stad.yalla-shoot.io Open in urlscan Pro
2606:4700:20::681a:b15 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Submission: On July 08 via api (July 8th 2023, 9:40:30 pm UTC) from CZ — Scanned from DE

Summary HTTP 310 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 80 IPs in 9 countries across 58 domains to perform 310 HTTP transactions. The main IP is 2606:4700:20::681a:b15, located in United States and belongs to CLOUDFLARENET, US. The main domain is stad.yalla-shoot.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 29th 2023. Valid for: a year.

This is the only time stad.yalla-shoot.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:20:... 2606:4700:20::681a:b15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
13	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:e60... 2a02:26f0:e600::170f:b269	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
2	3.225.3.30 3.225.3.30	14618 (AMAZON-AES) (AMAZON-AES)
2	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	172.64.152.222 172.64.152.222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:225... 2600:9000:2250:4400:a:e047:753:be1	() ()
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.155.129.39 18.155.129.39	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
52	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1 12	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:26f0:480... 2a02:26f0:480:794::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.31.229.177 52.31.229.177	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.174.189.28 35.174.189.28	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
11 13	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
4 8	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4 6	185.89.211.132 185.89.211.132	29990 (ASN-APPNEX) (ASN-APPNEX)
46	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
9	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	141.101.90.98 141.101.90.98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	23.32.184.192 23.32.184.192	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
6	44.194.170.205 44.194.170.205	14618 (AMAZON-AES) (AMAZON-AES)
1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.30 216.52.2.30	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	23.56.202.187 23.56.202.187	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.218.210.30 23.218.210.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	145.40.97.66 145.40.97.66	54825 (PACKET) (PACKET)
1 1	35.214.224.127 35.214.224.127	15169 (GOOGLE) (GOOGLE)
1 1	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
1 2	2.19.126.157 2.19.126.157	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.169.19.104 35.169.19.104	14618 (AMAZON-AES) (AMAZON-AES)
2	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
2 2	99.80.130.137 99.80.130.137	16509 (AMAZON-02) (AMAZON-02)
1	37.18.16.22 37.18.16.22	205675 (HYBRID-AS) (HYBRID-AS)
2	18.194.138.81 18.194.138.81	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
1	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
1	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
6	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4	23.205.93.33 23.205.93.33	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7edd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:480... 2a02:26f0:480:f::213:7ee0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	54.228.176.158 54.228.176.158	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:224... 2600:9000:2246:7400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:1f18:1ac... 2600:1f18:1aca:4281:249b:3721:523:630f	14618 (AMAZON-AES) (AMAZON-AES)
1	52.222.149.26 52.222.149.26	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.86.139.96 185.86.139.96	201081 (SMARTADSE...) (SMARTADSERVER)
1	18.184.223.197 18.184.223.197	16509 (AMAZON-02) (AMAZON-02)
1	3.211.10.11 3.211.10.11	14618 (AMAZON-AES) (AMAZON-AES)
1	13.248.245.213 13.248.245.213	() ()
2 3	185.64.190.79 185.64.190.79	() ()
1 1	185.64.191.210 185.64.191.210	() ()
310	80

6 2606:4700:20::681a:b15 (United States)

ASN13335 (CLOUDFLARENET, US)

stad.yalla-shoot.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

jscdn.greeter.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

live.yalla-shoott.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:e600::170f:b269 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tg1.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

feed.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content1.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.3.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-3-30.compute-1.amazonaws.com

servt.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.222 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:4400:a:e047:753:be1 (United States)

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.129.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-129-39.cdg52.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:794::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.229.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-229-177.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.174.189.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-189-28.compute-1.amazonaws.com

serv.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.181.226 (United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.211.132 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.101.90.98 (United States)

ASN13335 (CLOUDFLARENET, US)

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.174.117 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 44.194.170.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-170-205.compute-1.amazonaws.com

servs.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.56.202.187 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.210.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-210-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.40.97.66 (Amsterdam, Netherlands) 1 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.224.127 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 127.224.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.93.169.131 (United States) 1 redirects

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.126.157 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-157.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.169.19.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-19-104.compute-1.amazonaws.com

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.130.137 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-130-137.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.22 (Russian Federation)

ASN205675 (HYBRID-AS, DE)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.138.81 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-138-81.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

vpaid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.205.93.33 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-93-33.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ads.projectagoraservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f::213:7ee0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.projectagora-adtag-library.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.228.176.158 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-176-158.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2246:7400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f18:1aca:4281:249b:3721:523:630f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.149.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-26.cdg52.r.cloudfront.net

cdn.kdaimo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.96 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.223.197 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-223-197.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.211.10.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-10-11.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (None, )

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.79 (None, ) 2 redirects

ASN- ()

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (None, ) 1 redirects

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
86	googlesyndication.com fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	511 KB
48	doubleclick.net 12 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 static.doubleclick.net — Cisco Umbrella Rank: 348 cm.g.doubleclick.net — Cisco Umbrella Rank: 254 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 346	575 KB
46	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 325	902 KB
10	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 951 static.adsafeprotected.com — Cisco Umbrella Rank: 624 dt.adsafeprotected.com — Cisco Umbrella Rank: 542	111 KB
10	modoro360.com tg1.modoro360.com — Cisco Umbrella Rank: 101240 servt.modoro360.com — Cisco Umbrella Rank: 114378 serv.modoro360.com — Cisco Umbrella Rank: 132964 servs.modoro360.com — Cisco Umbrella Rank: 222827	14 KB
9	pubmatic.com 3 redirects ads.pubmatic.com — Cisco Umbrella Rank: 553 image6.pubmatic.com — Cisco Umbrella Rank: 812 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 575 image8.pubmatic.com image2.pubmatic.com	92 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	970 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635	6 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	63 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	362 KB
6	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 391	126 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 257	5 KB
6	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 289 fonts.googleapis.com — Cisco Umbrella Rank: 88	34 KB
6	yalla-shoot.io stad.yalla-shoot.io	109 KB
5	rubiconproject.com 1 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1160 eus.rubiconproject.com — Cisco Umbrella Rank: 616 token.rubiconproject.com — Cisco Umbrella Rank: 652 fastlane.rubiconproject.com — Cisco Umbrella Rank: 552	12 KB
4	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1425	652 B
4	openx.net us-u.openx.net — Cisco Umbrella Rank: 496	599 B
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	16 KB
3	vidoomy.com vid.vidoomy.com — Cisco Umbrella Rank: 2436 vpaid.vidoomy.com — Cisco Umbrella Rank: 3233	56 KB
3	aniview.com player.aniview.com — Cisco Umbrella Rank: 1661 sync.aniview.com — Cisco Umbrella Rank: 1961 track1.aniview.com — Cisco Umbrella Rank: 1866	127 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 405 mug.criteo.com — Cisco Umbrella Rank: 2102	7 KB
3	creativecdn.com 2 redirects invstatic101.creativecdn.com — Cisco Umbrella Rank: 1401 creativecdn.com — Cisco Umbrella Rank: 494	2 KB
3	avplayer.com feed.avplayer.com — Cisco Umbrella Rank: 22408 player.avplayer.com — Cisco Umbrella Rank: 15192 content1.avplayer.com — Cisco Umbrella Rank: 25765	78 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63 region1.google-analytics.com — Cisco Umbrella Rank: 1623	21 KB
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 646 eb2.3lift.com	685 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1574	24 KB
2	projectagora-adtag-library.com cdn.projectagora-adtag-library.com — Cisco Umbrella Rank: 100871	161 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 359	291 B
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 670	794 B
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 643	1 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1531	335 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1002 bcp.crwdcntrl.net — Cisco Umbrella Rank: 959	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 808 id5-sync.com — Cisco Umbrella Rank: 423	25 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 368	2 KB
2	adipolo.com player.aplhb.adipolo.com — Cisco Umbrella Rank: 82435	580 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	129 KB
2	greeter.me jscdn.greeter.me — Cisco Umbrella Rank: 89096	9 KB
1	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1494	562 B
1	kdaimo.com cdn.kdaimo.com — Cisco Umbrella Rank: 94149	3 KB
1	projectagoraservices.com ads.projectagoraservices.com — Cisco Umbrella Rank: 74145	1 KB
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1276	106 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 756	187 B
1	hybrid.ai dm.hybrid.ai — Cisco Umbrella Rank: 9938
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 651	657 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 1061	314 B
1	a-mo.net 1 redirects prebid.a-mo.net — Cisco Umbrella Rank: 988	210 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 782
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 338
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 857
1	1rx.io 1 redirects sync.1rx.io — Cisco Umbrella Rank: 613	276 B
1	o2online.de portal.o2online.de — Cisco Umbrella Rank: 61931	608 B
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 236	1 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 126	110 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1516	2 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 568	13 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1953	4 KB
1	yalla-shoott.xyz live.yalla-shoott.xyz	11 KB
0	Failed function sub() { [native code] }. Failed
310	58

	Domain	Requested by
51	pagead2.googlesyndication.com	fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net stad.yalla-shoot.io securepubads.g.doubleclick.net www.googletagservices.com
46	s0.2mdn.net	stad.yalla-shoot.io s0.2mdn.net fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
29	tpc.googlesyndication.com	fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com stad.yalla-shoot.io tpc.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net cdn.ampproject.org
13	cm.g.doubleclick.net	11 redirects googleads.g.doubleclick.net
13	securepubads.g.doubleclick.net	jscdn.greeter.me www.googletagservices.com securepubads.g.doubleclick.net stad.yalla-shoot.io
12	googleads.g.doubleclick.net	1 redirects www.youtube.com fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com pagead2.googlesyndication.com stad.yalla-shoot.io
9	googleads4.g.doubleclick.net	stad.yalla-shoot.io
9	www.youtube.com	live.yalla-shoott.xyz www.youtube.com stad.yalla-shoot.io
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
7	www.googletagservices.com	jscdn.greeter.me fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com stad.yalla-shoot.io securepubads.g.doubleclick.net
6	cdn.ampproject.org	securepubads.g.doubleclick.net
6	servs.modoro360.com	player.aniview.com vid.vidoomy.com
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	stad.yalla-shoot.io	stad.yalla-shoot.io
5	www.gstatic.com	www.youtube.com www.gstatic.com stad.yalla-shoot.io fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
4	dt.adsafeprotected.com	fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
4	static.adsafeprotected.com	fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com srcdoc
4	sync.teads.tv	googleads.g.doubleclick.net
4	us-u.openx.net	googleads.g.doubleclick.net
4	jnn-pa.googleapis.com	www.youtube.com
3	image8.pubmatic.com	2 redirects
3	ads.pubmatic.com	player.aniview.com cdn.projectagora-adtag-library.com
3	www.google.com	1 redirects www.youtube.com tpc.googlesyndication.com
2	script.4dex.io	cdn.projectagora-adtag-library.com script.4dex.io
2	fw.adsafeprotected.com	1 redirects stad.yalla-shoot.io
2	cdn.projectagora-adtag-library.com	ads.projectagoraservices.com cdn.projectagora-adtag-library.com
2	creativecdn.com	2 redirects
2	fonts.googleapis.com	fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com stad.yalla-shoot.io
2	x.bidswitch.net	stad.yalla-shoot.io
2	ad.360yield.com	2 redirects
2	vid.vidoomy.com	player.aniview.com
2	ads.stickyadstv.com	1 redirects player.aniview.com
2	eus.rubiconproject.com	player.aniview.com eus.rubiconproject.com
2	gum.criteo.com	1 redirects static.criteo.net
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	cdn.jsdelivr.net	securepubads.g.doubleclick.net cdn.projectagora-adtag-library.com
2	servt.modoro360.com	stad.yalla-shoot.io
2	fonts.gstatic.com	www.youtube.com
2	player.aplhb.adipolo.com	jscdn.greeter.me
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	stad.yalla-shoot.io www.googletagmanager.com
2	jscdn.greeter.me	stad.yalla-shoot.io
1	image2.pubmatic.com	1 redirects
1	eb2.3lift.com
1	track1.aniview.com	player.aniview.com
1	tlx.3lift.com	cdn.projectagora-adtag-library.com
1	prg.smartadserver.com	cdn.projectagora-adtag-library.com
1	fastlane.rubiconproject.com	cdn.projectagora-adtag-library.com
1	hbopenbid.pubmatic.com	cdn.projectagora-adtag-library.com
1	cdn.kdaimo.com	cdn.projectagora-adtag-library.com
1	ads.projectagoraservices.com	securepubads.g.doubleclick.net
1	cm.adform.net
1	pixel-sync.sitescout.com
1	vpaid.vidoomy.com	vid.vidoomy.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	image6.pubmatic.com	ads.pubmatic.com
1	dm.hybrid.ai	player.aniview.com
1	sync.aniview.com	player.aniview.com
1	bh.contextweb.com	1 redirects
1	csync.loopme.me	1 redirects
1	prebid.a-mo.net	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	ap.lijit.com	player.aniview.com
1	ups.analytics.yahoo.com	player.aniview.com
1	onetag-sys.com	player.aniview.com
1	sync.1rx.io	1 redirects
1	portal.o2online.de	stad.yalla-shoot.io
1	serv.modoro360.com	player.aniview.com
1	mug.criteo.com	stad.yalla-shoot.io
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	player.aniview.com	player.avplayer.com
1	content1.avplayer.com	stad.yalla-shoot.io
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	player.avplayer.com	tg1.modoro360.com
1	feed.avplayer.com	tg1.modoro360.com
1	tg1.modoro360.com	jscdn.greeter.me
1	region1.google-analytics.com	www.googletagmanager.com
1	live.yalla-shoott.xyz	stad.yalla-shoot.io
0	us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif Failed	player.aniview.com
310	90

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
web.whatsapp.com
api.whatsapp.com
t.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-29` - `2024-04-28`	a year	crt.sh
greeter.me E1	`2023-06-14` - `2023-09-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
yalla-shoott.xyz E1	`2023-05-31` - `2023-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
player.aplhb.adipolo.com R3	`2023-05-20` - `2023-08-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
wl1.aniview.com R3	`2023-06-29` - `2023-09-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.avplayer.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-08-08` - `2023-09-08`	a year	crt.sh
*.adservrs.com Amazon RSA 2048 M01	`2023-05-26` - `2024-06-23`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-06-27` - `2023-09-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.aniview.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-11-09`	a year	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
portal.o2online.de E1	`2023-05-25` - `2023-08-23`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-16` - `2024-04-16`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-26` - `2023-09-26`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
paadserver.projectagora.info R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
cdn.projectagora-adtag-library.com R3	`2023-06-30` - `2023-09-28`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
cdn.kdaimo.com Amazon RSA 2048 M02	`2023-02-22` - `2023-10-27`	8 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh

This page contains 51 frames:

Primary Page: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Frame ID: C97EBDD95B5D919C3CD0F90C7D04C41D
Requests: 58 HTTP requests in this frame

Frame: https://live.yalla-shoott.xyz/albaplayer/sport-4/
Frame ID: CAD650249931DAD5B9011FC137B020C8
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/jhWvvVCWp_o
Frame ID: A561BF04A3629D47A46C2F706AD36294
Requests: 21 HTTP requests in this frame

Frame: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 167C6540346290B2475251D669839575
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=stad.yalla-shoot.io
Frame ID: 3A337C133DAFEAB7CC82FE9C163E11FD
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Frame ID: CF50E654A2DAA50AE37012B347E7EAE8
Requests: 2 HTTP requests in this frame

Frame: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D8E20EC9FFE70BABA05EF8B8210C2716
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjAnbXcATAB&v=APEucNUeqPxmza7tHJB0wvvM6xZbublTjmca5BqR1qIjpZYw1EoaC1pQsiBzR-ckfVN4FaZaRn22iZ1xpHNGimgq-25Raawgr0FJWM2swI80du84VFock5cigWu1f-nJCYMuic_nydB1-mMKA89KZRhb5elz6HrCOOOj7oL7MMcT9bIuIK8QRLA
Frame ID: 251228EA0822DBBF13DC772446470752
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A1C91934FEFA8307A52D3CF643BA3911
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=aDkUH7gdJa&t=1&renderingType=2&ev=01_250
Frame ID: 3AD566B7DEBA4A982A205E74122886AA
Requests: 11 HTTP requests in this frame

Frame: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2DD881F4F65E2CF0534BDE96DA8A728A
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhi8itnuATAB&v=APEucNUR5zo9X0hqQ7Cxugk_9lZpLUUdmZQpaqwMbLMRUzMkErBhl4BGJw6Scb6Z3B3gYrWlz5DXkaH4GPdAROV6PDI-muUozoZocn9SEpSJruTlI9UAD6mvHeGrUbPYMrWhxpUCrK1_IrUvoKuXGYTt0uWCkKltIjnkTcsj-OI_JS7nSk6a6Ak
Frame ID: 7A12C072F2830916531430A3712339DC
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D717034BA82B2721C1F9DE5A89A48AF2
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/index.html?ev=01_250
Frame ID: A7F51311ADF0AD9A978F3B57B5251577
Requests: 13 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1688852420863-998299762888-001185-002-008660%26key%3D
Frame ID: 392E2E71E45F4C9D602B3225AEC99A6E
Requests: 2 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1688852420863-998299762888-001185-002-008660&key=OPTOUT
Frame ID: 8A29C8A694D075E6BBD1F90E4D07B703
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: E9188CB9B07E6B8A97FBE65AD17DEC31
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: 6B443906837C4109ED1D25A05503B9FA
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D18%26auid%3D1688852420863-998299762888-001185-002-008660%26key%3D%24UID
Frame ID: 534660EC9A881EBEA19CD6E9D9ED95CA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fpbs.aniview.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: CDAF4554197D74559D99FA5A3CFE097C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: 49CE66AE668E9929DCA7EA3934B2EE0D
Requests: 3 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=105&auid=1688852420863-998299762888-001185-002-008660&key=
Frame ID: 297D66C0182B4BE530F4862C900C2B34
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1688852420863-998299762888-001185-002-008660&key=5a2d8885-30d6-4582-abb0-cb5ae681dee6&gdpr_consent=null&gdpr=1
Frame ID: CB66F73F717BFBC0BDE58BC166BB3474
Requests: 1 HTTP requests in this frame

Frame: https://us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif/?gdpr=1&gdpr_consent=&us_privacy=1---&coppa=0&puid=1688852420863-998299762888-001185-002-008660&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D57%26auid%3D1688852420863-998299762888-001185-002-008660%26key%3D%24%7BUID%7D
Frame ID: 824098C1D925C01C9F511C59044E5C33
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1688852420863-998299762888-001185-002-008660&key=6OG4AibTAPed&ev=1&us_privacy=1---&pid=562704
Frame ID: 74FEAFBCCD7596A20F0462AEEF4788C9
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=6a8a755bb3893c69a2d32c53d88b43&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: 6D8083E37502FFE013652466EB0CA6CF
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: 8FA02F865BDD0E99639CA77F35C15E09
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=133&auid=1688852420863-998299762888-001185-002-008660&key=a6f37f0123013099a595be2217fc435a
Frame ID: 737E7C5F6718F3509AC2FFFBFA86332A
Requests: 6 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1688852420863-998299762888-001185-002-008660&key=89a9d84e-83b2-437a-b3f5-12450e150fd2
Frame ID: 7A71D000BB3E16879509AEEFFBE01087
Requests: 1 HTTP requests in this frame

Frame: https://dm.hybrid.ai/match?id=407&vid=1688852420863-998299762888-001185-002-008660&gdpr=1&gdpr_consent=&burl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D5e7b9048180bd02ded4b0937%26biddername%3D166%26auid%3D1688852420863-998299762888-001185-002-008660%26key%3D%24%7BVID%7D
Frame ID: 804EEF26F3C8427866A651038C242BBC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: 6EF5D6670242238053BA29304FE54D65
Requests: 1 HTTP requests in this frame

Frame: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 08AA34614F414C1F97DCA327C7FD6A30
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 87ADB2FA4C484061911AC29E08B00497
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2CDDB2BC30573950F347CBEACD6C4470
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: 962BA140970FEEEEC6C825C02E82F0C8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C948006676EA7A53B685D359A4E44154
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8558C0996CCA0ECD79085179A9159D51
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs
Frame ID: 4DA7D1ABF33FB5CF9077EB0E38BCF0B4
Requests: 14 HTTP requests in this frame

Frame: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DF6C6882683AB38AB987A67471CCC356
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjrsp_sATAB&v=APEucNXmJrk5omIU04fpE8tavMTslzgu4i5xjBV03RWZwiLevRJ-tkeFwyVjOUU1Q-tQJTl8GpFmtVHfLqqh7Z4Ilf3O9DLb9vz1ij6WgSVsa7Xtig48BGxUejsoa4O4AMn8BLxSmTOSGHDpVJGfpLNNOnJzuhZ5s7xOKfqpeRWiQjjpRbyGRKw
Frame ID: 7FD27F43E2DF616DDA07325D30BF24BE
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstk7spjdw5q6CKY07m5qUk5rrTiUcVuif3xo_EYFDKSUDHZM_F9GXl7AbfFLOE7M7-WXLThxsgdzzDAb0dUcg3m9KpDF3qBb0Tc1ns5cdntWIVnXjcqCgfigMCUDTDuUeEicSfpfXzOkal_Mrpi-mjHjJq8TurzW2apqQsTR0bf1rWUr0-MSaFNIeNCTcfY4cpI82Ikx__tQ-bPP0bxE3-n0Nmy0drvsDd7xpUYoPD4J_L9GTmQU3303XtNRsyW8lfK4WDvl_mFXz8EZCaXJPe9UR11IvFAA3nf2yhxPNiIMdjPB8gq9fRaKYN8d9us_SUV_N119Aun5Bdav0_Gw8G_K8ShToP6&sai=AMfl-YTtQ-1XjqJHTwjz0QOWD8y9xuCTqE1dgZETAbYFWQeECDU32KGOkqN5ST602w2-I5BUUr-AT-SQyyMsMkt2YZGxo-3JKyqnpjzDMO6D2p0FMsw49JGHEij3A_h3ACa84snG9wYJtJFA6WE8mtY&sig=Cg0ArKJSzP31d3W1FDlUEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 1EC3F9BA714DBAB64A5E32ECB86114CB
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F0D99739AF573F3B148247C509D058AF
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8429509143949213696/index.html?e=69&leftOffset=0&topOffset=0&c=RzvqLLIE4b&t=1&renderingType=2&ev=01_250
Frame ID: 4A4A43565A9D99311FD4BE373E6EF4C7
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: 907D3280D49177A1B67D5A17105A68D9
Requests: 1 HTTP requests in this frame

Frame: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1013B348F95A840C1467D6E5E41E73DB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNUB8R4GScZ4vFSLOPYOmoefKOhI7SLexphMh9aT9gay3CtjMvQaK8y4GCi5KFkoOl41cNtQ8iy5mbYbEMjt9bPXRrSt2LLp2b6LfNEPHkGMSHKPkcRkOig7WOE7NpozPTGD4lo6NHnvUIezKohObN37RSlbGnycBSzsdCNrRU5VgrfwiAM
Frame ID: 7F82458C2D41EF27D7B5966FCA287883
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 417328EF5BB2EFE095A92D6E068F426B
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2F1907AFDA588B6F7E1DB94225125601
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Frame ID: AB52F551C021184DFBF726A9D9A95ED1
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 3D087B17F9DD8D63DE2A624091AC76E2
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_728x90.js
Frame ID: CBB947B71B1220CB032FECAA05B1AB7C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

مشاهدة قناة بي ان سبورت beIN Sports 4 HD بث مباشر بدون تقطيع - يلا شوت الجديد الرسمي | Yalla Shoot New أهم مباريات اليوم بث مباشر جوال

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

310
Requests

94 %
HTTPS

43 %
IPv6

58
Domains

90
Subdomains

80
IPs

9
Countries

4705 kB
Transfer

13032 kB
Size

41
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer.php?u=https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Title: فيسبوك

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Title: تويتر

Search URL Search Domain Scan URL

URL: https://web.whatsapp.com/send?text=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%82%D9%86%D8%A7%D8%A9%20%D8%A8%D9%8A%20%D8%A7%D9%86%20%D8%B3%D8%A8%D9%88%D8%B1%D8%AA%20beIN%20Sports%204%20HD%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%A8%D8%AF%D9%88%D9%86%20%D8%AA%D9%82%D8%B7%D9%8A%D8%B9%20|%20https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Title: واتساب

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%82%D9%86%D8%A7%D8%A9%20%D8%A8%D9%8A%20%D8%A7%D9%86%20%D8%B3%D8%A8%D9%88%D8%B1%D8%AA%20beIN%20Sports%204%20HD%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%A8%D8%AF%D9%88%D9%86%20%D8%AA%D9%82%D8%B7%D9%8A%D8%B9%20|%20https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Title: واتساب

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%82%D9%86%D8%A7%D8%A9%20%D8%A8%D9%8A%20%D8%A7%D9%86%20%D8%B3%D8%A8%D9%88%D8%B1%D8%AA%20beIN%20Sports%204%20HD%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%A8%D8%AF%D9%88%D9%86%20%D8%AA%D9%82%D8%B7%D9%8A%D8%B9%20|%20https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Title: تيليجرام

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 73

https://gum.criteo.com/sid/json?origin=publishertagids&domain=yalla-shoot.io&sn=ChromeSyncframe&so=0&topUrl=stad.yalla-shoot.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=WVnUEXxGcElmRGpXdWdsY3NzMGIyT3N0WTNqR3daS1RSL01YcFpFTjlEQ1hWQkFlWERnakZ5UzdhaGVjL1JXN0dhRjZnRUhKNWxlZVAyZDJGQ2FiT3p3STB6Nkc0NlFiSHA2TTlGMGYrdk91QkJJTVpuU1NpZ3BVSEhOZWZsRHFHVjN6Y1BCWG5VUWFjRVNhcTZ3SFdxNTdpMGQzZ1F2UGZhMGUrYWVJNWJYS2IyaTNQRit6cm5lSVNuTGFaNGhMSU9OWXBzbTNTMGhmdjFyYmNMTTJSdTBYaFlSZFJWSUxDNmdBRFZQYkN6SXJPZzdXQ2VvY0pGYTRqQkIxbXpGNUJqZjN0a3IvakNZYjZxMGN1VjRYQnVjTS9GZz09fA&cppv=2

Request Chain 88

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPdoVZStWxl0nMXT7syrVA&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPdoVZStWxl0nMXT7syrVA&google_cver=1&C=1

Request Chain 89

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKnXxALnguqrG2jR9I8sSAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPdoVZStWxl0nMXT7syrVA&google_cver=1

Request Chain 90

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAEvro15hI88PukjTIbR2zE&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAEvro15hI88PukjTIbR2zE%26google_cver%3D1

Request Chain 91

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc5NzQzMDg3MDE3MzI4NTgzMQ%3D%3D

Request Chain 114

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPdoVZStWxl0nMXT7syrVA&google_cver=1

Request Chain 115

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKnXxALnguqrG2jR9I8sSAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPdoVZStWxl0nMXT7syrVA&google_cver=1

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAEvro15hI88PukjTIbR2zE&google_cver=1

Request Chain 117

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc5NzQzMDg3MDE3MzI4NTgzMQ%3D%3D

Request Chain 143

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1688852420863-998299762888-001185-002-008660%26key%3D%5BRX_UUID%5D HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1688852420863-998299762888-001185-002-008660&key=OPTOUT

Request Chain 148

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

Request Chain 149

https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D105%26auid%3D1688852420863-998299762888-001185-002-008660%26key%3D HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=105&auid=1688852420863-998299762888-001185-002-008660&key=

Request Chain 150

https://csync.loopme.me/?pubid=11455&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D56%26auid%3D1688852420863-998299762888-001185-002-008660%26key%3D%7Bdevice_id%7D HTTP 307
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1688852420863-998299762888-001185-002-008660&key=5a2d8885-30d6-4582-abb0-cb5ae681dee6&gdpr_consent=null&gdpr=1

Request Chain 152

https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1688852420863-998299762888-001185-002-008660%26key%3D%25%25VGUID%25%25 HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1688852420863-998299762888-001185-002-008660&key=6OG4AibTAPed&ev=1&us_privacy=1---&pid=562704

Request Chain 153

https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent= HTTP 302
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=6a8a755bb3893c69a2d32c53d88b43&_fw_gdpr=1&_fw_gdpr_consent=

Request Chain 156

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1688852420863-998299762888-001185-002-008660%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1688852420863-998299762888-001185-002-008660%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1688852420863-998299762888-001185-002-008660&key=89a9d84e-83b2-437a-b3f5-12450e150fd2

Request Chain 180

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 187

https://creativecdn.com/cm-notify?pi=vidoomy HTTP 302
https://creativecdn.com/cm-notify?pi=vidoomy&tc=1 HTTP 302
https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=m4CYLNkDNFsF0sI0XZBQ&pi=vidoomy&tc=1

Request Chain 229

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDE24gTS58eXl1H9mCJNi_c&google_cver=1

Request Chain 231

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEKPW9cV2JX8_cWXCgNpA8JA&google_cver=1

Request Chain 277

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDE24gTS58eXl1H9mCJNi_c&google_cver=1

Request Chain 279

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEKPW9cV2JX8_cWXCgNpA8JA&google_cver=1

Request Chain 302

https://fw.adsafeprotected.com/rfw/st/987057/61527017/4.js?ias_dspID=3&ias_campId=1010147415&ias_pubId=pub-2930805104418204&ias_chanId=1&ias_placementId=19422216621&bidurl=https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jhQHLuLDvsICfQ9VMO1QFz&adContainerId=brand_safety_x9epZOPlFZflx_APmdyFkAI&cbFunctionName=goog_wrapCb_x9epZOPlFZflx_APmdyFkAI&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fstad.yalla-shoot.io&adsafe_type=g&adsafe_url=https%3A%2F%2Fstad.yalla-shoot.io%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Ffff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ffff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:6fb44fa0-136e-b073-672b-cc78b46e45d1,c:hOybSs,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6b6dfd5f7-gnh4l,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tJsoERs+111%7C12%7C13%7C141%7C142%7C143%7C144%7C145%7C146%7C147%7C148%7C149%7C14a%7C14b%7C14c%7C14d%7C14e%7C14f%7C14g%7C151%7C152%7C1531%7C161%7C162%7C163%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1d%7C1e%7C1f1%7C1f2%7C1f31%7C1g1%7C1h1*.987057-61527017%7C1h11%7C1h121%7C1h13,idMap:1h1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:27,oid:0b63df59-1dd8-11ee-a0da-d60c64afb127,v:19.8.425,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

Request Chain 325

https://image8.pubmatic.com/AdServer/ImgSync?p=156400 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156400&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkVFN0NGQkMtNEZEQi00QjdBLTlGQUItRTJFQTAxMTNGRjU4&gdpr=-1&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

310 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
stad.yalla-shoot.io/channels/bein-sport-4d-hd/ 53 KB
14 KB 76ms
49ms Document
text/html 2606:4700:20::681a:b15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9da124e8ad31c0acb51488d128d9e3e9c6ef0bf5455a26992be46b99a4cef57a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7e3b7c260d7b9112-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 08 Jul 2023 21:40:19 GMT
link: <https://stad.yalla-shoot.io/wp-json/>; rel="https://api.w.org/" <https://stad.yalla-shoot.io/?p=15255>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TIBif3Ss%2B%2Fi3pWHN456%2BlvgffKkQmfnvV9iLHvul0sMcqlLwaL%2BL4LLkOYNms88WaTNcgCPn0pWiM%2FATzx32SpHglPqNs7%2BOb%2F2lU8sr11ffivbh4ughXG6F6eq0Wa7u%2BPGMqhN4NaiMESip74bRNZs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-fastcgi-cache: BYPASS

GET
H2 200 classic-themes.min.css
stad.yalla-shoot.io/wp-includes/css/ 291 B
528 B 16ms
15ms Stylesheet
text/css 2606:4700:20::681a:b15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stad.yalla-shoot.io/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 00:06:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1214
etag: W/"6424d29c-123"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2Bqepnes%2B%2BOMDa17zJ%2BDa7veP%2FzpaKjh2Gdedcb0Hh0pP8%2BGHjadAFt%2Fry6oluiNhIdHBAdD%2Fw%2F%2FgYTfXFFL05BP26Bn0o8FpnYB1fEz2XHF38rjiEfiaoVCC2mLPDE2ZPZeP2g6M8QnA2tBGeWUcqY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e3b7c266da99112-FRA

GET
H2 200 logo.png
stad.yalla-shoot.io/wp-content/themes/YallaShoot1/img/ 1 KB
2 KB 14ms
13ms Image
image/webp 2606:4700:20::681a:b15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoot.io/wp-content/themes/YallaShoot1/img/logo.png
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 550cb9add249cab0af5d81b7b7293170a9436d2f7fbece20ca02a52978d72a44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6288
cf-polished: origFmt=png, origSize=4095
content-disposition: inline; filename="logo.webp"
content-length: 1478
cf-bgj: imgq:100,h2pri
last-modified: Sat, 01 Jan 2022 19:02:44 GMT
server: cloudflare
etag: "61d0a554-fff"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1KxIrWTEQNm2t1UrDy4lEQkxl%2BKx9YN%2FshEZMky4nWY7xdJ2s9yn2203jW2P55pCMz335ocTDIjmcmLWoaTVeQ7420DvYQK%2BsvtkvTkLhC%2FyV3HaM3A%2BVPaNvIKf34gpYPIUrwuhj2aWOD1%2Ftsa7Des%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7e3b7c266daa9112-FRA

GET
H2 200 yalla-shootheadmatag.js Show response
jscdn.greeter.me/ 7 KB
8 KB 146ms
9ms Script
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/yalla-shootheadmatag.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

4c1fd5df408874cca82afe627a36a9ba0988d5a350a38ba572053d38941736f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Sun, 09 Apr 2023 14:11:29 GMT
x-amz-request-id: tx00000000000000fa4c90d-0064a9d1b7-abfa5023-fra1b
etag: "30f42b42f65a446e0ae7f55cea523b81"
x-envoy-upstream-healthchecked-cluster
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1688852419.dop226.fr8.t,1688852419.cds343.fr8.hn,1688852419.cds340.fr8.c
content-type: text/javascript
cache-control: max-age=2052
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 7458

GET
H2 200 yalla-shoot.io.video.js Show response
jscdn.greeter.me/ 1 KB
2 KB 147ms
11ms Script
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/yalla-shoot.io.video.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

2df957d141202a0ff7127f12d1df45b6c0e689872d63accc4d91f600b0056ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 15 Dec 2021 09:52:48 GMT
x-amz-request-id: tx00000000000000f9e75bd-0064a9d075-aad2502b-fra1b
etag: "bdea9baff06ff01dd168099ecf27e5a6"
x-envoy-upstream-healthchecked-cluster
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1688852419.dop226.fr8.t,1688852419.cds343.fr8.hn,1688852419.cds258.fr8.c
content-type: text/javascript
cache-control: max-age=1730
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 1390

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 125 KB
48 KB 56ms
18ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-107335079-1

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ef60d4f0e9d359c2765d84dc314ca4486c9975e866943b9e344ec72e9d036051

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 49203
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 08 Jul 2023 21:40:19 GMT

