLw8VeCP4SLzRI06JDohsnapvA2WK_ae7pELu8KveGzOA&sai=AMfl-YRVj_Y1b79m1L8NrQ05ZIWloXRjVZ1Z76q8iLe91V-pC2bTZ1nvoglix6ubxoY6HYlMxlkeGpGjmHXKUaVIx6xSBbLy4FJCDppHOXyTGbrXY0KFlIWtR4sqwI3XHD_qK9-sl1iCgWX7vuhi9JL4qlVKwsqgFoy9RYdnJ6k&sig=Cg0ArKJSzFaJi2jnf4npEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=274&cbvp=1&cstd=268&cisv=r20211018.78379&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 20 Oct 2021 14:27:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 pixel;r=1174483537;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.yallakora.com%2F;uht=2;fpan=1;fpa=P0-293463462-1634740034017;pbc=;ns=0;ce=1;qjs=1;qv=00a3769c-20210929173447;cm=;gdpr=0;ref=;d=yallak...
pixel.quantserve.com/ 35 B
371 B 11ms
11ms Image
image/gif 91.228.74.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1174483537;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.yallakora.com%2F;uht=2;fpan=1;fpa=P0-293463462-1634740034017;pbc=;ns=0;ce=1;qjs=1;qv=00a3769c-20210929173447;cm=;gdpr=0;ref=;d=yallakora.com;je=0;sr=1600x1200x24;dst=0;et=1634740034017;tzo=0;ogl=type.website%2Clocale.ar_AR%2Csite_name.%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9%252E%D9%83%D9%88%D9%85%2Ctitle.%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%89%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%20%D9%81%D9%89%20%D8%A7%D9%84%D8%B4%D8%B1%D9%82%20%D8%A7%D9%84%D8%A3%D9%88%D8%B3%D8%B7%2Curl.https%3A%2F%2Fwww%252Eyallakora%252Ecom%2F%2Cdescription.%D8%A7%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D9%83%D9%88%D8%B1%D8%A9%20%D9%88%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D8%A9%20%D8%A7%D9%84%D9%85%D8%B5%D8%B1%D9%8A%D8%A9%20%D9%88%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%D9%8A%D8%A9%20%D9%88%D9%85%D9%88%D8%A7%D8%B9%D9%8A%D8%AF%20%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%B9%D9%84%D9%8A%20%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9%2Cimage.https%3A%2F%2Fwww%252Eyallakora%252Ecom%2Fimages%2FSocialShare%2Fyallakora%252Ejpg

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:14 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pixel;r=1749022846;labels=edge.1%2Csid.15647;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.yallakora.com%2F;uht=2;fpan=0;fpa=P0-293463462-1634740034017;pbc=;ns=0;ce=1;qjs=1;qv=00a3769c-2021092917344...
pixel.quantserve.com/ 35 B
371 B 11ms
11ms Image
image/gif 91.228.74.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1749022846;labels=edge.1%2Csid.15647;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.yallakora.com%2F;uht=2;fpan=0;fpa=P0-293463462-1634740034017;pbc=;ns=0;ce=1;qjs=1;qv=00a3769c-20210929173447;cm=;gdpr=0;ref=;d=yallakora.com;je=0;sr=1600x1200x24;dst=0;et=1634740034018;tzo=0;ogl=type.website%2Clocale.ar_AR%2Csite_name.%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9%252E%D9%83%D9%88%D9%85%2Ctitle.%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%89%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%20%D9%81%D9%89%20%D8%A7%D9%84%D8%B4%D8%B1%D9%82%20%D8%A7%D9%84%D8%A3%D9%88%D8%B3%D8%B7%2Curl.https%3A%2F%2Fwww%252Eyallakora%252Ecom%2F%2Cdescription.%D8%A7%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D9%83%D9%88%D8%B1%D8%A9%20%D9%88%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D8%A9%20%D8%A7%D9%84%D9%85%D8%B5%D8%B1%D9%8A%D8%A9%20%D9%88%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%D9%8A%D8%A9%20%D9%88%D9%85%D9%88%D8%A7%D8%B9%D9%8A%D8%AF%20%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%B9%D9%84%D9%8A%20%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9%2Cimage.https%3A%2F%2Fwww%252Eyallakora%252Ecom%2Fimages%2FSocialShare%2Fyallakora%252Ejpg

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:14 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 6056 23 KB
9 KB 22ms
22ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/H0ZEmIz7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
date: Thu, 14 Oct 2021 14:24:07 GMT
expires: Fri, 14 Oct 2022 14:24:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 518587
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js Show response
pagead2.googlesyndication.com/bg/ Frame D850 35 KB
13 KB 20ms
20ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 09:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13430
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 20 Oct 2022 09:45:42 GMT

GET
H3 200 YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js Show response
pagead2.googlesyndication.com/bg/ Frame C7D0 35 KB
13 KB 22ms
21ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 09:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13430
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 20 Oct 2022 09:45:42 GMT

GET
H3 200 YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js Show response
pagead2.googlesyndication.com/bg/ Frame 1752 35 KB
13 KB 24ms
23ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 09:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13430
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 20 Oct 2022 09:45:42 GMT

GET
H/1.1 200
OK stat Show response
stat.meetrics.net/ Frame E075 82 B
351 B 43ms
10ms Script
application/javascript 148.251.50.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.meetrics.net/stat
Requested by: Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.50.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h571.meetrics.de
Software: nginx /
Resource Hash: 79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 14:27:14 GMT
Cache-Control: private, no-cache, must-revalidate
Last-Modified: Wed, 20 Oct 2021 14:27:01 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK gettag Show response
s79.research.de.com/bb-mxad/ Frame E075 0
208 B 43ms
11ms Script
application/octet-stream 144.76.185.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s79.research.de.com/bb-mxad/gettag
Requested by: Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.185.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h374.meetrics.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 14:27:14 GMT
Cache-control: private,must-revalidate
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/octet-stream

GET
H/1.1 200
OK submit
b36.s79.research.de.com/bb-mx/ Frame E075 43 B
291 B 52ms
18ms Image
image/gif 136.243.2.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b36.s79.research.de.com/bb-mx/submit?/EJ6eBiAAA/whFtBo0F0wFz6BvvAzwAj5BllF10Aj0B41A41A2lEi0B43A54AikF42Ak5BjkFhxBuzEhmFlmFyhFtlFunEvvFnsFlzF5uFkpFjhF0pFvuFujEvtFvzEhmFlmFyhFtlFvxAtwAtzA4vAo0FtsFvjEvuF0hFpuFlyFuoE0tFsBF5pyFo0F0wFz6BvvA33F3uB5hFssFhrFvyFhuBjvFtvB+k2FmywAyxAtxAwtAx4AtxAz6AwyAtyAywA0zA0tAyuAxyAztAm4By3AkxBx0AKp6Fsp3Fx2Az0A30AwwAzzA1zA0BEjwtFuvFulFnqnFluFtVETsBluFL2wFBLl1FC/2xF3CylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgBluFnpFulFfjFoyFvtFlfF5zAg3EpuFkvF3fF3lFirFp0Fz0FvyFhnFlpFumFvgB3pFukFv3Ff3FliFrpF0jFhuFjlFshFupFthF0pFvuFmyFhtFlgB3pFukFv3Ff3FliFrpF0yFlxF1lFz0FhuFptFh0FpvFumFyhFtlFgjEzzFf3FliFrpF0gBjwF1fF0gAyhFtfF4gAthF4fFluFnpFulFf5BzBELlnFB/k0FsBxgAwqFpkF9yAywA0zA0mAhkFj9B53A14Az2A2mAjwFpkF9yA22Aw4AwxAxmAzpF0lF91A51Ay3Az5AmwEshFjlF9zAx1Ax1AzzA12AmjEpkF9xA14AzzAw4A20AmzEp6Fl9B3yA44E5wAmjEi9BzxA42Ay3AyzA3yAUkzFpBFAAAAAAYLaBaBAPAAAAAAAAAOAAAAGBAAAAAYLaBaBABPcAAAAAAAABgBLAZEAAFAx8Ez8ExBEFA01Ax1AyBErEiuAPAAAFAAgBLTEiuASksFwEbAAAAAAAAAAAAEAAAgBLAAAAAAAIAy2A2wA4wAxxAJAzxA1xA1zAz1A2BEHA15A1yA3zA5BEGA3yA44E5wAJAx1A4zAzwA42A0BEHA53A14Az2A2BEdAAAAAAYLAaBAFAAAEiuAAAaBo0F0wFz6BvvAzwBuyAtkFuuBulF0vB53A14Az2A2vAx2AzyA31A20A25Ax1A2vA1tAJXFFtBChF5vFurBtMElhFklFyiFvhFykFt3Ay4A45BwtAChF5vFuvBpuFklF4uBo0FtsFCATCFAAAAAAAAAAAAAAGAJGFSBFNFFQtjFPbt2VA
Requested by: Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.2.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h563.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 14:27:14 GMT
Server: nginx
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Wed, 20 Oct 2021 14:27:13 GMT

GET
H/1.1 200
OK data
b36.s79.research.de.com/ Frame E075 43 B
308 B 52ms
18ms Image
image/gif 136.243.2.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b36.s79.research.de.com/data?/EJ6eCjAAAl2yFuvFfhFwpFLktFDTkzFARksFAQtjFpeVNSA
Requested by: Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.2.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h563.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 14:27:14 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Wed, 20-Oct-21 14:27:13 GMT

GET
H/1.1 200
OK stat Show response
stat.meetrics.net/ Frame EC42 82 B
351 B 13ms
10ms Script
application/javascript 148.251.50.176
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.meetrics.net/stat
Requested by: Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.50.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h571.meetrics.de
Software: nginx /
Resource Hash: 79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 14:27:14 GMT
Cache-Control: private, no-cache, must-revalidate
Last-Modified: Wed, 20 Oct 2021 14:27:01 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK gettag Show response
s79.research.de.com/bb-mxad/ Frame EC42 0
208 B 33ms
15ms Script
application/octet-stream 144.76.185.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s79.research.de.com/bb-mxad/gettag
Requested by: Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.185.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h374.meetrics.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 14:27:14 GMT
Cache-control: private,must-revalidate
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/octet-stream

