urlscan.io logo urlscan.io
SecurityTrails logo

yalla-shoots.tv Open in urlscan Pro
104.21.235.80  Public Scan

Go To Rescan Add Verdict Report
URL: https://yalla-shoots.tv/live/11082/0/roland-garros-vs-roland-garros/
Submission: On May 30 via manual from TN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 74 IPs in 11 countries across 59 domains to perform 416 HTTP transactions. The main IP is 104.21.235.80, located in and belongs to CLOUDFLARENET, US. The main domain is yalla-shoots.tv.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 27th 2023. Valid for: a year.
This is the only time yalla-shoots.tv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 104.21.235.80 13335 (CLOUDFLAR...)
33 2606:4700::68... 13335 (CLOUDFLAR...)
5 205.185.216.42 20446 (STACKPATH...)
1 172.67.141.250 13335 (CLOUDFLAR...)
1 2 188.114.97.3 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 104.21.233.172 13335 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
39 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:600... 54113 (FASTLY)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 18.66.192.120 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
16 2a02:2638:3::3 44788 (ASN-CRITE...)
9 2a00:1450:400... 15169 (GOOGLE)
2 35.190.39.111 15169 (GOOGLE)
3 141.95.98.64 16276 (OVH)
1 52.51.69.125 16509 (AMAZON-02)
1 4 2a02:2638:d::d 44788 (ASN-CRITE...)
12 2a00:1450:400... 15169 (GOOGLE)
1 178.250.1.11 44788 (ASN-CRITE...)
2 69.16.175.10 20446 (STACKPATH...)
1 100.25.186.91 14618 (AMAZON-AES)
26 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 36 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
3 45.133.44.4 39572 (ADVANCEDH...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
6 2a06:98c1:312... 13335 (CLOUDFLAR...)
19 2a02:2638:d::13 44788 (ASN-CRITE...)
1 178.250.7.9 44788 (ASN-CRITE...)
2 2a02:2638:d::c 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:3::12 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
1 45.133.44.3 39572 (ADVANCEDH...)
3 2a0c:5c81:514... 55081 (24SHELLS)
2 4 2606:4700:10:... 13335 (CLOUDFLAR...)
1 141.95.4.196 16276 (OVH)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
20 2404:6800:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 147.75.84.158 54825 (PACKET)
4 14 51.38.120.206 16276 (OVH)
4 2a02:2638:3::7 44788 (ASN-CRITE...)
6 10 216.52.2.6 32475 (SINGLEHOP...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 4 185.29.134.244 30419 (MEDIAMATH...)
7 43 142.250.181.226 15169 (GOOGLE)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 31.220.27.135 39572 (ADVANCEDH...)
3 5 185.80.39.216 27381 (CASALE-MEDIA)
1 1 52.45.175.185 14618 (AMAZON-AES)
2 2 185.83.142.19 29990 (ASN-APPNEX)
2 178.250.1.6 44788 (ASN-CRITE...)
5 5 3.64.145.154 16509 (AMAZON-02)
1 1 35.190.0.66 15169 (GOOGLE)
1 1 64.227.64.62 14061 (DIGITALOC...)
2 2 213.155.156.180 1299 (TWELVE99 ...)
2 2 70.42.32.191 22075 (AS-OUTBRAIN)
4 2606:4700:e2:... 13335 (CLOUDFLAR...)
3 104.21.70.33 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a02:2638:3::1a 44788 (ASN-CRITE...)
1 149.56.240.131 16276 (OVH)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 3 2620:116:800d... 16509 (AMAZON-02)
3 3 2a05:d018:d29... 16509 (AMAZON-02)
4 4 37.157.6.243 198622 (ADFORM)
5 45.154.206.69 48357 (K4X)
1 2 185.89.210.122 29990 (ASN-APPNEX)
2 142.250.185.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 162.19.138.82 16276 (OVH)
416 74
6    104.21.235.80 (None, )

ASN13335 (CLOUDFLARENET, US)
yalla-shoots.tv
33    2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)
live.demand.supply
5    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
jscdn.greeter.me
1    172.67.141.250 (United States)

ASN13335 (CLOUDFLARENET, US)
web-api.scorarab.com
2    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
live.shoot-yalla.tv
lives.shoot-yalla.tv
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    104.21.233.172 (None, )

ASN13335 (CLOUDFLARENET, US)
dalbouh.xyz
1    2a02:26f0:3500:c::5c7b:682a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
tg1.modoro360.com
39    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
9    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    18.66.192.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-120.muc50.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2600:9000:225b:7a00:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
16    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
9    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
3    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
1    52.51.69.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-69-125.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
4    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
12    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
feed.avplayer.com
player.avplayer.com
1    100.25.186.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-186-91.compute-1.amazonaws.com
servt.modoro360.com
26    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
8    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
36    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
9    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.aplhb.adipolo.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
adipolo.com
2    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
v3.sportsonline.sx
velocitycdn.com
19    2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
1    178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr3.eu.criteo.com
2    2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
5    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
5    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
3    2a0c:5c81:5142::2 (Brent, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.aplhb.adipolo.com
4    2606:4700:10::6816:4bab (United States)