GET
H2 200 jquery.min.js Show response
stad.yalla-shoot.io/wp-content/themes/YallaShoot1/js/ 94 KB
34 KB 24ms
17ms Script
application/javascript 2606:4700:20::681a:b15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stad.yalla-shoot.io/wp-content/themes/YallaShoot1/js/jquery.min.js
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e30b4f5df3c9773448d5e9a2f8b772308ffc80db3a4e437bd1e409fce41ebfaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 02 Jan 2022 15:56:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 812
etag: W/"61d1cb26-179cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2FxbEGqkZat7AN8Oy%2FylIpgCuFasjRKkUN4VTAp785nPAd4niUxPcE11uh97%2FErjEWOl1lIKRjE7UtpqTiX7TTO%2FtK4dmd1TVaak4eENiCNxPVGA9iwo1cGhE5dVnBs3R3jOhaj2jE4UjMPGHr1mZRo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 7e3b7c268db29112-FRA

GET
H2 200 lazyload.js Show response
stad.yalla-shoot.io/wp-content/themes/YallaShoot1/js/ 7 KB
3 KB 26ms
19ms Script
application/javascript 2606:4700:20::681a:b15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stad.yalla-shoot.io/wp-content/themes/YallaShoot1/js/lazyload.js
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8150ac13ec014fb343f5a481c41e92eee8e1281c02e36b0c3ca7f7de8ad82fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:19 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 02 Jan 2022 15:54:22 GMT
server: cloudflare
age: 6220
cf-polished: origSize=7327
etag: W/"61d1caae-1c9f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5U8t2eyl1PHPK9mBUSTlbpOPZoy1U%2BssBXaT7CJZV4kre2bo1tsFGV8kCTABmuWVW5dq7L7s30p1jlFkvzg%2B7xGpl10UWMrWxTjiB77%2BvaBhQH9jIQR9v03Al9U%2Fr6AQJtVCZ6KdA4KhtkzXFGRkovE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7e3b7c268db39112-FRA

GET
H2 200 / Show response
live.yalla-shoott.xyz/albaplayer/sport-4/ Frame CAD6 26 KB
11 KB 93ms
58ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.yalla-shoott.xyz/albaplayer/sport-4/
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15c26fce4e4d019c29c6ce643cafbb04d56c01ac165eb4c043bff9ce47fb9df1

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e3b7c26f8a32c56-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 08 Jul 2023 21:40:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KoLRpzVbpb%2BcwUeWaqMNN8z9HDQpdAfc0nfpwZ1uaGqH8ZKwHhRWPy0joe8Q%2FGS0sJpUjrNokWnKAXxW49aXKmhJF7P5TaMlbWMh8PJaul5uRqKwc7e2Q6B%2BVlicciS2vgIUOMSN3fZfHMFZmIArNZVDleQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Cookie

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 401 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 944 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 248 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 460 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 NeoSansArabic.woff
stad.yalla-shoot.io/wp-content/themes/YallaShoot1/fonts/ 56 KB
56 KB 18ms
18ms Font
font/woff 2606:4700:20::681a:b15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stad.yalla-shoot.io/wp-content/themes/YallaShoot1/fonts/NeoSansArabic.woff
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6

Request headers

Referer: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Origin: https://stad.yalla-shoot.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:19 GMT
cf-cache-status: HIT
last-modified: Sat, 01 Jan 2022 19:02:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2617
etag: "61d0a554-e014"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MjKApBqUiZXXfewAHoi%2FwKb75z9VivDCz7lhXma0R1p4o4LRSUW6%2Fy6dX2%2FJCmUMXmx5lfE4UDZWnWz5oacvsRFj0if7%2BXzrwi0PyXKoPpJuTvdV8Bj8KHE0DiSk06bO%2FgtIuWhd7EFv2zQ8UqWy6lM%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7e3b7c26cde09112-FRA
content-length: 57364

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
80 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2Y3HW36EKK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-107335079-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

311d05141c23f989502dda391aaeb7109de32777ce2ae1c5e8ecc6cf6cdd1be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81887
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 08 Jul 2023 21:40:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 47ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-107335079-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Jul 2023 21:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2142
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 08 Jul 2023 23:04:37 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 65ms
25ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2Y3HW36EKK&gtm=45je3750&_p=1255100687&cid=1047169957.1688852420&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1688852419&sct=1&seg=0&dl=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sport-4d-hd%2F&dt=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%82%D9%86%D8%A7%D8%A9%20%D8%A8%D9%8A%20%D8%A7%D9%86%20%D8%B3%D8%A8%D9%88%D8%B1%D8%AA%20beIN%20Sports%204%20HD%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%A8%D8%AF%D9%88%D9%86%20%D8%AA%D9%82%D8%B7%D9%8A%D8%B9%20-%20%D9%8A%D9%84%D8%A7%20%D8%B4%D9%88%D8%AA%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%20%D8%A7%D9%84%D8%B1%D8%B3%D9%85%D9%8A%20%7C%20Yalla%20Shoot%20New%20%D8%A3%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%AC%D9%88%D8%A7%D9%84&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2Y3HW36EKK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jhWvvVCWp_o Show response
www.youtube.com/embed/ Frame A561 76 KB
33 KB 97ms
74ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/jhWvvVCWp_o

Requested by

Host: live.yalla-shoott.xyz
URL: https://live.yalla-shoott.xyz/albaplayer/sport-4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

28ccbde90eb5abd5b970391fa34c9dc8f772cb59c1b5d702a0697f8500fb2fee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://live.yalla-shoott.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 21:40:20 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hb_502684_12987.js Show response
player.aplhb.adipolo.com/prebidlink/469125/ 1 B
228 B 55ms
12ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/469125/hb_502684_12987.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shootheadmatag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:19 GMT
last-modified: Thu, 16 Feb 2023 14:55:08 GMT
server: nginx
etag: "63ee43cc-1"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1
expires: Sat, 08 Jul 2023 22:40:19 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
26 KB 116ms
80ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shootheadmatag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e2de675c94cfa8a2cb6c7b6f937ed7670b56d4afe6891d62480a89559c02ce2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26396
x-xss-protection: 0
server: cafe
etag: 241 / 19546 / 31075836 / config-hash: 12381638052069933206
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 21:40:20 GMT

GET
H2 200 wrapper_hb_502684_12987.js Show response
player.aplhb.adipolo.com/prebidlink/469125/ 127 B
352 B 56ms
14ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/469125/wrapper_hb_502684_12987.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shootheadmatag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5ea995481d7dfddb5307f94aedabe955e8bdd9ba40b925007532997185cd35c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:19 GMT
content-encoding: gzip
last-modified: Thu, 16 Feb 2023 14:55:08 GMT
server: nginx
etag: W/"63ee43cc-7f"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Sat, 08 Jul 2023 22:40:19 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
26 KB 102ms
71ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shootheadmatag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7785faf79140a61896af3091c1d980dfdf1a3dfe9b8e78a56c1f710a58a8f7b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26401
x-xss-protection: 0
server: cafe
etag: 783 / 19546 / m202306290101 / config-hash: 12381638052069933206
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 21:40:20 GMT

GET
H/1.1 200
OK spt Show response
tg1.modoro360.com/api/adserver/ 28 KB
8 KB 143ms
31ms Script
text/javascript 2a02:26f0:e600::170f:b269
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=61829aec12a96609532b3fd9&AV_PUBLISHERID=6181354e7fb04045d1763610
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoot.io.video.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e600::170f:b269 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 8bf74ab32202c08ff671c5f5c83c65a11d88b93383d771a939ede8c0191004fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Bamboo-C-SkSt: 1
Content-Encoding: gzip
X-Bamboo-C-SkFe: 1
X-Bamboo-C-S: BYPASS
Date: Sat, 08 Jul 2023 21:40:20 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Vary: Accept-Encoding
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Content-Length: 7198
Expires: Sat, 08 Jul 2023 21:45:20 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
208 B 14ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1255100687&t=pageview&_s=1&dl=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sport-4d-hd%2F&ul=en-us&de=UTF-8&dt=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%82%D9%86%D8%A7%D8%A9%20%D8%A8%D9%8A%20%D8%A7%D9%86%20%D8%B3%D8%A8%D9%88%D8%B1%D8%AA%20beIN%20Sports%204%20HD%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%A8%D8%AF%D9%88%D9%86%20%D8%AA%D9%82%D8%B7%D9%8A%D8%B9%20-%20%D9%8A%D9%84%D8%A7%20%D8%B4%D9%88%D8%AA%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%20%D8%A7%D9%84%D8%B1%D8%B3%D9%85%D9%8A%20%7C%20Yalla%20Shoot%20New%20%D8%A3%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%AC%D9%88%D8%A7%D9%84&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=957268992&gjid=1488092452&cid=1047169957.1688852420&tid=UA-107335079-1&_gid=2035386005.1688852420&_r=1&gtm=457e3750&jsscut=1&z=938407246

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://stad.yalla-shoot.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/1dda5629/ Frame A561 375 KB
47 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1dda5629/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jhWvvVCWp_o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5e92898ba6e42dfb897dca8d1601a62828ebff402051a240c4a015ea1138a41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jhWvvVCWp_o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 16:18:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19333
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47749
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 01:48:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jul 2024 16:18:07 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A561 15 KB
16 KB 88ms
61ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jhWvvVCWp_o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 00:54:58 GMT
x-content-type-options: nosniff
age: 74722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 00:54:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A561 15 KB
15 KB 90ms
63ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jhWvvVCWp_o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 20:23:37 GMT
x-content-type-options: nosniff
age: 350203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jul 2024 20:23:37 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/1dda5629/www-embed-player.vflset/ Frame A561 311 KB
94 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1dda5629/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jhWvvVCWp_o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd246d635557581e8306bb09188bdd6caae6cedc47a799aaed9e96ed7db19a4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jhWvvVCWp_o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:03:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95637
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 01:48:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jul 2024 21:03:07 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/1dda5629/player_ias.vflset/de_DE/ Frame A561 2 MB
753 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1dda5629/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jhWvvVCWp_o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80a9d66b356ce593f1069c17c8a60c91d7e8a0a1ae1947b7d890297dc1a3d5f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jhWvvVCWp_o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 18:31:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 770340
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 01:48:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jul 2024 18:31:09 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/1dda5629/fetch-polyfill.vflset/ Frame A561 9 KB
3 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1dda5629/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jhWvvVCWp_o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jhWvvVCWp_o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 20:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3425
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2625
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 01:48:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jul 2024 20:43:15 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/ 391 KB
125 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8187dcb05ebcfc94502aeec0524c23c7d22afbafe17aff1d39acc1d59a3a52db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:46:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6801
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127464
x-xss-protection: 0
server: cafe
etag: 4704578582152062329
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 07 Jul 2024 19:46:59 GMT

GET
H2 200 631a2480b3d08269680f4be2 Show response
feed.avplayer.com/backend/api/playlist/ 5 KB
923 B 70ms
12ms XHR
application/json 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://feed.avplayer.com/backend/api/playlist/631a2480b3d08269680f4be2?AV_TAGID=61829aec12a96609532b3fd9&pid=6181354e7fb04045d1763610&cid=61829607b5bef343b31cc918&AV_TEMPID=635e40ee9cca104d830d91c4&AV_PUBLISHERID=6181354e7fb04045d1763610
Requested by: Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=61829aec12a96609532b3fd9&AV_PUBLISHERID=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: b0e5ffbe1fbf32b9f80e09a1c81a35f51defe2846347e186184e3cea5a264280

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:20 GMT
content-encoding: gzip
x-hw: 1688852420.dop052.fr8.t,1688852420.cds339.fr8.hn,1688852420.cds340.fr8.c
content-type: application/json; charset=utf-8
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 716

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/2/v/ 251 KB
60 KB 68ms
10ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/v/avcplayer.js
Requested by: Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=61829aec12a96609532b3fd9&AV_PUBLISHERID=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:20 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 17:18:44 GMT
etag: "1646327924"
x-hw: 1688852420.dop261.fr8.t,1688852420.cds235.fr8.hn,1688852420.cds249.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 61326

GET
H2 200 track
servt.modoro360.com/ 0
98 B 366ms
104ms Image
text/plain 3.225.3.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?pid=6181354e7fb04045d1763610&cid=61829607b5bef343b31cc918&cb=1688852420106&r=stad.yalla-shoot.io&stagid=61829aec12a96609532b3fd9&stplid=635e40ee9cca104d830d91c4&d35=&d65=Test1&d66=7&d74=&e=playerLoaded&cpid=631a2480b3d08269680f4be2&str=viewable
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.3.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-3-30.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:20 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
878 B 45ms
8ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 08 Jul 2023 21:40:20 GMT
x-content-type-options: nosniff
content-encoding: br
age: 37227
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230118-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 12 KB
4 KB 52ms
15ms Script
application/javascript 172.64.152.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d285ae6755d52c452904f5bdfa4a6c2082186d695304b242e9db2f12461f02e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Jun 2023 16:15:13 GMT
server: cloudflare
age: 6191
etag: W/"648b3911-2e4b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7e3b7c2a2f8b9bec-FRA
expires: Sun, 09 Jul 2023 21:40:20 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 68ms
34ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20e74dbf3ee183f6fe1447dd7efef616905f78e10733e618dfd67f54c8a25ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 29 Jun 2023 05:28:55 GMT
server: nginx
etag: W/"649d1697-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Jul 2023 21:40:20 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 72ms
9ms Script
text/javascript 2600:9000:2250:4400:a:e047:753:be1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4400:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: null
Date: Sat, 08 Jul 2023 07:03:45 GMT
Via: 1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 52596
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: Soj8M0REY6o5Q-9_2gD7DLoN5M9VZG-ShznzKQtb7nOnLh_9m9cymA==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 46ms
20ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: 7K31B1SBF214GTBQ
age: 1343
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7e3b7c2a1d8b1e56-FRA
x-amz-id-2: e3bzHDxJ/gGu3jgSwzlpMAnHxVi64l2r1kEpNHmt8TNQGwqCCSRzYsoGG4zoKvdKxOzYBUf19Bs=

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 62ms
18ms Script
text/javascript 18.155.129.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-39.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 03:04:08 GMT
content-encoding: gzip
via: 1.1 bf37fcd05a816a7fa3bda09195cf83b2.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 66973
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: mtbFGk6xfeBT1EPVOrn8lVp02nyZ2l0_soS8Y_ay_yxy1w5bygLu6g==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 75ms
25ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:20 GMT
via: 1.1 google, 1.1 google
last-modified: Wed, 05 Jul 2023 19:08:57 GMT
server: Google Frontend
etag: 6c49a4094d9a446bdc7fe3d19d23b4c7
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 8db13ff658b3cb8f766508c11fb811f7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 49ms
17ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=stad.yalla-shoot.io

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 2384ms
2384ms XHR
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4464128668034519&correlator=653003584105025&eid=31072020%2C31075695&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fif&iu_parts=21939239661%3A22689168218%2Capl%2Caplmcm%2Ccube&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C320x50%7C320x100&ifi=1&adks=900511283&didk=2675907389&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1688852420172&lmt=1688852420&dlt=1688852419581&idt=542&adxs=650&adys=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sport-4d-hd%2F&frm=20&vis=1&psz=976x0&msz=976x0&fws=4&ohw=1000&ga_vid=1047169957.1688852420&ga_sid=1688852420&ga_hid=1255100687&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa0992643b8f7200fcffdf76e9f5c707c08518440626924146765381e9ce6a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9817
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 167C 6 KB
3 KB 109ms
17ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 21:40:20 GMT
expires: Sun, 07 Jul 2024 21:40:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 780ms
780ms XHR
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4464128668034519&correlator=653003584105025&eid=31072020%2C31075695&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fif&iu_parts=21939239661%3A22689168218%2Capl%2Caplmcm%2Ccube2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C320x50%7C320x100&ifi=2&adks=2112327995&didk=2675907388&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1688852420183&lmt=1688852420&dlt=1688852419581&idt=542&adxs=650&adys=110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sport-4d-hd%2F&frm=20&vis=1&psz=1000x0&msz=1000x0&fws=0&ohw=0&ga_vid=1047169957.1688852420&ga_sid=1688852420&ga_hid=1255100687&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60df3c8a62e7d028a71318a25acdca93629a48cef3e2fe7f143f592fdb8f02cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:20 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9903
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 395ms
395ms XHR
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4464128668034519&correlator=653003584105025&eid=31072020%2C31075695&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fif&iu_parts=21939239661%3A22689168218%2Capl%2Caplmcm%2Ccube3&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C320x50%7C320x100&ifi=3&adks=2762301397&didk=2675907387&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1688852420186&lmt=1688852420&dlt=1688852419581&idt=542&adxs=650&adys=260&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sport-4d-hd%2F&frm=20&vis=1&psz=976x0&msz=976x0&fws=4&ohw=1000&ga_vid=1047169957.1688852420&ga_sid=1688852420&ga_hid=1255100687&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

317d1c835272e0888499488983ecee23b642ac8b38838e253a508303a50fb741

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:20 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9810
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 339 KB
153 KB 2077ms
2077ms XHR
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4464128668034519&correlator=653003584105025&eid=31072020%2C31075695&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fif&iu_parts=21939239661%3A22689168218%2Capl%2Caplmcm%2Csky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C320x50%7C320x100%7C300x600&ifi=4&adks=512602593&didk=2675907384&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1688852420188&lmt=1688852420&dlt=1688852419581&idt=542&adxs=650&adys=985&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sport-4d-hd%2F&frm=20&vis=1&psz=976x0&msz=976x0&fws=4&ohw=1000&ga_vid=1047169957.1688852420&ga_sid=1688852420&ga_hid=1255100687&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e19c530707a3d8035ee6d0ec81299bd785491e5ba2d83928bbcc37534da85d06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 156353
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stad.yalla-shoot.io
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 2646ms
2646ms XHR
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4464128668034519&correlator=653003584105025&eid=31072020%2C31075695&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fif&iu_parts=21939239661%3A22689168218%2Capl%2Caplmcm%2Cresponsive3&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=5&adks=1504892565&didk=2675907334&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1688852420191&lmt=1688852420&dlt=1688852419581&idt=542&adxs=640&adys=772&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sport-4d-hd%2F&frm=20&vis=1&psz=976x0&msz=976x0&fws=4&ohw=1000&ga_vid=1047169957.1688852420&ga_sid=1688852420&ga_hid=1255100687&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6552737fa2d4e0178f375d5c0b657ed86ec9559c57f355e4a1dad4bc26be2b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12099
x-xss-protection: 0
google-lineitem-id: 5778121850
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138361598025
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 164 KB
48 KB 1116ms
1115ms XHR
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4464128668034519&correlator=653003584105025&eid=31072020%2C31075695&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fif&iu_parts=21939239661%3A22689168218%2Capl%2Cinter&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=6&adks=2777488063&didk=2634695916&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1688852420193&lmt=1688852420&dlt=1688852419581&idt=542&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sport-4d-hd%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1047169957.1688852420&ga_sid=1688852420&ga_hid=1255100687&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

652d09adf7806f2c4a24815ffab7fce2a0dae180765c6aedbe41097790b811a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:21 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48707
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/ 37 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3cc0b563084ab3f3f982828651c83e32b01aacaeecca60f0edffbf4e29905218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 12:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31380
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13139
x-xss-protection: 0
server: cafe
etag: 4037606220920726119
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 07 Jul 2024 12:57:20 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
14 KB 2984ms
2984ms XHR
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4464128668034519&correlator=653003584105025&eid=31072020%2C31075695&output=ldjh&gdfp_req=1&vrg=202306290101&ptt=17&impl=fif&iu_parts=21939239661%3A22689168218%2Capl%2Canchor%2Canchortop&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=7&adks=2541479151&didk=755213686&sfv=1-0-40&ists=1&fas=2&sc=1&cookie_enabled=1&abxe=1&dt=1688852420196&lmt=1688852420&dlt=1688852419581&idt=542&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sport-4d-hd%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1047169957.1688852420&ga_sid=1688852420&ga_hid=1255100687&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

322089a51d0a0c495a7d9db6c92499888046111a1278bf382bcc3438e1e979a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:23 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14620
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame A561
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

16ms
15ms

XHR
application/json

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jhWvvVCWp_o

Protocol

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd70c423ced0b79fb125d39a3f21b0137ecbaab49c6a79f5d56cf9980e6a99c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 08 Jul 2023 21:40:20 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame A561 29 B
494 B 60ms
14ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1dda5629/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:36:08 GMT
x-content-type-options: nosniff
age: 252
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 21:51:08 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 45ms
15ms Preflight
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 08 Jul 2023 21:40:20 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A561 69 KB
32 KB 24ms
23ms XHR
application/json+protobuf 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1dda5629/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

175f8c1ab85cad9029645d3a854a0f0f5a75f520db15acc0b20ab6560aa16db6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 08 Jul 2023 21:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32253
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/1dda5629/player_ias.vflset/de_DE/ Frame A561 116 KB
33 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1dda5629/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1dda5629/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c611ae0fb3943daf2e41ecb75d737dc1153cd966bd9f9a761aa40e94b386870b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jhWvvVCWp_o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 11:02:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124691
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33659
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 01:48:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 06 Jul 2024 11:02:09 GMT

GET
H2 200 8v4BCtBx0WForFLMkOj3_CsUilqDo66XJ8fVqCg87U4.js Show response
www.google.com/js/th/ Frame A561 38 KB
15 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/8v4BCtBx0WForFLMkOj3_CsUilqDo66XJ8fVqCg87U4.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1dda5629/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2fe010ad071d16168ac52cc90e8f7fc2b148a5a83a3ae9727c7d5a8283ced4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 07:28:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14891
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Jul 2024 07:28:27 GMT

GET
H2 200 maxresdefault_live.jpg
i.ytimg.com/vi/jhWvvVCWp_o/ Frame A561 110 KB
110 KB 32ms
8ms Image
image/jpeg 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/jhWvvVCWp_o/maxresdefault_live.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jhWvvVCWp_o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48bb8ee7c09845ec897188e2681cfa727925b9c535893cc9439634fdc5afad37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:39:38 GMT
x-content-type-options: nosniff
age: 42
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112679
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 08 Jul 2023 21:44:38 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/1dda5629/player_ias.vflset/de_DE/ Frame A561 28 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1dda5629/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1dda5629/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a101234fd004179c4ba82ac71e6fc670a4778ce1e22661936a933e5a8834181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jhWvvVCWp_o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 14:41:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25104
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8147
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 01:48:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jul 2024 14:41:56 GMT

GET
DATA 200
OK truncated
/ Frame A561 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AOPolaQxmqwCJJTJW8I8PWqt2Jx9jIKu3iJR1D4Lyu35hn0i7VNuYBNwM1uB4sQRXAuf=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame A561 961 B
1 KB 32ms
8ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AOPolaQxmqwCJJTJW8I8PWqt2Jx9jIKu3iJR1D4Lyu35hn0i7VNuYBNwM1uB4sQRXAuf=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jhWvvVCWp_o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fcc77f92ba3e787fc9a899ae5be3f3cfdb142ca47eab9021c8b5624d1ee81294

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 18:53:20 GMT
x-content-type-options: nosniff
server: fife
age: 10020
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 961
x-xss-protection: 0
expires: Sun, 09 Jul 2023 18:53:20 GMT

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 64ms
25ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://stad.yalla-shoot.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://stad.yalla-shoot.io
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Sat, 08 Jul 2023 21:40:20 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: e06364d3a80c8913ab7423f89850eda8

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 241 B
335 B 25ms
25ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 95d436c490a1fbf7c6333f41514d43ae8fc833af628abb1d5c2a66fd384870bc

Request headers

Referer: https://stad.yalla-shoot.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 08 Jul 2023 21:40:20 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 669d93787e95ad7f66356bea0a227a03
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 241

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3A33 15 KB
6 KB 47ms
16ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=stad.yalla-shoot.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 21:40:19 GMT
server: Kestrel
server-processing-duration-in-ticks: 228489
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 large-poster.jpg
content1.avplayer.com/60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/ 17 KB
17 KB 33ms
10ms Image
image/jpeg 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content1.avplayer.com/60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/large-poster.jpg
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: UploadServer /
Resource Hash: 9f66145fbaf681859fb04fc4cdedf358806d85dd27355199545b97db90d48829

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:20 GMT
x-guploader-uploadid: ADPycduZX99nqoZE0tlSDbal3NcWFCs3JNHFFi0Ntis5CTKhbgkqFtKnS8fCN7v0948cZGTxlP-NNwnkuQ2NyBi-AyyjTDR50lw6
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 16959
last-modified: Thu, 08 Sep 2022 15:38:37 GMT
server: UploadServer
etag: "0ee97d2dcd219d582aee0cecbb70cafd"
x-goog-generation: 1662651517684609
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=SZ/7Cg==, md5=Dul9Lc0hnVgq7gzsu3DK/Q==
access-control-expose-headers: Content-Type, range
cache-control: public, max-age=2592000
x-hw: 1688852420.dop261.fr8.t,1688852420.cds235.fr8.hn,1688852420.cds324.fr8.c
x-goog-stored-content-length: 16959
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame CF50 471 KB
127 KB 57ms
8ms Script
text/javascript 2a02:26f0:480:794::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/v/avcplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:794::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: f164cb2712587cce946552bffa2ac0db73d0649b51a52115f5c547ff173f2d0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:20 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdt3EwZ8jUjB8sS6g5EbfhFR-Rtf1jT7rOlyT9pswOcco6BY3dYuZPCdis-62VzXUnr290oKhtYqgagKgUFPzV2X5A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 128950
last-modified: Wed, 05 Jul 2023 14:55:43 GMT
server: UploadServer
etag: "83c386c60bb8d55a9485c35e334d2af0"
vary: Accept-Encoding
x-goog-generation: 1688568943816361
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=j2kB2w==, md5=g8OGxgu41VqUhcNeM00q8A==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 128950
accept-ranges: bytes
expires: Sat, 08 Jul 2023 21:50:20 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
336 B 97ms
29ms XHR
application/json 52.31.229.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.229.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-229-177.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: f78d8a986eed98191a9433bf49a80aca4630f9d9ff7697f88b14fa1aa887b888

Request headers

Referer: https://stad.yalla-shoot.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:20 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache
x-server: 10.45.26.96
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
328 B 58ms
16ms XHR
text/plain 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://stad.yalla-shoot.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://stad.yalla-shoot.io
date: Sat, 08 Jul 2023 21:40:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A561 90 B
134 B 19ms
19ms XHR
application/json+protobuf 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1dda5629/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b46f202ea3a4dd5f6662839e5630409d4aeedafd171e01e41997085acbd77249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 08 Jul 2023 21:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
15ms Preflight
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 08 Jul 2023 21:40:20 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3A33
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=yalla-shoot.io&sn=ChromeSyncframe&so=0&topUrl=stad.yalla-shoot.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=WVnUEXxGcElmRGpXdWdsY3NzMGIyT3N0WTNqR3daS1RSL01YcFpFTjlEQ1hWQkFlWERnakZ5UzdhaGVjL1JXN0dhRjZnRUhKNWxlZVAyZDJGQ2FiT3p3STB6Nkc0NlFiSHA2TTlGMGYrdk91QkJJTVpuU1NpZ3BVSEhOZW...

433 B
655 B

94ms
19ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=WVnUEXxGcElmRGpXdWdsY3NzMGIyT3N0WTNqR3daS1RSL01YcFpFTjlEQ1hWQkFlWERnakZ5UzdhaGVjL1JXN0dhRjZnRUhKNWxlZVAyZDJGQ2FiT3p3STB6Nkc0NlFiSHA2TTlGMGYrdk91QkJJTVpuU1NpZ3BVSEhOZWZsRHFHVjN6Y1BCWG5VUWFjRVNhcTZ3SFdxNTdpMGQzZ1F2UGZhMGUrYWVJNWJYS2IyaTNQRit6cm5lSVNuTGFaNGhMSU9OWXBzbTNTMGhmdjFyYmNMTTJSdTBYaFlSZFJWSUxDNmdBRFZQYkN6SXJPZzdXQ2VvY0pGYTRqQkIxbXpGNUJqZjN0a3IvakNZYjZxMGN1VjRYQnVjTS9GZz09fA&cppv=2

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7dfb04b6f39f63164e6c02c2181d27a8123706990bf17d12229e9f89e520821e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:20 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2245537
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:19 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=WVnUEXxGcElmRGpXdWdsY3NzMGIyT3N0WTNqR3daS1RSL01YcFpFTjlEQ1hWQkFlWERnakZ5UzdhaGVjL1JXN0dhRjZnRUhKNWxlZVAyZDJGQ2FiT3p3STB6Nkc0NlFiSHA2TTlGMGYrdk91QkJJTVpuU1NpZ3BVSEhOZWZsRHFHVjN6Y1BCWG5VUWFjRVNhcTZ3SFdxNTdpMGQzZ1F2UGZhMGUrYWVJNWJYS2IyaTNQRit6cm5lSVNuTGFaNGhMSU9OWXBzbTNTMGhmdjFyYmNMTTJSdTBYaFlSZFJWSUxDNmdBRFZQYkN6SXJPZzdXQ2VvY0pGYTRqQkIxbXpGNUJqZjN0a3IvakNZYjZxMGN1VjRYQnVjTS9GZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 250599
content-length: 0
expires: 0

GET
DATA 200
OK truncated
/ 577 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
serv.modoro360.com/api/adserver/tag/ 32 KB
5 KB 662ms
413ms XHR
application/json 35.174.189.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://serv.modoro360.com/api/adserver/tag/?AV_TAGID=61829aec12a96609532b3fd9&AV_PUBLISHERID=6181354e7fb04045d1763610&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sport-4d-hd%2F&AV_CHANNELID=61829607b5bef343b31cc918&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=stad.yalla-shoot.io&AV_DADPOS=1&AV_OPLACEMENT=1&AV_TAG=61829aec12a96609532b3fd9&AV_TEMPLATE=635e40ee9cca104d830d91c4&AV_GPID=/6181354e7fb04045d1763610/61829aec12a96609532b3fd9/stad.yalla-shoot.io&d36=6.2.114&responsive=1&sver=4&avtoken=420563&omv=1.0.1&AV_D65=Test1&clsid=477850ce-9190-466b-be3d-d4ccd1cc87aa&rando=71&AV_WIDTH=450&AV_HEIGHT=253&AV_DNT=0&cb=1688852420565&AV_CGUID=01ftrvrvyj4bm5fq8f05&AV_CGUIDLIST=01ftrvrvyj4bm5fq8f05,01ftrvrvyj4bm5fq8f06,01ftrvrvyj4bm5fq8f04&wfc=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.189.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-189-28.compute-1.amazonaws.com
Software: /
Resource Hash: 93ea80d89e0390a47bd20f167fe79b3e82ff6b47a3c7042dc90e339b21ec896e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:21 GMT
x-bamboo-c-skst: 1
content-encoding: gzip
x-bamboo-c-skfe: 1
x-bamboo-c-s: BYPASS
access-control-max-age: 1728000
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin: https://stad.yalla-shoot.io
content-type: application/json
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires: Tue, 27 Jun 2023 07:53:41 GMT

GET
H2 200 track
servt.modoro360.com/ 0
97 B 107ms
107ms Image
text/plain 3.225.3.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?r=stad.yalla-shoot.io&sn=&ic=0&tgt=0&app=&wi=450&he=253&test=&d36=6.2.114&apppkg=&fv=1&proto=https&d65=Test1&clsid=477850ce-9190-466b-be3d-d4ccd1cc87aa&rando=71&pid=6181354e7fb04045d1763610&cid=61829607b5bef343b31cc918&stagid=61829aec12a96609532b3fd9&stplid=635e40ee9cca104d830d91c4&e=inventory&vi=100&cb=1688852420565
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.3.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-3-30.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:20 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 204 generate_204
www.youtube.com/ Frame A561 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?0s1Gww
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jhWvvVCWp_o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame A561 4 KB
2 KB 56ms
31ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1dda5629/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 21:40:20 GMT

GET
H2 200 container.html Show response
fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D8E2 6 KB
3 KB 9ms
8ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 21:40:20 GMT
expires: Sun, 07 Jul 2024 21:40:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2512 624 B
246 B 48ms
47ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjAnbXcATAB&v=APEucNUeqPxmza7tHJB0wvvM6xZbublTjmca5BqR1qIjpZYw1EoaC1pQsiBzR-ckfVN4FaZaRn22iZ1xpHNGimgq-25Raawgr0FJWM2swI80du84VFock5cigWu1f-nJCYMuic_nydB1-mMKA89KZRhb5elz6HrCOOOj7oL7MMcT9bIuIK8QRLA

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 21:40:20 GMT
expires: Sat, 08 Jul 2023 21:40:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D8E2 78 KB
28 KB 104ms
74ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 21:40:20 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D8E2 42 B
110 B 74ms
44ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BiVaolVnFhQCRafq7ktc4yczvelQ6z88piPnxAmsPXutQrlOgUMNfjt3Opvr1A4xWRomWqBod8SxjcjOjkz0qfOPnBi4IRk0NcRi1osDLgFTVdnDI

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D8E2 0
349 B 73ms
43ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6850694920200862264&x=1&ct=76

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame D8E2 3 KB
1 KB 38ms
9ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:47:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6800
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 19:47:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame D8E2 20 KB
9 KB 38ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15670
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 17:19:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D8E2 179 KB
56 KB 313ms
312ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jul 2023 21:40:20 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/114/ Frame A561 51 KB
15 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/114/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184de53a881ec8e4e218974c548e2fc8e0da4b8ddaff2e7bdc6267c6e70a8636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 07:28:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15225
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 15:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 09 Jul 2023 07:28:32 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2512
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPdoVZStWxl0nMXT7syrVA&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPdoVZStWxl0nMXT7syrVA&google_cver=1&C=1

43 B
632 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPdoVZStWxl0nMXT7syrVA&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjAnbXcATAB&v=APEucNUeqPxmza7tHJB0wvvM6xZbublTjmca5BqR1qIjpZYw1EoaC1pQsiBzR-ckfVN4FaZaRn22iZ1xpHNGimgq-25Raawgr0FJWM2swI80du84VFock5cigWu1f-nJCYMuic_nydB1-mMKA89KZRhb5elz6HrCOOOj7oL7MMcT9bIuIK8QRLA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Jul 2023 21:40:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 08 Jul 2023 21:40:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESENPdoVZStWxl0nMXT7syrVA&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2512
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKnXxALnguqrG2jR9I8sSAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPdoVZStWxl0nMXT7syrVA&google_cver=1

43 B
632 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPdoVZStWxl0nMXT7syrVA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjAnbXcATAB&v=APEucNUeqPxmza7tHJB0wvvM6xZbublTjmca5BqR1qIjpZYw1EoaC1pQsiBzR-ckfVN4FaZaRn22iZ1xpHNGimgq-25Raawgr0FJWM2swI80du84VFock5cigWu1f-nJCYMuic_nydB1-mMKA89KZRhb5elz6HrCOOOj7oL7MMcT9bIuIK8QRLA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Jul 2023 21:40:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPdoVZStWxl0nMXT7syrVA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 2512
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAEvro15hI88PukjTIbR2zE&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAEvro15hI88PukjTIbR2zE%26google_cver%3D1

43 B
892 B

27ms
27ms

Image
image/gif

185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAEvro15hI88PukjTIbR2zE%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjAnbXcATAB&v=APEucNUeqPxmza7tHJB0wvvM6xZbublTjmca5BqR1qIjpZYw1EoaC1pQsiBzR-ckfVN4FaZaRn22iZ1xpHNGimgq-25Raawgr0FJWM2swI80du84VFock5cigWu1f-nJCYMuic_nydB1-mMKA89KZRhb5elz6HrCOOOj7oL7MMcT9bIuIK8QRLA

Protocol

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:20 GMT
an-x-request-uuid: 31b3141f-d53c-4fa7-81e7-36de73ab4122
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.58.58.245; 37.58.58.245; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:20 GMT
an-x-request-uuid: 46d0ae17-8d26-46e2-a356-2d457258e30d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAEvro15hI88PukjTIbR2zE%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 37.58.58.245; 37.58.58.245; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2512
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc5NzQzMDg3MDE3MzI4NTgzMQ%3D%3D