GET
H/1.1 200
OK submit
b33.s79.research.de.com/bb-mx/ Frame EC42 43 B
291 B 53ms
12ms Image
image/gif 148.251.194.218
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b33.s79.research.de.com/bb-mx/submit?/YyKZBRAAA/whFtBo0F0wFz6BvvAzwAj5BllF10Aj0B41A41A2lEi0B43A54AikF42Ak5BjkFhxBuzEhmFlmFyhFtlFunEvvFnsFlzF5uFkpFjhF0pFvuFujEvtFvzEhmFlmFyhFtlFvxAtwAtzA4vAo0FtsFvjEvuF0hFpuFlyFuoE0tFsBF5pyFo0F0wFz6BvvA33F3uB5hFssFhrFvyFhuBjvFtvB+k2FmywAyxAtxAwtAx4AtxAz6AwyAtyAywA0zA0tAyuAxyAztAm4By3AkxBx0AKp6Fsp3Fx2Az0A30AwwAzzA11A5BEjwtFuvFulFnqnFluFtVETsBluFL2wFBLl1FC/2xF3CylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgBluFnpFulFfjFoyFvtFlfF5zAg3EpuFkvF3fF3lFirFp0Fz0FvyFhnFlpFumFvgB3pFukFv3Ff3FliFrpF0jFhuFjlFshFupFthF0pFvuFmyFhtFlgB3pFukFv3Ff3FliFrpF0yFlxF1lFz0FhuFptFh0FpvFumFyhFtlFgjEzzFf3FliFrpF0gBjwF1fF0gAyhFtfF4gAthF4fFluFnpFulFf5BzBELlnFB/k0FtBxgAwqFpkF9yAywA0zA0mAhkFj9B53A14Az2A2mAjwFpkF9yA22Aw4AwxAxmAzpF0lF91A51Ay3Az5AmwEshFjlF9zAx1Ay5A0yA33AmjEpkF9xA14A13Ay3A5xAmzEp6Fl9BzwAw4Ey1AwmAjiF9yAy5A3xA5xAz5AyBEUkzFpBFAAAAAAsE6D6DAPAAAAAAAAAOAAAAGBAAAAAsE6D6DABPMAAAAAAAABLqKAZDAAFAx8Ez8ExBEFA0zA21A5BErkz8APAAAFAALqKTkz8ASksFqEbAAAAAAAAAAAAEAAALqKAAAAAAAIAy2A2wA4wAxxAJAzxA1yA50Ay3A3BEHA15A1yA3zA5BEHAzwAw4Ey1AwBEJAx1A41A3yA35AxBEHA53A14Az2A2BEdAAAAAAsEA6DAFAAAkz8AAAUBo0F0wFz6BvvAzwBuyAtkFuuBulF0vB53A14Az2A2vAx2AzyA31A20A3xAx5A1vA2tAJXFFtBChF5vFurBtNEylFjtBzwAw4Ey1AwtAChF5vFuvBpuFklF4uBo0FtsFCANSFAAAAAAAAAAAAAAGAJGFSBFNFFQtjFbJO1VA
Requested by: Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.194.218 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h351.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 14:27:14 GMT
Server: nginx
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Wed, 20 Oct 2021 14:27:13 GMT

GET
H/1.1 200
OK data
b33.s79.research.de.com/ Frame EC42 43 B
308 B 51ms
11ms Image
image/gif 148.251.194.218
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b33.s79.research.de.com/data?/YyKZCRAAAl2yFuvFfhFwpFLktFDTkzFARksFAQtjFTfVNSA
Requested by: Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.194.218 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h351.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 14:27:14 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Wed, 20-Oct-21 14:27:13 GMT

GET
DATA 200
OK truncated
/ Frame E075 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d504499223a9fbd4c390d27ebc365f435d609f31c3ac5246880bf514c5908682

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 70DE 60 KB
24 KB 28ms
28ms Script
text/javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Oct 2021 14:27:14 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/js/ Frame 70DE 2 KB
759 B 21ms
20ms Script
text/javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/js/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

b9e5d5aae62603ad35dbe94e6d5e4f0b45a25d808b7ff441dd3cbedf7cae7447

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:26:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14464
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 733
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Oct 2021 10:26:10 GMT

GET
DATA 200
OK truncated
/ Frame EC42 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 287d87c701152a102450c44aab98925cde96cab9286f8a19877ad33f969242e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 8E4E 60 KB
24 KB 38ms
37ms Script
text/javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Oct 2021 14:27:14 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/js/ Frame 8E4E 2 KB
759 B 30ms
29ms Script
text/javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/js/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

54980d0ce1ab462210a69cea7a8f61f66d7baf954c2fba0dc4030a6b6e7cb36f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 06:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 733
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Oct 2021 06:25:55 GMT

GET
H3 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame EF3D 110 KB
38 KB 21ms
20ms Script
text/javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61693850/20210607064301236/728x090.html?e=69&leftOffset=0&topOffset=0&c=jeV24bGAun&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61693850/20210607064301236/728x090.html?e=69&leftOffset=0&topOffset=0&c=jeV24bGAun&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 09:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16836
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Oct 2021 09:46:38 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame EF3D 60 KB
24 KB 55ms
54ms Script
text/javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61693850/20210607064301236/728x090.html?e=69&leftOffset=0&topOffset=0&c=jeV24bGAun&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61693850/20210607064301236/728x090.html?e=69&leftOffset=0&topOffset=0&c=jeV24bGAun&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Oct 2021 14:27:14 GMT

GET
DATA 200
OK truncated
/ Frame FD9F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f051ab561b9b4ad5fd2529e1dbd76dfd2a2321735208981de3cb26b29e3f5a3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK data
b36.s79.research.de.com/ Frame E075 43 B
308 B 11ms
11ms Image
image/gif 136.243.2.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b36.s79.research.de.com/data?/EJ6eDmEAA4rvFo0F0wFz6BvvA33F3uB5hFssFhrFvyFhuBjvFtBFLruFBLkqFFlqwFyyAw0Az0ALl1FDLkqFK0kyByyAw0Az0A6zE0hF0jFi6BwyFl0FptFlBF2qoFx2Az0A30AwwAzzA1zA0vEq4F4pF52Fp3F3BFL2vFBlqwFyyAw0Az0ALkmFBTkzFzPoBAAZAwSAcAAAAQfBAAAAAAAYAAAAoDAQBAAAAAAAAXAAAAoDARksFAQtjFpncWSA
Requested by: Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.2.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h563.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 14:27:14 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Wed, 20-Oct-21 14:27:13 GMT

GET
H3 206 file.mp4
r5---sn-2gb7sn7r.c.2mdn.net/videoplayback/id/693eea397406125d/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666276033/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame DF48 2 MB
2 MB 30ms
14ms Media
video/mp4 172.217.130.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.130.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s08-in-f10.1e100.net

Software

gvs 1.0 /

Resource Hash

fdf126d0dfca8732f89303551ad8ddc330d15085228f621255b56c463ccaa7cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 20 Oct 2021 14:27:14 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2219946/2219947
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2219947
expires: Wed, 20 Oct 2021 14:27:14 GMT
last-modified: Mon, 11 Oct 2021 08:09:13 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
client-protocol: quic

GET
H/1.1 200
OK data
b33.s79.research.de.com/ Frame EC42 43 B
308 B 13ms
13ms Image
image/gif 148.251.194.218
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b33.s79.research.de.com/data?/YyKZDMEAA4rvFo0F0wFz6BvvA33F3uB5hFssFhrFvyFhuBjvFtBFLruFBLkqFFlqwFyyAw0Az0ALl1FDLkqFK0kyByyAw0Az0A6zE0hF0jFi6BwyFl0FptFlBF2qoFx2Az0A30AwwAzzA11A54EzzB64Fl3FkpF1BFL2vFBlqwFyyAw0Az0ALkmFBTkzFzPcCAAZAwSAcAAAAQSAAAAAAAAYAAAA+CAQAAAAAAAAAXAAAA+CARksFAQtjF3RTWSA
Requested by: Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.194.218 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h351.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 14:27:14 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Wed, 20-Oct-21 14:27:13 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame EC42 0
23 B 87ms
60ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssgiMdrJ2PKktGRIETGoFQPm-hHIyTROkD6b5CHRk9UfAxJ5A8xlyfCN1BpGF6uVG6ba3HPsUHGRCwJsVWU-kurXu4ttbE-vJ88eyO974RyMs1mf9420LHrxt16oZDh-ihZZtTkeb-W2k9rSKNw38F3Qk8yfCXFdEIZ-_6H0aZ0EgeiwXf1rENFqRHzAr45Rh59FYbhYf_0UwVDcB_nYGZpjh3JiTGC1dDmHw7ocDaHTFQwr1k9Jcuz2i5AvjtuoHndkdeWREByH1sxusG568StxOqbxPbnVNZwHvX_rJOT9ImY0ruz-mnJCDmGJN96xC1fW3K5zmyL_NCgaWqgRk-tR30t9FWYGkBgVdY0gSpN8gXtbGKsuMj0XrybbpEO3QBYrCSeUKjLWbN7TJwsIEU4yW8UzE06sG14jgL1rtgDI76X5d9d-ptTezFpEZ5blUYSislmuEhgNnURjZ5qGviHkh0CEfB-j4deRUbb0bzVEH9pna8nPKhqPziiu6-BMQ-IoqsVAugD_DEdHpL4umwfVtWP5C5Q5rNlbRqKFmvVrJlydv5EU5yJkXJBodOqIxwhPL1GaGCuPrgYv7vMRHhTbgUuKqS3DLWvxLctS7_44eSM5Gb-0bz3hI_NnqGXiCQVZcKo4cygxtEJRNCAFzbC-1soWP9tvzO_Hwhfsg9TO-XYT_r4svGGzJRylTjAsmfPebcDZY3oOzmop-DN5Q7RmHdT9lqCDq9RAIPYu3DBD3Owpafop0VvreFoVOnsfqoF-kSis2iT7uUHDdrM1bZuFkYDhEufGogTWUveek_HJR0qlj79GQAhID0whSrwq5Qrb94_H0aUEcCaw4wSxu-7H7quMjW6FaOo-6Gcdw8B-ddRGh8ZuHohLmI9z9fsw2bCUnK3e0XsdRiMOhGy_EofjUB9DD4hq-bkM4uSTKglQ7OooegvzNAV6HoG2oW17Epj5303MyOtca8zb9qSlqfRVxefHql35YcqABBtbylb3CnXotPDNore89JLyeNpVPFstfaEV_3ynefjffCixBZRH0QcGmP4rqsNejZMIoLog684yl6RQW4zDrBdJOo7xpfowoNbvFz33S9pWNcqT3usbMfoMJNws-7WNNM400HYqsrV80WY9rrlX44FNCCt4aC_eUp2vUJbi8xtY6J7Z5DDquJUizOLWxKOlCupdbobp4WZ-9Tm&sai=AMfl-YRIRa3-Jdv4FOx3Es3xHtQdEN1Ck_Q2xz5we6kyuKBsJy189ZtQlmU268qVGDm-P8RwFZ4vejcyjuEQp0vbtiNFHIUqgC23EWtu47mcVpaHinGoqSnhSOBwALOdUUzKRtQkEf6mdZMqaC6gOopOKgMEyXb3SevpB2CxTHM&sig=Cg0ArKJSzFQW87G71EVJEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=650&vt=11&dtpt=414&dett=3&cstd=235&cisv=r20211018.73457&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 14:27:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 txt1@2x.png
s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/ Frame 70DE 8 KB
8 KB 21ms
20ms Image
image/png 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/txt1@2x.png