170 B
243 B

17ms
16ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc5NzQzMDg3MDE3MzI4NTgzMQ%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:20 GMT
an-x-request-uuid: 46a21670-3f83-4ffb-b91d-246ac0f96583
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc5NzQzMDg3MDE3MzI4NTgzMQ%3D%3D
x-proxy-origin: 37.58.58.245; 37.58.58.245; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D8E2 0
56 B 43ms
42ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6245877562124&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D8E2 0
56 B 43ms
42ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6245877562124&version=m202301230201&ct=76&x=1&cor=6850694920200863000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D8E2 94 KB
38 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DEe6Y6QDNI4xO2JrH_5OYLcZ7oJvAeFfNSfBh81ht2cIaDi2HQFU7rT82QJ5F5iyX-s8Qyn_tmBmQfeol6RTxMMUWBuGuPR5C-62doN7LAqsD95K0&cry=1&dbm_d=AKAmf-CLQ89Cwz2_R-47891D51wLDM_D7JD02m3J3jCBcf9ZC8n8vCnmD35kzX8rVG4NcgbEPnJ7NM7c7lovV5QB0fWxxk_DwK1FjpQWy4WNnKZWQRNHh728BWIB0NAn-V3EilaiZWd5bd8GMSJMDMH8eMHZgluHVsE9fgMcpDqUsmtiThNLXXVVBPRWBbRioGGsJwWSaKM9fwZGfuUPlp8r0gG6oIbXgOOC-WSLDuNbj_QwxvjkbSxaJ2oyvwgFXF5RntE_kvFC4IO1agSDocmbetVd7YxxOaZApA14x5QNekSUQwCr7pgsyYLLgT_HnSuAkGcTt84cBha02RscQybSOyTOEVIub0jVOAqHfDLC9ybzOf048iTz-zITdT4pLoQFrtYXaqI8L1e9-1h3bc4nLVHOKc9sXjaGWTf8UWcnAJrC0bMp_GsfBfLJh_2G3QJ_uJif6TA7pTNbCCAKHGjtX9luYB2_gsC0gqI75SFLSh_MN6kTc2WlUr5sLjebRjHNH7d1ZWdY9i3u4r3Z22Bufg3n1kkn2M8vc58f070JQwcaI48zDBItZCldiuR0Gn3gH8Zqax9CpxM6-lSMQToAJUquzuFyqrtjqX02cXaNXzKq7R2nJmjxZYS4KcHoscuh1Bs_qQ9cpXXxlHm7nO6oj5eWNHBDYvYQZU49f9cPUjoXujGz0KoZZS49sjOCc1ICHVwuTKmEuzj-96aQ_82pPxY6ewVFXTiAvEj9JObRBXzRHMLV-mJDL8t8iOqnT1XZuXTzOkaHgiursaT97qU0i2bFhSE_Gjo8d5_YVtdmIiS47AnlbeLyMI5OZiYsRY9OWdGY1ronpqPt1wfkqq58mRi4ghwPPdf7rDqV3hMeInrAk9T2Fl0YSCr2d0BOjN1JEBz5Y9d7DIqQxstrwisbn87s5fz9CA1NRaqLo6w8tCLwcfblflGmF2DSNrCSDu7rsdKF0PyKVcZGKrJ-6CCWCZPKGpZf7bDc-jR_dXEEyTEBr406kSBneCfN6XCuvgLISbsMKi4Wij9nIHx3aL0g9wDxukUS_2vEMHuAmgMkUea4vrYtEVZ4GZ7t3WQryShA4rfOxa4r1nwga3gj-uvR3PNIB6nDTuC4USQwUZlAJMovXNallK1u4NcVNTX1knsN7ys6Mr8IOf41h2vCGaXznW9Q8Zv35dLqiy6UX2xxfjJ2mTwwYfAdlAh5Y0VOeATsoVziBws-fUG-APQkquYygZRYyNNsuTGYGlwLHa_lfciPGSFce02w17EeYtANh7d4YT0qP6m_Nc5n1awnzXDbi4CVsGYGZiK4dAMzuQMFLiUPuqm2YhqzIp-MxWsECFVubXezM-8QnwABmdZOffzZGwIODDZ49Y7io_dLDXU0PTKFkqVh4UMvZQhjejbeJJpBnuUx1RLIcl9myzT8381esJPN6fgGxW__T2qr2YvfUObuSQaWPi-5G4VhaTzn7jQ56qvOqsbSR267OmYxQHonkekeLTsUBFPQU9JgXJuqUDJFUQQo9_tm1NH8Lx6DNOwhp88ZPhSE5hxBAvy-nqJw9MBMQ9drnYnQyjw8VjiJ2gaOsz39l3ZHvVUUpwHaAR046sX7t3ASW2xDu_TNcYZi-v6MW75mqZ1dyM_eW24Evl3Zw3DwZkmcX613qMAg1gXr1qe3eWeXm8ud1L1_qRBhiYmP5eYmHSMcsdPS2zZTeP6xTN0UUf8HU0QFMOSudu3KiGds8cC-FLmwQVWSySeaKjsGzz3_qvsSzkFdFNkxksYR0Qk5ohsXSXXPhLxcEQkzKDn5yPSR3pqGTZI1N5HWcakugAsdl3mgH-UJ3rWohmAlgJLtrvUltlTfKJekwwW2PSeEGx-oBaFos002cNaiUp2fs7wP7XwSg_xARxjZQVZIMYHR2j9eYyW7kNT-RrNWo-BJUg4XBw8PO3jExp9sOZGS8iPXxBtOxVm31uvWi8E66oloNOcrB9TKQ4iK0DI8Y5hOMY1g9QW2iFa6u-OlL7Ut7JbmDejAFrxaVc6f9JLbokBcu_2rAiunTDJD1rHg6mzejXTtpQi2Qp46vKdTkFX4p00pM6t4aQ7zA3rzSXZWn3ep3CJXN8ETecmz4EyO2VA8GFofcdnTF_ywNAZ3_b9XPNleUcieJXWfPXNafEjyiNcZl4o-6ojk6-Ug5pEyroWDm8y9UxWv-uG7tW1Co520ltN5ScUpuoOT9nCTU-NKR0xmhrks_cgh7wuredMSrA4x5XAJ3L9cW6sbhKII2DD1sVmArlQDQK7MvvVk1cRSMJbLkjUNCk6p7sj9DXygqi1W-12TKeQdMCQcqId1UN2OFh6oeJRsOJhQ9IAbbwHpVKfpXAxGNoI3ndQyBPg3yWtPzndQbDkQQDXYVoCw7oJ5AT3eYSPqTYMtiGdocQu_lIejcngqZDnwMSvSbXabqF0t0VIAEd0GIiwpg30wRq7f0maRQAzZJXRAxslYf1UyR8R3YcKKP1zm-B0eOTSi40Tf4kD4MNFmSB-xmlHk40nRxaqepE1Y9_h6-RvJ3d0FfBnFpnCwDevteqzy22OVdcVb6DU-ZR27h2Jj7wKbdeM8yJ1XLRrSt3ZHqV29WkyoHhH85nQVxQQ4bDVDe9Etrisw1Jb7fMs9wgk2XkmIw0t6iI8qpjiDeXMzPzpILCJlWucQF5XroAgiho_dczbannLBGYEW0NQIjYLInYVPOS1wTWsBTtGJGe8MN9EfK1FgwvALLwucc9pmb8X_jYNSCphmF64_aMLoX4-B0B6lDk9wOP_b1aA1Huc42FBaFQOGGmEkXaaC7ISRXOfRwIF2_EAZJV_oeKQpCbPRe7WkGSKgsFk2jBz4sGGvwYOY5OQDPZFsDu68tiDrDkXAqpV6U4cT8VHES2z3TM0QWI4kh23P9uz4D5C-J-zcKU7NErJC48yLZVO07KIwMmYTha1ozoSMm0DnEGd4pHebCSWIVkt2AQp569Vw68B5oQikS31x2mvzDpOISr7Hrc1Sd_sVkMEW2rN2vJ-cFitwn6bIW5dyjmS1QyMdu7WOwxuD2oECA-bFVse6o6XAyr1b9lEKz5qFUEnW0PAOP9TKzKmvZxEZSgALqCo3RGh6UYfsaAcNi0yR2I9kMEmSQwxhQANoW1RhiGxunB6trnQE6psAoZdvfsJpAZpd70Ilmdw4XEw3svKwUyFbMsOW1KB32lx8PxPCBxPDFhhJxCV-dvfJpFJrYahA_wwfXCnzIi6MaM8nCer49ra7m-6-o5eJtQj_mvueWSxJglqZo3-DL7naCLNqr42ILQCS2tbj_G2P7xDINjjXD_eWem63fURrNwYvTr9YaKF2SpDImVgKKp9GvBYTbmWMhONyVb-M9Mpz6EyL94ObmzqZJAvG9TOJB5YozojFOPk3QZ_qEnUqB5pKfDBwfoqdXsJ7nZw-Kx6vMNn7MVDY7ClFdJVFcnjHvguFc293mgvk5y04SdFSBhD5ZPtpwHjKINLv5ghAvyLkQvoxEQRvSnDbBh-wypJSA9LpUvX7xFuQ2jM6htFf-9hPKHI8bZv4wWxhPO9nt7q-bb1oPYij-7V37d8eog1DAgGQMc1tN-WEAhcOZyg-wQ_0yZXWy0H8NLVtZQ9l1ZzycqYQNwZjotU&cid=CAQSTABpAlJW15J4k50FpE0IhKHJoAHhG4uwt7tSRCylxiMHhdhwSc6TtnZFKNq00GuURkEV0NqNrk3KiZNjt8RTu8Dt_lKUO8eAaczgruAYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fstad.yalla-shoot.io%2F&ds=l&xdt=1&iif=1&cor=6850694920200863000&adk=1964084972&idt=109&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f87e7313f612bd5569ce113a77871e4192f98a3d7b01a929cd251485c886e8ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38770
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame D8E2 172 KB
61 KB 39ms
8ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
Origin: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:17:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40977
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Jul 2023 10:17:23 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/ Frame D8E2 11 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DEe6Y6QDNI4xO2JrH_5OYLcZ7oJvAeFfNSfBh81ht2cIaDi2HQFU7rT82QJ5F5iyX-s8Qyn_tmBmQfeol6RTxMMUWBuGuPR5C-62doN7LAqsD95K0&cry=1&dbm_d=AKAmf-CLQ89Cwz2_R-47891D51wLDM_D7JD02m3J3jCBcf9ZC8n8vCnmD35kzX8rVG4NcgbEPnJ7NM7c7lovV5QB0fWxxk_DwK1FjpQWy4WNnKZWQRNHh728BWIB0NAn-V3EilaiZWd5bd8GMSJMDMH8eMHZgluHVsE9fgMcpDqUsmtiThNLXXVVBPRWBbRioGGsJwWSaKM9fwZGfuUPlp8r0gG6oIbXgOOC-WSLDuNbj_QwxvjkbSxaJ2oyvwgFXF5RntE_kvFC4IO1agSDocmbetVd7YxxOaZApA14x5QNekSUQwCr7pgsyYLLgT_HnSuAkGcTt84cBha02RscQybSOyTOEVIub0jVOAqHfDLC9ybzOf048iTz-zITdT4pLoQFrtYXaqI8L1e9-1h3bc4nLVHOKc9sXjaGWTf8UWcnAJrC0bMp_GsfBfLJh_2G3QJ_uJif6TA7pTNbCCAKHGjtX9luYB2_gsC0gqI75SFLSh_MN6kTc2WlUr5sLjebRjHNH7d1ZWdY9i3u4r3Z22Bufg3n1kkn2M8vc58f070JQwcaI48zDBItZCldiuR0Gn3gH8Zqax9CpxM6-lSMQToAJUquzuFyqrtjqX02cXaNXzKq7R2nJmjxZYS4KcHoscuh1Bs_qQ9cpXXxlHm7nO6oj5eWNHBDYvYQZU49f9cPUjoXujGz0KoZZS49sjOCc1ICHVwuTKmEuzj-96aQ_82pPxY6ewVFXTiAvEj9JObRBXzRHMLV-mJDL8t8iOqnT1XZuXTzOkaHgiursaT97qU0i2bFhSE_Gjo8d5_YVtdmIiS47AnlbeLyMI5OZiYsRY9OWdGY1ronpqPt1wfkqq58mRi4ghwPPdf7rDqV3hMeInrAk9T2Fl0YSCr2d0BOjN1JEBz5Y9d7DIqQxstrwisbn87s5fz9CA1NRaqLo6w8tCLwcfblflGmF2DSNrCSDu7rsdKF0PyKVcZGKrJ-6CCWCZPKGpZf7bDc-jR_dXEEyTEBr406kSBneCfN6XCuvgLISbsMKi4Wij9nIHx3aL0g9wDxukUS_2vEMHuAmgMkUea4vrYtEVZ4GZ7t3WQryShA4rfOxa4r1nwga3gj-uvR3PNIB6nDTuC4USQwUZlAJMovXNallK1u4NcVNTX1knsN7ys6Mr8IOf41h2vCGaXznW9Q8Zv35dLqiy6UX2xxfjJ2mTwwYfAdlAh5Y0VOeATsoVziBws-fUG-APQkquYygZRYyNNsuTGYGlwLHa_lfciPGSFce02w17EeYtANh7d4YT0qP6m_Nc5n1awnzXDbi4CVsGYGZiK4dAMzuQMFLiUPuqm2YhqzIp-MxWsECFVubXezM-8QnwABmdZOffzZGwIODDZ49Y7io_dLDXU0PTKFkqVh4UMvZQhjejbeJJpBnuUx1RLIcl9myzT8381esJPN6fgGxW__T2qr2YvfUObuSQaWPi-5G4VhaTzn7jQ56qvOqsbSR267OmYxQHonkekeLTsUBFPQU9JgXJuqUDJFUQQo9_tm1NH8Lx6DNOwhp88ZPhSE5hxBAvy-nqJw9MBMQ9drnYnQyjw8VjiJ2gaOsz39l3ZHvVUUpwHaAR046sX7t3ASW2xDu_TNcYZi-v6MW75mqZ1dyM_eW24Evl3Zw3DwZkmcX613qMAg1gXr1qe3eWeXm8ud1L1_qRBhiYmP5eYmHSMcsdPS2zZTeP6xTN0UUf8HU0QFMOSudu3KiGds8cC-FLmwQVWSySeaKjsGzz3_qvsSzkFdFNkxksYR0Qk5ohsXSXXPhLxcEQkzKDn5yPSR3pqGTZI1N5HWcakugAsdl3mgH-UJ3rWohmAlgJLtrvUltlTfKJekwwW2PSeEGx-oBaFos002cNaiUp2fs7wP7XwSg_xARxjZQVZIMYHR2j9eYyW7kNT-RrNWo-BJUg4XBw8PO3jExp9sOZGS8iPXxBtOxVm31uvWi8E66oloNOcrB9TKQ4iK0DI8Y5hOMY1g9QW2iFa6u-OlL7Ut7JbmDejAFrxaVc6f9JLbokBcu_2rAiunTDJD1rHg6mzejXTtpQi2Qp46vKdTkFX4p00pM6t4aQ7zA3rzSXZWn3ep3CJXN8ETecmz4EyO2VA8GFofcdnTF_ywNAZ3_b9XPNleUcieJXWfPXNafEjyiNcZl4o-6ojk6-Ug5pEyroWDm8y9UxWv-uG7tW1Co520ltN5ScUpuoOT9nCTU-NKR0xmhrks_cgh7wuredMSrA4x5XAJ3L9cW6sbhKII2DD1sVmArlQDQK7MvvVk1cRSMJbLkjUNCk6p7sj9DXygqi1W-12TKeQdMCQcqId1UN2OFh6oeJRsOJhQ9IAbbwHpVKfpXAxGNoI3ndQyBPg3yWtPzndQbDkQQDXYVoCw7oJ5AT3eYSPqTYMtiGdocQu_lIejcngqZDnwMSvSbXabqF0t0VIAEd0GIiwpg30wRq7f0maRQAzZJXRAxslYf1UyR8R3YcKKP1zm-B0eOTSi40Tf4kD4MNFmSB-xmlHk40nRxaqepE1Y9_h6-RvJ3d0FfBnFpnCwDevteqzy22OVdcVb6DU-ZR27h2Jj7wKbdeM8yJ1XLRrSt3ZHqV29WkyoHhH85nQVxQQ4bDVDe9Etrisw1Jb7fMs9wgk2XkmIw0t6iI8qpjiDeXMzPzpILCJlWucQF5XroAgiho_dczbannLBGYEW0NQIjYLInYVPOS1wTWsBTtGJGe8MN9EfK1FgwvALLwucc9pmb8X_jYNSCphmF64_aMLoX4-B0B6lDk9wOP_b1aA1Huc42FBaFQOGGmEkXaaC7ISRXOfRwIF2_EAZJV_oeKQpCbPRe7WkGSKgsFk2jBz4sGGvwYOY5OQDPZFsDu68tiDrDkXAqpV6U4cT8VHES2z3TM0QWI4kh23P9uz4D5C-J-zcKU7NErJC48yLZVO07KIwMmYTha1ozoSMm0DnEGd4pHebCSWIVkt2AQp569Vw68B5oQikS31x2mvzDpOISr7Hrc1Sd_sVkMEW2rN2vJ-cFitwn6bIW5dyjmS1QyMdu7WOwxuD2oECA-bFVse6o6XAyr1b9lEKz5qFUEnW0PAOP9TKzKmvZxEZSgALqCo3RGh6UYfsaAcNi0yR2I9kMEmSQwxhQANoW1RhiGxunB6trnQE6psAoZdvfsJpAZpd70Ilmdw4XEw3svKwUyFbMsOW1KB32lx8PxPCBxPDFhhJxCV-dvfJpFJrYahA_wwfXCnzIi6MaM8nCer49ra7m-6-o5eJtQj_mvueWSxJglqZo3-DL7naCLNqr42ILQCS2tbj_G2P7xDINjjXD_eWem63fURrNwYvTr9YaKF2SpDImVgKKp9GvBYTbmWMhONyVb-M9Mpz6EyL94ObmzqZJAvG9TOJB5YozojFOPk3QZ_qEnUqB5pKfDBwfoqdXsJ7nZw-Kx6vMNn7MVDY7ClFdJVFcnjHvguFc293mgvk5y04SdFSBhD5ZPtpwHjKINLv5ghAvyLkQvoxEQRvSnDbBh-wypJSA9LpUvX7xFuQ2jM6htFf-9hPKHI8bZv4wWxhPO9nt7q-bb1oPYij-7V37d8eog1DAgGQMc1tN-WEAhcOZyg-wQ_0yZXWy0H8NLVtZQ9l1ZzycqYQNwZjotU&cid=CAQSTABpAlJW15J4k50FpE0IhKHJoAHhG4uwt7tSRCylxiMHhdhwSc6TtnZFKNq00GuURkEV0NqNrk3KiZNjt8RTu8Dt_lKUO8eAaczgruAYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fstad.yalla-shoot.io%2F&ds=l&xdt=1&iif=1&cor=6850694920200863000&adk=1964084972&idt=109&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 17:16:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/ Frame D8E2 30 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 17:16:44 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D8E2 41 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 13:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 373665
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jul 2024 13:52:35 GMT

GET
DATA 200
OK truncated
/ Frame D8E2 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb5abd96720559423fc2b5c13ab82bd4923039c1b8a5f8282a47d4a3061ba749

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A1C9 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 194850
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 15:32:50 GMT
expires: Fri, 05 Jul 2024 15:32:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame A1C9 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 19:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 267275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jul 2024 19:25:45 GMT

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/11065803848835661824/ Frame 3AD5 47 KB
12 KB 32ms
16ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=aDkUH7gdJa&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 21:40:20 GMT
expires: Sun, 07 Jul 2024 21:40:20 GMT
last-modified: Wed, 15 Feb 2023 15:30:17 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D8E2 0
0 82ms
53ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvbU9NzcP4TMmrtxBjtYZDr7HQDLLO42gONo68yjc1ouuuoSrfiutWnjas4soXBYnzXsuFqh4U8g6E7pjmijiIu6O4ErS6Snae8VRCCLWHNQdGs1K5W3s4cNEeaV-wlYXiu6FIRfCwwSbe3LqcKwtAGsF2nyC8LJKNPKp3CMJGJZTHCdc4QTAKhDRtmZJKjYbImoDxB2gHwOg1445IdbrrCbruLLUcYg2haGlcSB-Qt6kTJ94yheJuM7iRI28y1c0fOTsMCeXhjNmpHcr4Km2KWu_hXNSx_fKC3eqgmd_60BVfp66fPbisGrqbmStbqBsrLsZ9L_9OP6uHNHJShF5YOStpbQglElS2cB6fYIC3gkE8TkxfYo7MfpQGG40cuPsgmkMZGEX6I1_6iEaU1lMgAoOsLug8Jz7OAOYwWTmBfT_okNYusOxXx51udhAQNspCg9Hba35k6BSvHxzYuXwRG0hms3QFn3P9Olmyib-82Vhoj0cYWhZemtgU02mQwDx2M16Es22u99RG7pewsyDfSbaEtrFTZp_MD_ym3Xqp9HjF1WL-ewinGSt7U9jhqu3eiZw0kmZNyGBn5zE-P5mkowvh2FFFyBPo1Yg3030Lj4DbnbnhFitUbdWYDFI4o1L_Ru6zk9D9EYcKMoUs8El9V9FtMKharPXH2OoXpM6I8mmMJBEePvfKzKay1OtgmcVoRF2RyqJ5hCvmboGgvnGvx62KYr4l96ah04QhEVWEDbm7N_jeVgAnE3reZwijFpG_1Yrg0aiM-w8-CRa3jSZoKezN1As3gsf-BkZa29DqnIYO9p0ktTniQ4E1O6Eo-0iWscWfPGWd3-I4LmUQZlELPksdHI0NZ6i1dKcHk2bZ2sLqoyjLqxz2Y3Ibk_czNqBeBlE1JohjYgdBEJjI8NAAG-nC86IpukS33YstQXI-D_CbjL3ed2kdb7GaIiemnhnuZISOlg6h8hN3AEFtCNLDOUemXUkh5lseMDHRB8JvVDfUQHp1C5TWQ0YELhjBhEqp6fqcmjaBnx3jCCXknCVwz8sCJNIhYRK0WqcK31_3be5ZueozjTaCbGK0_imGLLwMq6ugIIfGB-_bRFXfSzzTqofxHaywNcYFIa2gZlzcu3apTRin2vEtFAv8D2WfgjLrNvS-lhmGIcnFbwnF_02yfg35HmWSLVC0SrQu9DXDGvMa2nkVTlYQrB-SAhfovDakpWaxBxNaouJEWIOQs89s7SCAijG2dskoHsYp2f70yxtub_m8xm9Qx-gZfkC-tM8JiyLZB5e2YfiY0m8FdA0o10bd_l6yduSEsjDUpeafckrtY8sG4Fsf-fOq9R2VEhMD6Rdhu9jbBkLw8li0nKzff&sai=AMfl-YThgEzHo-P3JvieoYxSREZ-Enh40xG6y5zwGxoFisRntfLfU2XS4Swr6Vl9QJWta2xLN1MffozUIBiTjwThVdcCp24dVvxpJUkE6DEfR-B-WVU45zK0YGvF0VG1Izs2EkktWd-FQgpS5GCKZGX5D44eKbZImMt9mvTIYg3QXZ68lC19RJlRYCtsT90cHAnywjplmxoNS1VV5IMSEWAw4gw7pOgWrOlTr6SOSWfxU7IKnctK4XXBQbNdWaZlxTQwV_ZIM0G88Z6Ll9JadaNcezJnY0bj8kXZhFNl3hJZl8spiOlOpHrFQTo8j68b6Q&sig=Cg0ArKJSzDc_KkVO4qtFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=83&cbvp=1&cstd=74&cisv=r20230705.08756&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 08 Jul 2023 21:40:21 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 08 Jul 2023 21:40:21 GMT

GET
H3 200 container.html Show response
fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2DD8 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 21:40:20 GMT
expires: Sun, 07 Jul 2024 21:40:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 3AD5 118 KB
40 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=aDkUH7gdJa&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=aDkUH7gdJa&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39840
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Jul 2023 10:36:20 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 3AD5 63 KB
25 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=aDkUH7gdJa&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=aDkUH7gdJa&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 21:40:20 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7A12 624 B
245 B 48ms
47ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhi8itnuATAB&v=APEucNUR5zo9X0hqQ7Cxugk_9lZpLUUdmZQpaqwMbLMRUzMkErBhl4BGJw6Scb6Z3B3gYrWlz5DXkaH4GPdAROV6PDI-muUozoZocn9SEpSJruTlI9UAD6mvHeGrUbPYMrWhxpUCrK1_IrUvoKuXGYTt0uWCkKltIjnkTcsj-OI_JS7nSk6a6Ak

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 21:40:21 GMT
expires: Sat, 08 Jul 2023 21:40:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2DD8 85 KB
29 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

372ee4f606f66d460727f0502b688f2049ce405679f274e8fb1ed175417479a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29790
x-xss-protection: 0
server: cafe
etag: 4661881725859498467
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 21:40:21 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2DD8 42 B
63 B 42ms
41ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BvEzQ1P1U6HgDGuG6Ul8rISS2YVXpK2XaVUZgK1HyktXJsNnHSN1-ujaNyNDZTYn6ELWuX7xWkP0t8VRiN2XxVh9bvxYIoDuMXkVjH85z9WVt6KTs

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2DD8 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14488125251276324466&x=1&ct=76

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 2DD8 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:47:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6801
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 19:47:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 2DD8 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 17:19:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2DD8 179 KB
56 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jul 2023 21:40:21 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7A12
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPdoVZStWxl0nMXT7syrVA&google_cver=1

43 B
632 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPdoVZStWxl0nMXT7syrVA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhi8itnuATAB&v=APEucNUR5zo9X0hqQ7Cxugk_9lZpLUUdmZQpaqwMbLMRUzMkErBhl4BGJw6Scb6Z3B3gYrWlz5DXkaH4GPdAROV6PDI-muUozoZocn9SEpSJruTlI9UAD6mvHeGrUbPYMrWhxpUCrK1_IrUvoKuXGYTt0uWCkKltIjnkTcsj-OI_JS7nSk6a6Ak
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Jul 2023 21:40:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPdoVZStWxl0nMXT7syrVA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7A12
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKnXxALnguqrG2jR9I8sSAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPdoVZStWxl0nMXT7syrVA&google_cver=1

43 B
632 B

10ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPdoVZStWxl0nMXT7syrVA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhi8itnuATAB&v=APEucNUR5zo9X0hqQ7Cxugk_9lZpLUUdmZQpaqwMbLMRUzMkErBhl4BGJw6Scb6Z3B3gYrWlz5DXkaH4GPdAROV6PDI-muUozoZocn9SEpSJruTlI9UAD6mvHeGrUbPYMrWhxpUCrK1_IrUvoKuXGYTt0uWCkKltIjnkTcsj-OI_JS7nSk6a6Ak
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Jul 2023 21:40:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENPdoVZStWxl0nMXT7syrVA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 7A12
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAEvro15hI88PukjTIbR2zE&google_cver=1

43 B
839 B

25ms
24ms

Image
image/gif

185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAEvro15hI88PukjTIbR2zE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhi8itnuATAB&v=APEucNUR5zo9X0hqQ7Cxugk_9lZpLUUdmZQpaqwMbLMRUzMkErBhl4BGJw6Scb6Z3B3gYrWlz5DXkaH4GPdAROV6PDI-muUozoZocn9SEpSJruTlI9UAD6mvHeGrUbPYMrWhxpUCrK1_IrUvoKuXGYTt0uWCkKltIjnkTcsj-OI_JS7nSk6a6Ak

Protocol

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:21 GMT
an-x-request-uuid: a5107ad4-47f9-4dd0-986a-0f5e605135e8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.58.58.245; 37.58.58.245; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAEvro15hI88PukjTIbR2zE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A12
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc5NzQzMDg3MDE3MzI4NTgzMQ%3D%3D

170 B
188 B

17ms
17ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc5NzQzMDg3MDE3MzI4NTgzMQ%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:21 GMT
an-x-request-uuid: 4a25b5f9-51ac-4d56-8b8c-6ef0944eb1bd
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc5NzQzMDg3MDE3MzI4NTgzMQ%3D%3D
x-proxy-origin: 37.58.58.245; 37.58.58.245; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D8E2 0
0 45ms
44ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvbU9NzcP4TMmrtxBjtYZDr7HQDLLO42gONo68yjc1ouuuoSrfiutWnjas4soXBYnzXsuFqh4U8g6E7pjmijiIu6O4ErS6Snae8VRCCLWHNQdGs1K5W3s4cNEeaV-wlYXiu6FIRfCwwSbe3LqcKwtAGsF2nyC8LJKNPKp3CMJGJZTHCdc4QTAKhDRtmZJKjYbImoDxB2gHwOg1445IdbrrCbruLLUcYg2haGlcSB-Qt6kTJ94yheJuM7iRI28y1c0fOTsMCeXhjNmpHcr4Km2KWu_hXNSx_fKC3eqgmd_60BVfp66fPbisGrqbmStbqBsrLsZ9L_9OP6uHNHJShF5YOStpbQglElS2cB6fYIC3gkE8TkxfYo7MfpQGG40cuPsgmkMZGEX6I1_6iEaU1lMgAoOsLug8Jz7OAOYwWTmBfT_okNYusOxXx51udhAQNspCg9Hba35k6BSvHxzYuXwRG0hms3QFn3P9Olmyib-82Vhoj0cYWhZemtgU02mQwDx2M16Es22u99RG7pewsyDfSbaEtrFTZp_MD_ym3Xqp9HjF1WL-ewinGSt7U9jhqu3eiZw0kmZNyGBn5zE-P5mkowvh2FFFyBPo1Yg3030Lj4DbnbnhFitUbdWYDFI4o1L_Ru6zk9D9EYcKMoUs8El9V9FtMKharPXH2OoXpM6I8mmMJBEePvfKzKay1OtgmcVoRF2RyqJ5hCvmboGgvnGvx62KYr4l96ah04QhEVWEDbm7N_jeVgAnE3reZwijFpG_1Yrg0aiM-w8-CRa3jSZoKezN1As3gsf-BkZa29DqnIYO9p0ktTniQ4E1O6Eo-0iWscWfPGWd3-I4LmUQZlELPksdHI0NZ6i1dKcHk2bZ2sLqoyjLqxz2Y3Ibk_czNqBeBlE1JohjYgdBEJjI8NAAG-nC86IpukS33YstQXI-D_CbjL3ed2kdb7GaIiemnhnuZISOlg6h8hN3AEFtCNLDOUemXUkh5lseMDHRB8JvVDfUQHp1C5TWQ0YELhjBhEqp6fqcmjaBnx3jCCXknCVwz8sCJNIhYRK0WqcK31_3be5ZueozjTaCbGK0_imGLLwMq6ugIIfGB-_bRFXfSzzTqofxHaywNcYFIa2gZlzcu3apTRin2vEtFAv8D2WfgjLrNvS-lhmGIcnFbwnF_02yfg35HmWSLVC0SrQu9DXDGvMa2nkVTlYQrB-SAhfovDakpWaxBxNaouJEWIOQs89s7SCAijG2dskoHsYp2f70yxtub_m8xm9Qx-gZfkC-tM8JiyLZB5e2YfiY0m8FdA0o10bd_l6yduSEsjDUpeafckrtY8sG4Fsf-fOq9R2VEhMD6Rdhu9jbBkLw8li0nKzff&sai=AMfl-YThgEzHo-P3JvieoYxSREZ-Enh40xG6y5zwGxoFisRntfLfU2XS4Swr6Vl9QJWta2xLN1MffozUIBiTjwThVdcCp24dVvxpJUkE6DEfR-B-WVU45zK0YGvF0VG1Izs2EkktWd-FQgpS5GCKZGX5D44eKbZImMt9mvTIYg3QXZ68lC19RJlRYCtsT90cHAnywjplmxoNS1VV5IMSEWAw4gw7pOgWrOlTr6SOSWfxU7IKnctK4XXBQbNdWaZlxTQwV_ZIM0G88Z6Ll9JadaNcezJnY0bj8kXZhFNl3hJZl8spiOlOpHrFQTo8j68b6Q&sig=Cg0ArKJSzDc_KkVO4qtFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=199&vt=11&dtpt=116&dett=3&cstd=74&cisv=r20230705.08756&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 08 Jul 2023 21:40:21 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2DD8 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=275110342688&version=m202306200101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2DD8 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=275110342688&version=m202306200101&ct=76&x=1&cor=14488125251276325000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2DD8 90 KB
37 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AVEbJxhGPsyo-5tZ1FvdPGZbuKbTi_3sI3ukqO7Cx-VIGM1tPwU1lsHOtZeeEF-BFSH4rqqh1ee83EhBO3jnJYqwu46g&cry=1&dbm_d=AKAmf-CLoz2rHhMbDoJkg4ycvAp78In359rojUxfEWuXECHsZwceWuzyoQJc13YTQEEVxSuDlPMMOqP0DQ5Wkdcb64k3_kq-qvzK4W85EwDXY4ektppSHx-7Ao94mJcSq_pxd9sF8TyWYPZXhyLXLrI5u7InS9P9ANOlFZnGqrLE-yGpvxIhcLBwQXA1hlVeG43cGF3rDDwmg2Ol2KyQ3FlV3aSpVQMrgIo1cG1z50x_UWH6JlOIX79mqCuXFKHwdYS8VQoRrXgbQX1jogYzO0LJui7Kmmum0lSXhz37p_thNmq6lgM7gOw6ytz6G_0z1RS2830xMqiIe4Z1GN0dJyjUzplve4juCrDKYOun0i1zGgQ5MEAX3wwuJ2nDTkYWGQF1EtZeedW_3HA5DJLZ88l5rh2OqToJPyT5mUEOV5GKDSHVXLS4q7E77FOvC1DePROwZB8erz9gg7MvPu5pmbOA4x0A2tmJsIqIOOROSRlsKTfZBStBLVG6hSPO_XZXyM5HFy9Vcp4IFCX2km-7pRa_n-KHXEMRNPKv2p9gbwshFrolw68lIjBBU_yGYZfc5YKznZ36-8l4Z-qDcPuH-5kyThaXDhMTZK8OWmxsfbCqMCayMbLecCJNDgj_Ijww0C2JtRq7aXzOKKRAKIuGCKUVDrkVxuX8Mw4LmBNqabVGa9TDC4EIvnVmjiVmap_t0-l_QudmUu46tEsmR3ZmW1MNUxOfga17GX8QN-JeP79G8fC4kUZuW2IwOQvyRgVbcuSyNEBKLREywgsC0PH4gMQOQVqFbRduq-c80J_NCsJ3SsHJjg3LaEoOK2DV_IORmqRRMiTMkIGjmNkhsvWcWmziHOXIbUG8Vdzd43nn1rl0e1HCGhGe6-CAztWBDrg8B_XpOvX0BkVrR1Y9OSY9T1Adc3bpgQAhXlQnfYqebbgXQOZtsvcQafAGKJoTTD7gAq84XaAFcSvhFyxg4WyOBVoR3MSw94a6blZyHsHpMKteLo4txqmoCFMozERB8yHLzM35JiqYLYJmQ1RW3gaEWhkOk4Iiqkk7xlGXOZRfDivdoEA6vN0Hg-t4yNN_aeelMS632lW6UposvrrG8a9sPzBX5Bni_GssQYuRiTFe7wQA4CHR_XSZzBipRahPr9FwanXg5OfyYX80c0pYqnX96_euLSIMTyHec8Jmsu-eAWYb5rFfqlx5SPVj541cw1tcaRHS1pVTWFiIug0oZpbFDZp6Em8ytYZuKTzrrOe3tUc7Gyhvhthh77QotYFT5zBSSfIZnR8EabrPs3UwppJsXVwSefIn1urL-CsQwAL1ZmnfdrQZCtWI2c8P_398ikNn0ZYD2w9ggXmXq9rT086ejSKPRHkIT5pcTVq8botjlfkoUbuxcSXdD4DnWP44kvfnCyBeR-t_GiXgD39nfi-goRsAsPnzvbyR47bzA8zXrAz27bOkcP-oquHxL-Af1vKAnRdVhHpGt5Sepyg6YQ9KGkOLQ344zo6-LtgJRRIt8PCHXAi8TVPmQRaPb4DLVmUB7qdaPvtgWlpn4KwQG7fFWt1R1fZ8CIEgXbBWI5RD06TdolNxW_LB7MF4qrOCbJeoAf1WUv3RxfQbIWdJPUQAFtXvDM9uKEd-s7vpcwBFPkDa2RIX4-VPqgd0eTMcwz_AEGBhw4WH-a3B7UjiCs9yrTCN6nQI7dkUBAs4OeE1jxCipDVhhPEjbDAm6E6nPB3AFcOnh8JnTkjnOATKH-MADPUc3vhnc5dsZoXwN7BpZBDMi4-7YL5MeCD6-IwCRbjeFoRcbSfDfp-S5uHfyBT7zp1ZCRpFVRVCs5qN9p858WUgWfIXI9LKmL63gjWfbK5x3FfINf8qz3iFyFlq90jAerB2aB94Ad0FuiblINRg6dImonVUoenqLRjbqcYkDUAKG6UwLBWnifkvyK8STuuFfCYzIqDcAVy29Npm5CQRCdt5odBg3VtDuKH6VUG3iKd6hd1u5otEnTRD6eL8J6E1B5PozDXbN1o_H8hGO9HvD26gj3mMLE5YrNcyTfKJyvY9V9pRP5KqTBtuDjs2sAw5AEr2CUuskfXeS4GmKl0BWqD_WvKRXz5KSMF0I7FiC4GQco-YMf7pDvHlfQP_uM7BFw9oLJ0CAWExtA4349o4pYdvTMmArjxUSWQWH6ApvZ9-CyITS1ubvoyS5MBXfLz1wWJFuvnJO9CPBlO7cSZCMupYNg3dDuITnwupEsd1nt-qf37y19hbvoHM-p4v1jafl77W5nWdBtWZilBFeOb3e4P-5TVNzGpHsyVI40VEMfuRP6WuICoUBfFrlBxLC0oXNqC3SRfGJjwCg1P49ct9f4YupLSbtVA8gFJeH4Uic-ewZV5kV5bANoWENo-n4A7Ptst5jMDWqtY8QJVdqbwcaT06qv9DXpaJz1F7ndssxe1cHwvfAv8txcWYxvyAzD8gvoP_Oag91LrNCgB02llY34cY-9Y-vPO4RksmkUEWOizEStb1mddcIHOYE6q1IkUNM1GL4rP93eedydJ0RbZROGtwdMdVOuN4diHq0PI-02mwFAWQrm2pWf3N9pY-Q-UJIdRIf--JZNNI0wQE73mPdSCJ2H7uIfhpo4sdRFaJ3bE8d-rcHTLZJH1GpHlQX0I2lcqIDRGma9fesjLjRR_MZPH4SFGiVFLXBZ4EIP1nvNblEt4MclBhPf73AhJNR0sKqCvdg-7fTDTaKcDYmKwVE4ctxsxMF2xTZiwr4nkDUme_GWOciP5b7juPSNqXuYd8tG9J2hK8N-rfKKPxxU9EyXoxI0wPxf3EWPJw5uh0kf9_fNxqyzGIng5bbc_O2s7t_aWV6y-Zj2mjvLK2Zpr-918-9ZXaOXrOTrGxnk6TxewNLeykALfSl6DJYkZsxSIqd3KEql3Tyofgxx05gW53l2YHMUpOwV4bd3vcrsXSjvnq78_26w07U1LvgI-qgWu4SfZ8RgoOm47PGw_O7ef-9LGaFa5kPMNaYNBv37MQ8Rfj0mJ97fROkBBDaP1n8zu5lzHWltthavGzzTY2L570fe77FYbR2Bm7ywqEGGvLVmmwg8feysqpmG4MuMMQqG9RXpeABc11yLWlda6kpreLtab4XP-eiHfEd2pRqSJ3XNL1fjxeTCePAKPXbYgXhrE-37Mxbe3Tn58TYOQv2j4D9tEDW9tFlwroUHIXb3HcHRcKq_O2Eh4pnj_j9tRlplG_gZ5QUj7Q8M2wL9D4AOnP8zDSOA51Ftysv8A4bdtLUa2L_g6VmKywXuto1njFTG43xyF9ImUee7O7YaiwEbnUTzQf8RzDC4rFJ_4A5z_3ErC7zgKj8IUDbzADVk-J0btrXNMOl_EUkVYuzE5ZRMwIxHDr5vbsNuFo1Cc_42MSkHpxpEK1KKhUaGLYpaqheuctvPBD7n4b8DJGv8MwfxjxtwRdCIhy0ParqFefXcJAzexF558HB7yZiys-XpiLo4oT48vHkADwb1RTbzwEnZgExRQqNuZ_RbkIAKuu0Jtoiu7k4IoXb3rOQ6puNjE91mKr3ap5SasSA9U2iTWmmZRWYtjt_8dCMTm8dHo_XfZejQQlH56-febogGJ2g3nSxftPo_r-gWWTi6Mvf_W3nRdGZUCB57EptwVD8vV67EOJVixyvXN_ABZSJDXglQv6aLOj1H82cNYvaQUFVutab38-RUQ-WJ9pH4NjdiYHvSYuCXYrX1ZXonQ_3dLACTtlPaZlIB3Ig3ti7WgGWg&cid=CAQSTABygQiDsvdNJnTPCVo47plb5F9JdFpIt-3Nmhrj-_6aoV7Ba9sdrm7P75KGcus0tRr8ftFK7AbCNrA1zlRv5nxH6k-xi_BoKsv48M0YAQ&dc_eid=31075530&dv3_ver=m202306200101&rfl=https%3A%2F%2Fstad.yalla-shoot.io%2F&ds=l&xdt=1&iif=1&cor=14488125251276325000&adk=2228999115&idt=57&cac=0&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07e929641ee00143b8d8f36d83e45157dbb0d5c501fb5c4965fab4d6f7128786