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

d63b5fc0e557e90265b6bbeb1df0ff666385c40169707201a04a256bfdecfcc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 11:52:50 GMT
x-content-type-options: nosniff
age: 9264
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8451
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Oct 2021 11:52:50 GMT

GET
H3 200 logo.svg
s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/ Frame 70DE 2 KB
1 KB 21ms
21ms Image
image/svg+xml 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/logo.svg

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 11:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9263
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Oct 2021 11:52:51 GMT

GET
H3 200 bg1@2x.jpg
s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/ Frame 70DE 38 KB
38 KB 22ms
21ms Image
image/jpeg 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/bg1@2x.jpg

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

af8fafb5f486021de43b1191f32384766ab582ce9a7c99c1cd858ee4eb2b3929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 11:52:50 GMT
x-content-type-options: nosniff
age: 9264
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38526
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Oct 2021 11:52:50 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E075 0
23 B 61ms
58ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssKscZjZpb0YkVBgEPXpYRrIJl5n7rkaE0eYhgQr8HXnPlWgxME-gNup19YY8tM-JpGhcj9Pe7VQrtHQryatS3A5_A-3C9C8VkjLRXMJxu_GmMxt-Ge106jUSA7R5LZV91oN6eCM9pxxtXMOWtCkC8bmQHocMZWb2RoKgWhrcuVuow5_b4XqsR07ac9AEJdnOSvYbd-KEvEy2QcSxMM_2zql3vvGQJ41xxXl0tXNxrck1B7UVy7kFySGrWxp173MrUZukuVe6Kyku_xk-m-n9n1KrSEfJ9_V8DG2khOaFndSXJ88-Ze9vWlnVs6Dgy0-rEwq9XRXnre2bpIvKhcA8GVYqKC6zzXzuzhmFCfwLrP_3AzYiB87olRfVnSfCeTbbGK-R5GCCXtybgc5oYne56lwyFnKqY9FxERr5XBJOear3mLHTrITYJVy0GXktiWpakP9TU9ZkIW8t8j-r4PTIhi_xXZCh4yvB1Ipix7ZyIy9CClgCHGptW6SSCkbw_EEQlwKVShbz7gghE-_6BcR2yYFivts8Cve01BYufsKCRTL2ziw1NmXb1UvdSGXKo0NATBe9R1kBNvxLDv5rh3TI184f4FZvyqg-uLmMZ1x-Zjqwd7UsHgshnWDnfdHKDZ6xWzuDbdjuvC53s78wHpmSVdOuRpo_r6sv21NiILB_EBPIkoSt7st1Pl0i1_JlfvrbL75Thuo7DDC_w14Z8tAZ2iTNkK839AUmtj_La4v2HsF3YL0qVUa7rgy0UirdafmwhJwhcdqW5IA5YHft6K0Z13Dv2u-TBpOBVFZPcLgL9ocDm3TZXIbIS-R7xKA0HP-Ju2WGJxtk1b51DF5g1ieq7AfcIvSS-ccT6rnpg75XLQTDSrvmrXievvEXxlS856Nt6JxRTE15BI_MO7iWypJ6zFMXO3jRsJn9EghK1rk7gWpRuK4t3OGNceMBQW9hxIZUtEslGlRJrJJ0efJuVJcPGIUcfzp-TgKyi99NhOCv1bmxRZ3-zi0X7lwbOgfEqH0ipK9jCNntdjgvai9Pz67xzAI6MmktoTmrohgi1S3aOgUA_MAFRuoxGidBqzFwNuvt1LBeDMhd-ENwnDc4Dvi3m0j90_84RgG1Z-wo-hEoGF0WAwEWKyVCU472AFN0mW79oMdxG0QohxPXeyCTZfkkVycsLlsVtz3qXppNeADA&sai=AMfl-YQMWuGqs7R9Z4pyyF8J_58IN0Bp7QAWbxaueH7SMh3VP3WsYu7TdpKTGXb1fafs8PRsB2RL8ftgTLagcOQIUKeDzpy-DUxd0QLGDFbieAtppHS7l9KW2AEkxFFklJhhVjxBz8vFDmikvG_5SwfcFlXSGDptbrPcWmt43i4&sig=Cg0ArKJSzKPSJx555E43EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=707&vt=11&dtpt=443&dett=3&cstd=262&cisv=r20211018.51894&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 14:27:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js Show response
pagead2.googlesyndication.com/bg/ Frame 6056 35 KB
13 KB 20ms
20ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 09:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13430
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 20 Oct 2022 09:45:42 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame FD9F 0
23 B 59ms
58ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvS9KxTWKslz-MBqjO_u4L8HD25scWmroTvM4466a3JtZnHDMbey6uzbWd_eS9UBLooL9siTKDZdZcEnb97aj7WSCUZznR4znaQ5vab6zO8f8CkFC0lKFP-oe_d6MpJQbh4NqHwKukCkQAUdCUNax9tOG4fvMEcquGEwtELwLympjfkzLSZYL7_Hv3G_VbN4ODf5_OATvA32F5Up1ZQZ4o2fYIHT_XgtTv18tkYckrtxPwCpP6jmJj9-qehGfkF_Cs8PcSWk-z5L05dGhkrPrGnbApuTko0MrnxeJu9LFRZ6BEI-QPT-P4jkYLvAZ3_1r0vxsdYG-LWLsbBLX9Sjy89iEXVppbbTHjKSzObqkD87LguKPUUv5dxao4PD75792v3u7Ol8tALsyLEpEPHXgpTHTuTx3QeEIZmWxZKl58IqucJswFfMF2RTewmpbDhWZ9aGVxEAwCqrJSUXleshyoQ9Xc6kq63Fyf24UcFbWQ3k_wBVVHH6R47WmLDXQVVldvu0g7kTm409iSFloHRvfZdc5ccMlQEUku3MCucGtlhIRPScIWtX0lQ1TLSjOMa2qJgWeqCa0xCIJkfXy9BkUeYujiJXTl34wmpiBQv6Sh1m6swQo2stVNJbkI0lLIFyZ0DqHq9chZ1_-sB4E8bNe10NOxjNDRT5v0iiiExH0yhL4Nj8_wPiKO3KlKW7J770il11Tu_b2_LOxUjQ7z9bNiL7LL3_uZ5_mx1oyirRDtuB9xj8vBDYwJWY_sZ7BJhdUJEzVnD76bgcgtXKk2AVHsHhPL2z_P0hykZxlHJH0jWiEZD7_XKFL-t_pR-bgMQvCDsto5NCJrZHIttsV_glzWxj_6isIytv6YwcE2k92RqlyFu9z7TiKvRgnc1wwLt4GXzHR3GaBeulVliHjCKENuPQqS8goT9A5ii9nTtd6slwFftJpRBEki2iCbr_WEpoaq1eZVIQA3fLWg8iz3F7KgjrJ6DrheAUYpl6lINOyJl8rYeonP38kq0hO_TzkOM2OV4rYp2eCaXZwDccHgYp_AfEmGawOtSalbLnGVofKx24O8Jyp3CuuuZMZpw-qMhRfmI28FVMhqHOzlRY2HUpjpLcZpLmjXLw8VeCP4SLzRI06JDohsnapvA2WK_ae7pELu8KveGzOA&sai=AMfl-YRVj_Y1b79m1L8NrQ05ZIWloXRjVZ1Z76q8iLe91V-pC2bTZ1nvoglix6ubxoY6HYlMxlkeGpGjmHXKUaVIx6xSBbLy4FJCDppHOXyTGbrXY0KFlIWtR4sqwI3XHD_qK9-sl1iCgWX7vuhi9JL4qlVKwsqgFoy9RYdnJ6k&sig=Cg0ArKJSzFaJi2jnf4npEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=694&vt=11&dtpt=420&dett=3&cstd=268&cisv=r20211018.78379&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 14:27:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 txt1@2x.png
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/ Frame 8E4E 2 KB
2 KB 21ms
21ms Image
image/png 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/txt1@2x.png

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

b02a3233f069f3f0ccfd31f2021073f91e74b438c7b69d201dd5c1719557f321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 11:54:24 GMT
x-content-type-options: nosniff
age: 9170
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1685
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Oct 2021 11:54:24 GMT

GET
H3 200 logo.svg
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/ Frame 8E4E 2 KB
1 KB 27ms
27ms Image
image/svg+xml 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/logo.svg

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 19:24:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68563
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Oct 2021 19:24:31 GMT

GET
H3 200 bg1@2x.jpg
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/ Frame 8E4E 24 KB
24 KB 28ms
27ms Image
image/jpeg 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/bg1@2x.jpg

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

b2732f593e4de0876048948d71b5c75f140349eaed97c3d2b15a25fa74863058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 11:54:24 GMT
x-content-type-options: nosniff
age: 9170
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24287
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Oct 2021 11:54:24 GMT

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame EF3D 47 KB
47 KB 20ms
20ms Font
font/woff2 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61693850/20210607064301236/728x090.html?e=69&leftOffset=0&topOffset=0&c=jeV24bGAun&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:16:31 GMT
x-content-type-options: nosniff
age: 643
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Oct 2021 14:31:31 GMT

GET
H3 200 OnAir-Regular.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame EF3D 47 KB
47 KB 25ms
24ms Font
font/woff2 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Regular.woff2

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61693850/20210607064301236/728x090.html?e=69&leftOffset=0&topOffset=0&c=jeV24bGAun&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:15:40 GMT
x-content-type-options: nosniff
age: 694
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Oct 2021 14:30:40 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EF3D 6 KB
4 KB 300ms
39ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ca2e18935538264c89ccd4e797350771baf019387b6031a022bace802b5c8e81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 14:27:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4542
x-xss-protection: 0

GET
H3 200 60005582_20210629042147532_BG_728x090.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame EF3D 6 KB
6 KB 21ms
21ms Image
image/png 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210629042147532_BG_728x090.png

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

0e9eea9a1fec7f77159799cbc449772783fa9be8b8194453b618eccee9cacc2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61693850/20210607064301236/728x090.html?e=69&leftOffset=0&topOffset=0&c=jeV24bGAun&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 22:21:09 GMT
x-content-type-options: nosniff
age: 57965
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6288
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 11:21:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Oct 2021 22:21:09 GMT

GET
H3 200 60005582_20180201040701083_empty.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame EF3D 95 B
124 B 29ms
29ms Image
image/png 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20180201040701083_empty.png

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61693850/20210607064301236/728x090.html?e=69&leftOffset=0&topOffset=0&c=jeV24bGAun&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 08:57:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Feb 2018 12:07:01 GMT
server: sffe
age: 19788
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
expires: Thu, 21 Oct 2021 08:57:26 GMT

GET
H3 200 60005582_20210629042209489_INTRO_728x090.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame EF3D 26 KB
26 KB 33ms
33ms Image
image/png 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210629042209489_INTRO_728x090.png

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

f2ead10125aa33745bf21d80d3acc76c090265f59587300706cf441ad52c7aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61693850/20210607064301236/728x090.html?e=69&leftOffset=0&topOffset=0&c=jeV24bGAun&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 22:30:46 GMT
x-content-type-options: nosniff
age: 57388
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26392
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 11:22:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Oct 2021 22:30:46 GMT

GET
H3 200 60005582_20210615073459223_iP12-Pro-Max_nologo_asset.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame EF3D 31 KB
31 KB 30ms
29ms Image
image/png 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210615073459223_iP12-Pro-Max_nologo_asset.png

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

b099c9a190810bb84ddff89169f156f0aa1b786d241f840bd22cb434d69b8b32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61693850/20210607064301236/728x090.html?e=69&leftOffset=0&topOffset=0&c=jeV24bGAun&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 22:01:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Jun 2021 14:34:59 GMT
server: sffe
age: 59162
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32140
x-xss-protection: 0
expires: Wed, 20 Oct 2021 22:01:12 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame EF3D 43 B
609 B 267ms
8ms Image
image/gif 82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=25667676_4307561_303907625_145971039_-0&ref=25667676_4307561_303907625_145971039_-0
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 Ingelheim am Rhein, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 14:27:14 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D850 0
20 B 55ms
55ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BfOXVQSdwYd2YKIyLjuwP0YqboA0AAAAAOAHgBAI&bg=!WFulWx_NAAao6lBpqOo7ACkAdvg8WrZQctm9-WWtp82fSvRCdUpIzH3kPbjiFkvnfkZgI4ED9-pmMgIAAAGgUgAAABdoAQcKAHWqSxn4M0lRs5ce35wB51kEaUUhh7KjFfGY8gI-GElv7TiUXj1su3Ec09_lXnyPQPjxbMhpL9A0QVTAwAF4NMw4F9o83oii7kV8SYLdwQLkX9vr7BUWNfO0VaxnGbXzzU2MAfMZSUs4n18C-RPGqce4CJ376uuZAv3NH6MyJj9zPTpqHE4Ie4-K_Gesq59vK3E8M63unLI5-Q_EH3fAVvUwHWgxVvCTeXq2GH2Jy2yvuzr3qIjzzln4NPSSYBJC-V7V7Hd25nuXyRcC3iV7eOEMrBdgwbZTO61BNs8ECTFqnaBQC2PDtLtIFm5cw_Vd-4PmPKQZgNA2J_0AyW1lMt062N7yPbDONEUPRJhQHbK6PT93TyuOGZQyxxGEdGua46cr438qgc79mZEX7hKc6OD6HQ7Ln1VcRtA6wBeMLOJC0J926o_gwEnFirkgcSniXBG5VWRPCXRF3nCidtlkPAi1ARthLHTQB3V5VrdUBFltrPzRJgyCUTAjuIT5kos9yA1JTbC1eLE1fZzgbxPA6_q8AzQcs5NOdxDKKpFNJc1o7BzQz_AEpeSF5T_FDhwx75acjuXsoZa-TwHymujSkXp9CU21F0O-CSW0TE9iLV0iKKWIDAfaeQfWq8cDSY2ZWhKSp6zsJkDyDQv0Dy_GSB0lGrAsOrgyy8d2Bjk4Ng0gSJrZgULjJPaLbOo9im8nU0y6JSaCkls4VB3iLRQASHODtxGmG9_ANXv48EgaIkwmwgRbHT5fPGppPpLLXBbL21v8XxEKjuSzlzARFnc3MLRtVddQP4Sl0X83IykpXnkkhjzXLYf7_jM9iprNJJq27pzsmVqSygRPGsI1V01pR3GAV-dyueRvK7Z2v2DW1AcuxafhqXbhYo91UusQKs0vdCDpbPq1QYJt4Gm6UcD0_2O9dLCTxJ1MUYlgv-k9YCvKaGy6b-Rd6MPK5ogUEZ1dcC12RAnQWDtrJMogZDGsf9-sjW8tWu8v-wpT-Gi_648YUbC5vzVEJ19ACBKoSIIJeKT80hoYUU5O1jix4vfWs8zVcrYpp9Mj8qlDVpj5qWIkpbDTJdasA_6kLcjD_AVrbxm71gmQYUvE-iuAPxE4Rt59iYC84GvA4BU40-cwL3iW7-2vdkdCeYeekq-MYbXompxJzIBMmeMnN4Oaz5QUUO44X11Wa0I

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C7D0 0
20 B 56ms
56ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BsVpFQSdwYcCOKYSu3gOI7JvQAgAAAAA4AeAEAg&bg=!BQalBkLNAAao6lBpqOo7ACkAdvg8WsyPL-aWB8mGHcwQw3Dj3FEv8bHGazoXL1dmx6m__iBGxbB76AIAAAGWUgAAABRoAQeZAxpHeNMmjkNHUqOa_-xrRDrAflT3ZIXCE4iL8ev-1NAochi5m4ebZiTqjVHhhUpWLnvXAd4WWUVsdEDJBnubnAAKKTKu6eIDlAXHcx7CqeS3kxABWwxn0wZF_QIgrK3BW7wmezNc1r--WSB5AODb-V5SxXaavizlwOwTW5dnYFqSlDnDuMH-yUchfkEzy6JSexgjFW9898J7pOrmwn0ACej0BvAVOaWDW3qRfy8cjni26zWVq0h1DxqKBYChTs_hF74RuqdrcCIkQZEqt8lJnUfe_yEy85kEsVbUc12CkVajSl5xqdIkHijsHrWXR1O-Bnd3bxXF9ujyrA2Ly2GiO92q9ohWvLghhe-xW-1Na6JKyqm1Yet20oStjgolVN8NRcZiAa4bWMr0qL2hDawMhEniBRH5Z5FG5UG0B2e9bKYM2ywxvrocMFgoyvt5-8pQE63GInvTp2aQdFVIX9GTDDgSrNr_8WblxOtk4TOgiu4YQhukB6WOvsK8mEDHiKPm9Mp8fTeEcldJRO5EAHLA_kVU5iH8ttEUaG_L-1UxNVX9may8q-OmHRlxc_aYVS2IAL1SIsQJIcwORV7_eVUn4V1RuUVS9JyyWtbY4YTYUO4drfsBBhE0ut9sku5Mb5yJMZ5D-SA4wLr5C6lKoOYUMkM3uJMI1ReW9Es3CVW16Zp990zU7usJvbC6ss4wWPCeIZVypNnidrsdNTK1gdtnLZhvdGfIkIpgdRfWaIy8nKprRf4Dx6kvazlGBOb9yp9h9fHJfu1-VOe_3sKYyUZwSLLnmCGRPJJroIyacoAXAithMeMqyg1mn25wpSoqzi88868PEqg6l8nkp7RhAu__XqZiS8xg1EFaav6n07w6SpQgW3_8zOBDEMO379psEXVwdWbCh1ONeS7NULWRHqxHOzKzkjd4ycv0vbLxoKijVSKH73yYdv7aZLiyHdAyIEDVNGKmn7Mxas4ES5glN3JeN5o5_G6WLO8quYm5nv_vNBOrePCRKbypFkdEwcKvMqDwG3u6HvX6w8lnqM0B4jwIgXtCCwh0rkUFtOItCw