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37863
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 3AD5 47 KB
47 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=aDkUH7gdJa&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:34:55 GMT
x-content-type-options: nosniff
age: 326
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 21:49:55 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 3AD5 46 KB
46 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=aDkUH7gdJa&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:26:27 GMT
x-content-type-options: nosniff
age: 834
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 21:41:27 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3AD5 7 KB
6 KB 67ms
51ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36cc3b6d1cc1ce849ab422601b24645d5c96623f040c57fce73a3ae97a83e7f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5659
x-xss-protection: 0

GET
H3 200 60005582_20230704081939926_APP_iPhon14Pro_Asset.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 3AD5 29 KB
29 KB 13ms
12ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230704081939926_APP_iPhon14Pro_Asset.png

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dafa5a247facfc545e94a09ea12da423909aefca05557ec1a73e6d296fc540aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=aDkUH7gdJa&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 15:58:13 GMT
x-content-type-options: nosniff
age: 20528
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29704
x-xss-protection: 0
last-modified: Tue, 04 Jul 2023 15:19:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Jul 2023 15:58:13 GMT

GET
H3 200 60005582_20230704052205808_300x250_GRAD.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 3AD5 17 KB
17 KB 17ms
16ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230704052205808_300x250_GRAD.png

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee68049857997e40385cc9a493f2e8d598c4682b8eefe7790992aab06be465cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=aDkUH7gdJa&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 12:22:21 GMT
x-content-type-options: nosniff
age: 33480
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17240
x-xss-protection: 0
last-modified: Tue, 04 Jul 2023 12:22:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Jul 2023 12:22:21 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 3AD5 43 B
608 B 104ms
23ms Image
image/gif 141.101.90.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=29118705_4307561_354695822_145340772_PO1101A20230705&ref=29118705_4307561_354695822_145340772_PO1101A20230705
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sat, 08 Jul 2023 21:40:21 GMT
via: 1.1 varnish-live-2-0
CF-Cache-Status: HIT
age: 7516855
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Wed, 22 Mar 2023 08:05:14 GMT
Server: cloudflare
etag: "2b-5f7789eafa280"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 20915251
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7e3b7c307aa73a52-FRA
Expires: Sun, 07 Jul 2024 21:40:21 GMT

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 3AD5 26 KB
26 KB 14ms
14ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=aDkUH7gdJa&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:02 GMT
x-content-type-options: nosniff
age: 19
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 21:55:02 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A1C9 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHq-HxNepZKO3MZSU1PIPw5OKoAUAAAAAOAHgBAI&bg=!NDelN2PNAAb90kgr3dI7ADkAdvg8WlJPYSdLld21wzrcshR81d_35qOe0S5bIyLKcJfEkV6mNk-dXmj4Sv-XLYcFhFXopDDMCoQCAAAAu1IAAAAFaAEHmQLwYkQDSeiEnzhRWBrI5xrXF3CFfEch_kHDRZKwZoObmhSrUJMga6LLNsuvjujYdmtsBQM_jWPZa_ubrksD4B13spKc3JXtgmH2JAsJwjEWacMPKGOs-OdhqCKQPlfcBOQF_5lsCjP2eQ2nDavbZGGr_1KzaAed14Z92s7ayeOr5LGbrvIsH0Bc1m-RwNd6UNXei32kFQy1Z5jtqtyk4ZdGR_uRDOy_mrhn1aiWljngnRguwz-1YPYUt8zadHbSNht94eB9nNRjemj-3--9jVRf7phVMVeYIwQWtQ4ah8cIb7QCi3h_tRXqSf_SzXeyfyJjX3ZRyL5eSZCbqPcIwbCK_8eS3spp7R3k2OnfISxVaC3UiSmRb5wdCkZXhVXP4JGfdo5P6VvintJinonuugNJL2cS0zIChRUuK-dcJgH34Gzj0X_l2CPYYBX7U6Lj9xfQl9nIKVGUFNMVLcZ-qEAzCctuefXGO5k7RJUwv7EHMyp7LtkFzxXmRAVn9UxOs2eaiOuUig1_oZUoRKdCrr7KBfs2jmHNKYzAdX4_EDfArsDTxB3oAgfNjpTm001Nw_ELgIyqTKR0PH-55HCa79rnhWtPhZJSfXTDZpt6_GmtmVaNQhw2BvRs6yBPa14-_-8npn2hp3a3vh76ULxsH8IdYQt0ODQmJnROrg613XJM26Jey1aG4z3etCRvMdLsS_fZ5K4Zc9mya6gDxGxoLo1YpFNzXkArQCIxYdPdMTH_2P8zey3MmUtMPjDRHpEQopv0G_DJK1vKUN97mAvq1h6BKPCdfq0orzII1k4meGRfsW847Z3OY-ijXv7SibflY01lga_cnIwAGws3Wh-LPnyE_-jbVcIyGt6umZFs8NSemLRJQnL91_ce8px5Mq_4uZbM53inQjX3FxWAX4GnuibCJTC566kVD7hs3zhxWO-LoMkv-feELlOAYdLhUOz6E5o2NJI-I4saWBtOZr2gjzC0idJXL1yM4aVvKUYhZaU0k4I

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 2DD8 111 KB
39 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
Origin: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40996
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Jul 2023 10:17:05 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/ Frame 2DD8 11 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AVEbJxhGPsyo-5tZ1FvdPGZbuKbTi_3sI3ukqO7Cx-VIGM1tPwU1lsHOtZeeEF-BFSH4rqqh1ee83EhBO3jnJYqwu46g&cry=1&dbm_d=AKAmf-CLoz2rHhMbDoJkg4ycvAp78In359rojUxfEWuXECHsZwceWuzyoQJc13YTQEEVxSuDlPMMOqP0DQ5Wkdcb64k3_kq-qvzK4W85EwDXY4ektppSHx-7Ao94mJcSq_pxd9sF8TyWYPZXhyLXLrI5u7InS9P9ANOlFZnGqrLE-yGpvxIhcLBwQXA1hlVeG43cGF3rDDwmg2Ol2KyQ3FlV3aSpVQMrgIo1cG1z50x_UWH6JlOIX79mqCuXFKHwdYS8VQoRrXgbQX1jogYzO0LJui7Kmmum0lSXhz37p_thNmq6lgM7gOw6ytz6G_0z1RS2830xMqiIe4Z1GN0dJyjUzplve4juCrDKYOun0i1zGgQ5MEAX3wwuJ2nDTkYWGQF1EtZeedW_3HA5DJLZ88l5rh2OqToJPyT5mUEOV5GKDSHVXLS4q7E77FOvC1DePROwZB8erz9gg7MvPu5pmbOA4x0A2tmJsIqIOOROSRlsKTfZBStBLVG6hSPO_XZXyM5HFy9Vcp4IFCX2km-7pRa_n-KHXEMRNPKv2p9gbwshFrolw68lIjBBU_yGYZfc5YKznZ36-8l4Z-qDcPuH-5kyThaXDhMTZK8OWmxsfbCqMCayMbLecCJNDgj_Ijww0C2JtRq7aXzOKKRAKIuGCKUVDrkVxuX8Mw4LmBNqabVGa9TDC4EIvnVmjiVmap_t0-l_QudmUu46tEsmR3ZmW1MNUxOfga17GX8QN-JeP79G8fC4kUZuW2IwOQvyRgVbcuSyNEBKLREywgsC0PH4gMQOQVqFbRduq-c80J_NCsJ3SsHJjg3LaEoOK2DV_IORmqRRMiTMkIGjmNkhsvWcWmziHOXIbUG8Vdzd43nn1rl0e1HCGhGe6-CAztWBDrg8B_XpOvX0BkVrR1Y9OSY9T1Adc3bpgQAhXlQnfYqebbgXQOZtsvcQafAGKJoTTD7gAq84XaAFcSvhFyxg4WyOBVoR3MSw94a6blZyHsHpMKteLo4txqmoCFMozERB8yHLzM35JiqYLYJmQ1RW3gaEWhkOk4Iiqkk7xlGXOZRfDivdoEA6vN0Hg-t4yNN_aeelMS632lW6UposvrrG8a9sPzBX5Bni_GssQYuRiTFe7wQA4CHR_XSZzBipRahPr9FwanXg5OfyYX80c0pYqnX96_euLSIMTyHec8Jmsu-eAWYb5rFfqlx5SPVj541cw1tcaRHS1pVTWFiIug0oZpbFDZp6Em8ytYZuKTzrrOe3tUc7Gyhvhthh77QotYFT5zBSSfIZnR8EabrPs3UwppJsXVwSefIn1urL-CsQwAL1ZmnfdrQZCtWI2c8P_398ikNn0ZYD2w9ggXmXq9rT086ejSKPRHkIT5pcTVq8botjlfkoUbuxcSXdD4DnWP44kvfnCyBeR-t_GiXgD39nfi-goRsAsPnzvbyR47bzA8zXrAz27bOkcP-oquHxL-Af1vKAnRdVhHpGt5Sepyg6YQ9KGkOLQ344zo6-LtgJRRIt8PCHXAi8TVPmQRaPb4DLVmUB7qdaPvtgWlpn4KwQG7fFWt1R1fZ8CIEgXbBWI5RD06TdolNxW_LB7MF4qrOCbJeoAf1WUv3RxfQbIWdJPUQAFtXvDM9uKEd-s7vpcwBFPkDa2RIX4-VPqgd0eTMcwz_AEGBhw4WH-a3B7UjiCs9yrTCN6nQI7dkUBAs4OeE1jxCipDVhhPEjbDAm6E6nPB3AFcOnh8JnTkjnOATKH-MADPUc3vhnc5dsZoXwN7BpZBDMi4-7YL5MeCD6-IwCRbjeFoRcbSfDfp-S5uHfyBT7zp1ZCRpFVRVCs5qN9p858WUgWfIXI9LKmL63gjWfbK5x3FfINf8qz3iFyFlq90jAerB2aB94Ad0FuiblINRg6dImonVUoenqLRjbqcYkDUAKG6UwLBWnifkvyK8STuuFfCYzIqDcAVy29Npm5CQRCdt5odBg3VtDuKH6VUG3iKd6hd1u5otEnTRD6eL8J6E1B5PozDXbN1o_H8hGO9HvD26gj3mMLE5YrNcyTfKJyvY9V9pRP5KqTBtuDjs2sAw5AEr2CUuskfXeS4GmKl0BWqD_WvKRXz5KSMF0I7FiC4GQco-YMf7pDvHlfQP_uM7BFw9oLJ0CAWExtA4349o4pYdvTMmArjxUSWQWH6ApvZ9-CyITS1ubvoyS5MBXfLz1wWJFuvnJO9CPBlO7cSZCMupYNg3dDuITnwupEsd1nt-qf37y19hbvoHM-p4v1jafl77W5nWdBtWZilBFeOb3e4P-5TVNzGpHsyVI40VEMfuRP6WuICoUBfFrlBxLC0oXNqC3SRfGJjwCg1P49ct9f4YupLSbtVA8gFJeH4Uic-ewZV5kV5bANoWENo-n4A7Ptst5jMDWqtY8QJVdqbwcaT06qv9DXpaJz1F7ndssxe1cHwvfAv8txcWYxvyAzD8gvoP_Oag91LrNCgB02llY34cY-9Y-vPO4RksmkUEWOizEStb1mddcIHOYE6q1IkUNM1GL4rP93eedydJ0RbZROGtwdMdVOuN4diHq0PI-02mwFAWQrm2pWf3N9pY-Q-UJIdRIf--JZNNI0wQE73mPdSCJ2H7uIfhpo4sdRFaJ3bE8d-rcHTLZJH1GpHlQX0I2lcqIDRGma9fesjLjRR_MZPH4SFGiVFLXBZ4EIP1nvNblEt4MclBhPf73AhJNR0sKqCvdg-7fTDTaKcDYmKwVE4ctxsxMF2xTZiwr4nkDUme_GWOciP5b7juPSNqXuYd8tG9J2hK8N-rfKKPxxU9EyXoxI0wPxf3EWPJw5uh0kf9_fNxqyzGIng5bbc_O2s7t_aWV6y-Zj2mjvLK2Zpr-918-9ZXaOXrOTrGxnk6TxewNLeykALfSl6DJYkZsxSIqd3KEql3Tyofgxx05gW53l2YHMUpOwV4bd3vcrsXSjvnq78_26w07U1LvgI-qgWu4SfZ8RgoOm47PGw_O7ef-9LGaFa5kPMNaYNBv37MQ8Rfj0mJ97fROkBBDaP1n8zu5lzHWltthavGzzTY2L570fe77FYbR2Bm7ywqEGGvLVmmwg8feysqpmG4MuMMQqG9RXpeABc11yLWlda6kpreLtab4XP-eiHfEd2pRqSJ3XNL1fjxeTCePAKPXbYgXhrE-37Mxbe3Tn58TYOQv2j4D9tEDW9tFlwroUHIXb3HcHRcKq_O2Eh4pnj_j9tRlplG_gZ5QUj7Q8M2wL9D4AOnP8zDSOA51Ftysv8A4bdtLUa2L_g6VmKywXuto1njFTG43xyF9ImUee7O7YaiwEbnUTzQf8RzDC4rFJ_4A5z_3ErC7zgKj8IUDbzADVk-J0btrXNMOl_EUkVYuzE5ZRMwIxHDr5vbsNuFo1Cc_42MSkHpxpEK1KKhUaGLYpaqheuctvPBD7n4b8DJGv8MwfxjxtwRdCIhy0ParqFefXcJAzexF558HB7yZiys-XpiLo4oT48vHkADwb1RTbzwEnZgExRQqNuZ_RbkIAKuu0Jtoiu7k4IoXb3rOQ6puNjE91mKr3ap5SasSA9U2iTWmmZRWYtjt_8dCMTm8dHo_XfZejQQlH56-febogGJ2g3nSxftPo_r-gWWTi6Mvf_W3nRdGZUCB57EptwVD8vV67EOJVixyvXN_ABZSJDXglQv6aLOj1H82cNYvaQUFVutab38-RUQ-WJ9pH4NjdiYHvSYuCXYrX1ZXonQ_3dLACTtlPaZlIB3Ig3ti7WgGWg&cid=CAQSTABygQiDsvdNJnTPCVo47plb5F9JdFpIt-3Nmhrj-_6aoV7Ba9sdrm7P75KGcus0tRr8ftFK7AbCNrA1zlRv5nxH6k-xi_BoKsv48M0YAQ&dc_eid=31075530&dv3_ver=m202306200101&rfl=https%3A%2F%2Fstad.yalla-shoot.io%2F&ds=l&xdt=1&iif=1&cor=14488125251276325000&adk=2228999115&idt=57&cac=0&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 17:16:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/ Frame 2DD8 30 KB
11 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 17:16:44 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2DD8 41 KB
13 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 13:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 373666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jul 2024 13:52:35 GMT

GET
DATA 200
OK truncated
/ Frame 2DD8 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e67fc9a2fc98f728553c1cffd6a2fb4fc494a27022a8986894c9b2846c7964e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3AD5 17 KB
6 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 21:40:21 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D717 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 194851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 15:32:50 GMT
expires: Fri, 05 Jul 2024 15:32:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/ Frame A7F5 6 KB
2 KB 9ms
9ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abc45b966b05ffc01c4d223587ec2809ce64d08e66d08fa877e8fdd36844a77e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 244448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1906
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 01:46:13 GMT
expires: Fri, 05 Jul 2024 01:46:13 GMT
last-modified: Wed, 21 Jun 2023 11:41:13 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2DD8 0
0 53ms
53ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv4x78pP_fOah9KjpMXcEfDkqe7ORIDcsiazPESn8KChxHbChevtKDYica2HK_ePKOMFDnW3Nt2DzZUBhGGvKJO19HjA_WXmV_qK1YRVmaZLSLi2tmNrKjrsGcOaPDhTLlSjnsQRTTgr-Bk41YrO7KB6Jf_C7fZBJpPKozcADRZozTwswOaWBsnxDenJzflX8nmcPvpTCDjMFnT0ERV3tpjWsqDb7QfGpc6jrRTqPb5cVLU18fHn9nA6ZxgSUxh1SnGAd1VB6ZO0CkELC2PoJBVL4jIZ4zHTSjW5LL_BjSHbbf27D0SxCn73lWbNplFFq0Fap_AIsDFYiNYkxRXyn5WCFFaCAGcztDHP4fendnZSMi08iX9ssnL9KrAVgTPxaLYrPiaIZY50K-73WFTfbktl7ut7NLtHg1l52bGaSUH8veFlXLDMjKCvLOuaQH4oXeaDUysn2506CztdtR62g3EEb1YHAJbSONvQuLKpvgT3IeiOvh1HxR15n-SoIHMqgbUAhRMCE_fDNKXrcjXZttmcsRu5b2Z4o_py3WW6hcla-V7pVPJ2xlRunWu_I7kQd9Km-mGY2UUVJhKitAM69txle00aj6AYiGkeuJKJTV10APQgdZDvZq_aY1s1j9J9pUum_gNmMTNt9H1_hO3U1S1wcIM0W7bjoMxyOXrjSG4VOylarz0iIRXY-WXsGvgMlZlcwnDNEnYu31jDLke4VyHG14PC9iSG5Oo__fq29qvUCcr9H13ixrkbyHlUWq-AOnE7TGEUzSQES5jINR_izEGFuORVqf43pnLeopPanwPYU86qRoHgkWKiPaK2WTxq2rv490vVgYgpRbHeSq45PymCO852OmAoS82opKasijedhRrO1duJp_tDc7aUvXH9Wksvdq7rC7abukl8qBef4MpA5OSdYeUzPrq3YsBFqmys6mDwuQESb10JypcsIOb6wG1XxDPb9O2fLjGVLshs4Osorp695_BgZ-3HH4xfEDEDxaldVXSVvNAyub2bVxLcIFVgHPWrfzDStRRej-IUTAclZo7WqDvjfxZLb4lDUVFPBhrqigvHlKVt9u57-bSq0nvzUUvAtiNLcudbC6xgWXIWvR2jeW7Q7xBG-IFO_rq8kpkshTmutTuwctGeG85kk4UCCRk6d7sbIwIsH-rbtlu2kLyt0rlV50jIkRhk61H9cfJLcopdRXTUDkm2gCgVpSNYiRw2ARLPasIJAK2RldO7Jp7ycrk988gsWSUycZ4oMyTUCJ5hcFrk3YipfjBhxUcAaG7gZQitqtwkNlwOf20I02b40It-OZqnqXXYjUq5ftQESHOPleIyshllBV_dZ8a9ptEhPGEp3Vxz0yQxzWU&sai=AMfl-YTuGIhQqDIWMrgzC-sfPIuQSr5SDyu55HV_xTDhZVHtbLrac55buuMNNb5ggH1gvXSSrUOqUEr8yoNyYr_rJmb_kANhZQrNuP8Xw89nv-gJKvvWAAwnMpuDEJLZ5SAobJh6JG58K5vlcN_swPDXTTY4uA216C-bbIhHgYUb8FGUZl-oWNIWlIngZWKIpwO9lels0LMasMsc7lG8Z4h_T959wunnuXFhLqjK9VDyTalQa3fsARcl8Em5YUgpuuE-dWQEvnOMsb5AENmx2IUtFBExrry_8yhVqgxo&sig=Cg0ArKJSzNqUg4HMFv5VEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=42&cbvp=1&cstd=39&cisv=r20230705.47379&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 08 Jul 2023 21:40:21 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 08 Jul 2023 21:40:21 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame A7F5 60 KB
24 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 21:40:21 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/js/ Frame A7F5 3 KB
800 B 8ms
8ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/js/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

678cfa159336ada547c6651e1fe67f818d94de6fa993d6a66f6a2dd8f14a0573

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113611
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 771
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 11:41:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Jul 2024 14:06:50 GMT

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame D717 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 19:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 267276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jul 2024 19:25:45 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 392E 16 KB
6 KB 46ms
10ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1688852420863-998299762888-001185-002-008660%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=83057
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sat, 08 Jul 2023 21:40:21 GMT
expires: Sun, 09 Jul 2023 20:44:38 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame 8A29
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26au...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1688852420863-998299762888-001185-002-008660&key=OPTOUT

0
37 B

359ms
101ms

Document
text/plain

44.194.170.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1688852420863-998299762888-001185-002-008660&key=OPTOUT
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.170.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-170-205.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sat, 08 Jul 2023 21:40:21 GMT

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Sat, 08 Jul 2023 21:40:21 GMT
etag: OPTOUT
expires: 0
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1688852420863-998299762888-001185-002-008660&key=OPTOUT
pragma: no-cache

GET
H2 204 /
onetag-sys.com/usync/ Frame E918 0
0 56ms
17ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58543/ Frame 6B44 0
0 74ms
11ms Document
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
date: Sat, 08 Jul 2023 21:40:21 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.57
strict-transport-security: max-age=31536000

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 5346 0
0 73ms
21ms Document
text/plain 216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D18%26auid%3D1688852420863-998299762888-001185-002-008660%26key%3D%24UID
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Sat, 08 Jul 2023 21:40:21 GMT
X-Sovrn-Pod: ad_ap6ams1

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame CDAF 16 KB
6 KB 40ms
9ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fpbs.aniview.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=83057
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sat, 08 Jul 2023 21:40:21 GMT
expires: Sun, 09 Jul 2023 20:44:38 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 49CE
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

281 B
554 B

70ms
18ms

Document
text/html

23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 08 Jul 2023 21:40:21 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 08 Jul 2023 21:40:21 GMT
location: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server: AkamaiGHost

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame 297D
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D105%26auid%3D1688852420863-9982997628...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=105&auid=1688852420863-998299762888-001185-002-008660&key=

0
190 B

348ms
101ms

Document
text/plain

44.194.170.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=105&auid=1688852420863-998299762888-001185-002-008660&key=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.170.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-170-205.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sat, 08 Jul 2023 21:40:21 GMT

Redirect headers

cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Sat, 08 Jul 2023 21:40:20 GMT
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=105&auid=1688852420863-998299762888-001185-002-008660&key=
server: envoy
x-envoy-upstream-service-time: 0

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame CB66
Redirect Chain

https://csync.loopme.me/?pubid=11455&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D56%26auid%3D1688852420863-9...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1688852420863-998299762888-001185-002-008660&key=5a2d8885-30d6-4582-abb0-cb5ae681dee6&gdpr_consent=nul...

0
241 B

313ms
101ms

Document
text/plain

44.194.170.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1688852420863-998299762888-001185-002-008660&key=5a2d8885-30d6-4582-abb0-cb5ae681dee6&gdpr_consent=null&gdpr=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.170.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-170-205.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sat, 08 Jul 2023 21:40:21 GMT

Redirect headers

content-length: 0
date: Sat, 08 Jul 2023 21:40:21 GMT
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1688852420863-998299762888-001185-002-008660&key=5a2d8885-30d6-4582-abb0-cb5ae681dee6&gdpr_consent=null&gdpr=1
server: _

GET /
us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif/ Frame 8240 0
0

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame 74FE
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1688852420...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1688852420863-998299762888-001185-002-008660&key=6OG4AibTAPed&ev=1&us_privacy=1---&pid=562704

0
207 B

314ms
102ms

Document
text/plain

44.194.170.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1688852420863-998299762888-001185-002-008660&key=6OG4AibTAPed&ev=1&us_privacy=1---&pid=562704
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.170.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-170-205.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sat, 08 Jul 2023 21:40:21 GMT

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control: private, max-age=0, no-cache, no-store
content-language: de-DE
cw-server: bh-deployment-5bd7dc84cc-kj9s2
expires: -1
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1688852420863-998299762888-001185-002-008660&key=6OG4AibTAPed&ev=1&us_privacy=1---&pid=562704
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server: Jetty(10.0.14)
strict-transport-security: max-age=15768000

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 6D80
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent=
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=6a8a755bb3893c69a2d32c53d88b43&_fw_gdpr=1&_fw_gdpr_consent=

0
230 B

347ms
106ms

Document
text/plain

35.169.19.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=6a8a755bb3893c69a2d32c53d88b43&_fw_gdpr=1&_fw_gdpr_consent=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.19.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-19-104.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sat, 08 Jul 2023 21:40:21 GMT

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Sat, 08 Jul 2023 21:40:21 GMT
Expires: Sat, 08 Jul 2023 21:40:21 GMT
Location: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=6a8a755bb3893c69a2d32c53d88b43&_fw_gdpr=1&_fw_gdpr_consent=
Pragma: no-cache
Server: nginx
x-sticky-vk: 1688852421290056-345

GET
H/1.1 200
OK auto-user-sync Show response
ads.stickyadstv.com/ Frame 8FA0 43 B
576 B 109ms
17ms Document
image/gif 2.19.126.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-157.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 08 Jul 2023 21:40:21 GMT
Expires: Sat, 08 Jul 2023 21:40:21 GMT
Pragma: no-cache
Server: nginx
x-sticky-vk: 1688852421290054-345

GET
H2 200 sync Show response
vid.vidoomy.com/ Frame 737E 49 KB
18 KB 303ms
156ms Document
text/html 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1688852420863-998299762888-001185-002-008660%26key%3D%7B%7BVID%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ce33815b4c0f7c15686c773ff8b0e5092b36696a6c758ef499dc32e5a8f01e9a

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
date: Sat, 08 Jul 2023 21:40:21 GMT
etag: W/"64243ed7-c28e"
last-modified: Wed, 29 Mar 2023 13:36:23 GMT
server: CDN77-Turbo
vary: Accept-Encoding
x-77-cache: MISS
x-77-nzt: AcO1rw7PSueh
x-77-nzt-ray: 90833930a61f6739c5d7a964dc950718
x-77-pop: frankfurtDE
x-cache: MISS

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame 7A71
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1688852420863-998299762888-...
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1688852420863-9982997...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1688852420863-998299762888-001185-002-008660&key=89a9d84e-83b2-437a-b3f5-12450e150fd2

0
239 B

204ms
102ms

Document
text/plain

44.194.170.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1688852420863-998299762888-001185-002-008660&key=89a9d84e-83b2-437a-b3f5-12450e150fd2
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.170.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-170-205.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sat, 08 Jul 2023 21:40:21 GMT

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Sat, 08 Jul 2023 21:40:21 GMT
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1688852420863-998299762888-001185-002-008660&key=89a9d84e-83b2-437a-b3f5-12450e150fd2
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 match
dm.hybrid.ai/ Frame 804E 0
0 170ms
55ms Document
text/plain 37.18.16.22
HYBRID-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dm.hybrid.ai/match?id=407&vid=1688852420863-998299762888-001185-002-008660&gdpr=1&gdpr_consent=&burl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D5e7b9048180bd02ded4b0937%26biddername%3D166%26auid%3D1688852420863-998299762888-001185-002-008660%26key%3D%24%7BVID%7D

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, no-store
date: Sat, 08 Jul 2023 21:40:21 GMT
expires: -1
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
pragma: no-cache
server: Hybrid Web Server
x-mode: 115
x-xss-protection: 1; mode=block

GET
H2 200 sync
x.bidswitch.net/ 43 B
145 B 102ms
8ms Image
image/gif 18.194.138.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=&user_id=1688852420863-998299762888-001185-002-008660&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.138.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-138-81.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1688852420863-998299762888-001185-002-008660%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ 43 B
146 B 101ms
8ms Image
image/gif 18.194.138.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1688852420863-998299762888-001185-002-008660%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1---
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.138.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-138-81.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 6EF5 37 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 19:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 267276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jul 2024 19:25:45 GMT

GET
H3 200 container.html Show response
fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 08AA 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 21:40:20 GMT
expires: Sun, 07 Jul 2024 21:40:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 392E 0
42 B 92ms
20ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=61405971&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1688852420863-998299762888-001185-002-008660%26key%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:20 GMT
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 49CE 34 KB
10 KB 8ms
7ms Script
text/html 23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d725c32c74cd490ea3efd3d49e19df36313615c6384ed0a9a95e9dcd556b0291

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sat, 08 Jul 2023 21:40:21 GMT
Content-Encoding: gzip
Last-Modified: Sat, 08 Jul 2023 02:49:12 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=18457
Connection: keep-alive
Content-Length: 10153
Expires: Sun, 09 Jul 2023 02:47:58 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2DD8 0
0 47ms
47ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv4x78pP_fOah9KjpMXcEfDkqe7ORIDcsiazPESn8KChxHbChevtKDYica2HK_ePKOMFDnW3Nt2DzZUBhGGvKJO19HjA_WXmV_qK1YRVmaZLSLi2tmNrKjrsGcOaPDhTLlSjnsQRTTgr-Bk41YrO7KB6Jf_C7fZBJpPKozcADRZozTwswOaWBsnxDenJzflX8nmcPvpTCDjMFnT0ERV3tpjWsqDb7QfGpc6jrRTqPb5cVLU18fHn9nA6ZxgSUxh1SnGAd1VB6ZO0CkELC2PoJBVL4jIZ4zHTSjW5LL_BjSHbbf27D0SxCn73lWbNplFFq0Fap_AIsDFYiNYkxRXyn5WCFFaCAGcztDHP4fendnZSMi08iX9ssnL9KrAVgTPxaLYrPiaIZY50K-73WFTfbktl7ut7NLtHg1l52bGaSUH8veFlXLDMjKCvLOuaQH4oXeaDUysn2506CztdtR62g3EEb1YHAJbSONvQuLKpvgT3IeiOvh1HxR15n-SoIHMqgbUAhRMCE_fDNKXrcjXZttmcsRu5b2Z4o_py3WW6hcla-V7pVPJ2xlRunWu_I7kQd9Km-mGY2UUVJhKitAM69txle00aj6AYiGkeuJKJTV10APQgdZDvZq_aY1s1j9J9pUum_gNmMTNt9H1_hO3U1S1wcIM0W7bjoMxyOXrjSG4VOylarz0iIRXY-WXsGvgMlZlcwnDNEnYu31jDLke4VyHG14PC9iSG5Oo__fq29qvUCcr9H13ixrkbyHlUWq-AOnE7TGEUzSQES5jINR_izEGFuORVqf43pnLeopPanwPYU86qRoHgkWKiPaK2WTxq2rv490vVgYgpRbHeSq45PymCO852OmAoS82opKasijedhRrO1duJp_tDc7aUvXH9Wksvdq7rC7abukl8qBef4MpA5OSdYeUzPrq3YsBFqmys6mDwuQESb10JypcsIOb6wG1XxDPb9O2fLjGVLshs4Osorp695_BgZ-3HH4xfEDEDxaldVXSVvNAyub2bVxLcIFVgHPWrfzDStRRej-IUTAclZo7WqDvjfxZLb4lDUVFPBhrqigvHlKVt9u57-bSq0nvzUUvAtiNLcudbC6xgWXIWvR2jeW7Q7xBG-IFO_rq8kpkshTmutTuwctGeG85kk4UCCRk6d7sbIwIsH-rbtlu2kLyt0rlV50jIkRhk61H9cfJLcopdRXTUDkm2gCgVpSNYiRw2ARLPasIJAK2RldO7Jp7ycrk988gsWSUycZ4oMyTUCJ5hcFrk3YipfjBhxUcAaG7gZQitqtwkNlwOf20I02b40It-OZqnqXXYjUq5ftQESHOPleIyshllBV_dZ8a9ptEhPGEp3Vxz0yQxzWU&sai=AMfl-YTuGIhQqDIWMrgzC-sfPIuQSr5SDyu55HV_xTDhZVHtbLrac55buuMNNb5ggH1gvXSSrUOqUEr8yoNyYr_rJmb_kANhZQrNuP8Xw89nv-gJKvvWAAwnMpuDEJLZ5SAobJh6JG58K5vlcN_swPDXTTY4uA216C-bbIhHgYUb8FGUZl-oWNIWlIngZWKIpwO9lels0LMasMsc7lG8Z4h_T959wunnuXFhLqjK9VDyTalQa3fsARcl8Em5YUgpuuE-dWQEvnOMsb5AENmx2IUtFBExrry_8yhVqgxo&sig=Cg0ArKJSzNqUg4HMFv5VEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=257&vt=11&dtpt=215&dett=3&cstd=39&cisv=r20230705.47379&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 08 Jul 2023 21:40:21 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 08AA 4 KB
1 KB 51ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Jul 2023 21:40:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Jul 2023 20:25:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Jul 2023 21:40:21 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 87AD 14 KB
1 KB 41ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Jul 2023 21:40:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Jul 2023 19:48:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Jul 2023 21:40:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/ Frame 87AD 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/abg_lite_fy2021.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:18:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15684
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 17:18:57 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2CDD 143 B
166 B 10ms
9ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1715
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 21:11:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 87AD 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:47:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6801
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 19:47:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 87AD 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 17:19:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 87AD 179 KB
56 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jul 2023 21:40:21 GMT

GET
H3 200 5f03bef6f00b7a8cf9d43233a2aa7e67.js Show response
www.gstatic.com/mysidia/ Frame 87AD 33 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5f03bef6f00b7a8cf9d43233a2aa7e67.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a5fa3073b94aa8259d04802566504c897fd640610ea9f36654cfacc615f325e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 19:09:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 19:38:10 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/ Frame 08AA 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

407e5f7555fe203a6245ac0209874437d50b9daf51a7102e6fd90a99a3df1717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:31:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8599
x-xss-protection: 0
server: cafe
etag: 12796843930313450165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 17:31:19 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 08AA 205 B
229 B 7ms
7ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 16:38:17 GMT
x-content-type-options: nosniff
age: 104524
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 06 Jul 2024 16:38:17 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 08AA 604 B
628 B 7ms
7ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 12:13:24 GMT
x-content-type-options: nosniff
age: 34017
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 07 Jul 2024 12:13:24 GMT

GET
H3 200 txt1.png
s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/img/ Frame A7F5 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/img/txt1.png

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e833626742ec297d69367e59566501285ac28cec97ba9600f1d1581ae53ac69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:06:50 GMT
x-content-type-options: nosniff
age: 113611
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2574
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 11:41:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Jul 2024 14:06:50 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/img/ Frame A7F5 2 KB
1 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/img/logo.svg

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 18:27:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184400
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1053
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 11:41:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Jul 2024 18:27:01 GMT

GET
H3 200 bg1.jpg
s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/img/ Frame A7F5 18 KB
18 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/img/bg1.jpg

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2e2e92ba323a9043a221c0d3976875ba09620eeefbe33be89c738c23f288187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 09:14:47 GMT
x-content-type-options: nosniff
age: 217534
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18283
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 11:41:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Jul 2024 09:14:47 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 49CE 284 B
536 B 73ms
10ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2CDD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

16ms
15ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 21:40:21 GMT
expires: Sat, 08 Jul 2023 21:40:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 21:40:21 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 962B 37 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 19:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 267276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jul 2024 19:25:45 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D717 0
20 B 46ms
45ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BROfcxdepZMXxBuixx_AP8fmlgAkAAAAAOAHgBAI&bg=!4uGl4bXNAAb90kgr3dI7ADkAdvg8WjQr8d3gqWvZvfaO_ISjjtKesJA6gsDutBY8A2LCWlwd2fKVCpcoxYA2yZUcMc0bx0iQNYQCAAABaFIAAAAFaAEHmQMQgGg_L06fsi1BVgLkPykTOk9YSMSQFU5E8A1W7H8C2-XuckOua3x8Hq6Kdx7iTv97oQ7roMwY_J8foGzw-U7kzD5T61huv3b5aEpAc39pq_RVmQ5w6hTAV-epU4HWHppAVJ29wEDIpxP03v0x1N5csPkz1imbd8GZLzMV0J3suh3s8AM8EAfVoC4uyMQgTHdNEeRY5N_jdJ-YJRA5usTPuhjCx3Ejn9LGsF7rfTIeCfpIZgwdM4cT7jGN4p8yYYwt82n1fg8WlPhQq8WXfh1UbLfGZmoqqHgdoqfpA91jSQbJSph9CNzN94ac4BdwFUFR50zDAPAqAoG4uodJTyPuXlcZCRhvx3j2k1rRC_sQnXSIWzXb12z2Z5oXlHBiRifL5pTxMJxmP0Vp7FezkXZPPd2QzoPpKMjPrjJDV3GfJc5-o16G4lwU9KzhH05AKQI07t1UdhK-vlN2koOxg4tySe-lMEJTiy5uQFEea3cWpVaFM25GfQdBFgH2bCVbpqt7s2TgqghxiBr8jExsC5NA0NvFR1iIsibPU2afgv8UDEtkyd6npcsTlrKXqdeVH0eUX1RGU6RKGbPD2rgMQi9VCJWMYsxaRS3wpiTgwTquSAiMUDT3_ukVnmBH0v2RX15aAnEljhZPExb271cSeUNyp9I12g71euJntXVUSDDv-_2EXAYHkDnJ7trYkN8Og1vePt-Qepsbz2ngpzFalyiRVpC2w8BXmzUONlA5Dirzs5obBg9caT5O3H6a8AXdKmLm9r6U5hPc1fWJXw81bAQxnuZBeU1Y5QztD7Sh1NsL-scqa7pShspaNPaSpB3lW5fk2unR08vMtpDpkuhQRtkN6qwNm-VNnFLFoo74tCtjnQ5VxBsOC8B1ZezSRvQD2sjMevDJX9v5wM3OqXqsm9HgGPr_xe5QxK2k3tKkDQ461MPhXSuXk-F0GWuK1xCKqvtQYbAt-EvSthAsBQ5Sb-EzzlaKpl7puW1f5Ti0pcnOsNfeDBq9W57-Nkyc7UnN8HvQohmqg3QN3x3eSic2P4A1dw

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 urlsvid.json Show response
vpaid.vidoomy.com/sync/ Frame 737E 1 KB
841 B 131ms
13ms XHR
application/json 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1688852420863-998299762888-001185-002-008660%26key%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 08 Jul 2023 21:40:21 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 471421
x-accel-date: 1688381000
x-77-nzt: AZySIYsB1Sb/fTEHAA
x-accel-expires: @1689417800
last-modified: Mon, 03 Jul 2023 08:54:07 GMT
server: CDN77-Turbo
etag: W/"64a28caf-479"
x-77-nzt-ray: cf87872761e4e8c3c5d7a9640cf8ae2d
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://vid.vidoomy.com
access-control-allow-credentials: true

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 58ms
58ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306290101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c16811c6b777f91ee70f79ba4247235ad4a573713529707a0e1e3e929e637198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11694
x-xss-protection: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 737E 0
187 B 72ms
14ms Image
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?gdpr=1&gdpr_consent=&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%7BuserId%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3DCEN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Sat, 08 Jul 2023 21:40:21 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 cookie
cm.adform.net/ Frame 737E 43 B
106 B 120ms
26ms Image
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dadf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:21 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2

200

dspsync
vid.vidoomy.com/ Frame 737E
Redirect Chain

https://creativecdn.com/cm-notify?pi=vidoomy
https://creativecdn.com/cm-notify?pi=vidoomy&tc=1
https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=m4CYLNkDNFsF0sI0XZBQ&pi=vidoomy&tc=1

37 KB
37 KB

103ms
103ms

Image
text/html

2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=m4CYLNkDNFsF0sI0XZBQ&pi=vidoomy&tc=1
Protocol: H2
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-nzt: AcO1rw4JC+2h
x-77-pop: frankfurtDE
date: Sat, 08 Jul 2023 21:40:21 GMT
content-encoding: gzip
last-modified: Mon, 28 Feb 2022 08:37:03 GMT
server: CDN77-Turbo
etag: W/"621c89af-93db"
x-77-nzt-ray: 90833930a61f6739c5d7a96406270036
vary: Accept-Encoding
x-cache: MISS
content-type: text/html
access-control-allow-origin: *
x-77-cache: MISS

Redirect headers

location: https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=m4CYLNkDNFsF0sI0XZBQ&pi=vidoomy&tc=1
pragma: no-cache
date: Sat, 08 Jul 2023 21:40:21 GMT, Sat, 08 Jul 2023 21:40:21 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 21:40:21 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C948 13 KB
5 KB 11ms
8ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6801
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 19:47:00 GMT
expires: Sun, 07 Jul 2024 19:47:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8558 783 B
533 B 20ms
19ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

28cba3dac46509478146cd92e730ffebd3845d6fbdb50af5cf2af210c90c02fe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_kzdTDrmQflQwEY80yfCdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-_kzdTDrmQflQwEY80yfCdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 21:40:21 GMT
expires: Sat, 08 Jul 2023 21:40:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8558 0
0 41ms
41ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306290101&jk=4464128668034519&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame C948 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 19:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 267276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jul 2024 19:25:45 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C948 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?pDwt0Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D8E2 42 B
64 B 45ms
44ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstbmyJi5YwGJmGRY93_5X0apQHZ0J0WkKnpbGAKtbBNw2bcqHcx0zE2FrnmA0dWFGhyRA4Q98uE0glkRwogHFhPfZ3ZUC8khBOB8VtrOJKINGrM_JIGMiDO-i2AafROpzmPIWCfVWIxJ0AO&sai=AMfl-YSjPIZecOiN8QvPoPJdoLWzZvRvfjeEQQ1SSubFos4CZeB54db5KH7vh4ATLEeavTdFZ0qXfhAlCJreamVYQnpzw6-nBaFasj2K33Zmz0lUjTZRIY-Qph-uXV2MrM6dIL2paR7n6GmdtVEYsQ&sig=Cg0ArKJSzDSfJj0VpxHpEAE&cid=CAQSTABpAlJW15J4k50FpE0IhKHJoAHhG4uwt7tSRCylxiMHhdhwSc6TtnZFKNq00GuURkEV0NqNrk3KiZNjt8RTu8Dt_lKUO8eAaczgruAYAQ&id=lidar2&mcvt=1003&p=537,650,787,950&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230705&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2762301397&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688852420649&rpt=390&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D8E2 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6245877562124&version=m202301230201&ct=76&x=1&cor=6850694920200863000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2DD8 42 B
64 B 46ms
45ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhaEn_A_VKJOL_qwlXT6h6jVEjpJ82OALM48YKn4gttdz8MC1mlsLwBgWskvPckDsVKMXjVtAt5m1cpLNNJF23gsjuR2nPWebD365qUe0VK87LPR44EVBYoT1qq_QDKJCvOnNYHkceIuL8&sai=AMfl-YQir0xpAhmvBkbRrgos9VC46xjzvmCHXXgN_hITGZXFrKH8l8aLgQFikdeilvdtRY7Aj7F2ZAbT6Lfi3Ymsde0uMZk9wGzpHwV5fRunhZyn5USZkly2WvzhTkfOq4Yey89eThHDo8uK0Ea7Bg&sig=Cg0ArKJSzDdj6l0Z66XLEAE&cid=CAQSTABygQiDsvdNJnTPCVo47plb5F9JdFpIt-3Nmhrj-_6aoV7Ba9sdrm7P75KGcus0tRr8ftFK7AbCNrA1zlRv5nxH6k-xi_BoKsv48M0YAQ&id=lidar2&mcvt=1000&p=110,650,360,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230705&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2112327995&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688852420970&rpt=211&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012306202201000/ Frame 4DA7 222 KB
61 KB 104ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 17:10:51 GMT
age: 275371
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61909
x-xss-protection: 0
server: sffe
etag: "f919e19544cf979d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 17:10:51 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 4DA7 15 KB
5 KB 110ms
29ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Jul 2023 22:13:03 GMT
age: 170839
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "64cbd7fca0464c6f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 Jul 2024 22:13:03 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 4DA7 94 KB
29 KB 91ms
9ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:18:55 GMT
age: 278487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28896
x-xss-protection: 0
server: sffe
etag: "4dcd9a8c59f0d36a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:18:55 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 4DA7 72 KB
16 KB 99ms
17ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-animation-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebccfe357acdfa903face076a1fd379d173eeded74e7259467fee4c1ad593f65

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:19:00 GMT
age: 278482
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16636
x-xss-protection: 0
server: sffe
etag: "5d577cd038b02e29"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:19:00 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 4DA7 5 KB
2 KB 111ms
29ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:19:04 GMT
age: 278478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1898
x-xss-protection: 0
server: sffe
etag: "b82574a955fb50a0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:19:04 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012306202201000/v0/ Frame 4DA7 40 KB
13 KB 102ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306202201000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 16:18:58 GMT
age: 278484
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12958
x-xss-protection: 0
server: sffe
etag: "5e14f2792a869535"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 04 Jul 2024 16:18:58 GMT

GET
DATA 200
OK truncated
/ Frame 4DA7 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 866a0375829238929c317878d397395f815d666839ebe19535eff4064c7d6e5f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4DA7 3 KB
3 KB 8ms
8ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ar.png

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 18:05:28 GMT
x-content-type-options: nosniff
server: cafe
age: 12894
etag: 9421415325968714010
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2737
x-xss-protection: 0
expires: Sun, 09 Jul 2023 18:05:28 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4DA7 344 B
368 B 8ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:03:49 GMT
x-content-type-options: nosniff
server: cafe
age: 9393
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sun, 09 Jul 2023 19:03:49 GMT

GET
DATA 200
OK truncated
/ Frame 4DA7 45 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 440a11549a253e0fa218f6daf83abebd35917c13322b77b8227766321591fadc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 4DA7 83 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35017055ad78cc6df96f20d2d2fe76f32ec1e02da311bc0a1316eec1df805130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 style.css
s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/css/ Frame A7F5 1 KB
470 B 8ms
8ms Stylesheet
text/css 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb7fdbc047145e1c9b8c732d64806bb05ef30bc88c4a730692881ada6727c77a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 07:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223486
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 433
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 11:41:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Jul 2024 07:35:36 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2DD8 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=275110342688&version=m202306200101&ct=76&x=1&cor=14488125251276325000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 txt2.png
s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/img/ Frame A7F5 8 KB
8 KB 9ms
9ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/img/txt2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25d2843ea9ee4f5d164a9fb11a62c8844c317f04694894da81b4699eaf236288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 05:33:36 GMT
x-content-type-options: nosniff
age: 230806
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8156
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 11:41:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Jul 2024 05:33:36 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/img/ Frame A7F5 673 B
707 B 12ms
11ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/img/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db88cbe5fa8e047da87ddc2dd950e57cb1c3322e9a1f5341e0350b2890e108ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 14:24:14 GMT
x-content-type-options: nosniff
age: 198968
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 673
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 11:41:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Jul 2024 14:24:14 GMT

GET
H3 200 logo2.svg
s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/img/ Frame A7F5 2 KB
1 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/img/logo2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 06:14:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228358
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1053
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 11:41:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Jul 2024 06:14:24 GMT

GET
H3 200 bg2.jpg
s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/img/ Frame A7F5 50 KB
50 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/img/bg2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4cead5bf8beb4407b966c08ff18c3cdd4a6621a6f9585fd221b259d4afb8b5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 09:51:06 GMT
x-content-type-options: nosniff
age: 215356
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51045
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 11:41:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Jul 2024 09:51:06 GMT

GET
H3 200 bg3.jpg
s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/img/ Frame A7F5 35 KB
35 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/img/bg3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d8d78c80707500b7d7947532231d5756d2e88e122f0b7e9b7c16e1412393784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 08:25:39 GMT
x-content-type-options: nosniff
age: 220483
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35467
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 11:41:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Jul 2024 08:25:39 GMT

GET
H3 200 legals.png
s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/img/ Frame A7F5 17 KB
17 KB 13ms
13ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/img/legals.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b09330757e22837629b892df7da60fda8c59fb8dbdf8f14a2fe3d673998a9ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4544740469919233474/8-IEU-KONA_Q3_23-Mrec-300x250-SEE/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:49:51 GMT
x-content-type-options: nosniff
age: 186631
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17516
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 11:41:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Jul 2024 17:49:51 GMT

GET
H3 200 ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4DA7 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ar.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 18:05:28 GMT
x-content-type-options: nosniff
server: cafe
age: 12894
etag: 9421415325968714010
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2737
x-xss-protection: 0
expires: Sun, 09 Jul 2023 18:05:28 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4DA7 344 B
368 B 7ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:03:49 GMT
x-content-type-options: nosniff
server: cafe
age: 9393
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sun, 09 Jul 2023 19:03:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
45ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306290101&jk=4464128668034519&bg=!x8SlxJDNAAb90kgr3dI7ADkAdvg8WndqQ27NQhnZfuHW1eIyK5ms3L8-iFzTonqhBK0C65kOA7WYQxygNo1x4ICNHzSxckzA47oCAAAAUFIAAAAGaAEHCgBNrnHYBU4Np0ldMIeIKiogMCQiZo7OpNJZ4UTXEaAn3_m0GiTlOcSbWoHK86rrfBRQt1S87q0GruMV0R-lgK7zkpm2WtggyB9vsTwAim6ZArH63fEZ01MCVcoqoPcRY2Bx8W_-9zis83lTm8jvPKrH2dntsU-cr2cFJJTeXzeivKuuzi6ao96_DIe9HjK4jP9AtK78bMCIFv8WMLPfWS4on5d6SaoUIFPeTHfyarWE2CVMdadG2VTOZf9JKfNzrSREXWBSDFgAzfnL3oRssBkmuOy_87ZWUr0H5guCm5A-_K1rK3vrNePKZNUcMEGo6iY41weXyP3giDh0q_St9pYkBQqrysgATXOVlS0MM46kF-Gw_kgdyQpyAw1S9pCg9CY7-I0_OVqZGo2fFAsynFc60Tp1JijKb52fI1YyGIRzQ1pZlzULfOu5I_blT6f6hD2kdWxkmHpOR_la86NH1LHTThxRcm0ahuMBK7yLwErpmQi9rUuTWoLxZQycyPVFr9o55trrSY1p-iODBM0d_UZNeEanJThSlGRWnZMjuRyuE7k9QmCLDDrTPRjc7yRzBUFr8kZKNw4aeOuFyVOZPoIoKz0iEPXlHqPvN1bwvM8kPXMEI9pocLdF6NAN4UGzKX7ZczBFZ21a_8RXZJrgYBScuRJAViqfD9v7ZEqJtqgwdvS-o23vipzFAl2CYZYlewUDSmlOSaitodOHV2mf3ai4LPtQhFMPFNGowN-qhydaoskY6BV4Y66BaG4uMDoR6BUTe6jl3sbeMGhTOI5rty-t_L4liTNzIrn3vNKxx5rHs4Ko_wePzJWSYTpN6LNsKJsmGA3YDZYMaVH8e7CPJyV61ADbTnrW0o9tViQFXYdyq07AAkD-Vm5q6fY6XeGg_ZOssWcYOMUasfYTczoVqpVQAs-aa9WrLWIRGt9OH-j3VAe17u2Z-C-pTx-ZC4dDmLNbSCjD-nOLpC0ZbM3ySfaUZ8WOCqpPJ5f15EaZrRzRFE8jPBu5WXmQitnrORXsDthjgg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 container.html Show response
fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DF6C 6 KB
3 KB 9ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 21:40:20 GMT
expires: Sun, 07 Jul 2024 21:40:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4DA7 0
0 51ms
51ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ChCSsxdepZIb8D4GdgAf185C4A_uNi8Fx-bCagNYRoty_oNQBEAEgqLKFfGCV0qGCsAegAa-ZuJ4DyAEJqQK2a89MbWayPuACAKgDAcgDCKoEkgJP0L2-ogxbtWjulSTC5RVrz8enVo8iZ5fo6ldcWMX1AOMjgiDnwHSyYX38hd7k6hFVjph0prNsXk3Jblq9I3TEgkvfEiX8PgvLX53JzydV17HffwQEUyJ3UB5faVyh06FkdYSJLyutiPc-XuXNjSbAWH3JA3_NezFAEIe-mNio3tvMLxWaj9J16T8aN6PaAblIum4eR0kplFGHH87EI-OBeBLTnHpb_PskLkAI200ZL5QBwU60LkhR9tc195gca330a6JHKYD0AH-8XG-aAcwJ5lEKPlGrSDWPSdw3oykQG2ufoWCw_ReZlROqcqorDcfpNU_ZncKTLdGBmgRD2iCwS7HGgzCdLe06ucxkersaei1DwASN4Y_dpQTgBAGSBQQIBBgBkgUECAUYBKAGLoAHyJHYeagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPSOE9IIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHYEwLQFQGAFwGyFx4KHAgAEhRwdWItNjg2OTIyOTgwNjIzMjY3Nhimk3Y&sigh=MB_iYaygxoo&uach_m=[]&cid=CAQSTABygQiDncnPmHCsGjuqAUqJOYwq_cjbA9FhicSfRX9AwF1ksLdHou83YpiU2plBupcgFF6Y6LGnIjwkUv288IiQTvBTzZvKScwPcrAYAQ&template_id=419&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame A561 28 B
54 B 24ms
23ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1dda5629/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-Goog-Request-Time: 1688852422628
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/jhWvvVCWp_o
X-YouTube-Client-Version: 1.20230704.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt2OWdQUkFaaDNydyjDr6elBg%3D%3D
X-YouTube-Ad-Signals: dt=1688852420101&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C952%2C440&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 08 Jul 2023 21:40:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sat, 08 Jul 2023 21:40:22 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7FD2 640 B
265 B 49ms
47ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjrsp_sATAB&v=APEucNXmJrk5omIU04fpE8tavMTslzgu4i5xjBV03RWZwiLevRJ-tkeFwyVjOUU1Q-tQJTl8GpFmtVHfLqqh7Z4Ilf3O9DLb9vz1ij6WgSVsa7Xtig48BGxUejsoa4O4AMn8BLxSmTOSGHDpVJGfpLNNOnJzuhZ5s7xOKfqpeRWiQjjpRbyGRKw

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 21:40:22 GMT
expires: Sat, 08 Jul 2023 21:40:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame DF6C 85 KB
29 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

372ee4f606f66d460727f0502b688f2049ce405679f274e8fb1ed175417479a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29790
x-xss-protection: 0
server: cafe
etag: 4661881725859498467
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 21:40:22 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF6C 42 B
63 B 42ms
41ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CqtY1Tx-dC7viIA4ouAxGZw_CaHE7RNrPkXAQ0PIK3mmuSdcti9PThqTyVC6oVXm6dXicrOQ8FAsFRYwPqPzHqW1-z8NweIj-VinDqzp6XvDv-kfE

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF6C 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17922710395261629364&x=1&ct=76

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame DF6C 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:47:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6802
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 19:47:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame DF6C 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15672
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 17:19:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF6C 179 KB
56 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jul 2023 21:40:22 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7FD2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDE24gTS58eXl1H9mCJNi_c&google_cver=1

43 B
114 B

31ms
23ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDE24gTS58eXl1H9mCJNi_c&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjrsp_sATAB&v=APEucNXmJrk5omIU04fpE8tavMTslzgu4i5xjBV03RWZwiLevRJ-tkeFwyVjOUU1Q-tQJTl8GpFmtVHfLqqh7Z4Ilf3O9DLb9vz1ij6WgSVsa7Xtig48BGxUejsoa4O4AMn8BLxSmTOSGHDpVJGfpLNNOnJzuhZ5s7xOKfqpeRWiQjjpRbyGRKw
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:22 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDE24gTS58eXl1H9mCJNi_c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 7FD2 43 B
304 B 48ms
23ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjrsp_sATAB&v=APEucNXmJrk5omIU04fpE8tavMTslzgu4i5xjBV03RWZwiLevRJ-tkeFwyVjOUU1Q-tQJTl8GpFmtVHfLqqh7Z4Ilf3O9DLb9vz1ij6WgSVsa7Xtig48BGxUejsoa4O4AMn8BLxSmTOSGHDpVJGfpLNNOnJzuhZ5s7xOKfqpeRWiQjjpRbyGRKw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:22 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 7FD2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEKPW9cV2JX8_cWXCgNpA8JA&google_cver=1

23 B
163 B

104ms
45ms

Image
image/gif

23.205.93.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEKPW9cV2JX8_cWXCgNpA8JA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjrsp_sATAB&v=APEucNXmJrk5omIU04fpE8tavMTslzgu4i5xjBV03RWZwiLevRJ-tkeFwyVjOUU1Q-tQJTl8GpFmtVHfLqqh7Z4Ilf3O9DLb9vz1ij6WgSVsa7Xtig48BGxUejsoa4O4AMn8BLxSmTOSGHDpVJGfpLNNOnJzuhZ5s7xOKfqpeRWiQjjpRbyGRKw
Protocol: H2
Server: 23.205.93.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-93-33.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 08 Jul 2023 21:40:22 GMT
pragma: no-cache
date: Sat, 08 Jul 2023 21:40:22 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEKPW9cV2JX8_cWXCgNpA8JA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 7FD2 23 B
163 B 124ms
47ms Image
image/gif 23.205.93.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjrsp_sATAB&v=APEucNXmJrk5omIU04fpE8tavMTslzgu4i5xjBV03RWZwiLevRJ-tkeFwyVjOUU1Q-tQJTl8GpFmtVHfLqqh7Z4Ilf3O9DLb9vz1ij6WgSVsa7Xtig48BGxUejsoa4O4AMn8BLxSmTOSGHDpVJGfpLNNOnJzuhZ5s7xOKfqpeRWiQjjpRbyGRKw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.93.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-93-33.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 08 Jul 2023 21:40:22 GMT
pragma: no-cache
date: Sat, 08 Jul 2023 21:40:22 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF6C 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7723922014390&version=m202306200101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF6C 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7723922014390&version=m202306200101&ct=76&x=1&cor=17922710395261628000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DF6C 97 KB
38 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTMCxxomxrKoDEZ6ahsOXRO-oikATSwp68qhPwTwsI9D2hGpruDeD0NUgETPtg5NVA4olJIyjBBg4GrV2iO3D9yABSfdYhUApUseaIiPuek3I-02c&cry=1&dbm_d=AKAmf-AAi_YiXMTpKeXJjttsZW8-DVIzJWansMfP2NuT_VYJEl3nog0_J7wSqL64e408MZFKSm44G0jYt-jBVJDVhp21ra5J_CbA8fMrDQWHxAxJtL9xzG_BaXW0nPHTzFpZXIPt_-pVhNerLVJlA7trnVaXcccCNSnrWqy-dQd0CUZh1AursxzdDNjTbfVnSSMyNzKrozOuzycn26yxr3Pejvq35Y9SWO98dxcHhwKHuuvTJNrjsEk33GG7voR5dB4gXZiSNdRo7XenmwUyda6Gl8e_yHWL3766ljXyuCIa86BHpYUdIBiWh_1HwMJSTV4kCITgkJ3uP5eEsFv9O5VTvu-VUOQp9VwpRSjVc4TtzAnz8LZwRTEnkkxOc_aqQZ7azuhVbH7W5IAIzaA79G1L68H29jOrK0k2piipPcvQUkdA-FqZ8Gsm8QwUnTE4vwqAI2z8ZOYo5tORiHkoN58p9r__ApTIh-4hhdfJrTOyGQoCAHnchi5zDi3e-73-bTE4Pmob1eiOlawgaEn5aKBeGYV06hOCfIZ6F3uNXKWHkBqC50YY3IGTze9J6JUbWL-9o7t_PJdHCCxi1SjhIKRf0diLcLeVbhi4Eif9nJLcu45wxGKdH1b06ktY4yOclaXuD860C1nfbRdtCqW-FyDkqJUn8Bg1UHpliuIuPAzJQGpo24iGQnb1_GCgjGtGkdkXZFhuHaZDTMV3DjqbFrzp9FXfP_UgpaVjbQomxLIjbqrTure_yHtLJcOErr0gT7kKORwvFu2GU7LDEuXjvKvda93T82LUfqXhCGKfbYI2ZdJkZrDEam04hJCw4AfgUuQEFwoBCE40bZ4bYCbou6p4jCD1ExiKp4VznkezQbt50O_GUCdBkEpZyvK1dLeJd8MEBxmAVF_tztL2OIG8Aa1EVBRAb8o2m_9_fD-RttK856YsadHO1K4kMzvcWOO3-he10lXiAjp9ZmJxvP0Io0_UrvjNSJ5oM2HBpYoPDxeOCJLKlayJtcXev3miKMZtKIJkQUZM-L9gOD-tcq_XilYAFQp_yZPcxk7s7a94yqSofunWp5kAS9ECC8wwQtxmC8gPun07oYCvo6xINMVrscloXCQsQopaMEDyGjTRB6JsMP9lEpRcEV15UDz_kwqr4srVuuDSnYB_dhCm0ft5unx0ZuL6yD_f-yMkuNriicOUn3ZZ1_oIm7NgxWuXXsT49m4oONS6dJxLQNEUMTrtOkSuDEwQjEeKI7MogKhVhiZLDMVVX7iaZTXUO-HL_p3hwTT8fp6pWQHsBOcCp3-g2gwAI4r7AZI0-S3l4RRG314AzIPYyCnxCiIAzgptyR61ZJrZZtJAO7zXJ9cRqvoR9bdTMfGFg-WsjXtj4MWA_xO92gzB16TvKpdsHKS62NAg9gQtGPQI4hAX2FtL2UhLb07IuxCM3k5qJMKvu3DjT06cVFu2VkGKkVgNn41bxk1LL43_YsvqJmsMFE-duvVSKGo159XlZBmo58-zRaV-H1tPswYxsuGiRU4orpiHoL3_3JN34pUmf8NjRJw5lIMCT6ljd1pNuPrVAMT0WF72lVlQYC-mVCx_8oPd7_DYA79ra1VqLKDBxxzsCqjiIFYWbAL5_mErN_uzesa5iRIjnCjuTZpobokYC1jbXEtBQtwgpNJ2ZZwOaicfmepiMtg7S1AzlxRuN1NaBpbGWKy3JxuDozG7AsF2keUOjuS7DLTFzYGfo1mNA8D5FuVAW9p4HEUyPggHn5WWZXfvKzZXoA7Qlnz1eeddLWQzOpfsl7mfxvNgTgWhKXBRC-OklWv2_U3KMW1exrk_txHUBxdFkV7aGpt_tc-NQzwSxsKvFYYpz_rmEtumpbON2zgthbchJNX_lJkh1dPOhT3GXIF8QeZGZFjJHacCS0QkU6tesG4QVJsszkvBKwXnf2-LWxDFlHAjlUJtkGN7w9Jfobcn2p2TQtIAhC47XbQ5JTY24DC_W5bOjm85GZQpZuswB22lO-mR4c9DIElnn1kelwry2JBFJHigfKg3Ntipwe33vxVwHBEfslzXtPi697cZI6AVCNQ4O7zD7zTlMRqfG4JfZTAdvTK3rxtXdC3a6M0kXHJYR4N6I1W-fbpWaU-i1HrtmOxSzs09blmMa6BZfc64lIELx79rnJ9ORdvghUU1jgjSYliNXq_HMet0O5CSTZnrqTJDNXN5FE2NCSx53wAqfBtMFdIu-fy5iJnNie8S3rwSLp-XmJNhBmOSDT6AUUJMtt4MGzuIwaaGmvYCG16NkBKtC9j4fiIMfzaKtJk6VFqTYICj82nz-PzntbQWMTYmyydZUwX-y5Y-K34qxB3O6AEGcE8yLaYQRYtufUc-f7qQg7K7R_aS1WIJZFIJ0x_43usoGh02KaPb4jERlfDNMzr5hJ2Fj_Mi5zYpuc8eMo_vfQZ2CjCW1sjQ7ZO5jWbQECLIdVA27-4la6P7ruEhJ4fuUuslxxjB1hSYJbQMgEwyHIlPMjeMRPfjpv6znkVAf6FpPxXSRNSNSYZbAmWCQo0jXyau_U7Yxjy2ssv0fzHcWMXHDlZ6b_GcvE39na1_fA9q2Oc_HzVfQOgga47i078kzlaHwpuweC-G1xq9xMRDX0TW2n-XFP1AbJIXeBo8ny0bc8O8gZR1STpFyy-corcZ9YxmQE_68qdQ1fUaOIqrBipUPN11CuaiH6uB3dLc-w3RWdzvQq4wNQmbOiWf-f14TfgSqnIKKyqphIcjYjBm2gCuLw5A8F9Ge7JO_IoszxPuGyEFf-u25_7nnvwUlxsRW15TsJg-DnJqt3T6tsPLde2TOtK-pFYg05WF6yH2Z3ELt4N68gwDxSPn49RUVRbkTGCOI_a-me0_u-JyNr-GmG3mLCGeo3cq3VAtGWbOjgHhx2RNaPJRzfEXTThhJNVjpfWs0RFA4Tb7kK9vEdTTIODxy-i1cMlRoGzjZ2_xSNL0A3i8pwOjNYaV_2UKd2GN59E4CGENrL5H_gT_psfEpF2HkmpCg1Q9jyTs49a2-lUVUP5cHuCeiSXDeps5TNnZOwXcJa5ZyjRNDopiEzDh9Ur-Oee6Pnx36OiOX4xO_vqtIydnAAU9uZBtupk5G_mMYVACOQpGVc1wcErTloNy_Vs6AVREwijeBl2CKsqRH59D6xjkV5mr50e5HcMVioqHUHrtW1qwEsNV5cfsT_lipMRlHPrgG1tE8sojodX6RVJJ2BCu8WccGVlxcybhqMbnTJRmPn9-H8oOXZ1zzkm4B6J7iiGCYlqFVgEQnWyyNuTAAqJqkE56U2XutVo_DOdQWqSQpXB_oVPMPEYttmMtSwigo4uw1ULRJL3FzTTw1fBivJU2fzeitK5g3uf9DEf29GPWTIGALOMj3c-ZxnbTVSFqpQ3apqbXuvu78UgxiDyoAKH9pNo8oJFMHMqxqOW4J6yw-Ab-fUd_4L4HfzFe4kmBx6hr25KL86qADsdeh-SumaSFR8_U9GLFdLfKJcMK2FG7NKlByDEtIvacBJ0AVk9Fp39B_-Es3C_s6xsZTcshC2Ns-NNWU1xWTF0CCHm4vwIJpeztB6VQycFNsZnrOalcbVbUWJxrydsoLSVKA8GsYa5qYVSOdPwuLEUJwG7MVgHzcP3Nt7D-AVvF9UjxTP8lti2DXIrE&cid=CAQSSwBpAlJWI_enft8NWTr7pc0SSNavnsiqSh-aA8aEvaxx-AI2bzlwrlBOgJ3Fo2PabEbHHQ6bDmOEvVu9nes7c11S7jwMHfm_1eIv-hgB&dc_eid=31075530&dv3_ver=m202306200101&rfl=https%3A%2F%2Fstad.yalla-shoot.io%2F&ds=l&xdt=1&iif=1&cor=17922710395261628000&adk=3037181500&idt=92&cac=0&dtd=55