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1752 0
20 B 56ms
55ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdSlnQSdwYYb2J8PV7_UP9bCj8A4AAAAAOAHgBAI&bg=!2Nul25_NAAao6lBpqOo7ACkAdvg8WoLCfwKVe-7-A1pbADtH1hTrJqQ1reFIjPFkUdKMMlKpC8L7fgIAAAGXUgAAABpoAQcKACn36P0Nw6VaDP5uBT_zuRqpn1iqb2H050JSJgrpbr5Qkx_OvvIaI9BrEZkC-xJ8Q5w2NBmJqp4i02Bn_bv5c6hr9CEs1nv3GBlI59UdtYabX7ZA7Bp0aKqAjsHgKyIB9rKDPWAWKrlly7u8L6kNP4-ny3r1wDfeUiexeMjFMqwA1NhBOCNXWqn_B7b8wRKznOjXvYcQfQU-HLLqfxy-e4KlpFY2TdNiFoX3OtwKrbHeo-YePXyJ0pBSgBcvVT5UEk2dJciCgASkd2crNppzBXFLySiQ2uYVnVAMNtzj_KCNJlxB_-5Di9-c9M6VLYtyg-NuUkG3S22I-fgg6niD4KST1CvokDEW7OK0X_y3gdYVkWOGpkjv-cqiG5acnj92cGT9_A6Ar6255D8Ri2qeuYoxaPZrmdOAWBeUMVnWcuJt3VI__NDyHoae8ejOlD1GQtX3R4y50Wee2h1kAM_uZM1RLozuO6XN_IEvTTHSJARh03ttL1xSunEyM-5Dqv384a5mKx1seVfGr-seFtDwv87h8QS7GxsFF7R4UWbcxYhoLEXCTyu_3bptv8g4qXu_12Hon9pYozWnzEGSh8vvQ7XkXy32U-gNa8UfBAQ1PieJnnnYoTq9b-1o7HCfAaoydQCumndpmpQgoql8OzpF9EYYesFC7GOAq4wpKDQs2p5tae4XkFehvbFd_4CkiPOL2ohR9akdz9J4hRnYIKivuW1fRNLt-gO00tPmChOmGVLg88l9A322L-9zPQVUOpag5W2mpRJ7oRZDEultB9MRat6JEvmfzH8-Fho0Ks-Ot-fgWP86dV44oa0sVl3tpFUt6EHx89YBab1mSHLGsIHc6EStfCWBC3EjqrQ2ozytcwaBBMVN7kR537K-NM_ukNTEPJ72EPKopMfHVVpkdb-MpupoH9TxnqJjREtkK_Lrcp-uP0-hYWOkUjZcRgkA0naUnADk9aynbBKZoiAJesEBKUM1-v7YDL-Zc5v6DakGIpdoaiuOULZjwBTAFzjyaSLa7YCgANyU50fIkpY-3pLhvkPvKKgSaWotb_qWniaLNqbNd4qYdMxWyag

Requested by

Host: 30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
URL: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6056 0
20 B 58ms
57ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B-7CkQSdwYf_eMoiFlgTup5mIBQAAAAA4AeAEAg&bg=!ZWalZiLNAAao6lBpqOo7ACkAdvg8WjCxoXplYYkF5JdOtdajmCQzc8-oEPRySPLo9FoHlzxGeSEOWwIAAADSUgAAABVoAQeZAwcF-XabbeKtunMFrTb4v-OKFUaeTm_1U53wy6jl98hb1l52-N4j057O7HFJlKOPsbkraTOGJqp2aYc55c6f-feZDKSL_LSnghDUfQZBmrk7cUhpf9nctUMj4MkrioUleNVuhhMFDojXXEgtAytQjy48mCdLU003n4udaqatv5VYMkOaFrjufATCvLfi83fBjLMQFQ88Cq2XLI7L9Dtx3h5y7JxZ8QM_0dKLRPUobWmyXgoMxLS4PtGryQ-Db5f5y-YjASRY3lVajCN_yp24qPnp_gHzOsFJKdWx7tBixKeHGm61bZfM6L3wS8TYofB9QOvLQJxlSC1bjkI1vtzRbnHgxz-fMs6t3mCehzFFycOx7DU_SkbwTCJhqGo68qLXRm7i28RFySuQQblDIcNZeTgtZRoDXJoMPcpE_n6KgCigB0Ma3i7EksQPgWZxa3vJtrbJxFcpgOor2JZZE3hx4Zf1UUY83x_GZ0GoonebZEgVlxTe45Dpw7PfefLvs_xj-vWVmoBdF0Fn8iITHQuQ26DmPt_1gazUCm5emzjXxQd7mOyADjoo6nLjsn8BUeTD7xNo3H7j5Q2xyxxFLYKT8Po7_SCW1awW_sDul0FgrzzxGEivYMzSVg3YQkX5tgCuAvULeNPL3OI-UTw8YT0FPDetTNbhh-EjQOhhkNbEaLtuojmWOMimwNrFNllF6anU-E9I52Jl9IRHJ8NY7WB37EtA2zOEF5uw8CizabpL-5kCIQi6dYo3tiY4lcegQ3aOMGeKzz6ORvZ6x7My0cMtaxP4DJfSsUBSCQH6odXkjjUFhTYF9jNlfwbX4Mfx_XCiWXwNQ5VmOMBlZKN_oWRYIcx879vg_kZAaBh5TmBI-Q8ufsUJloTV871ORMvx9k5Z-QhTjRJGA7AoH5sRkHNfwuLP0p9EybfgzCL0_r1wxGL0_Nk9sbhfJx3OdVnUzhyiDesQi8Fap0-asW-JHZCLZM4YH4qVwc9-YcYImE6VSK9BM7EsURth8ZijoVhj_2tC6Z8L1E12vAO6

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EF3D 17 KB
6 KB 34ms
33ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 20 Oct 2021 14:27:14 GMT

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/15758/ 3 KB
976 B 23ms
7ms XHR
application/json 143.204.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/15758/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15758/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.4 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-4.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1942c69fb83a3b6e908cc17e062c0750a012b2e9619b89ead09de5a02cfce47

Request headers

Referer: https://www.yallakora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 19 Oct 2021 15:25:11 GMT
content-encoding: gzip
age: 82924
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 19 Oct 2021 15:09:57 GMT
server: AmazonS3
etag: W/"20d788e925879bbd615a34455afb1aec"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: mt71iW58Gs-hg_eMFtm1ah6crXbZNvdnrjpyvHWQ_zKYQnl2RbzLCg==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 47ms
47ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

5d67bdb4aee83e83fcb0c36d456a3c112271258b930d69f252fe74fd743cb616

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 14:27:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8557
x-xss-protection: 0

GET
H3 200 YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js Show response
pagead2.googlesyndication.com/bg/ Frame B8B8 35 KB
13 KB 20ms
20ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 09:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13430
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 20 Oct 2022 09:45:42 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 32ms
32ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:27:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 20 Oct 2021 14:27:14 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 902B 12 KB
5 KB 27ms
26ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.yallakora.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 20 Oct 2021 13:54:11 GMT
expires: Thu, 20 Oct 2022 13:54:11 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A97B 783 B
534 B 82ms
33ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

GSE /

Resource Hash

a9c5487bef9f87f74582c0d735386f52d79e11024b5963df5d9827c7325cb0f9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e8q36eeGqnkW5xxt1s+oOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.yallakora.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 20 Oct 2021 14:27:15 GMT
date: Wed, 20 Oct 2021 14:27:15 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-e8q36eeGqnkW5xxt1s+oOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js Show response
pagead2.googlesyndication.com/bg/ Frame 902B 35 KB
13 KB 20ms
20ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 09:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13430
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 20 Oct 2022 09:45:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A97B 0
0 61ms
61ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021101201&jk=3052706556598195&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 56ms
55ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021101201&jk=3052706556598195&bg=!j4yljMjNAAao6lBpqOo7ACkAdvg8WrcfMSFzxAHunpHdSoZQ0e6GTmgSFjSIVmz52ZWC83ttURnwHwIAAACFUgAAAAxoAQcKAA0ZD-p_Mujtwrv3INWgmQLVViAUmH0BZ2D1gWvA4KIdZ3r4Hm6BVabCc61Terfu1qN3mDbhIBWhMJUzxwLX5Zc6HUZvtMX0qd6_MXhzs1nn8VCEn0TQLCzhxNZk5yZugd-2yZPA6KSNUIZG6YUPvwm7_tvmtovD3wQGwUMAsDlB8f-FkV1H1YRe7FejaSaTBu4-d6gQWoPSeR72FcDTXojPUYDKXMpUTr2Hx7kM7lcvAt2vIIoQB2c4kOWVIDdN5j11IXEc8TH53LL6jsiKgXEfbocoCJVhAPNL5xmp3jxUYyppuiaQI_UCNfCNMv00IiOEKw0NthFM4P4cflUn6L7VJY55Qn14FOYaXrahLvLRGx-s6d_4ftj2cmOvhDYh6s8PNLeLkvI3kf2Zm6XzITGe6Jb28ZFXqb186LP73s2RV-11QG9hToi-aNNsirULH4t7TrBN1NWo0j7r4qGJ5iZcGjQasWGvtKJ6iyHZt2qh7dOJT2EtLgWdOsz0UqJpqBt7erzo9AigxcebUmpfXN6WjK9PCxPnkdijvi8i9ZNBbAtVdgbZqpSujoGx40btQwPC98Uef_egeOs8TksyeYiB-YgM4u6lvMKukGRoyq5PzqARgyB8fLcXi1dxyy-tK3lBu8-xI22bCeHmT8Wd_139cQBQ025t9XOkjGFPDNtlc3zBlcbh_LrgZa2dknN0hiagwKfS0nf6NX0DJoG3mYAa0ayTKyP3AmpQxGG0pvaBIjXQD3YV1xuDsopqfsX1PrWa2IkrAaiISgLbylRk406vqkCqP-xzz3_83LnGZMsJPhcBLxwHxSX5Bb4THN1utMmWcP2OpRLleDzEARxo9rSehrm3srKoW9yrZ7z9gr5CtC1T6cekqB9QwuX-U2cWSCMU2K-pddRhJul66arGB64hTyJqJVT9sS3aJBog_HJ3vVONc0-ti56zkOhwC25Sr-u253_gRrT1f0b1bd0ZyVj6Dzowylw

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E075 42 B
64 B 63ms
62ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuehMxJtZO5o4b7Q9EpxtEgNv9T5FELzYK8aa5jBYqzU1Y7OsuqLZwlk9Zoj9obOMsiYfdn11x1u_2jfIZHTBuYpyc0yvrP13F32IdOs27d4K9dl0Yp1Q&sai=AMfl-YSvRym0JT-c9O2lca6iQvHfOBCecryg_DmtS5joqkqWSl74uVzpi1W3PdI_5bm8j-yyquQFaZCjDPtOLyGJUZVdTCrCzgl4928_QG-VggVYIXt1KsR0p0jcGon3HUYs&sig=Cg0ArKJSzBYFpYnJ1UxKEAE&cid=CAASFeRoOZIEUQnlAryh2l6c1rBFV8uGCw&id=lidar2&mcvt=1000&p=758,596,848,1324&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211018&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=454233659&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634740033534&rpt=655&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EC42 42 B
64 B 61ms
60ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjk6KgAHpxlIdaJBs4aTltBjfInciC9_mTjPJmoojDbMsF_AqJEobU9X66ZA9Nww7BE9A5QNHBk6t7HMOgRmrbeYZwLTE86vIvukGLKDU7Jz_lZuhohA&sai=AMfl-YRuPLQPusTzd4rm9NZ-MOk4ctg4EFUlvvLawPaXdQi9EMii0K80caHSMVnoxicnCmV8hGrrKBSsblLhOM0iFj0LhduDpaG8zrh44yn1EfOk4CbylUtlfEYHxUMgfVyt&sig=Cg0ArKJSzP3SLZrrz282EAE&cid=CAASFeRohqLT7Tm9nsGqZB-HTQkpa5cJHQ&id=lidar2&mcvt=1000&p=238,262,488,562&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211018&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=733384379&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634740033559&rpt=669&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 style.css
s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/css/ Frame 70DE 1 KB
437 B 21ms
21ms Stylesheet
text/css 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

d45d9f1dcb2353314dd631427acf5dd50dc3f882b756b241f6ef020d7dab56c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 22:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58181
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 402
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Oct 2021 22:17:34 GMT

GET
H3 200 txt2@2x.png
s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/ Frame 70DE 2 KB
2 KB 24ms
21ms Image
image/png 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/txt2@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

3c2f31654038399844c405203e45c34565dd61ca97cd1dd50c37bd2f3eab5d86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 18:13:36 GMT
x-content-type-options: nosniff
age: 72819
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1650
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Oct 2021 18:13:36 GMT

GET
H3 200 txt3@2x.png
s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/ Frame 70DE 1 KB
1 KB 24ms
22ms Image
image/png 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/txt3@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

70cf48dc39c396349c941d08399bdcebf1e39cb841be254c75f63ec5d9cf4adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 11:52:51 GMT
x-content-type-options: nosniff
age: 9264
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1472
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Oct 2021 11:52:51 GMT

GET
H3 200 txt4@2x.png
s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/ Frame 70DE 1 KB
1 KB 24ms
23ms Image
image/png 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/txt4@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

2b1e4794d254fb547692405af2cd4be50d55d8e8d7afeb053d4fd235d5c773c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 11:52:51 GMT
x-content-type-options: nosniff
age: 9264
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1422
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Oct 2021 11:52:51 GMT

GET
H3 200 cta@2x.png
s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/ Frame 70DE 677 B
709 B 25ms
23ms Image
image/png 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/cta@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

8486d47c77f653fcb4f2e4c3469fe110dce22a5d82477b56a8fca9ecdf2a368c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 11:52:51 GMT
x-content-type-options: nosniff
age: 9264
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 677
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Oct 2021 11:52:51 GMT

GET
H3 200 logo2.svg
s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/ Frame 70DE 2 KB
1 KB 24ms
23ms Image
image/svg+xml 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/img/logo2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756471195/6-IWE-Bayon+-Mrec-300x250-Bayon/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 11:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Oct 2021 11:05:55 GMT

GET
H3 200 style.css
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/ Frame 8E4E 1 KB
435 B 22ms
21ms Stylesheet
text/css 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

8b64921997bfcfd4e9b15810b9107a3686e5daca86e15624744940090231d0c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 17:29:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 400
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Oct 2021 17:29:26 GMT

GET
H3 200 txt2@2x.png
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/ Frame 8E4E 1 KB
1 KB 23ms
22ms Image
image/png 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/txt2@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

c4e28f457f2dcddef9f1bf5b8aca5edc7ac8c0096d5dd54e5c73fc29e88dfea6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 11:54:21 GMT
x-content-type-options: nosniff
age: 9174
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1228
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Oct 2021 11:54:21 GMT

GET
H3 200 txt3@2x.png
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/ Frame 8E4E 1 KB
1 KB 22ms
21ms Image
image/png 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/txt3@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

e6c7a911b2262af474cb07fc64861a1fca560c349f579267602793a29def7e7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 11:54:21 GMT
x-content-type-options: nosniff
age: 9174
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1073
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Oct 2021 11:54:21 GMT

GET
H3 200 txt4@2x.png
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/ Frame 8E4E 1 KB
1 KB 24ms
23ms Image
image/png 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/txt4@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

ba85ff98bcc93beb0bb5c716df720cf3317f7e98c1a16e86e2ff4bcdd0ff4943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 11:54:21 GMT
x-content-type-options: nosniff
age: 9174
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1084
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Oct 2021 11:54:21 GMT

GET
H3 200 cta@2x.png
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/ Frame 8E4E 705 B
737 B 22ms
22ms Image
image/png 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/cta@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

0401d2177016be36142e4ffb48989c6e1c899bf115b17dcfd919e1e8897f4122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 11:54:21 GMT
x-content-type-options: nosniff
age: 9174
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 705
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Oct 2021 11:54:21 GMT

GET
H3 200 logo2.svg
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/ Frame 8E4E 2 KB
1 KB 23ms
23ms Image
image/svg+xml 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/logo2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 12:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7215
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Oct 2021 12:27:00 GMT

GET
H/1.1 200
OK data
b36.s79.research.de.com/ Frame E075 43 B
308 B 11ms
11ms Image
image/gif 136.243.2.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b36.s79.research.de.com/data?/EJ6eE/XAATkzFARksFAQtjFmpJNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.2.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h563.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 14:27:15 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Wed, 20-Oct-21 14:27:14 GMT

GET
H/1.1 200
OK data
b33.s79.research.de.com/ Frame EC42 43 B
308 B 11ms
11ms Image
image/gif 148.251.194.218
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b33.s79.research.de.com/data?/YyKZEtXAATkzFARksFAQtjFb0JNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.194.218 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h351.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 14:27:15 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Wed, 20-Oct-21 14:27:14 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame DF48 0
17 B 538ms
268ms Ping
image/gif 142.251.129.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kuzm0av8&c=4176412476895&slotId=2088206238447.5&qqid=CLio55eZ2fMCFTrYEQgdIagJQQ&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=985&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=17&vhc=0&ccc=1&ccrh=0&ccri=0&ccrs=1&ccru=0&ccrhc=false&msm=1&aits=0%2C17%2C36%2C18%2C22%2C37%2C43%2C44%2C45%2C46%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.129.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: rio07s07-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 172 B
958 B 42ms
42ms XHR
application/json 52.19.22.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15758/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 04a1e052ebddc91f3c44f98d765c1383af2cd1de6e24dae9986f5d3c037542fa

Request headers

Referer: https://www.yallakora.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 14:27:15 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.yallakora.com
cache-control: no-cache
x-server: 10.45.20.43
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 172
expires: 0

GET
H/1.1 200
OK data
b36.s79.research.de.com/ Frame E075 43 B
308 B 11ms
11ms Image
image/gif 136.243.2.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b36.s79.research.de.com/data?/EJ6eFK7AAl2yFuvFfhFwpFTkzFARksFAQtjFSkRNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.2.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h563.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 14:27:17 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Wed, 20-Oct-21 14:27:16 GMT

GET
H/1.1 200
OK data
b33.s79.research.de.com/ Frame EC42 43 B
308 B 11ms
11ms Image
image/gif 148.251.194.218
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b33.s79.research.de.com/data?/YyKZF46AAl2yFuvFfhFwpFTkzFARksFAQtjF7kRNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.194.218 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h351.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 14:27:17 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Wed, 20-Oct-21 14:27:16 GMT

GET
H/1.1 200
OK data
b36.s79.research.de.com/ Frame E075 43 B
308 B 11ms
11ms Image
image/gif 136.243.2.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b36.s79.research.de.com/data?/EJ6eGKOBATkzFARksFAQtjF3rJNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.2.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h563.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 14:27:19 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Wed, 20-Oct-21 14:27:18 GMT

GET
H/1.1 200
OK data
b33.s79.research.de.com/ Frame EC42 43 B
308 B 11ms
11ms Image
image/gif 148.251.194.218
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b33.s79.research.de.com/data?/YyKZGJOBATkzFARksFAQtjFCvJNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.194.218 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h351.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 14:27:19 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Wed, 20-Oct-21 14:27:18 GMT