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8dc2d81e59ce23696304889dae02193dc52f742a59abf3ab5c16249abf4b5431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38956
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1EC3 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstk7spjdw5q6CKY07m5qUk5rrTiUcVuif3xo_EYFDKSUDHZM_F9GXl7AbfFLOE7M7-WXLThxsgdzzDAb0dUcg3m9KpDF3qBb0Tc1ns5cdntWIVnXjcqCgfigMCUDTDuUeEicSfpfXzOkal_Mrpi-mjHjJq8TurzW2apqQsTR0bf1rWUr0-MSaFNIeNCTcfY4cpI82Ikx__tQ-bPP0bxE3-n0Nmy0drvsDd7xpUYoPD4J_L9GTmQU3303XtNRsyW8lfK4WDvl_mFXz8EZCaXJPe9UR11IvFAA3nf2yhxPNiIMdjPB8gq9fRaKYN8d9us_SUV_N119Aun5Bdav0_Gw8G_K8ShToP6&sai=AMfl-YTtQ-1XjqJHTwjz0QOWD8y9xuCTqE1dgZETAbYFWQeECDU32KGOkqN5ST602w2-I5BUUr-AT-SQyyMsMkt2YZGxo-3JKyqnpjzDMO6D2p0FMsw49JGHEij3A_h3ACa84snG9wYJtJFA6WE8mtY&sig=Cg0ArKJSzP31d3W1FDlUEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 / Show response
ads.projectagoraservices.com/ Frame 1EC3 3 KB
1 KB 92ms
21ms Script
application/javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.projectagoraservices.com/?id=16551&schain=
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c9bcc81e0b9641657dafe3db8444c81a5cfd0b8753a0363921d5c13fb5981bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:22 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, no-store, must-revalidate
content-length: 1079
expires: Sat, 08 Jul 2023 21:40:22 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1EC3 179 KB
56 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jul 2023 21:40:22 GMT

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame DF6C 172 KB
60 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
Origin: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:17:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40979
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Jul 2023 10:17:23 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/ Frame DF6C 11 KB
4 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTMCxxomxrKoDEZ6ahsOXRO-oikATSwp68qhPwTwsI9D2hGpruDeD0NUgETPtg5NVA4olJIyjBBg4GrV2iO3D9yABSfdYhUApUseaIiPuek3I-02c&cry=1&dbm_d=AKAmf-AAi_YiXMTpKeXJjttsZW8-DVIzJWansMfP2NuT_VYJEl3nog0_J7wSqL64e408MZFKSm44G0jYt-jBVJDVhp21ra5J_CbA8fMrDQWHxAxJtL9xzG_BaXW0nPHTzFpZXIPt_-pVhNerLVJlA7trnVaXcccCNSnrWqy-dQd0CUZh1AursxzdDNjTbfVnSSMyNzKrozOuzycn26yxr3Pejvq35Y9SWO98dxcHhwKHuuvTJNrjsEk33GG7voR5dB4gXZiSNdRo7XenmwUyda6Gl8e_yHWL3766ljXyuCIa86BHpYUdIBiWh_1HwMJSTV4kCITgkJ3uP5eEsFv9O5VTvu-VUOQp9VwpRSjVc4TtzAnz8LZwRTEnkkxOc_aqQZ7azuhVbH7W5IAIzaA79G1L68H29jOrK0k2piipPcvQUkdA-FqZ8Gsm8QwUnTE4vwqAI2z8ZOYo5tORiHkoN58p9r__ApTIh-4hhdfJrTOyGQoCAHnchi5zDi3e-73-bTE4Pmob1eiOlawgaEn5aKBeGYV06hOCfIZ6F3uNXKWHkBqC50YY3IGTze9J6JUbWL-9o7t_PJdHCCxi1SjhIKRf0diLcLeVbhi4Eif9nJLcu45wxGKdH1b06ktY4yOclaXuD860C1nfbRdtCqW-FyDkqJUn8Bg1UHpliuIuPAzJQGpo24iGQnb1_GCgjGtGkdkXZFhuHaZDTMV3DjqbFrzp9FXfP_UgpaVjbQomxLIjbqrTure_yHtLJcOErr0gT7kKORwvFu2GU7LDEuXjvKvda93T82LUfqXhCGKfbYI2ZdJkZrDEam04hJCw4AfgUuQEFwoBCE40bZ4bYCbou6p4jCD1ExiKp4VznkezQbt50O_GUCdBkEpZyvK1dLeJd8MEBxmAVF_tztL2OIG8Aa1EVBRAb8o2m_9_fD-RttK856YsadHO1K4kMzvcWOO3-he10lXiAjp9ZmJxvP0Io0_UrvjNSJ5oM2HBpYoPDxeOCJLKlayJtcXev3miKMZtKIJkQUZM-L9gOD-tcq_XilYAFQp_yZPcxk7s7a94yqSofunWp5kAS9ECC8wwQtxmC8gPun07oYCvo6xINMVrscloXCQsQopaMEDyGjTRB6JsMP9lEpRcEV15UDz_kwqr4srVuuDSnYB_dhCm0ft5unx0ZuL6yD_f-yMkuNriicOUn3ZZ1_oIm7NgxWuXXsT49m4oONS6dJxLQNEUMTrtOkSuDEwQjEeKI7MogKhVhiZLDMVVX7iaZTXUO-HL_p3hwTT8fp6pWQHsBOcCp3-g2gwAI4r7AZI0-S3l4RRG314AzIPYyCnxCiIAzgptyR61ZJrZZtJAO7zXJ9cRqvoR9bdTMfGFg-WsjXtj4MWA_xO92gzB16TvKpdsHKS62NAg9gQtGPQI4hAX2FtL2UhLb07IuxCM3k5qJMKvu3DjT06cVFu2VkGKkVgNn41bxk1LL43_YsvqJmsMFE-duvVSKGo159XlZBmo58-zRaV-H1tPswYxsuGiRU4orpiHoL3_3JN34pUmf8NjRJw5lIMCT6ljd1pNuPrVAMT0WF72lVlQYC-mVCx_8oPd7_DYA79ra1VqLKDBxxzsCqjiIFYWbAL5_mErN_uzesa5iRIjnCjuTZpobokYC1jbXEtBQtwgpNJ2ZZwOaicfmepiMtg7S1AzlxRuN1NaBpbGWKy3JxuDozG7AsF2keUOjuS7DLTFzYGfo1mNA8D5FuVAW9p4HEUyPggHn5WWZXfvKzZXoA7Qlnz1eeddLWQzOpfsl7mfxvNgTgWhKXBRC-OklWv2_U3KMW1exrk_txHUBxdFkV7aGpt_tc-NQzwSxsKvFYYpz_rmEtumpbON2zgthbchJNX_lJkh1dPOhT3GXIF8QeZGZFjJHacCS0QkU6tesG4QVJsszkvBKwXnf2-LWxDFlHAjlUJtkGN7w9Jfobcn2p2TQtIAhC47XbQ5JTY24DC_W5bOjm85GZQpZuswB22lO-mR4c9DIElnn1kelwry2JBFJHigfKg3Ntipwe33vxVwHBEfslzXtPi697cZI6AVCNQ4O7zD7zTlMRqfG4JfZTAdvTK3rxtXdC3a6M0kXHJYR4N6I1W-fbpWaU-i1HrtmOxSzs09blmMa6BZfc64lIELx79rnJ9ORdvghUU1jgjSYliNXq_HMet0O5CSTZnrqTJDNXN5FE2NCSx53wAqfBtMFdIu-fy5iJnNie8S3rwSLp-XmJNhBmOSDT6AUUJMtt4MGzuIwaaGmvYCG16NkBKtC9j4fiIMfzaKtJk6VFqTYICj82nz-PzntbQWMTYmyydZUwX-y5Y-K34qxB3O6AEGcE8yLaYQRYtufUc-f7qQg7K7R_aS1WIJZFIJ0x_43usoGh02KaPb4jERlfDNMzr5hJ2Fj_Mi5zYpuc8eMo_vfQZ2CjCW1sjQ7ZO5jWbQECLIdVA27-4la6P7ruEhJ4fuUuslxxjB1hSYJbQMgEwyHIlPMjeMRPfjpv6znkVAf6FpPxXSRNSNSYZbAmWCQo0jXyau_U7Yxjy2ssv0fzHcWMXHDlZ6b_GcvE39na1_fA9q2Oc_HzVfQOgga47i078kzlaHwpuweC-G1xq9xMRDX0TW2n-XFP1AbJIXeBo8ny0bc8O8gZR1STpFyy-corcZ9YxmQE_68qdQ1fUaOIqrBipUPN11CuaiH6uB3dLc-w3RWdzvQq4wNQmbOiWf-f14TfgSqnIKKyqphIcjYjBm2gCuLw5A8F9Ge7JO_IoszxPuGyEFf-u25_7nnvwUlxsRW15TsJg-DnJqt3T6tsPLde2TOtK-pFYg05WF6yH2Z3ELt4N68gwDxSPn49RUVRbkTGCOI_a-me0_u-JyNr-GmG3mLCGeo3cq3VAtGWbOjgHhx2RNaPJRzfEXTThhJNVjpfWs0RFA4Tb7kK9vEdTTIODxy-i1cMlRoGzjZ2_xSNL0A3i8pwOjNYaV_2UKd2GN59E4CGENrL5H_gT_psfEpF2HkmpCg1Q9jyTs49a2-lUVUP5cHuCeiSXDeps5TNnZOwXcJa5ZyjRNDopiEzDh9Ur-Oee6Pnx36OiOX4xO_vqtIydnAAU9uZBtupk5G_mMYVACOQpGVc1wcErTloNy_Vs6AVREwijeBl2CKsqRH59D6xjkV5mr50e5HcMVioqHUHrtW1qwEsNV5cfsT_lipMRlHPrgG1tE8sojodX6RVJJ2BCu8WccGVlxcybhqMbnTJRmPn9-H8oOXZ1zzkm4B6J7iiGCYlqFVgEQnWyyNuTAAqJqkE56U2XutVo_DOdQWqSQpXB_oVPMPEYttmMtSwigo4uw1ULRJL3FzTTw1fBivJU2fzeitK5g3uf9DEf29GPWTIGALOMj3c-ZxnbTVSFqpQ3apqbXuvu78UgxiDyoAKH9pNo8oJFMHMqxqOW4J6yw-Ab-fUd_4L4HfzFe4kmBx6hr25KL86qADsdeh-SumaSFR8_U9GLFdLfKJcMK2FG7NKlByDEtIvacBJ0AVk9Fp39B_-Es3C_s6xsZTcshC2Ns-NNWU1xWTF0CCHm4vwIJpeztB6VQycFNsZnrOalcbVbUWJxrydsoLSVKA8GsYa5qYVSOdPwuLEUJwG7MVgHzcP3Nt7D-AVvF9UjxTP8lti2DXIrE&cid=CAQSSwBpAlJWI_enft8NWTr7pc0SSNavnsiqSh-aA8aEvaxx-AI2bzlwrlBOgJ3Fo2PabEbHHQ6bDmOEvVu9nes7c11S7jwMHfm_1eIv-hgB&dc_eid=31075530&dv3_ver=m202306200101&rfl=https%3A%2F%2Fstad.yalla-shoot.io%2F&ds=l&xdt=1&iif=1&cor=17922710395261628000&adk=3037181500&idt=92&cac=0&dtd=55

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 17:16:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/ Frame DF6C 30 KB
11 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 17:16:44 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DF6C 41 KB
13 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 13:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 373667
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jul 2024 13:52:35 GMT

GET
DATA 200
OK truncated
/ Frame DF6C 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5450abbedc7781863cda9f37243f352dede69ca91b734bb6c3dbcd4e3aa19e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F0D9 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 194852
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 15:32:50 GMT
expires: Fri, 05 Jul 2024 15:32:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8429509143949213696/ Frame 4A4A 4 KB
904 B 16ms
16ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8429509143949213696/index.html?e=69&leftOffset=0&topOffset=0&c=RzvqLLIE4b&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

664044bbf26ee6d564d0487d683db322089bd7cff029c38fef233be491d13745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 867
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 21:40:22 GMT
expires: Sun, 07 Jul 2024 21:40:22 GMT
last-modified: Fri, 02 Jun 2023 16:31:46 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame DF6C 0
0 53ms
53ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuKIpEEqig09SDtPgSvEe5fRr1TRbu4m-iKOwVRm8_OYGBd7e1TQU63OaBLRGmEugP_e6jGUvw7cCI4WYvbnAOYWdavYdRugYMcLkgH4Tuifw-uE_b7E8QlEKsMFIWEUBaGylamfKZhluNeTCBgNjyh_4Z8mlG-rD4g_IKcshLZDZLKY20tbZ0fEuzFBx16GIByMg52cZZO4E_YPiNQHiPdyqwYsV_ItskrYGMLodkdrhZBp9KwzFqd80QfZgnhHkCkJfYtHMkkA5cnxl0mIaN5ihbXdJEcGVaz-Y5GBifMr3QoEBM_ohacSiUd2mdHMjPEdcV9S_WFhmyK90X7wUYmPXNbdbXH63AW1E_YSUz4IURM9vkAL1u2pGWKWCbD8XUYwvOebrSKfnPXl_Kx866pob9OYKzTanDwFCBY5OrlkRTEYNtgxZEsr4FBK9jxGguZgjxhZ5FcWXt3NxBU0QX73t0062FF12-AwCKQaKTQ7AYWiqMc_Mdw7BGZmA9dLpKT7rWJkpIWuz5MqgJ7p7cyJgUVgBTOqiwabrwB8dIKGHuRD-y0EMyZN4M9JK4elhZjILS6Ssn15dToGDpeTMZL2qKrGQGHju2CZwLRtkGxN6duzl4DzzWTD62HR92Hz9eVUeV91d1UHqgL_7EbuqIo9rhR829yGzaogMlckSxcWiz4Iz1wGwK_YKBattfRQUdB47zhdaBO-aBLv7S22czSW_A4NJr8qNwtQWL6E7baUUgkjC3PKf4iVEXR3vfOFXKgW3txms-6TgnKXNvhh168ArifLj0PHnbyTn0KCoysAnls3FnNfvrcJXykLkRR001738DqsphbCutp6VAp375aOzC1UNBlm4FI79owktouDWpIBljIBkn07R1J948yxjP87TLRsQ_vNAJ2Hs8LYx6RjPEaTNmvnVWdW4u6H_0-Fl81i7n23bpOTFrIbL1G4q3RzznI1QibYihGXk4ZRze5MdRry8jT04COvS5mXH16X0BsnuuQYrQRizydzQ0R9rkJFWGG443Z1iE1WA_-04xWGYgko_DGO1fb1oeX9uLM-uw1RFXAsUFGjgCqwpwTAyKzYV-PfKN-a0_yQx1LdOIRmB_Kv_ib1TRgSJ8VkBu0SIf1s3nsKLG8f_UCOWphFbWOlr2XfJ1IzXJq7He6-plVcAr8Ah7BN4HmDIft8pmr9uifQXQxvHYBuzkbYFWpxSsN-AQl8u7I9wclydHZgS1WwAvfq62khJF-QXZqRG-Kmojl72wSz5ZtRidKRCLwSz24J_rAiwMawhVKRsV9N8bPFh37c_qK49Tq1S1lDA&sai=AMfl-YSzecJUVzo40grxukQE-liiYg9_u9H8rR0r3nNY3NGqStMiQ2w-9DMuegjNNThGthJuiwdmvs4YUygQreDiSzMPftosv0EWQnUcyF7B3rtIecSEnHyQH4T0iqEfGTbnnzGUbF9EZYoeRb5z10Mhru8mKSqVun9j2thPTY0lrtgdz_o78ojPQ4QAIF9gPn3enCWK9jK3ZaxE8fPLn8GmaUkvNulTt6Vj9K_55XauPJx7zAr_Uy2Z7CL46LBKa2li_y0e1mrdGRE2hR5vyXZ2LGb7SfmE2j7P&sig=Cg0ArKJSzM4RCeFWqeSKEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=48&cbvp=1&cstd=41&cisv=r20230705.72441&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 08 Jul 2023 21:40:22 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 08 Jul 2023 21:40:22 GMT

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame F0D9 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 19:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 267277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jul 2024 19:25:45 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/8429509143949213696/ Frame 4A4A 11 KB
2 KB 11ms
10ms Stylesheet
text/css 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8429509143949213696/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8429509143949213696/index.html?e=69&leftOffset=0&topOffset=0&c=RzvqLLIE4b&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ead112de63802cbfd8816ab0393bb6bbb4a9add82b29a8c65d53ef0ff21647

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8429509143949213696/index.html?e=69&leftOffset=0&topOffset=0&c=RzvqLLIE4b&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 09:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474392
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1771
x-xss-protection: 0
last-modified: Fri, 02 Jun 2023 16:31:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 02 Jul 2024 09:53:50 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 4A4A 120 KB
41 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8429509143949213696/index.html?e=69&leftOffset=0&topOffset=0&c=RzvqLLIE4b&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8429509143949213696/index.html?e=69&leftOffset=0&topOffset=0&c=RzvqLLIE4b&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 02:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70237
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Jul 2023 02:09:45 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 4A4A 60 KB
24 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8429509143949213696/index.html?e=69&leftOffset=0&topOffset=0&c=RzvqLLIE4b&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8429509143949213696/index.html?e=69&leftOffset=0&topOffset=0&c=RzvqLLIE4b&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 21:40:22 GMT

GET
H3 200 pa.js Show response
s0.2mdn.net/sadbundle/8429509143949213696/ Frame 4A4A 4 KB
1 KB 12ms
11ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8429509143949213696/pa.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8429509143949213696/index.html?e=69&leftOffset=0&topOffset=0&c=RzvqLLIE4b&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b88a304d6162d0e7bc1ea1c3b8c9e9f6b6751002a6d58b6a7bb2c4dd383dea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8429509143949213696/index.html?e=69&leftOffset=0&topOffset=0&c=RzvqLLIE4b&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 04:26:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580442
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1443
x-xss-protection: 0
last-modified: Fri, 02 Jun 2023 16:31:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Jul 2024 04:26:20 GMT

GET
H3 200 logic.js Show response
s0.2mdn.net/sadbundle/8429509143949213696/ Frame 4A4A 26 KB
4 KB 11ms
10ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8429509143949213696/logic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8429509143949213696/index.html?e=69&leftOffset=0&topOffset=0&c=RzvqLLIE4b&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc418426a2604d8536f7cb2b61f32db036b685d9d15e8d5029e80f0f9e805352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8429509143949213696/index.html?e=69&leftOffset=0&topOffset=0&c=RzvqLLIE4b&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 09:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474392
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3827
x-xss-protection: 0
last-modified: Fri, 02 Jun 2023 16:31:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 02 Jul 2024 09:53:50 GMT

GET
H2 200 pav2.min.js Show response
cdn.projectagora-adtag-library.com/adtag/latest/ Frame 1EC3 81 KB
15 KB 147ms
8ms Script
application/javascript 2a02:26f0:480:f::213:7ee0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Requested by: Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=16551&schain=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 9c8b9c9f3e07037494ff9bf2199701ff3d4bef4d1899d52164f500256de06b95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:23 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycduHeaXT71uVneZBVZlAt5eUk9Z5U712aaZ2vod-2IykjNQUIIaibxbSSqY_C4Uj7r0q5mHocAXh_p1cjjwTSRyA0Q
x-amz-meta-version: 0.13.1
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 14993
last-modified: Thu, 06 Apr 2023 08:29:05 GMT
server: UploadServer
etag: "0c38160f2837c864e76f335b6dc2a980"
vary: Accept-Encoding
x-goog-generation: 1680769745875981
content-type: application/javascript
x-goog-hash: crc32c=Nz3iZQ==, md5=DDgWDyg3yGTnbzNbbcKpgA==
cache-control: private, max-age=86400
x-goog-stored-content-length: 14993
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame 1EC3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c36237125f72b218a88df29585175ea57dc22151315c5e7e2acf6cae26fcc59

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame DF6C 0
0 45ms
45ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuKIpEEqig09SDtPgSvEe5fRr1TRbu4m-iKOwVRm8_OYGBd7e1TQU63OaBLRGmEugP_e6jGUvw7cCI4WYvbnAOYWdavYdRugYMcLkgH4Tuifw-uE_b7E8QlEKsMFIWEUBaGylamfKZhluNeTCBgNjyh_4Z8mlG-rD4g_IKcshLZDZLKY20tbZ0fEuzFBx16GIByMg52cZZO4E_YPiNQHiPdyqwYsV_ItskrYGMLodkdrhZBp9KwzFqd80QfZgnhHkCkJfYtHMkkA5cnxl0mIaN5ihbXdJEcGVaz-Y5GBifMr3QoEBM_ohacSiUd2mdHMjPEdcV9S_WFhmyK90X7wUYmPXNbdbXH63AW1E_YSUz4IURM9vkAL1u2pGWKWCbD8XUYwvOebrSKfnPXl_Kx866pob9OYKzTanDwFCBY5OrlkRTEYNtgxZEsr4FBK9jxGguZgjxhZ5FcWXt3NxBU0QX73t0062FF12-AwCKQaKTQ7AYWiqMc_Mdw7BGZmA9dLpKT7rWJkpIWuz5MqgJ7p7cyJgUVgBTOqiwabrwB8dIKGHuRD-y0EMyZN4M9JK4elhZjILS6Ssn15dToGDpeTMZL2qKrGQGHju2CZwLRtkGxN6duzl4DzzWTD62HR92Hz9eVUeV91d1UHqgL_7EbuqIo9rhR829yGzaogMlckSxcWiz4Iz1wGwK_YKBattfRQUdB47zhdaBO-aBLv7S22czSW_A4NJr8qNwtQWL6E7baUUgkjC3PKf4iVEXR3vfOFXKgW3txms-6TgnKXNvhh168ArifLj0PHnbyTn0KCoysAnls3FnNfvrcJXykLkRR001738DqsphbCutp6VAp375aOzC1UNBlm4FI79owktouDWpIBljIBkn07R1J948yxjP87TLRsQ_vNAJ2Hs8LYx6RjPEaTNmvnVWdW4u6H_0-Fl81i7n23bpOTFrIbL1G4q3RzznI1QibYihGXk4ZRze5MdRry8jT04COvS5mXH16X0BsnuuQYrQRizydzQ0R9rkJFWGG443Z1iE1WA_-04xWGYgko_DGO1fb1oeX9uLM-uw1RFXAsUFGjgCqwpwTAyKzYV-PfKN-a0_yQx1LdOIRmB_Kv_ib1TRgSJ8VkBu0SIf1s3nsKLG8f_UCOWphFbWOlr2XfJ1IzXJq7He6-plVcAr8Ah7BN4HmDIft8pmr9uifQXQxvHYBuzkbYFWpxSsN-AQl8u7I9wclydHZgS1WwAvfq62khJF-QXZqRG-Kmojl72wSz5ZtRidKRCLwSz24J_rAiwMawhVKRsV9N8bPFh37c_qK49Tq1S1lDA&sai=AMfl-YSzecJUVzo40grxukQE-liiYg9_u9H8rR0r3nNY3NGqStMiQ2w-9DMuegjNNThGthJuiwdmvs4YUygQreDiSzMPftosv0EWQnUcyF7B3rtIecSEnHyQH4T0iqEfGTbnnzGUbF9EZYoeRb5z10Mhru8mKSqVun9j2thPTY0lrtgdz_o78ojPQ4QAIF9gPn3enCWK9jK3ZaxE8fPLn8GmaUkvNulTt6Vj9K_55XauPJx7zAr_Uy2Z7CL46LBKa2li_y0e1mrdGRE2hR5vyXZ2LGb7SfmE2j7P&sig=Cg0ArKJSzM4RCeFWqeSKEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=131&vt=11&dtpt=83&dett=3&cstd=41&cisv=r20230705.72441&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 08 Jul 2023 21:40:23 GMT

GET
H3 200 btn_cta_arrow.svg
s0.2mdn.net/sadbundle/8429509143949213696/ Frame 4A4A 363 B
302 B 8ms
7ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8429509143949213696/btn_cta_arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8429509143949213696/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47a278025cea905349e975bf082b6d027e22a536a4b3d370afeb04d8fc5b2ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8429509143949213696/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 12:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207349
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 265
x-xss-protection: 0
last-modified: Fri, 02 Jun 2023 16:31:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Jul 2024 12:04:34 GMT

GET
H3 200 kia.woff
s0.2mdn.net/sadbundle/8429509143949213696/ Frame 4A4A 23 KB
23 KB 8ms
8ms Font
font/woff 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8429509143949213696/kia.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8429509143949213696/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8429509143949213696/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 09:53:51 GMT
x-content-type-options: nosniff
age: 474392
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23072
x-xss-protection: 0
last-modified: Fri, 02 Jun 2023 16:31:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 02 Jul 2024 09:53:51 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4A4A 7 KB
6 KB 50ms
50ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9163d04bf100bbb8b8de162406fa4ba5e2c6fe8506fff6c85a1272422c7bc12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5685
x-xss-protection: 0

GET
H3 200 60029391_20230503010142811_logo_kia.svg
s0.2mdn.net/ads/richmedia/studio/60029391/ Frame 4A4A 1 KB
710 B 8ms
8ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60029391/60029391_20230503010142811_logo_kia.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4caec19fb48c8b123d8f1dd3443f2bd70863adf6408db3ea83b1ee46df65c454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8429509143949213696/index.html?e=69&leftOffset=0&topOffset=0&c=RzvqLLIE4b&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 12:15:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33892
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 13:51:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Jul 2023 12:15:31 GMT

GET
H3 200 60029391_20230515060814758_ProCeed_300x250_01.jpg
s0.2mdn.net/ads/richmedia/studio/60029391/ Frame 4A4A 35 KB
35 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60029391/60029391_20230515060814758_ProCeed_300x250_01.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6942a62e2f81e252d47f57a2b79f462329d64b48218841fb3e1305a5250ccd49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8429509143949213696/index.html?e=69&leftOffset=0&topOffset=0&c=RzvqLLIE4b&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:39:46 GMT
x-content-type-options: nosniff
age: 36037
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35891
x-xss-protection: 0
last-modified: Mon, 15 May 2023 13:08:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Jul 2023 11:39:46 GMT

GET
H3 200 60029391_20230515060818029_ProCeed_300x250_02.jpg
s0.2mdn.net/ads/richmedia/studio/60029391/ Frame 4A4A 30 KB
30 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60029391/60029391_20230515060818029_ProCeed_300x250_02.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ed74e07cf30021eed2f8e68aa818f1cba49d0191300e6afb789ed6540317eda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8429509143949213696/index.html?e=69&leftOffset=0&topOffset=0&c=RzvqLLIE4b&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:40:43 GMT
x-content-type-options: nosniff
age: 35980
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30292
x-xss-protection: 0
last-modified: Mon, 15 May 2023 13:08:18 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Jul 2023 11:40:43 GMT

GET
H3 200 60029391_20230515060821311_ProCeed_300x250_03.jpg
s0.2mdn.net/ads/richmedia/studio/60029391/ Frame 4A4A 31 KB
31 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60029391/60029391_20230515060821311_ProCeed_300x250_03.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c5cd063f3063b9cecab8ff5e08b61c5f15c95e97a1b01a85781acc34b8d55b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8429509143949213696/index.html?e=69&leftOffset=0&topOffset=0&c=RzvqLLIE4b&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 07:35:56 GMT
x-content-type-options: nosniff
age: 50667
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32057
x-xss-protection: 0
last-modified: Mon, 15 May 2023 13:08:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Jul 2023 07:35:56 GMT

GET
H3 200 60029391_20230515060824648_ProCeed_300x250_04.jpg
s0.2mdn.net/ads/richmedia/studio/60029391/ Frame 4A4A 28 KB
28 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60029391/60029391_20230515060824648_ProCeed_300x250_04.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46f5f677ec0f4ddfc02ba873c3e10e6f1f5ddf9447d73d89f6eb4fc02b7f2f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8429509143949213696/index.html?e=69&leftOffset=0&topOffset=0&c=RzvqLLIE4b&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:39:56 GMT
x-content-type-options: nosniff
age: 36027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29058
x-xss-protection: 0
last-modified: Mon, 15 May 2023 13:08:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Jul 2023 11:39:56 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F0D9 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWCcpxtepZLyLMeixx_AP8fmlgAkAAAAAOAHgBAI&bg=!zs2lzZnNAAb90kgr3dI7ADkAdvg8Ws3BJSncQz8DLSLVgtTkK3__ttVwlrh7hhZmZuHTrS-1MiDiLQo0dA6hYfP5lwD-i53-zXYCAAAAcVIAAAAGaAEHmQLw5NUxHKbe2RXi8_6K1OFzLtGQZEA9BhfrLWOm-noZqxYzjpdgDEsQkztzoWZDIcxsU4Q4ubXCldgCMuWBPbefUKb_0PqNssBr8DCrKuQx62Z9aD0NdaUnTMRMFIMgYzsCPZCnXXpI78NsgsgFiLU2FWz5Vcq2Vyk-L8MavMo_my4DY3VZNpNbDcT5FcQkBnkllCqdM-In82s9PgfDVNGt4FZeAibVU4bwTXJs2DB-g2xRA9EWjLqhC9DHYerrjt8ieiPWLex-jZV-7V7fIVNZm8qvMVWK6f9F4Kb5y3YEJov2MKAzhGCA4doRDoBIv4rSAFElEu44keV9AlKaaoc-tWJDbxCnNQ3l-dNX_cb2aAK_CcVUs-PKZeM6Y1cYph1i3Gcb765bsV_J7f8iHGsXHcANZQDU2047CLOvriV6nHO9O7TSHGBspLzzn-1gcucIe585wh5vuv7isjvV-9hijMexGvM8VeSVKEf-AU-t0HpUpG5xIlbmkXtEoiF951BnNlAcH3qb7Rdhwjc8mYvAPYh0P5LRCcHE_O_3GDU6n_2Aoax90sh0EakBh-Cg-kewECXKqDw0rki5Y3A8UVwwiAMkvEqog09a6V6DVpGpDwH8casZxVTCppXFffwHnvYfk-UO-j5XkyVakM4ZVhayGOJf0kxZgl9MUkTcRYHI7OZXHb6y883B4eFaBeRL71w0gIhui0tqxmrsF0h6GJdWEIC2HVaqq4EhcuuLyLg3lYFY2lE52AIxjTieNZYuY5c1TsxPh6GcBdrAKiI4dzTZQHFlM-TFSB1CWCPc6teIWaa3pcxrNuOccLV_J3MVCMIMM0f88d711x8jtGtuHwlyJGwTKrrEmTJJrr8FspCNcxLCp526a3tYsYYtC--tqvwH0PpkSbkszAQDoqj8LNZwkS_9tCbiV-_OIfLP9_ITCfIPyg23mSdST-ZEDVAs3YRtNsWRzWywNfxmV0qyl2JwyZlH_hfbHDz01cCtggZ6az8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4A4A 17 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 21:40:23 GMT

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 907D 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 19:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 267278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jul 2024 19:25:45 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/156400/7371/ Frame 1EC3 236 KB
79 KB 8ms
8ms Script
application/javascript 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/156400/7371/pwt.js
Requested by: Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 23c1ee968e09962e3832d43d75631233fa3b803445b23570fca316c4c98b2161

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:23 GMT
content-encoding: gzip
last-modified: Mon, 19 Jun 2023 13:23:57 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=68839
accept-ranges: bytes
content-length: 80150
expires: Sun, 09 Jul 2023 16:47:42 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1EC3 0
0 61ms
44ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0eKCJGyDMo0zMRcUPw5wZ9XRA02egurLQmSVizRNSaTUp1HHNAkzcx41f_DvY5wFMqmp5-XhZuRXtOH9DyZEjgU9-K6pI9V_4OJ3HpZPEyT4LsXRQBeUhW9YP1m1R_70h-csKZ_UMU3iF7_COH4ouSE7DtoQyKM_Mr8osT1xuDEJoFTYXaou5gTNsS5wm04yXfvQcrvxJEDfORpn_MO-qwcij3H2RvNvd5epyL20dkUiGR8rZzLZZB58DXuJOmphTbtZKT0o8CBQ0o6Jb0x2qlx0fUAcLMvLvWz_7-KyTMjFRryx3QJTDqepTqetyLj8KJ4JgRSe4xB4pthnSPzMC2JnOGriBagQ&sai=AMfl-YRidNNulGPc-gcRLxBmatxIc7p9aMg-2e7rAz8GnWjJlaKTJH8uEURvbMjibqSQtIRBtnTngjSN4OwOBHrvd8801FCMMPpmChVKI_Mip9exyaDdW3NT_YvX9BfRlviqpO_spy143ePW3rTgr0s&sig=Cg0ArKJSzJTzJTPsgS8REAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 08 Jul 2023 21:40:23 GMT

GET
H3 200 container.html Show response
fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1013 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 21:40:20 GMT
expires: Sun, 07 Jul 2024 21:40:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7F82 640 B
265 B 49ms
48ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNUB8R4GScZ4vFSLOPYOmoefKOhI7SLexphMh9aT9gay3CtjMvQaK8y4GCi5KFkoOl41cNtQ8iy5mbYbEMjt9bPXRrSt2LLp2b6LfNEPHkGMSHKPkcRkOig7WOE7NpozPTGD4lo6NHnvUIezKohObN37RSlbGnycBSzsdCNrRU5VgrfwiAM