Verdicts & Comments Add Verdict or Comment

278 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.yallakora.com//General	1970-01-19 22:05:43	Name: FGTServer Value: B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA49A1D2
www.yallakora.com/	1970-01-19 22:05:43	Name: FGTServer Value: B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA55A1D2
.yallakora.com/	1970-01-19 22:05:40	Name: lotame_domain_check Value: yallakora.com
.yallakora.com/	1970-01-20 15:36:52	Name: _ga Value: GA1.2.1977680690.1634740033
.yallakora.com/	1970-01-19 22:07:06	Name: _gid Value: GA1.2.279893577.1634740033
.yallakora.com/	1970-01-19 22:05:40	Name: _gat Value: 1
www.yallakora.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 1m4krrpuegegt5tvs3fsxbek
.crwdcntrl.net/	1970-01-20 04:34:26	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 04:34:26	Name: _cc_id Value: 617f4c97f8030216f005d10bd1409a6a
.yallakora.com/	1970-01-20 04:34:28	Name: _cc_id Value: 617f4c97f8030216f005d10bd1409a6a
.yallakora.com/	1970-01-20 04:34:28	Name: _cc_cc Value: ACZ4XmNQMDM0TzNJtjRPszAwNjAyNEszMDBNMTRISjE0MbBMNEtkAILEAnUHEA0B3O%2BWzGFh7Ktm%2BM%2FIyLBmw1NuGPvSqUdsMPbufZcFYOyPny1hzONHDzHD2BM%2FTtCGsQ8vRhh5fNMUuPHTT6jDlCz%2FUwhjAgAuRTe4
.yallakora.com/	1970-01-20 04:34:28	Name: _cc_aud Value: ABR4XmNgYGBILFB3AFIQwMTA2FQCYnK%2FKQOSADK3A58%3D
.yallakora.com/	1970-01-20 00:15:16	Name: _gcl_au Value: 1.1.618994727.1634740033
.yallakora.com/	1970-01-19 22:05:41	Name: __cf_bm Value: UaPUuv4F8wlyQQnCe8Z0V8xh2U.zihMvP7s1W09Y0fc-1634740032-0-AZ6aLEqcxUmVzhHco54MVccP0pt8msooBCm5cA8KoG1/yuL5E1FB0Yzm08yaWq3dTzfuMiPJ03FtGBtNnRpmrp/j7AerLirtES4aolZQxF4GpaA5z1G0TifEXmCSf7M08g==
.turn.com/	1970-01-20 02:24:52	Name: uid Value: 4568298086877471621
.krxd.net/	1970-01-20 02:24:52	Name: _kuid_ Value: Obqxa6Nj
.exelator.com/	1970-01-20 00:58:28	Name: EE Value: "b8a2aaefe9047b39136d666faec9b299"
.exelator.com/	1970-01-20 00:58:28	Name: ud Value: "eJxrXxzq6XKLQSHJItEoMTE1LdXSwMQ8ydjS0NgsxczMLC0xNdkyycjScnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJ4SX5RZvoiF9fFRSlpDItKik8F7%252FPnBQCmcinx"
.yallakora.com/	1970-01-20 07:27:16	Name: __gads Value: ID=aae36cff7874e7d4-22867d80fbca00d7:T=1634740033:S=ALNI_MYbtMjNkhzNlmaJKtWIKWAs0iWmRA
.thrtle.com/	1970-01-20 02:53:40	Name: mc Value: eyJpZCI6Ijc0ZjlhOWZiLTNlZGItNGQ5Zi1iMzJiLWNjMDQ4NmFkZDUxMCIsImwiOjE2MzQ3NDAwMzM0ODEsInQiOjF9
.casalemedia.com/	1970-01-20 00:15:16	Name: CMPS Value: 3230
.doubleclick.net/	1970-01-20 07:27:16	Name: IDE Value: AHWqTUk00rbt1_cR4sMm702YiCsZ5DQ-_yYRBLlKbiK3LeGO4iAuhbfMJugk2NleNKI
.adnxs.com/	1970-01-20 00:15:16	Name: uuid2 Value: 7625394628135717420
.udmserve.net/	1970-01-20 06:51:16	Name: dt Value: 5491A787-467A-3B4B-89BA-7FF204D1F0E3
.pubmatic.com/	1970-01-19 22:07:06	Name: KTPCACOOKIE Value: YES
www.yallakora.com/	1970-01-19 22:48:52	Name: udmsrc Value: %7B%7D
.pubmatic.com/	1970-01-20 00:15:16	Name: SyncRTB3 Value: 1635897600%3A220
.pubmatic.com/	1970-01-20 00:15:16	Name: KADUSERCOOKIE Value: 26171DDC-FF02-4D28-AB37-DA7C977D0889
.quantserve.com/	1970-01-20 07:35:54	Name: mc Value: 61702742-06764-b01d6-ea2a2
.yallakora.com/	1970-01-20 07:30:08	Name: __qca Value: P0-293463462-1634740034017
.admanmedia.com/	1970-01-20 06:51:16	Name: admtr Value: c51a0226b29a26829241b4e9c1396e1f596feea2
.pubmatic.com/	1970-01-20 00:15:16	Name: PUBMDCID Value: 3
.udmserve.net/	1970-01-20 06:51:16	Name: udmts Value: 1634740034.0
.technoratimedia.com/	1970-01-21 17:53:40	Name: tads_uid Value: GDPR
.pubmatic.com/	1970-01-20 00:15:16	Name: chkChromeAb67Sec Value: 2
.udmserve.net/	1970-01-20 06:51:16	Name: apnid Value: 7625394628135717420
.udmserve.net/	1970-01-20 06:51:16	Name: admix Value: dd3641ceeaec41cc979e74192bd0d685
.udmserve.net/	1970-01-20 06:51:16	Name: acu Value: c51a0226b29a26829241b4e9c1396e1f596feea2
.udmserve.net/	1970-01-20 06:51:16	Name: pmid Value: 26171DDC-FF02-4D28-AB37-DA7C977D0889
.o2online.de/	1970-01-19 22:15:44	Name: webShopPV Value: ?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=25667676_4307561_303907625_145971039_-0&ref=25667676_4307561_303907625_145971039_-0
.casalemedia.com/	1970-01-20 06:51:16	Name: CMID Value: YXAnQVtIaD2m2OritK1dwgAA
.casalemedia.com/	1970-01-20 00:15:16	Name: CMPRO Value: 1178
.casalemedia.com/	1970-01-20 06:51:16	Name: CMRUM3 Value: 2d617027422760CAESENxUtIIXTCkrL6lMRKxWWC4
.casalemedia.com/	1970-01-19 22:07:06	Name: CMST Value: YXAnQmFwJ0IA
.crwdcntrl.net/	1970-01-20 04:34:28	Name: _cc_cc Value: "ACZ4XmNQMDM0TzNJtjRPszAwNjAyNEszMDBNMTRISjE0MbBMNEtkAILEAnXnv%2F%2F%2F%2F%2BcHccCA%2B92SOSyMfdUM%2FxkZGdZseMoNY%2B%2Fed1kAxv742RLGvHTqERuMPfHjBG0Y%2B%2FBihDHHN02BG3n86CFmmJrpJ9RhzOV%2FCmFMAIs%2FO8Q%3D"
.crwdcntrl.net/	1970-01-20 04:34:28	Name: _cc_aud Value: "ABR4XmNgYGBILFB3BlIQwMTA2FQCYnK%2FKQOSADMCA6I%3D"

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js(Line 345) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