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 21:40:23 GMT
expires: Sat, 08 Jul 2023 21:40:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4173 78 KB
27 KB 96ms
96ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 21:40:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 4173 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:47:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6803
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 19:47:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 4173 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15673
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 17:19:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4173 179 KB
56 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jul 2023 21:40:23 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4173 42 B
63 B 41ms
41ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D_RVsvXu6a6vV0XkHTvGEk4nzhx-aFH7yDaLot7cHSOWwN5Ks7wp14VwkwRASWcxZD22nSui8ZxXyxu7a2r-_S_YIdqj6I8m_sNRhTEbiVk0C2w4E

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4173 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5539784580046951604&x=1&ct=76

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 7F82
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDE24gTS58eXl1H9mCJNi_c&google_cver=1

43 B
61 B

29ms
28ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDE24gTS58eXl1H9mCJNi_c&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNUB8R4GScZ4vFSLOPYOmoefKOhI7SLexphMh9aT9gay3CtjMvQaK8y4GCi5KFkoOl41cNtQ8iy5mbYbEMjt9bPXRrSt2LLp2b6LfNEPHkGMSHKPkcRkOig7WOE7NpozPTGD4lo6NHnvUIezKohObN37RSlbGnycBSzsdCNrRU5VgrfwiAM
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:23 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDE24gTS58eXl1H9mCJNi_c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 7F82 43 B
120 B 24ms
23ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNUB8R4GScZ4vFSLOPYOmoefKOhI7SLexphMh9aT9gay3CtjMvQaK8y4GCi5KFkoOl41cNtQ8iy5mbYbEMjt9bPXRrSt2LLp2b6LfNEPHkGMSHKPkcRkOig7WOE7NpozPTGD4lo6NHnvUIezKohObN37RSlbGnycBSzsdCNrRU5VgrfwiAM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:23 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 7F82
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEKPW9cV2JX8_cWXCgNpA8JA&google_cver=1

23 B
163 B

41ms
40ms

Image
image/gif

23.205.93.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEKPW9cV2JX8_cWXCgNpA8JA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNUB8R4GScZ4vFSLOPYOmoefKOhI7SLexphMh9aT9gay3CtjMvQaK8y4GCi5KFkoOl41cNtQ8iy5mbYbEMjt9bPXRrSt2LLp2b6LfNEPHkGMSHKPkcRkOig7WOE7NpozPTGD4lo6NHnvUIezKohObN37RSlbGnycBSzsdCNrRU5VgrfwiAM
Protocol: H2
Server: 23.205.93.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-93-33.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 08 Jul 2023 21:40:23 GMT
pragma: no-cache
date: Sat, 08 Jul 2023 21:40:23 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEKPW9cV2JX8_cWXCgNpA8JA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 7F82 23 B
163 B 41ms
41ms Image
image/gif 23.205.93.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNUB8R4GScZ4vFSLOPYOmoefKOhI7SLexphMh9aT9gay3CtjMvQaK8y4GCi5KFkoOl41cNtQ8iy5mbYbEMjt9bPXRrSt2LLp2b6LfNEPHkGMSHKPkcRkOig7WOE7NpozPTGD4lo6NHnvUIezKohObN37RSlbGnycBSzsdCNrRU5VgrfwiAM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.93.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-93-33.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 08 Jul 2023 21:40:23 GMT
pragma: no-cache
date: Sat, 08 Jul 2023 21:40:23 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4173 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6592220104237&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4173 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6592220104237&version=m202301230201&ct=76&x=1&cor=5539784580046951000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4173 104 KB
40 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BhdHzeERegHqwtYBD2BasT2VIAw3fIQhYiySLj54P_mqa9dTWVbBJ7_57PjXs2ERbKeJHKdWbIAl0r2AqOoHiY8P9ZFcw2skOUHjwDpRSlDZ3pA7Ne_e05AWhZhTS8AlNTMcAiMIkl2iNi2nE4KZY7dJ_ERMPAMl8b7d4yT5UCf5bckIM&dbm_d=AKAmf-BUcUdqWhY0lWXfGzbiYFktz1yncwOFwp_A-g43jpLZvx9VorrdGv_Yd7WdcY8pNeY7GGQbDlS8O9B6KYQlX_1fKgMZq_3XbiJNG8hIywosssKDQoGxufoSw8nUENpKcE2MtBKHbf5_qTzv5Um--L1ZXwoi06zuZi2Vqnxxy-8BYXoEv0oJRj0UyPFW6ZZo915YhKfI4LvJwACXZNj_Z8jotQpr_KDE2Q-JSf3NBQO5eglf18yb-PfrA5uvi4P6o11XKzgyk00Y10vzVbzi4k3YzlTbiB2-OuajRgFMTb2ru0Uu3zvGiTFEGZ7oRhPWUz-Rp90vSpVGp67-dDWoeSR9jg4ZGwOnBMnt33rE0S6N-EJUwuqJjyI4aOZEpLuI4wQGuvhdF1cmYVn-19VNMiAUcOba-qlqV01kQEwRU57v1zZXUgBEF8e5NGc8bx9d2L8cZ9gKkkR31kQqIrwxH_KfufRTkEJhm2GrXHnn3FvBSn1uOwOWqPBmYfahhaH2eMo4P-tAzfFvBBdmOLLPaXPp30vtXSFYZySyXjLsMlvySTme2J1WTA5XYlvtGvbterC4sxGM7WZEOhCdyOTfm2_2dH8xEtRPGcO3q_tJlMcSrbuLFhHzEypgzHCGlZJslQBDbA2KZK-8TJOikCBMIKXlBBJBgb88HQxAgzfTP_YJXfnrkEeG_Gq2hsx-HNARpv3khTPbWwdGidBYGEu7DweWQ7tzoE0Ov9mEd3lRDuiiNghFKEX3CRqs3ZV79Cw28PLxo74D5KTXxfChqOWWa2lDNgwK0KgmMtSE9uJp0IfJiLojg27b0DDa5oFYv8TfoCRl0LgCdNraF9iFgdGgdFsu8TH_QzfJZbXCrE654zelSTM6Os7grDwb_oe_EoK7Vti-Jl7mAcCeFCNz_HUuuEprfNijjTm7ok0QnQZZhzG2WiDge_6mjJHp-WIikjzYpvqIEKrbQYAJ6sFcFsmA3wd5vEfU1vGTEyQGyelfaN0ZR1jJ0VFOkK70RhnqFzRHYQLF9XCuj3Jz9RYq8fooeRVI7V9cd0oWJo_WIX38vMdIF7kh4Mz7n3EvCWJ2UoFESS14uXN7L6lt9w_oJhn2nkIUBf6yrq1Dab74472UqwDU9qnt7d9SXtJTLri54nvDkrkL1Jr1QNNDCwGtFF0edoCPwj6UeC680sw46bDCbe2dVe4apoziykj9j586QdQ01RUR7BUZvqFLYli1vsymMADDfoFkqG40Uz1fR7DuJ2fSIct0rAFIhUGKJGEFfYH8I9rPbYURZAf3KBNZjARKG48Z9WWkWjxMlP8d1k-oC8L735sYAOZyT1laUNSmuNYh0P54RawNEq5SSISW8b-9XkeL8jCbDQla_xTwXnvJDvvBk2xKZQh_XYFaFTpLe9Rve6yEZOQfE_-dpWBklibIjT_dzH9rzQLrmjr1ysTC56iNN1XLfxVTnZMPx2vpJEtZcUj0xQbPTMXzI27orR9rjhrl1ml5FjAWECNEbTLMbdlmUQNEkZkJzOQkHnIheRMMkLEObenhu1uxf8n1By3bvPkhesmrYeu-pYPEhVGngAXx92W2Db-DkzPtfM8pFeiev3CU8FhDtGcPo7aEq4cjx8p_E4UD-tPJLw73foG2y582zr6nNwd48HPSOMQINJsHO_goW-1wsO8RuT7-hmKmPat24ZAArfFnnHlBjE1UOBBKe29D2lCbsJbEDBsCkDbB7SG5ByGQWr0t6Vak7d9FU6qdG6ZYatoE-LLWGzhJSzG7WnZjWpGyi80hIG2o0ykuUurvdWbdygv9jQnp-a4Bp9okzorYV7z2ObZclTqv3xA0gH_gnCPNXewW9ACLotRLlfvIX4mXZA4hVb4cqHmX7yIxyqWqHsMWi1mV_OvJDxACQ_SsoBeZ8D--wxujqXhKg9B4mtzFyKzjK5hMrWNwWDksmbQ_S59hpGqtcLA89JqlRghdzfvtOq1Jpdj_sjI_2JqVojXzWmlvnwsU8_8V9-XJGsiwCNK_agm2LflZXpoLpTH-0tSawdHD3831UL02ldwRkQH9a5NHREGta2GhyLVqPstnWDxRMzoDcTaSeQizwPtNHuIlovXjXjgvKvdbwuBHfvEwz0LDHOfnCKu-UzZurCU-6KBhBVHFW3tJtU7U-xY0xO3NEakYkWPXSQHhhCFQTH_UkqBDgdXvqddwnkE37tgDY4WeyLRBWupcaJF87GK0kPW1ugLzr6Q3vXVc9dgz0gXvin0INF-7nT4v-6EPIHc7idTDssxISCv-kxyotr_LDuVYqAmDD2ehbLhPeTg7YIpjWO8u6r7TUOD_PGc4bAKtufUigyWPJ9NBqojOhbGG9eQ9VsQJCX_m9T5Ocge4R71PCnpLk7zr7sbhLMARqecZ_rdzKd70k6Y-Bbdyl8ibopmH53ZAZgHv6oW7ZfC6qulxeAH_HuOqaVxPwMTJA_rENsBiiZiPwtbJknGb33SpVD-I-OyoJaWgZJ3k2w6gtAkZKW919nT89zjLb_0peaUh__wgE4ADSxr4_ygnqOQ7CrBh4wZNdXVXAQeaUgVV1cGIls4pDD406YmzCU1YxJp11enstrUgezO0MeDfmsULyh3yWpvO3dGqNTjo3kC3YkK40QKG53PsSKSXdDFmkQMVO-tEO28YS--mjV1rUPJfR4jg8AnPThi5J9vmwm0Bm5VPhw_EeZOu5Tp1huPzT0KYSiwdqFEgPyBsCw8URLcBRyhn-6_6E4sJ33_Tkh0gBv-4kJfYTSG1iyisOcGGyvn4SUCCE1vISGVbCXSgGiHCjmFYVV6PuEVypmCX-ypAwy7uG0gIwhMNiPF0joyDZFPU4hvJkT9uhcfNDBo2a4jBYqBFwkihmpL5DhB3brM9eZyJSadXSFtPCBsNvMOL5PKQKW-T1Fd7XnkP7EWi5yOrRfhqAZtDDZnd_VAdADaI4xfovYwO2dwga8goy3YlTsBVIXsP5013_mZ7ns21o46frJa1yYMftsSVo7E0tBOt_ijPmwtYf6HbgNaYX__LGIY0uoJZhZzc9PSfIceNOl2QkORI8dU9r5yqyoLtBoRW-lWcuZWdtzxdqiQJyor6Kw0_PDxFhtwdruaqKDbNiXTabfr64P9yTHNsjaVwOpd300MCvqOXViLXpV00R368xVYLHwDpkIqBm_BJyr07iWzezWrt9jyTm9mPEJXIPrbd2E5aqAvkU5wx6Aa3kyPD_bVj-k1ifruMH-oAExx0PjjNwRygMAjr-guZXX6uozniSKc1vH-NAHtfY1jpA7KdJeUkfC9-CnB9SNyuqJ4_thANdk6wLGhYtqNhNptbvDjZItPw_GgSRPNE87aF17WfJznRH951dLyoXyh_L33rveXtPh5_jBB_GmWULmMljqQlYV_Dmf-h6dbjzO9E3bhVaLnRbvBgzBBDZX59IveZN-OOaQarR0oFRkmzxu8FLi-HOUspZgQWTZm26kEMt0AfodEdnP992D8igVesF0RAMmz9URy6VQfApBtxk0eOcQuhq4wa_ROT7z22A__C6C7JelU2WmVvg3t7fC_sw8I8bhvAcpA6G7jCt9AEHlk444fgs3xHFzHPjf0nTo4fKfsPtXXwUQ&cid=CAQSSwBpAlJW3PYr7ogKn_SNhueSGoenK5QJP_thRcgorJUqWvO75L71HLmcQ5XPuF4sExfC-hXbdfVzt88ytkZQovCosHjv0rY05Mib6BgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fstad.yalla-shoot.io%2F&ds=l&xdt=1&iif=1&cor=5539784580046951000&adk=1215661106&idt=100&cac=0&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f30e38ed9ab2fbcad0ccce87014dde2e5eb345150f93ed3394d48f268e6c9337

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40592
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/987057/61527017/ Frame 4173 246 KB
74 KB 260ms
56ms Script
application/javascript 54.228.176.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/987057/61527017/skeleton.js?ias_dspID=3&ias_campId=1010147415&ias_pubId=pub-2930805104418204&ias_chanId=1&ias_placementId=19422216621&bidurl=https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jhQHLuLDvsICfQ9VMO1QFz
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.176.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-176-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: db970f9e9253df6b17d5888f7b86dd1a611c65385f09d1e27cdfd02b51619b55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:23 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4173 111 KB
39 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
Origin: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Jul 2023 10:17:05 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/ Frame 4173 11 KB
4 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BhdHzeERegHqwtYBD2BasT2VIAw3fIQhYiySLj54P_mqa9dTWVbBJ7_57PjXs2ERbKeJHKdWbIAl0r2AqOoHiY8P9ZFcw2skOUHjwDpRSlDZ3pA7Ne_e05AWhZhTS8AlNTMcAiMIkl2iNi2nE4KZY7dJ_ERMPAMl8b7d4yT5UCf5bckIM&dbm_d=AKAmf-BUcUdqWhY0lWXfGzbiYFktz1yncwOFwp_A-g43jpLZvx9VorrdGv_Yd7WdcY8pNeY7GGQbDlS8O9B6KYQlX_1fKgMZq_3XbiJNG8hIywosssKDQoGxufoSw8nUENpKcE2MtBKHbf5_qTzv5Um--L1ZXwoi06zuZi2Vqnxxy-8BYXoEv0oJRj0UyPFW6ZZo915YhKfI4LvJwACXZNj_Z8jotQpr_KDE2Q-JSf3NBQO5eglf18yb-PfrA5uvi4P6o11XKzgyk00Y10vzVbzi4k3YzlTbiB2-OuajRgFMTb2ru0Uu3zvGiTFEGZ7oRhPWUz-Rp90vSpVGp67-dDWoeSR9jg4ZGwOnBMnt33rE0S6N-EJUwuqJjyI4aOZEpLuI4wQGuvhdF1cmYVn-19VNMiAUcOba-qlqV01kQEwRU57v1zZXUgBEF8e5NGc8bx9d2L8cZ9gKkkR31kQqIrwxH_KfufRTkEJhm2GrXHnn3FvBSn1uOwOWqPBmYfahhaH2eMo4P-tAzfFvBBdmOLLPaXPp30vtXSFYZySyXjLsMlvySTme2J1WTA5XYlvtGvbterC4sxGM7WZEOhCdyOTfm2_2dH8xEtRPGcO3q_tJlMcSrbuLFhHzEypgzHCGlZJslQBDbA2KZK-8TJOikCBMIKXlBBJBgb88HQxAgzfTP_YJXfnrkEeG_Gq2hsx-HNARpv3khTPbWwdGidBYGEu7DweWQ7tzoE0Ov9mEd3lRDuiiNghFKEX3CRqs3ZV79Cw28PLxo74D5KTXxfChqOWWa2lDNgwK0KgmMtSE9uJp0IfJiLojg27b0DDa5oFYv8TfoCRl0LgCdNraF9iFgdGgdFsu8TH_QzfJZbXCrE654zelSTM6Os7grDwb_oe_EoK7Vti-Jl7mAcCeFCNz_HUuuEprfNijjTm7ok0QnQZZhzG2WiDge_6mjJHp-WIikjzYpvqIEKrbQYAJ6sFcFsmA3wd5vEfU1vGTEyQGyelfaN0ZR1jJ0VFOkK70RhnqFzRHYQLF9XCuj3Jz9RYq8fooeRVI7V9cd0oWJo_WIX38vMdIF7kh4Mz7n3EvCWJ2UoFESS14uXN7L6lt9w_oJhn2nkIUBf6yrq1Dab74472UqwDU9qnt7d9SXtJTLri54nvDkrkL1Jr1QNNDCwGtFF0edoCPwj6UeC680sw46bDCbe2dVe4apoziykj9j586QdQ01RUR7BUZvqFLYli1vsymMADDfoFkqG40Uz1fR7DuJ2fSIct0rAFIhUGKJGEFfYH8I9rPbYURZAf3KBNZjARKG48Z9WWkWjxMlP8d1k-oC8L735sYAOZyT1laUNSmuNYh0P54RawNEq5SSISW8b-9XkeL8jCbDQla_xTwXnvJDvvBk2xKZQh_XYFaFTpLe9Rve6yEZOQfE_-dpWBklibIjT_dzH9rzQLrmjr1ysTC56iNN1XLfxVTnZMPx2vpJEtZcUj0xQbPTMXzI27orR9rjhrl1ml5FjAWECNEbTLMbdlmUQNEkZkJzOQkHnIheRMMkLEObenhu1uxf8n1By3bvPkhesmrYeu-pYPEhVGngAXx92W2Db-DkzPtfM8pFeiev3CU8FhDtGcPo7aEq4cjx8p_E4UD-tPJLw73foG2y582zr6nNwd48HPSOMQINJsHO_goW-1wsO8RuT7-hmKmPat24ZAArfFnnHlBjE1UOBBKe29D2lCbsJbEDBsCkDbB7SG5ByGQWr0t6Vak7d9FU6qdG6ZYatoE-LLWGzhJSzG7WnZjWpGyi80hIG2o0ykuUurvdWbdygv9jQnp-a4Bp9okzorYV7z2ObZclTqv3xA0gH_gnCPNXewW9ACLotRLlfvIX4mXZA4hVb4cqHmX7yIxyqWqHsMWi1mV_OvJDxACQ_SsoBeZ8D--wxujqXhKg9B4mtzFyKzjK5hMrWNwWDksmbQ_S59hpGqtcLA89JqlRghdzfvtOq1Jpdj_sjI_2JqVojXzWmlvnwsU8_8V9-XJGsiwCNK_agm2LflZXpoLpTH-0tSawdHD3831UL02ldwRkQH9a5NHREGta2GhyLVqPstnWDxRMzoDcTaSeQizwPtNHuIlovXjXjgvKvdbwuBHfvEwz0LDHOfnCKu-UzZurCU-6KBhBVHFW3tJtU7U-xY0xO3NEakYkWPXSQHhhCFQTH_UkqBDgdXvqddwnkE37tgDY4WeyLRBWupcaJF87GK0kPW1ugLzr6Q3vXVc9dgz0gXvin0INF-7nT4v-6EPIHc7idTDssxISCv-kxyotr_LDuVYqAmDD2ehbLhPeTg7YIpjWO8u6r7TUOD_PGc4bAKtufUigyWPJ9NBqojOhbGG9eQ9VsQJCX_m9T5Ocge4R71PCnpLk7zr7sbhLMARqecZ_rdzKd70k6Y-Bbdyl8ibopmH53ZAZgHv6oW7ZfC6qulxeAH_HuOqaVxPwMTJA_rENsBiiZiPwtbJknGb33SpVD-I-OyoJaWgZJ3k2w6gtAkZKW919nT89zjLb_0peaUh__wgE4ADSxr4_ygnqOQ7CrBh4wZNdXVXAQeaUgVV1cGIls4pDD406YmzCU1YxJp11enstrUgezO0MeDfmsULyh3yWpvO3dGqNTjo3kC3YkK40QKG53PsSKSXdDFmkQMVO-tEO28YS--mjV1rUPJfR4jg8AnPThi5J9vmwm0Bm5VPhw_EeZOu5Tp1huPzT0KYSiwdqFEgPyBsCw8URLcBRyhn-6_6E4sJ33_Tkh0gBv-4kJfYTSG1iyisOcGGyvn4SUCCE1vISGVbCXSgGiHCjmFYVV6PuEVypmCX-ypAwy7uG0gIwhMNiPF0joyDZFPU4hvJkT9uhcfNDBo2a4jBYqBFwkihmpL5DhB3brM9eZyJSadXSFtPCBsNvMOL5PKQKW-T1Fd7XnkP7EWi5yOrRfhqAZtDDZnd_VAdADaI4xfovYwO2dwga8goy3YlTsBVIXsP5013_mZ7ns21o46frJa1yYMftsSVo7E0tBOt_ijPmwtYf6HbgNaYX__LGIY0uoJZhZzc9PSfIceNOl2QkORI8dU9r5yqyoLtBoRW-lWcuZWdtzxdqiQJyor6Kw0_PDxFhtwdruaqKDbNiXTabfr64P9yTHNsjaVwOpd300MCvqOXViLXpV00R368xVYLHwDpkIqBm_BJyr07iWzezWrt9jyTm9mPEJXIPrbd2E5aqAvkU5wx6Aa3kyPD_bVj-k1ifruMH-oAExx0PjjNwRygMAjr-guZXX6uozniSKc1vH-NAHtfY1jpA7KdJeUkfC9-CnB9SNyuqJ4_thANdk6wLGhYtqNhNptbvDjZItPw_GgSRPNE87aF17WfJznRH951dLyoXyh_L33rveXtPh5_jBB_GmWULmMljqQlYV_Dmf-h6dbjzO9E3bhVaLnRbvBgzBBDZX59IveZN-OOaQarR0oFRkmzxu8FLi-HOUspZgQWTZm26kEMt0AfodEdnP992D8igVesF0RAMmz9URy6VQfApBtxk0eOcQuhq4wa_ROT7z22A__C6C7JelU2WmVvg3t7fC_sw8I8bhvAcpA6G7jCt9AEHlk444fgs3xHFzHPjf0nTo4fKfsPtXXwUQ&cid=CAQSSwBpAlJW3PYr7ogKn_SNhueSGoenK5QJP_thRcgorJUqWvO75L71HLmcQ5XPuF4sExfC-hXbdfVzt88ytkZQovCosHjv0rY05Mib6BgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fstad.yalla-shoot.io%2F&ds=l&xdt=1&iif=1&cor=5539784580046951000&adk=1215661106&idt=100&cac=0&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 17:16:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/ Frame 4173 30 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 17:16:44 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4173 41 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 13:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 373668
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jul 2024 13:52:35 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2F19 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 194853
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 15:32:50 GMT
expires: Fri, 05 Jul 2024 15:32:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12784067222800087067/ Frame AB52 141 KB
22 KB 8ms
7ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4f828bd932e3d2cfc41828f719a08047655f9572c4cc79828fc336c23a6f2ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 385738
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22859
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 04 Jul 2023 10:31:25 GMT
expires: Wed, 03 Jul 2024 10:31:25 GMT
last-modified: Wed, 09 Feb 2022 10:31:32 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4173 0
0 52ms
52ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvsXLrDNSM0DyLGe_gCa8Syubu9sWbcuxkIi-Ea9yWfgkzaQptq6N7_1NwjHx2D2dBhvNDwzwQ4U1G9w2QJkoOO0ZpUtsxt3R4OF6oO9km-_Ph4klLQW5-QMQ5stF1uQKkHtzLm_bPVo85k83xKxbDdB9tHQR4hbQTLRxYFPTIlNVpF5JD4kSAySg9G0MYQSQceTN75uDunLFbce4DUDbf0F2Ti8FZVkGxP7_wCRMROnnVbZiQ02LM45rTF2GxszQrzEjFVYzaEqK-gMGW48Z7AW1dHolxiuw3QHu8I0Gxowdv6l_4aWmVFFTeB0p5i3o8t7s_G06xGzJiRUHWtdWcXfAK0HD9aVHSVFygxPCR3EZx8txlz2B9lWI3X70HGt8V0m4gOMUDkwDkDgJ2w362N1OLX5sK016aOQmviKkEPY30kNSAeHzL_3Q90flPY0DWypTkIQkEok2FmUKaZl476DfmZKOQRPNJk8CU5WeZdd7iJeELkkVG-EbKOn5h9D_tysMTEt61fL_sR-7HKX_DhdOyTniOYtRdc6HToEurJ2r4Gv9HaSbLdQdL-n6GWYLwVRVX_qRDuGXHSy5xl5t2iOTiSxZGcp-8evgFOvaxWiRTcEkoZ5yR66IZeDgUUWj_qUQJy_CvlTUKOhKl3FcMNWPDK0xOROIMSXWEfS9jH1CN-B4A4vAWGOzoIEfgJpZ7REmipArAAnCjOFTSQW3s2DCzy3iVk_WQ5O3Jg8IlYy6cqQf2G8eL2xqBmwHZ_0kFtY-b2Hw2qWle33gLH4lgcxE5_ErUcdw79ZQ9LEPgntbXRSNF_OV3bDmvX6CQMa8tGiC3HXbp1Jr0iops7yqEcccas6tLozoe-tY6Ks_vfyplzcTCliaSwO-Qr-5wOP0iHA6zFrqdcvx1LBZ1eDAoPhf5ZzDqd6OIVhA-VRYtwm4jMX2UXLT7HlxBHIGvAlR1ij5WCGEsJC4EmZfjfJXa_vQdWv61fb8mx6jLeVPtN9-lO06SBgqnfy8e2Qm42U_L-Da6o3IJY99sNfyJ-XGGBL7tXmxQHr44VxBLGXJS-qcdqTCqN8YgpI31q4IEF0OVfjOYIP9iq-5htLXc1KLWFCJpGTePUMQzfgDFW4oqZJGI_of1zA-9keWif2IujKD6ka4_3AIjlmuG0mCB7mgxihMPiTyjsfNocGcS0RclFl08_NbCPsYX34gTH-vY1bBreka8CLb88h4Ae2se36HHABk9l5R7-2ji60aD1dmLnq-R_0wPIDp4uQTYYfu9TNWHzBByOf6uxrjL1Ygeet13DDABhLgQTQaXaZBWyLxAciMs4efBBbeXMU__y&sai=AMfl-YTyOpOYosmG1aKNpQomMhf8SqOeyqgY6qLR0vcirKPLsbHDRjUBA7Y1rIZ5Uto0avN9L9GNKLkF76HALyNiqsrEF6Hlty11TDlQAKd5MZvjJqQznPbypK0Gc5L36Su43CBMUD7Fyotmqv1QyXBkTlnDdxGsDAxLgZu6hHmEuRW8WC_2ReOlxPx_w6vsEp9nVON8tWKv5hQxtXehXBhs-7ef4gkVkRSq76iGY36gGaJAFPhzCH8J4iQyoFtFpGuBpFO8PmHdfNCSg18Wcj5D-VHCdR0sC0iv&sig=Cg0ArKJSzO1oEs6m_T28EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=207&cbvp=1&cstd=206&cisv=r20230705.05503&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 08 Jul 2023 21:40:23 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 08 Jul 2023 21:40:23 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame AB52 29 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 00:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Jul 2023 00:48:37 GMT

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 2F19 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 19:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 267278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jul 2024 19:25:45 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4173 0
0 46ms
46ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvsXLrDNSM0DyLGe_gCa8Syubu9sWbcuxkIi-Ea9yWfgkzaQptq6N7_1NwjHx2D2dBhvNDwzwQ4U1G9w2QJkoOO0ZpUtsxt3R4OF6oO9km-_Ph4klLQW5-QMQ5stF1uQKkHtzLm_bPVo85k83xKxbDdB9tHQR4hbQTLRxYFPTIlNVpF5JD4kSAySg9G0MYQSQceTN75uDunLFbce4DUDbf0F2Ti8FZVkGxP7_wCRMROnnVbZiQ02LM45rTF2GxszQrzEjFVYzaEqK-gMGW48Z7AW1dHolxiuw3QHu8I0Gxowdv6l_4aWmVFFTeB0p5i3o8t7s_G06xGzJiRUHWtdWcXfAK0HD9aVHSVFygxPCR3EZx8txlz2B9lWI3X70HGt8V0m4gOMUDkwDkDgJ2w362N1OLX5sK016aOQmviKkEPY30kNSAeHzL_3Q90flPY0DWypTkIQkEok2FmUKaZl476DfmZKOQRPNJk8CU5WeZdd7iJeELkkVG-EbKOn5h9D_tysMTEt61fL_sR-7HKX_DhdOyTniOYtRdc6HToEurJ2r4Gv9HaSbLdQdL-n6GWYLwVRVX_qRDuGXHSy5xl5t2iOTiSxZGcp-8evgFOvaxWiRTcEkoZ5yR66IZeDgUUWj_qUQJy_CvlTUKOhKl3FcMNWPDK0xOROIMSXWEfS9jH1CN-B4A4vAWGOzoIEfgJpZ7REmipArAAnCjOFTSQW3s2DCzy3iVk_WQ5O3Jg8IlYy6cqQf2G8eL2xqBmwHZ_0kFtY-b2Hw2qWle33gLH4lgcxE5_ErUcdw79ZQ9LEPgntbXRSNF_OV3bDmvX6CQMa8tGiC3HXbp1Jr0iops7yqEcccas6tLozoe-tY6Ks_vfyplzcTCliaSwO-Qr-5wOP0iHA6zFrqdcvx1LBZ1eDAoPhf5ZzDqd6OIVhA-VRYtwm4jMX2UXLT7HlxBHIGvAlR1ij5WCGEsJC4EmZfjfJXa_vQdWv61fb8mx6jLeVPtN9-lO06SBgqnfy8e2Qm42U_L-Da6o3IJY99sNfyJ-XGGBL7tXmxQHr44VxBLGXJS-qcdqTCqN8YgpI31q4IEF0OVfjOYIP9iq-5htLXc1KLWFCJpGTePUMQzfgDFW4oqZJGI_of1zA-9keWif2IujKD6ka4_3AIjlmuG0mCB7mgxihMPiTyjsfNocGcS0RclFl08_NbCPsYX34gTH-vY1bBreka8CLb88h4Ae2se36HHABk9l5R7-2ji60aD1dmLnq-R_0wPIDp4uQTYYfu9TNWHzBByOf6uxrjL1Ygeet13DDABhLgQTQaXaZBWyLxAciMs4efBBbeXMU__y&sai=AMfl-YTyOpOYosmG1aKNpQomMhf8SqOeyqgY6qLR0vcirKPLsbHDRjUBA7Y1rIZ5Uto0avN9L9GNKLkF76HALyNiqsrEF6Hlty11TDlQAKd5MZvjJqQznPbypK0Gc5L36Su43CBMUD7Fyotmqv1QyXBkTlnDdxGsDAxLgZu6hHmEuRW8WC_2ReOlxPx_w6vsEp9nVON8tWKv5hQxtXehXBhs-7ef4gkVkRSq76iGY36gGaJAFPhzCH8J4iQyoFtFpGuBpFO8PmHdfNCSg18Wcj5D-VHCdR0sC0iv&sig=Cg0ArKJSzO1oEs6m_T28EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=238&vt=11&dtpt=31&dett=3&cstd=206&cisv=r20230705.05503&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 08 Jul 2023 21:40:23 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame AB52 2 KB
1 KB 9ms
9ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:32:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 476
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 21:47:27 GMT

GET
H3 200 logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame AB52 3 KB
1 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:24:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 21:50:57 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame AB52 6 KB
2 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 767
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 21:42:36 GMT

GET
H3 200 head2_2line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame AB52 12 KB
3 KB 12ms
11ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_2line_family.svg

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bd4b6c45e7bc6a8d91d052fd971d32dae0282cdc0a8513ff8dc60f4b3f2a274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 825
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3442
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 21:41:38 GMT

GET
H3 200 head1_1line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame AB52 7 KB
2 KB 11ms
11ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_family.svg

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3192c9a7e98a6d2874cde7e3a27c4f6149d4b1034ac6acd81a7d2d6ef1393761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 841
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2321
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 21:41:22 GMT

GET
H3 200 728x90_kv_family.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame AB52 38 KB
38 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/728x90_kv_family.jpg

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cdafa331554b9a58e4406b653270c0b44945e431761cfeb3876229f001f8af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:28:49 GMT
x-content-type-options: nosniff
age: 694
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39260
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jul 2023 21:43:49 GMT

GET
H2 200 prebid.js Show response
cdn.projectagora-adtag-library.com/prebid/latest/ Frame 1EC3 461 KB
145 KB 7ms
7ms Script
application/javascript 2a02:26f0:480:f::213:7ee0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Requested by: Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 7f057babecc87f857745379d106f0555cb4fc3b946907d97c9f4f4be73b578c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:23 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycduuD9i-Iqmpi_NonWaC0JJjo9w1ggIDDAzHk5SAH_9oHqkdex_9Jl-vvFV3drsX8CDDnQqeFeR1LSAG1lj22yRu
x-amz-meta-version: 100.3.0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 148361
last-modified: Wed, 05 Apr 2023 11:13:49 GMT
server: UploadServer
etag: "51a6d662613cd0e83af4437fd97ba690"
vary: Accept-Encoding
x-goog-generation: 1680693229408865
content-type: application/javascript
x-goog-hash: crc32c=USVG7Q==, md5=UabWYmE80Og69EN/2XumkA==
cache-control: private, max-age=86400
x-goog-stored-content-length: 148361
accept-ranges: bytes

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame 4173
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/987057/61527017/4.js?ias_dspID=3&ias_campId=1010147415&ias_pubId=pub-2930805104418204&ias_chanId=1&ias_placementId=19422216621&bidurl=https://stad.yalla-shoot....
https://static.adsafeprotected.com/4a.js

2 KB
2 KB

19ms
19ms

Script
application/javascript

2600:9000:2246:7400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:2246:7400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 19:42:03 GMT
x-amz-version-id: SJLYBA351pqECJYqjJA4.3WvprugNKiT
content-encoding: gzip
via: 1.1 5071afda1ab6f09c39c5873ced3e225c.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
age: 266302
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 05 Jul 2023 19:42:00 GMT
server: AmazonS3
etag: W/"589d8955c4906ab1b8e63a2f92d932d3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: kNXLlX4IDior1PYGOoTwHsmnr97hGQPEcV2nkl7KnQSDEtVRWnigPw==