30c9ee54c485856eb48798bd86d9cda1.safeframe.googlesyndication.com
ads.gemini.media
adservice.google.com
adservice.google.de
b33.s79.research.de.com
b36.s79.research.de.com
bcp.crwdcntrl.net
beacon.krxd.net
bid.g.doubleclick.net
bid.underdog.media
cm.g.doubleclick.net
code.createjs.com
cs.admanmedia.com
csi.gstatic.com
d.turn.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
inv-nets.admixer.net
loadm.exelator.com
media.gemini.media
pagead2.googlesyndication.com
pixel.quantserve.com
portal.o2online.de
r5---sn-2gb7sn7r.c.2mdn.net
rules.quantcount.com
s0.2mdn.net
s79.mxcdn.net
s79.research.de.com
script.crazyegg.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
stat.meetrics.net
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.technoratimedia.com
tags.crwdcntrl.net
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
udmserve.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.yallakora.com
104.19.148.8
104.20.26.67
104.26.5.169
136.243.2.209
142.250.181.225
142.250.184.194
142.250.184.196
142.250.185.104
142.250.185.129
142.250.185.142
142.250.185.226
142.250.185.230
142.250.185.66
142.250.185.78
142.250.185.98
142.250.186.163
142.250.186.42
142.250.186.74
142.251.129.67
142.251.5.156
143.204.98.23
143.204.98.4
143.204.98.9
144.76.185.38
148.251.194.218
148.251.50.176
172.217.130.74
172.217.23.98
172.67.74.224
185.33.220.241
185.33.220.242
185.64.189.110
185.64.190.79
185.64.190.81
193.122.174.27
2.18.233.67
2.18.234.21
204.62.13.72
23.32.238.104
3.220.38.221
3.251.5.34
34.254.143.3
46.228.164.13
52.19.22.209
68.71.249.118
69.173.144.139
82.113.101.132
88.214.206.247
91.228.74.189
013ea5d439732a8095eb604a16783b39420103ad43645148c86342960b78708a
02a92ce771f33813104c08b966aea0d1e771084ee81014481e815e4a1a99c5c4
03ad300cc2361677a75e18eaa9cf82702d9f80958e30af7ecbe34269144ac7fc
0401d2177016be36142e4ffb48989c6e1c899bf115b17dcfd919e1e8897f4122
04a1e052ebddc91f3c44f98d765c1383af2cd1de6e24dae9986f5d3c037542fa
087abbb11d5f2dda8e2313957da666ad3f9d07a07793469c20594bd439cc9190
099208ecdf0afafc4133bec9d5b4b1641e6d81f38092cd02a4c4567cf839fb2a
0a6cd57018fe721034f2e7d56cf45714cd06c1476fa0da75108508a49a89d1c6
0ad698d3d4a50b43cced038f0bf5e1255e996a4d87ef5bdb9ab1a8137b6868a6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0e5b69da40b0a2ea196d225b715d78a9b5e87fbbb20ee75902cda02ac2537d66
0e9eea9a1fec7f77159799cbc449772783fa9be8b8194453b618eccee9cacc2f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1183779c959bf5c331df4294bc7abab06690caa3f42803839ac244edb2e2e7a6
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
170426b1ccbf16d163b36333bb291cebb26c5288224706ed42bec87e72eb972f
18cfced909f1979e2af7f83ced5f8caf4fb68e224b8be8073b11a1859c72b278
1a4dcd43e464872906c7c4692489ea00267db156a330f632e55a29195d9ffc63
1c40f0fdfa596f3e5eee5941b314509d8a88e75671d2a0a0c3d88951f01fe73b
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fa591cfca1007fd91fbbc1677e88a228b579a2c3f3bae2095ee076fe05b5e1b
2044568b0583878bc7d990bc23de963d4f1e5234a11a9fc66d40125d227ffee2
242679301a213c7f4791da6c2147dbf7991e29d734c51d70e59f7d2ef4e0e517
2593388c7ec187a438a2c99499e4b34c5d2a1177addd2ef736f323bd699ada0e
263a59b0a9e2487ac95c1fc309a0818365d703eb57dc7c69a4b009f87bbf0fb3
287d87c701152a102450c44aab98925cde96cab9286f8a19877ad33f969242e7
2927cbfea89854448f3661eb8779caae68567aff81373f8c44045d963332714e
2b1e4794d254fb547692405af2cd4be50d55d8e8d7afeb053d4fd235d5c773c4
2d452ca7bf499867307ebfa48373084a42e1f56ec0a26e5bb2e12f01888c3cc9
2ddf58ff665a88562045bcb0a13e8ba0f0f950f239744f92016f4d7186cf404c
2f3b2886fda5858396c03552fe284f77796c807dd48a70bb07d40a89133d02a1
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63
3c2f31654038399844c405203e45c34565dd61ca97cd1dd50c37bd2f3eab5d86
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
45ef2fe71bb1c3281ab8ec1aabbfc3772ea33456e5daf57f4c4630338a871dce
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
48b238fc114e9a69a592ad9a3c56f73cdd2c007fe674e60231044f92afb153fa
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4a71579d8453c21c8d02744168960e564591beac933f59817902f1f2d422c9b1
4b7e8bfacb963b4142a05b651ec336d2fd92d1cd1225d0e73952fb9dec2142b9
4f7d5b4af81b4bf579dc4aa285da528826c46e8dddebc86270d0b0771b371055
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
529c55d3a9c2539b1027ede2d827a13c8da73168a2e41e3072b46c2155cc1973
5361674d0bb84a1bca85b48c7b68483dea2374b4efc38a8e8a160360d642d9d5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54980d0ce1ab462210a69cea7a8f61f66d7baf954c2fba0dc4030a6b6e7cb36f
576ea27f3989da5d7864d8a8246a757cc86abd9cfb18bdfafe39002b64708d47
57b7f2b2bcdd983268775ebc6ee71d208510b285d79dd058f2717248079c59d1
5bb6bf1b005187f1a9fa1f65ba20064bb8c98d1d498ae853f5f75198525b1f38
5d67bdb4aee83e83fcb0c36d456a3c112271258b930d69f252fe74fd743cb616
5dc1c679fa665e35aca83143b494288e9c4e3f3ae62be11a331d890612e53885
5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
60c38461a4692549f19e5a892f2080b1a7a8960d4562d70b445341bafaea6025
60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
6768464f893a4354a0eb3a6e86543ec23d2f9ed1b97e7bef0ca7f7ae2c32f978
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
693dade10b46065ed48dbd1908c839ad28e666649be40350de16010e8abaf3f5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70cf48dc39c396349c941d08399bdcebf1e39cb841be254c75f63ec5d9cf4adb
783e7bd3b3b9fbfbcb518a51066721a9efbe7abd1489b06e9e5b407bf71e94fa
785246383d63461e6a98d7588a78aab242265d3f943c78bf0b5275c0a4b81a44
79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e
7a3e9caf9cadd4a50b4c4cd9c41d1169289a9d0a6640a9d1b7234eae334a3935
7ac95d4c745a0715ed63d1eadd4a553cd1cd25426d51aabbb53e62212c2beecf
7c25bdec69af55ac234d81e65edcb747e9504ad2c47af094b236d9dc449141e1
7fb7b62bc128f6efc518b8ae99f265081bbab8bcf370ad7a8aec8469fe31ec9c
8036c39a4878d0f83a392d5bbe6c027d1807ecccd58082d466ac5e16ca1b0c56
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833eed745c34aa91e1805487482c20a3b780337fdada5d5a6c1683bc432dc6c0
8486d47c77f653fcb4f2e4c3469fe110dce22a5d82477b56a8fca9ecdf2a368c
8b64921997bfcfd4e9b15810b9107a3686e5daca86e15624744940090231d0c6
8bfd018bb29e8c00faffeb3660e5cbcec66c0ba1dff56f8d2f9a1bcc47c11852
8da49bce1739b0393f3d2abbb6520b84854cd866c5c084e0044a43ecb9c7f3c9
8f560f369008d44dd4feed75a4eb71b246c09023d200d698af5d7c2fc875eb05
9375d880979b826a0850e8b5769b451418a0f8b0a8993674114801fd51e3be35
9f772cac6ecffa22c11192fb15b10f518ed0ce9d3dd38814a56ecefa146632e5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a090ca218ee05535e42c4072a0cf21ee85d3aa65141ec03314c0e93897966d00
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9c5487bef9f87f74582c0d735386f52d79e11024b5963df5d9827c7325cb0f9
abe6d9e199a77244081ad5fdcfc79109a4c0e63df88151dab5f87713da4304c2
ac1e6d15b63403700f2748b80b53df9534307d7f02314259554cd32745c4b03b
adecb105e15f7126ca378479d83c986ac71797ef5ad9d44a3aa387c100ed48d7
aec3c70712c7a884d31367dae26cb48a945fa820eeb4da17f38cf6b731ba820a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af8fafb5f486021de43b1191f32384766ab582ce9a7c99c1cd858ee4eb2b3929
afc3627079f77e9746a0cf1531565b42a783bd22c53b5001ec996867718029ad
b02a3233f069f3f0ccfd31f2021073f91e74b438c7b69d201dd5c1719557f321
b099c9a190810bb84ddff89169f156f0aa1b786d241f840bd22cb434d69b8b32
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14a34709a0c86f49406dd0436c235e930d2866cb38059f7d949a9d493ed3e37
b1942c69fb83a3b6e908cc17e062c0750a012b2e9619b89ead09de5a02cfce47
b20e00fef1721c27b58933ed5f5049817fe779f917b64ff02093dba8aa59f8e7
b2732f593e4de0876048948d71b5c75f140349eaed97c3d2b15a25fa74863058
b41d4ac96513549e132985d530ceba973ad90fd6567139437f3b27866f39980c
b5feee7a5d40a953995b630a5c85e83d3f173baa845310b5b4c66336cdd89cac
b9e5d5aae62603ad35dbe94e6d5e4f0b45a25d808b7ff441dd3cbedf7cae7447
ba85ff98bcc93beb0bb5c716df720cf3317f7e98c1a16e86e2ff4bcdd0ff4943
bb3ea64c83eb71a91b659d68906aa9332e59e84147e3cc3fa6af9d40423d73ea
bf14bee270a7c9237cc9e28deb028998a04f08aa59309ce22ef92f3ba54ac03d
c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac
c1aba37f940e5efa1f34b70b89f2fb91a7e535ba9f491eb7a2c6942c58f238b9
c25cff6e956cde4f2041074809159fad757d135edcf7398b3ef8ffbec7e2863e
c26a5e574a133bdf9fd516ab1ae07bf50ab4392444257ae2389248efa8259a2f
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c39f8588079e72fbf6af0e9c8f25cfe8367a233950984638ff6f8f8c5416ac21
c3ec64c0ba8af874f0fad229caad4baca5dccbaec90671978994b4f8fea5b067
c4e28f457f2dcddef9f1bf5b8aca5edc7ac8c0096d5dd54e5c73fc29e88dfea6
c536ddedda7332ad4f5403a00395fff326023d228d522677b96be8b42277f16f
c5c8590321b0680f694b47009031a831113a05acee54ae1e1a935cd6d72cfadd
ca2e18935538264c89ccd4e797350771baf019387b6031a022bace802b5c8e81
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca611de46d09dc3854c2cad7588557c1ce40d0f5a7073f58b93fb2ec066d73b0
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdd0982100eac29820bbd1d8197c0e8c2c5957c07c69991a97ce89ebd19e6930
d358769f44383ee03143573ba2f7b37feba22b2cd2dd34230f3b296d464e2bb2
d45d9f1dcb2353314dd631427acf5dd50dc3f882b756b241f6ef020d7dab56c8
d504499223a9fbd4c390d27ebc365f435d609f31c3ac5246880bf514c5908682
d63b5fc0e557e90265b6bbeb1df0ff666385c40169707201a04a256bfdecfcc9
d7df2584f3bfde841e879878347bad7c8a6aa671349909e8cdfa7a42581d27df
d930f14b6682cd1f5163c46c9a1dad1503d9992804cd0218a3d07bbb31cb87d7
db7320daad40217391cb8dbd40917cc727e6ad971c6fa2040989f7579ce758c2
dc6049eb7f8486a4a8b7e7c4ebcf0b15c58418f3917affeaa241c0e943366486
ddbfac7224880cfcb0cf48a15bf0c08f445a9da0929a79d37a31b18ae8c8898d
def17a9929e2b75569dfa2845defb61924532916e195a570db7fbf4f6e60e9fd
dfe00ebcaa0d9f6ab2c95471a3f4a9dc2892f85445ab21dfb02c31601aa7bfb7
e1e90dcd393bdacce9fc1cc34ddd54ff48b8c2348e29b1357e4e54ad3dcbff3b
e2075dacbcf097ebf6ca41703bc5d835515a440e994e3b48a824c4613c671337
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e5a3e7a5241d076d56fd7f0accbcc20a89bd047eea36c1eebeca9b10ea1018b2
e6c7a911b2262af474cb07fc64861a1fca560c349f579267602793a29def7e7f
e8e82ea46a762c9c70b9bdd03170fc13739f48361e531979e84d6561b84f9aa7
e8eec151dd0c0df89052454f9dc9ba57860a8948be433fcf6fe711b0928d30fe
e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91
ecb93c85c895b6250e0a6d9d5b7e3672d2bf25f02d0d6ab9d280b96c8d92afab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f051ab561b9b4ad5fd2529e1dbd76dfd2a2321735208981de3cb26b29e3f5a3a
f2ead10125aa33745bf21d80d3acc76c090265f59587300706cf441ad52c7aca
f3584a3386f75e08ad50d3f853e988adbaff178f7340415e9fc43b9c3a16be59
f46b9c352093577bb2c39fc21f91c796c98c527e84033ed4a72358599b77824b
f4ee33c6fb29773f90c8eec4265a17786e6fe9bcda10e61d926ef1fde8ee7fc4
f5214e6f7d0bef426b99617ee7051b9829a7434bb5faabeb9ae88baffb0d7045
f89afa533ee24b3e3e335bc5c0660e1c89d95e0fa11beca8da9fc8862a221ef4
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fdc9e0f7357afc15265e987dd003b371cc55ae48a410fe2205b419d682a18189
fdf126d0dfca8732f89303551ad8ddc330d15085228f621255b56c463ccaa7cf
fea6c01963db10b8d2218d03b8fbfe253de7fa5e9d444162aacce1bc0d93621d

www.yallakora.com Open in urlscan Pro 104.20.26.67 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

259 Requests

100 %HTTPS

0 %IPv6

34 Domains

55 Subdomains

42 IPs

6 Countries

5984 kBTransfer

10328 kBSize

46 Cookies

5 Outgoing links

Redirected requests

259 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.yallakora.com Open in urlscan Pro
104.20.26.67 Public Scan

Screenshot
Live screenshot

Full Image

259
Requests

100 %
HTTPS

0 %
IPv6

34
Domains

55
Subdomains

42
IPs

6
Countries

5984 kB
Transfer

10328 kB
Size

46
Cookies

259 HTTP transactions
4 data transactions