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:24 GMT
server: nginx
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 3D08 91 KB
23 KB 81ms
22ms Script
application/javascript 2600:9000:2246:7400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2246:7400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 5071afda1ab6f09c39c5873ced3e225c.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
age: 25077847
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: YkPoEy54OYocEI8Oj-bm9i84Jvcsf8Q9VqrpVMGjhSblejqKTZoiuw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4173 43 B
215 B 355ms
102ms Image
image/gif 2600:1f18:1aca:4281:249b:3721:523:630f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=6fb44fa0-136e-b073-672b-cc78b46e45d1&tv=%7Bc:hOybSS,pingTime:-3,time:52,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:26%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:52,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B45~0%5D,as:%5B45~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJsoERs+111%7C12%7C13%7C141%7C142%7C143%7C144%7C145%7C146%7C147%7C148%7C149%7C14a%7C14b%7C14c%7C14d%7C14e%7C14f%7C14g%7C151%7C152%7C1531%7C161%7C162%7C163%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1d%7C1e%7C1f1%7C1f2%7C1f31%7C1g1%7C1h1*.987057-61527017%7C1h11%7C1h121%7C1h13,idMap:1h1*,rmeas:1,rend:0,renddet:IMG.us,siq:27%7D&br=c
Requested by: Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:249b:3721:523:630f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:24 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4173 43 B
216 B 351ms
101ms Image
image/gif 2600:1f18:1aca:4281:249b:3721:523:630f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=6fb44fa0-136e-b073-672b-cc78b46e45d1&tv=%7Bc:hOybST,pingTime:-6,time:53,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:53,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJsoERs+111%7C12%7C13%7C141%7C142%7C143%7C144%7C145%7C146%7C147%7C148%7C149%7C14a%7C14b%7C14c%7C14d%7C14e%7C14f%7C14g%7C151%7C152%7C1531%7C161%7C162%7C163%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1d%7C1e%7C1f1%7C1f2%7C1f31%7C1g1%7C1h1*.987057-61527017%7C1h11%7C1h121%7C1h13,idMap:1h1*,rmeas:1,rend:0,renddet:IMG.us,siq:27%7D&tpiLookup=ao:stad.yalla-shoot.io*%2Cfff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com*&br=c
Requested by: Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:249b:3721:523:630f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:24 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 1EC3 2 KB
1 KB 18ms
7ms XHR
application/json 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230708

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1d5650ba604a8f3db044431fa60a3feaf22ebd5b290153cf49bf1c36ddb017aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stad.yalla-shoot.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 08 Jul 2023 21:40:23 GMT
x-content-type-options: nosniff
content-encoding: br
age: 20375
x-jsd-version: 1.0.1745
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 850
x-served-by: cache-fra-eddf8230039-FRA
x-jsd-version-type: version
etag: W/"63b-m2E8zccfZgYfgE9p+JF9xJa90Js"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 min.js Show response
cdn.kdaimo.com/projectagora-483829/ Frame 1EC3 3 KB
3 KB 109ms
21ms Script
text/plain 52.222.149.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.kdaimo.com/projectagora-483829/min.js
Requested by: Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag/latest/pav2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-26.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94e1ce5a00242c1352435871c46a8f36db344edf4d823234cdce4ccc5f40ca0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:52:10 GMT
x-amz-version-id: null
via: 1.1 bfe6539ddfc76c3ba5ee5e95acacd26e.cloudfront.net (CloudFront)
last-modified: Wed, 06 Apr 2022 01:00:55 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P1
age: 35294
etag: "61e4dbcc663e6d945cd8b7db1c35a1e6"
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 2849
x-amz-cf-id: M_zZPoKM-UuPm96Y3FIdlPVIRNKP69ZZu2JgkfUVmQ0RKIi8aPeBSA==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4173 43 B
215 B 329ms
101ms Image
image/gif 2600:1f18:1aca:4281:249b:3721:523:630f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=6fb44fa0-136e-b073-672b-cc78b46e45d1&tv=%7Bc:hOybTi,pingTime:-2,time:78,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:522,beZ:523,mfA:525,cmA:527,inA:527,inZ:532,prA:532,prZ:543,si:549,poA:550,poZ:568,cmZ:568,mfZ:568,loA:576,loZ:578,ltA:600,ltZ:600%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:26%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:78,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B71~0%5D,as:%5B71~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJsoERs+111%7C12%7C13%7C141%7C142%7C143%7C144%7C145%7C146%7C147%7C148%7C149%7C14a%7C14b%7C14c%7C14d%7C14e%7C14f%7C14g%7C151%7C152%7C1531%7C161%7C162%7C163%7C17%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1d%7C1e%7C1f1%7C1f2%7C1f31%7C1g1%7C1h1*.987057-61527017%7C1h11%7C1h121%7C1h13,idMap:1h1*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:27,sinceFw:50,readyFired:true%7D&br=c
Requested by: Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:249b:3721:523:630f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:24 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F19 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BEmCqx9epZOPlFZflx_APmdyFkAIAAAAAOAHgBAI&bg=!KCulK3_NAAb90kgr3dI7ADkAdvg8Ws5ursqhxNhyPg3cL1Zh-EJ1apaLgxrM_q7TFtCHc3MEan4yKuzXWWmuf8Y6WoW5saIg3qcCAAAAtFIAAAAGaAEHmQNBgJ60ly40s5urYb4BryJyziLfiTXMDVgzJxuubGzOuIB7zf0UCladJuiVTpHt3tgnkXpn2SqQl5f4O2icgfZBLuTm_o9FamY7isuyHLo--ogvxw0lQNdSkCxvginwH3ikqMAAArKsNdIOHHvQtuY0xx6rHTUgJc6hm1JdqMvSW5qrvfH3L-9IU9hsDQQhr3pLnF7f6l1f-VZQM0KgkGLXZ3YCyNWnloHASoEgD3LfB5oGRzfgDLdNGEW-jzFx0yMG0P4lH-t2ni7t7jXny0zH1T_zRi4ODmmeJWN4xehElme2zQksJGSOp9zB4MZOwyeiosIK-DtqESDZOnxABGDqjT4k3NQC-vBoVqxVY0eF9tpkY_cqVhLOu32dz5CIZyUwzW81z_LgGfa-mi8kfGbUBELzRqTZjoYJE_TGfgyHaIvnHRpPuUJQofFQpEjA3j7NCLJ3jWTqbr9YqVwPyJSbgClvS1bIaWuMPG7cqVnCFO3DF7x0nyHcAQrDjLaQVblpY6HH-vCb7Y7-Z_nEqOf-hwtfy5QHPtW3Sqg04KZfCLla0chkbqI3pYsCTjHlGJruo2db1w-lO1aF4-ctK7X2wTm6_w3xDCPxR7OrEQq1LFdkMmTplj3Lpnwdoxpy0p_Hi39mXSSzQBRPMOG3G6FIxbWlX34acHdOS65fOBMrpF8GtFv0bRGtFB-SQHbN9fMDzSRtv9LTvwHJqn9TToFDgASXeiZODK54scgMa3xwKYO3ndUooASG-Tx-3qHjqICEvPfuXH1HV6jamA_-ILLpFBvJfVDwVGDFmhfR0ZwSeB_GX5G4jp7569JtfoG-B2wWdzhlGQ_4J1Ft_hDPb81BG0jQS8o-c4VTB35DaPcwhnuzDxYqzF4cCThxD_MVlclcNDzLc7CZis32Z3rc3_vfi-qoaet4r8tFVSTW1d6j5KDRhE70UypILCb2GfD5b9ht6L-OI0cQq3CVhTtT3D7J508xQDJcRoUccqhSwNpZnkmHU_vYvijPlt46v5xwTFGu0588HxClcC_GvafSE5tnyAMX3i0pLNBEKdnIOPbI5Zzs-mmbYtnfrBMSuc2CielRt36WM00kUU8iHtCjp-A9WrU

Requested by

Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookiesyncendpoint Show response
servs.modoro360.com/ Frame 737E 0
235 B 101ms
100ms Document
text/plain 44.194.170.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=133&auid=1688852420863-998299762888-001185-002-008660&key=a6f37f0123013099a595be2217fc435a
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1688852420863-998299762888-001185-002-008660%26key%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.170.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-170-205.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vid.vidoomy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sat, 08 Jul 2023 21:40:23 GMT

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame 1EC3 483 B
1018 B 36ms
13ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sat, 08 Jul 2023 21:40:23 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Tue, 06 Jun 2023 12:52:55 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 116164
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUM4zXWln83hzadFeTKqkRkyudFAk3%2B2qr40jdC3w7bQlRikyLQHoWOjuUVBSBdIDDCMA1%2FU8PDowCOmKydM2sp0NV0mPj0aIN7DdkFeVEiX09NraUpzEoYQ6ma1juHGttJVtmdPoZPQNr46"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7e3b7c419aaf3a90-FRA

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 1EC3 0
115 B 61ms
15ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stad.yalla-shoot.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://stad.yalla-shoot.io
date: Sat, 08 Jul 2023 21:40:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 1EC3 285 B
811 B 80ms
18ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21034&site_id=300282&zone_id=2149088&size_id=117&rp_schain=1.0,0!projectagora.com,107313,1,,,&rf=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sport-4d-hd%2F&tk_flint=pbjs_lite_v7.26.0&x_source.tid=38685642-89e5-4760-87e6-05ebe14af813&l_pb_bid_id=4b1594ac7f4dcc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5090108447130919
Requested by: Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: aa624a4bdd052062d2c43d7dc7716a7154d65ba655e31f8bce21a0f2a6f58910

Request headers

Referer: https://stad.yalla-shoot.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:23 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 285
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 1EC3 171 B
562 B 250ms
30ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer: https://stad.yalla-shoot.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:23 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://stad.yalla-shoot.io
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame 1EC3 19 B
545 B 58ms
9ms XHR
application/json 18.184.223.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.26.0&referrer=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sport-4d-hd%2F&tmax=2000

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid/latest/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.223.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-223-197.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://stad.yalla-shoot.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:23 GMT
accept-ch: sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ Frame 1EC3 74 KB
23 KB 33ms
17ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sat, 08 Jul 2023 21:40:23 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 116015
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Jun 2023 12:52:54 GMT
Server: cloudflare
ETag: W/"845b176368f98c92daf7aa531dcbc491"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHnjn6GLyeUjz0g3FpDcDo0Lhyd2w2evrIbpQwvC7AnfqdUdh3poqHAazVEhymxpkq9PVqhQO2%2F5BHZczT8caxa6mnS2VojVskL1eM38Rc9ewEJQEfupl6sDAkhQEGq0xYrvP41sN6fpZsLb"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7e3b7c41c9362c5d-FRA

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF6C 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7723922014390&version=m202306200101&ct=76&x=1&cor=17922710395261628000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4173 0
26 B 59ms
44ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmzIoHd-Ly_XH38RnC3NN_X4eo0z8oPaBP5RsbcQXmwkOa_L17GF8QY0Qjm0k7vYGOiuJMUjoSS7xeFjxvRwTS43Vy5lkDsptLUj1N6V9X0sP1r97OUHWl_wbNLzqq7i-ZmmFaqLsEP24gcAvXjEfFLSGrn_rrMJI_6c0oofesYn035w&sai=AMfl-YRgGkJBoRW4SFEAb8wNKQtiLXLTNwuEy7MvbE7_hJUPLBDBtOef3-HB2FxmftWWc8OLGAS2FcPC3r5y67KxrrCIZ1bhlxXBNZpZCh5Zg7pOVoxL0DFnpqCrH_hNmA&sig=Cg0ArKJSzIUtFjYWrGnPEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 passback_728x90.js Show response
static.adsafeprotected.com/ Frame CBB9 3 KB
2 KB 18ms
18ms Script
application/javascript 2600:9000:2246:7400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_728x90.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2246:7400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: BMDmVeG18LcgsgmLJH9yXJDgb3k6n4r4
content-encoding: gzip
via: 1.1 5071afda1ab6f09c39c5873ced3e225c.cloudfront.net (CloudFront)
date: Sat, 08 Jul 2023 03:07:02 GMT
x-amz-cf-pop: MXP63-P1
age: 66803
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:52 GMT
server: AmazonS3
etag: W/"696b4c19d35efd706805137a8a4b3831"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: vVJ0U7XJeqP0lawxVpHddIOPGOHiWw7v7i9vSONsmxMgG3K_M8Pk4g==

GET
H2 200 IAS_PassbackAds_728x90.png
static.adsafeprotected.com/ Frame CBB9 10 KB
10 KB 19ms
19ms Image
image/png 2600:9000:2246:7400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_728x90.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2246:7400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 4DcA1UddzZ2E21bAiUECQTp8M854Vxlu
date: Sat, 08 Jul 2023 17:44:03 GMT
via: 1.1 5071afda1ab6f09c39c5873ced3e225c.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
age: 14182
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 10216
last-modified: Fri, 18 Feb 2022 23:29:13 GMT
server: AmazonS3
etag: "b1464a7201f691a1e4cf6fc057919d7f"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: 9EpJWKJsWxhChQw_7WoXoZR6KCKvNDzvSQtZZdeRGpVxSEtwHKIXpw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4173 43 B
215 B 102ms
102ms Image
image/gif 2600:1f18:1aca:4281:249b:3721:523:630f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=6fb44fa0-136e-b073-672b-cc78b46e45d1&tv=%7Bc:hOybYE,pingTime:-10,time:410,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xOTggU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1688852424140%7C%7C7d7c94d0aab1abdf859d01103e157af4%7C%7Cdc0a08e416cd7f8471c71ad711523ca3%7C%7Cf10da22b91ca6985aa42003587c6b323%7C%7C8815bd90394fb9ae70187a4f673239ed%7C%7C60e93073a6945eb9c5529dc9f8c2ed76%7C%7C96c4da9361967b25f3ed525631ec68ea%7C%7C5e571c3208e3acd16fcb2918698dbf4f%7C%7C1663701684%7D
Requested by: Host: fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
URL: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:249b:3721:523:630f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:24 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4173 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6592220104237&version=m202301230201&ct=76&x=1&cor=5539784580046951000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 21:40:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
track1.aniview.com/ Frame CF50 0
121 B 586ms
106ms Ping
text/plain 3.211.10.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=stad.yalla-shoot.io&rs=stad.yalla-shoot.io&sid=92199&t=1688852420&cip=37.58.58.245&sn=&tgt=0&osv=10&bv=114.0&brn=Chrome&wi=450&he=253&app=&AV_PUBLISHERID=6181354e7fb04045d1763610&test=&d64=692027bd1922d6f793dcd94be99731c1&d63=692027bd1922d6f793dcd94be99731c1&aafaid=&proto=https&uid=1688852420863-998299762888-001185-002-008660&cha=0.7&stagid=61829aec12a96609532b3fd9&stplid=635e40ee9cca104d830d91c4&d35=&d36=6.2.114&cb=18472242059&d39=&d65=Test1&d66=&d73=&apppkg=&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=450&AV_HEIGHT=253
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.10.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-10-11.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stad.yalla-shoot.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 08 Jul 2023 21:40:26 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 sync
eb2.3lift.com/ Frame 1EC3 37 B
140 B 79ms
8ms Image
image/gif 13.248.245.213

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sync?px=1&src=prebid&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame 1EC3
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156400
https://image8.pubmatic.com/AdServer/ImgSync?p=156400&rdf=1
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkVFN0NGQkMtNEZEQi00QjdBLTlGQUItRTJFQTAxMTNGRjU4&gdpr=-1&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
216 B

22ms
22ms

Image
text/plain

185.64.190.79

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.79 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:40:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Sat, 08 Jul 2023 21:40:27 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif
URL: https://us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif/?gdpr=1&gdpr_consent=&us_privacy=1---&coppa=0&puid=1688852420863-998299762888-001185-002-008660&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D57%26auid%3D1688852420863-998299762888-001185-002-008660%26key%3D%24%7BUID%7D

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yalla-shoot.io/	1970-01-20 22:43:32	Name: _ga_2Y3HW36EKK Value: GS1.1.1688852419.1.0.1688852419.0.0.0
.yalla-shoot.io/	1970-01-20 22:43:32	Name: _ga Value: GA1.2.1047169957.1688852420
.yalla-shoot.io/	1970-01-20 13:08:58	Name: _gid Value: GA1.2.2035386005.1688852420
.yalla-shoot.io/	1970-01-20 13:07:32	Name: _gat_gtag_UA_107335079_1 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 7hdSRNue6tE
.youtube.com/	1970-01-20 17:26:44	Name: VISITOR_INFO1_LIVE Value: v9gPRAZh3rw
.yalla-shoot.io/	1970-01-20 13:07:32	Name: lotame_domain_check Value: yalla-shoot.io
.criteo.com/	1970-01-20 22:29:08	Name: uid Value: f9198349-2f5f-444e-b3ba-1ab3573607ea
.yalla-shoot.io/	1970-01-20 22:29:08	Name: cto_bundle Value: dv5f719nS00yYjFQV0VMJTJGMVN5NE1Lc01ETDdsZXJtSjlsWDIwVk1BblNYY1FvcjZ5Qjk0UnZpJTJCNCUyRmhxVWNMNThBVkFhVHFBNFhEeU9oODg3ckJnYWlPJTJGWTdvc255bnk3Q0RpSGFwTkV0aHd3WEUzcXpEUzh4WkRYczBTQVRYRGJDS0NoMVlzQkNjMGM1alp0SyUyQlF3bllGTmxBJTNEJTNE
.doubleclick.net/	1970-01-20 22:29:08	Name: IDE Value: AHWqTUkxv--eKz-uMKUb5JRJJVamVS3Knz0AXWk5BgqeKJsc7YatoFv-jtgTHPHZ
.adnxs.com/	1970-01-20 15:17:08	Name: uuid2 Value: 2797430870173285831
.casalemedia.com/	1970-01-20 21:53:08	Name: CMID Value: ZKnXxALnguqrG2jR9I8sSAAA
.casalemedia.com/	1970-01-20 15:17:08	Name: CMPS Value: 1171
.casalemedia.com/	1970-01-20 15:17:08	Name: CMPRO Value: 1171
.doubleclick.net/	1970-01-20 17:26:44	Name: APC Value: Aa3gxNqPDgYaT7f5Sji83NAhklpSbU3LGILPIbo714wYyt1e15tUyQ
.adnxs.com/	1970-01-20 15:17:08	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HaMx7k'I!A#F8(<j<dINiYhTyXnfi8FW/iG%(*muA6yj(!@'4hr8.4JcHHg$VFev[4F)/X%W#.wL4W1Qw1RJZ_#z
.modoro360.com/	1970-01-20 13:36:20	Name: aniC Value:
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 5f4d02f9c3c94b70
.csync.loopme.me/	1970-01-20 15:20:01	Name: viewer_token Value: 5a2d8885-30d6-4582-abb0-cb5ae681dee6
.360yield.com/	1970-01-20 15:17:08	Name: tuuid Value: 89a9d84e-83b2-437a-b3f5-12450e150fd2
.360yield.com/	1970-01-20 15:17:08	Name: tuuid_lu Value: 1688852421
.doubleclick.net/	1970-01-20 13:07:36	Name: DSID Value: NO_DATA
.modoro360.com/	1970-01-20 13:21:56	Name: 1_C_56 Value: 5a2d8885-30d6-4582-abb0-cb5ae681dee6
servs.modoro360.com/	1970-01-20 13:21:56	Name: 1_C_56 Value: 5a2d8885-30d6-4582-abb0-cb5ae681dee6
.modoro360.com/	1970-01-20 13:21:56	Name: 1_C_105 Value:
servs.modoro360.com/	1970-01-20 13:21:56	Name: 1_C_105 Value:
.modoro360.com/	1970-01-20 13:21:56	Name: 1_C_10 Value: 6OG4AibTAPed
servs.modoro360.com/	1970-01-20 13:21:56	Name: 1_C_10 Value: 6OG4AibTAPed
.modoro360.com/	1970-01-20 13:21:56	Name: 1_C_22 Value: 89a9d84e-83b2-437a-b3f5-12450e150fd2
servs.modoro360.com/	1970-01-20 13:21:56	Name: 1_C_22 Value: 89a9d84e-83b2-437a-b3f5-12450e150fd2
.aniview.com/	1970-01-20 13:21:56	Name: 1_C_9 Value: 6a8a755bb3893c69a2d32c53d88b43
sync.aniview.com/	1970-01-20 13:21:56	Name: 1_C_9 Value: 6a8a755bb3893c69a2d32c53d88b43
.creativecdn.com/	1970-01-20 21:53:08	Name: u Value: m4CYLNkDNFsF0sI0XZBQ
.creativecdn.com/	1970-01-20 21:53:08	Name: ts Value: 1688852421
stad.yalla-shoot.io/	1970-01-20 13:50:44	Name: _pbjs_userid_consent_data Value: 3524755945110770
.yalla-shoot.io/	1970-01-20 22:29:08	Name: __gads Value: ID=20ebbc3b803fa38b:T=1688852420:RT=1688852420:S=ALNI_MasArb6qhP_e9TdtS4vHAN6ETuFdg
.yalla-shoot.io/	1970-01-20 22:29:08	Name: __gpi Value: UID=00000c38bded580c:T=1688852420:RT=1688852420:S=ALNI_MbNVMr9nk2XbODJoO0vPxgGWxJ_KA
.modoro360.com/	1970-01-20 13:21:56	Name: 1_C_133 Value: a6f37f0123013099a595be2217fc435a
servs.modoro360.com/	1970-01-20 13:21:56	Name: 1_C_133 Value: a6f37f0123013099a595be2217fc435a
.rubiconproject.com/	1970-01-20 21:53:08	Name: khaos Value: LJUJ4MD4-1C-LSDB
.rubiconproject.com/	1970-01-20 21:53:08	Name: audit Value: 1\|naVuGyos1qrxIMtg9iJLBrJGe4Ni1ThWK2euPP2lVg2+SmvwaNDOnua+7XNaZBukTjtbOL7w9kLQp/uFcUUVAaQAYizHM2Da8sQlAaEpLg+DK/N2eFofYr7FQD2yB//hsqlSNZOaaDQ=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/(Line 306) Message: <link rel=preload> must have a valid `as` value
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ads.projectagoraservices.com
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
ap.lijit.com
bcp.crwdcntrl.net
bh.contextweb.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.kdaimo.com
cdn.prod.uidapi.com
cdn.projectagora-adtag-library.com
cm.adform.net
cm.g.doubleclick.net
content1.avplayer.com
creativecdn.com
csync.loopme.me
dm.hybrid.ai
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
esp.rtbhouse.com
eus.rubiconproject.com
fastlane.rubiconproject.com
feed.avplayer.com
fff86f2bce906ec82aaa6f8fdba54f0a.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
i.ytimg.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
invstatic101.creativecdn.com
jnn-pa.googleapis.com
jscdn.greeter.me
live.yalla-shoott.xyz
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
player.aniview.com
player.aplhb.adipolo.com
player.avplayer.com
portal.o2online.de
prebid.a-mo.net
prg.smartadserver.com
region1.google-analytics.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
serv.modoro360.com
servs.modoro360.com
servt.modoro360.com
stad.yalla-shoot.io
static.adsafeprotected.com
static.criteo.net
static.doubleclick.net
sync.1rx.io
sync.aniview.com
sync.teads.tv
tags.crwdcntrl.net
tg1.modoro360.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
ups.analytics.yahoo.com
us-u.openx.net
us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif
vid.vidoomy.com
vpaid.vidoomy.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
us_privacyfa9f4b3548d146d8b0584acce84c4fec.gif
13.248.245.213
141.101.90.98
142.250.181.226
145.40.97.66
162.19.138.82
172.217.23.98
172.64.152.222
178.250.7.13
18.155.129.39
18.184.223.197
18.194.138.81
185.184.8.90
185.64.189.112
185.64.190.78
185.64.190.79
185.64.191.210
185.80.39.216
185.86.139.96
185.89.211.132
2.19.126.157
2001:4860:4802:34::36
205.185.216.10
208.93.169.131
216.52.2.30
23.205.93.33
23.218.210.30
23.32.184.192
23.56.202.187
2600:1f18:1aca:4281:249b:3721:523:630f
2600:9000:2246:7400:8:48e:53c0:93a1
2600:9000:2250:4400:a:e047:753:be1
2602:803:c003:200::41
2606:4700:10::6816:3556
2606:4700:20::681a:b15
2606:4700:20::ac43:4bf1
2a00:1450:4001:800::2004
2a00:1450:4001:801::2002
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:806::2006
2a00:1450:4001:806::200a
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:810::200e
2a00:1450:4001:811::2006
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::2016
2a00:1450:4001:830::2001
2a00:1450:4001:831::2003
2a02:2638:3::c
2a02:2638:d::2
2a02:26f0:480:794::2c79
2a02:26f0:480:f::213:7edd
2a02:26f0:480:f::213:7ee0
2a02:26f0:e600::170f:b269
2a02:6ea0:c700::10
2a02:6ea0:c700::18
2a04:4e42:200::485
2a06:98c1:3120::3
3.211.10.11
3.225.3.30
3.75.62.37
34.96.70.87
35.169.19.104
35.174.189.28
35.190.39.111
35.214.224.127
35.244.159.8
37.157.6.233
37.18.16.22
44.194.170.205
45.133.44.4
46.228.174.117
51.89.9.251
52.222.149.26
52.31.229.177
54.228.176.158
69.16.175.10
69.16.175.42
69.173.144.139
98.98.134.242
99.80.130.137
01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
07e929641ee00143b8d8f36d83e45157dbb0d5c501fb5c4965fab4d6f7128786
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d8d78c80707500b7d7947532231d5756d2e88e122f0b7e9b7c16e1412393784
0e2de675c94cfa8a2cb6c7b6f937ed7670b56d4afe6891d62480a89559c02ce2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15c26fce4e4d019c29c6ce643cafbb04d56c01ac165eb4c043bff9ce47fb9df1
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
175f8c1ab85cad9029645d3a854a0f0f5a75f520db15acc0b20ab6560aa16db6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
184de53a881ec8e4e218974c548e2fc8e0da4b8ddaff2e7bdc6267c6e70a8636
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
1bd4b6c45e7bc6a8d91d052fd971d32dae0282cdc0a8513ff8dc60f4b3f2a274
1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8
1d5650ba604a8f3db044431fa60a3feaf22ebd5b290153cf49bf1c36ddb017aa
20e74dbf3ee183f6fe1447dd7efef616905f78e10733e618dfd67f54c8a25ca8
23c1ee968e09962e3832d43d75631233fa3b803445b23570fca316c4c98b2161
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
25d2843ea9ee4f5d164a9fb11a62c8844c317f04694894da81b4699eaf236288
28cba3dac46509478146cd92e730ffebd3845d6fbdb50af5cf2af210c90c02fe
28ccbde90eb5abd5b970391fa34c9dc8f772cb59c1b5d702a0697f8500fb2fee
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be
2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2df957d141202a0ff7127f12d1df45b6c0e689872d63accc4d91f600b0056ab2
2e833626742ec297d69367e59566501285ac28cec97ba9600f1d1581ae53ac69
2ed74e07cf30021eed2f8e68aa818f1cba49d0191300e6afb789ed6540317eda
311d05141c23f989502dda391aaeb7109de32777ce2ae1c5e8ecc6cf6cdd1be5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
317d1c835272e0888499488983ecee23b642ac8b38838e253a508303a50fb741
3192c9a7e98a6d2874cde7e3a27c4f6149d4b1034ac6acd81a7d2d6ef1393761
319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
322089a51d0a0c495a7d9db6c92499888046111a1278bf382bcc3438e1e979a3
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
35017055ad78cc6df96f20d2d2fe76f32ec1e02da311bc0a1316eec1df805130
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36cc3b6d1cc1ce849ab422601b24645d5c96623f040c57fce73a3ae97a83e7f9
372ee4f606f66d460727f0502b688f2049ce405679f274e8fb1ed175417479a4
3a5fa3073b94aa8259d04802566504c897fd640610ea9f36654cfacc615f325e
3cc0b563084ab3f3f982828651c83e32b01aacaeecca60f0edffbf4e29905218
3cdafa331554b9a58e4406b653270c0b44945e431761cfeb3876229f001f8af6
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
407e5f7555fe203a6245ac0209874437d50b9daf51a7102e6fd90a99a3df1717
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
440a11549a253e0fa218f6daf83abebd35917c13322b77b8227766321591fadc
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46f5f677ec0f4ddfc02ba873c3e10e6f1f5ddf9447d73d89f6eb4fc02b7f2f28
47a278025cea905349e975bf082b6d027e22a536a4b3d370afeb04d8fc5b2ca4
484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec
48bb8ee7c09845ec897188e2681cfa727925b9c535893cc9439634fdc5afad37
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c
4a101234fd004179c4ba82ac71e6fc670a4778ce1e22661936a933e5a8834181
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b88a304d6162d0e7bc1ea1c3b8c9e9f6b6751002a6d58b6a7bb2c4dd383dea8
4c1fd5df408874cca82afe627a36a9ba0988d5a350a38ba572053d38941736f6
4caec19fb48c8b123d8f1dd3443f2bd70863adf6408db3ea83b1ee46df65c454
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550cb9add249cab0af5d81b7b7293170a9436d2f7fbece20ca02a52978d72a44
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54
5c36237125f72b218a88df29585175ea57dc22151315c5e7e2acf6cae26fcc59
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c5cd063f3063b9cecab8ff5e08b61c5f15c95e97a1b01a85781acc34b8d55b7
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
5ea995481d7dfddb5307f94aedabe955e8bdd9ba40b925007532997185cd35c6
60df3c8a62e7d028a71318a25acdca93629a48cef3e2fe7f143f592fdb8f02cf
60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
652d09adf7806f2c4a24815ffab7fce2a0dae180765c6aedbe41097790b811a4
664044bbf26ee6d564d0487d683db322089bd7cff029c38fef233be491d13745
678cfa159336ada547c6651e1fe67f818d94de6fa993d6a66f6a2dd8f14a0573
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6942a62e2f81e252d47f57a2b79f462329d64b48218841fb3e1305a5250ccd49
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6d285ae6755d52c452904f5bdfa4a6c2082186d695304b242e9db2f12461f02e
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7785faf79140a61896af3091c1d980dfdf1a3dfe9b8e78a56c1f710a58a8f7b8
7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f
7dfb04b6f39f63164e6c02c2181d27a8123706990bf17d12229e9f89e520821e
7f057babecc87f857745379d106f0555cb4fc3b946907d97c9f4f4be73b578c0
80a9d66b356ce593f1069c17c8a60c91d7e8a0a1ae1947b7d890297dc1a3d5f9
8187dcb05ebcfc94502aeec0524c23c7d22afbafe17aff1d39acc1d59a3a52db
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
866a0375829238929c317878d397395f815d666839ebe19535eff4064c7d6e5f
8b09330757e22837629b892df7da60fda8c59fb8dbdf8f14a2fe3d673998a9ab
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861
8bf74ab32202c08ff671c5f5c83c65a11d88b93383d771a939ede8c0191004fd
8dc2d81e59ce23696304889dae02193dc52f742a59abf3ab5c16249abf4b5431
93ea80d89e0390a47bd20f167fe79b3e82ff6b47a3c7042dc90e339b21ec896e
94e1ce5a00242c1352435871c46a8f36db344edf4d823234cdce4ccc5f40ca0c
95d436c490a1fbf7c6333f41514d43ae8fc833af628abb1d5c2a66fd384870bc
9c8b9c9f3e07037494ff9bf2199701ff3d4bef4d1899d52164f500256de06b95
9da124e8ad31c0acb51488d128d9e3e9c6ef0bf5455a26992be46b99a4cef57a
9f66145fbaf681859fb04fc4cdedf358806d85dd27355199545b97db90d48829
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
aa624a4bdd052062d2c43d7dc7716a7154d65ba655e31f8bce21a0f2a6f58910
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abc45b966b05ffc01c4d223587ec2809ce64d08e66d08fa877e8fdd36844a77e
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8
b0e5ffbe1fbf32b9f80e09a1c81a35f51defe2846347e186184e3cea5a264280
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2ead112de63802cbfd8816ab0393bb6bbb4a9add82b29a8c65d53ef0ff21647
b46f202ea3a4dd5f6662839e5630409d4aeedafd171e01e41997085acbd77249
b5450abbedc7781863cda9f37243f352dede69ca91b734bb6c3dbcd4e3aa19e5
b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb5abd96720559423fc2b5c13ab82bd4923039c1b8a5f8282a47d4a3061ba749
bb7fdbc047145e1c9b8c732d64806bb05ef30bc88c4a730692881ada6727c77a
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
bc418426a2604d8536f7cb2b61f32db036b685d9d15e8d5029e80f0f9e805352
bd70c423ced0b79fb125d39a3f21b0137ecbaab49c6a79f5d56cf9980e6a99c0
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c16811c6b777f91ee70f79ba4247235ad4a573713529707a0e1e3e929e637198
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32
c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4
c611ae0fb3943daf2e41ecb75d737dc1153cd966bd9f9a761aa40e94b386870b
c9bcc81e0b9641657dafe3db8444c81a5cfd0b8753a0363921d5c13fb5981bcd
cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475
ce33815b4c0f7c15686c773ff8b0e5092b36696a6c758ef499dc32e5a8f01e9a
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d4cead5bf8beb4407b966c08ff18c3cdd4a6621a6f9585fd221b259d4afb8b5b
d6552737fa2d4e0178f375d5c0b657ed86ec9559c57f355e4a1dad4bc26be2b8
d725c32c74cd490ea3efd3d49e19df36313615c6384ed0a9a95e9dcd556b0291
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8150ac13ec014fb343f5a481c41e92eee8e1281c02e36b0c3ca7f7de8ad82fc
dafa5a247facfc545e94a09ea12da423909aefca05557ec1a73e6d296fc540aa
db88cbe5fa8e047da87ddc2dd950e57cb1c3322e9a1f5341e0350b2890e108ea
db970f9e9253df6b17d5888f7b86dd1a611c65385f09d1e27cdfd02b51619b55
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dd246d635557581e8306bb09188bdd6caae6cedc47a799aaed9e96ed7db19a4c
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfa0992643b8f7200fcffdf76e9f5c707c08518440626924146765381e9ce6a4
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
e19c530707a3d8035ee6d0ec81299bd785491e5ba2d83928bbcc37534da85d06
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30b4f5df3c9773448d5e9a2f8b772308ffc80db3a4e437bd1e409fce41ebfaf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e5e92898ba6e42dfb897dca8d1601a62828ebff402051a240c4a015ea1138a41
e67fc9a2fc98f728553c1cffd6a2fb4fc494a27022a8986894c9b2846c7964e7
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91
ebccfe357acdfa903face076a1fd379d173eeded74e7259467fee4c1ad593f65
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee68049857997e40385cc9a493f2e8d598c4682b8eefe7790992aab06be465cf
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef60d4f0e9d359c2765d84dc314ca4486c9975e866943b9e344ec72e9d036051
f164cb2712587cce946552bffa2ac0db73d0649b51a52115f5c547ff173f2d0b
f2e2e92ba323a9043a221c0d3976875ba09620eeefbe33be89c738c23f288187
f2fe010ad071d16168ac52cc90e8f7fc2b148a5a83a3ae9727c7d5a8283ced4e
f30e38ed9ab2fbcad0ccce87014dde2e5eb345150f93ed3394d48f268e6c9337
f4f828bd932e3d2cfc41828f719a08047655f9572c4cc79828fc336c23a6f2ff
f78d8a986eed98191a9433bf49a80aca4630f9d9ff7697f88b14fa1aa887b888
f87e7313f612bd5569ce113a77871e4192f98a3d7b01a929cd251485c886e8ab
f9163d04bf100bbb8b8de162406fa4ba5e2c6fe8506fff6c85a1272422c7bc12
fcc77f92ba3e787fc9a899ae5be3f3cfdb142ca47eab9021c8b5624d1ee81294

stad.yalla-shoot.io Open in urlscan Pro 2606:4700:20::681a:b15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

310 Requests

94 %HTTPS

43 %IPv6

58 Domains

90 Subdomains

80 IPs

9 Countries

4705 kBTransfer

13032 kBSize

41 Cookies

5 Outgoing links

Redirected requests

310 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

stad.yalla-shoot.io Open in urlscan Pro
2606:4700:20::681a:b15 Public Scan

Screenshot
Live screenshot

Full Image

310
Requests

94 %
HTTPS

43 %
IPv6

58
Domains

90
Subdomains

80
IPs

9
Countries

4705 kB
Transfer

13032 kB
Size

41
Cookies

310 HTTP transactions
17 data transactions