ASN13335 (CLOUDFLARENET, US)
whos.amung.us
widgets.amung.us
1    141.95.4.196 (France)

ASN16276 (OVH, FR)
PTR: ip196.ip-141-95-4.eu
storage.de.cloud.ovh.net
1    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
1    2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn-adipolo.urekamedia.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
20    2404:6800:400a:804::2003 (Osaka, Japan)

ASN15169 (GOOGLE, US)
csi.gstatic.com
5    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
1    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
4    147.75.84.158 (North Holland, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
14    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
4    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
10    216.52.2.6 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
4    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
redirector.gvt1.com
1    2a00:1450:4001:13::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r5---sn-4g5lzned.gvt1.com
4    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
43    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    31.220.27.135 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
5    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com
im.bluevoox.com
2    185.83.142.19 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
2    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
5    3.64.145.154 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-145-154.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    213.155.156.180 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
2    70.42.32.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
4    2606:4700:e2::ac40:8b25 (United States)

ASN13335 (CLOUDFLARENET, US)
youradexchange.com
3    104.21.70.33 (None, )

ASN13335 (CLOUDFLARENET, US)
8gr9m8yqc15wvk.opposepresent.net
1    2606:4700:10::6816:4fe (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
3    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    149.56.240.131 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534299.ip-149-56-240.net
s4.histats.com
1    2606:4700:3034::6815:1155 (United States)

ASN13335 (CLOUDFLARENET, US)
swarm.video
2    2606:4700:3035::6815:2e3f (United States)

ASN13335 (CLOUDFLARENET, US)
awstats.cloud
3    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    2a05:d018:d29:3601:788a:d38b:87c1:5605 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
5    45.154.206.69 (United Kingdom)

ASN48357 (K4X, EE)
cakcwbsnurkh.cdnexpress59.net
2    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
lb.eu-1-id5-sync.com
Apex Domain
Subdomains		 Transfer
89 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 337
518 KB
71 googlesyndication.com
a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 93
tpc.googlesyndication.com — Cisco Umbrella Rank: 132
874 KB
39 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn1.gstatic.com
366 KB
38 criteo.net
static.criteo.net — Cisco Umbrella Rank: 639
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9070
csm.eu.criteo.net — Cisco Umbrella Rank: 8905
458 KB
33 demand.supply
live.demand.supply — Cisco Umbrella Rank: 35452
43 KB
17 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 413
mug.criteo.com — Cisco Umbrella Rank: 2837
cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 9810
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 16347
ads.eu.criteo.com — Cisco Umbrella Rank: 8856
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15150
bidder.criteo.com — Cisco Umbrella Rank: 723
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10084
121 KB
14 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 729
3 KB
14 google.com
adservice.google.com — Cisco Umbrella Rank: 68
www.google.com — Cisco Umbrella Rank: 2
2 KB
10 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 597
6 KB
9 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
450 KB
9 google.de
adservice.google.de — Cisco Umbrella Rank: 9037
2 KB
7 adipolo.com
player.aplhb.adipolo.com — Cisco Umbrella Rank: 129387
adipolo.com — Cisco Umbrella Rank: 114963
ghb.aplhb.adipolo.com — Cisco Umbrella Rank: 148819
128 KB
6 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1351
mp.4dex.io — Cisco Umbrella Rank: 1975
25 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
4 KB
6 yalla-shoots.tv
yalla-shoots.tv
163 KB
5 cdnexpress59.net
cakcwbsnurkh.cdnexpress59.net
4 MB
5 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 752
4 KB
5 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
4 KB
5 greeter.me
jscdn.greeter.me — Cisco Umbrella Rank: 126189
19 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 562
3 KB
4 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 32073
702 B
4 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 417
ib.adnxs.com — Cisco Umbrella Rank: 214
5 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 482
3 KB
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 855
296 B
4 amung.us
whos.amung.us — Cisco Umbrella Rank: 14688
widgets.amung.us — Cisco Umbrella Rank: 23783
4 KB
4 velocitycdn.com
velocitycdn.com — Cisco Umbrella Rank: 88559
130 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 862
id5-sync.com — Cisco Umbrella Rank: 421
19 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 423
2 KB
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 686
1 KB
3 opposepresent.net
8gr9m8yqc15wvk.opposepresent.net
36 KB
2 awstats.cloud
awstats.cloud — Cisco Umbrella Rank: 307579
2 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 17397
s4.histats.com — Cisco Umbrella Rank: 15071
5 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 533
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4789
645 B
2 gvt1.com
redirector.gvt1.com — Cisco Umbrella Rank: 3633
r5---sn-4g5lzned.gvt1.com
1 MB
2 sportsonline.sx
v3.sportsonline.sx — Cisco Umbrella Rank: 269593
3 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
21 KB
2 avplayer.com
feed.avplayer.com — Cisco Umbrella Rank: 23175
player.avplayer.com — Cisco Umbrella Rank: 14425
61 KB
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 3109
360 B
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1025
bcp.crwdcntrl.net — Cisco Umbrella Rank: 863
12 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 344
143 KB
2 modoro360.com
tg1.modoro360.com — Cisco Umbrella Rank: 75761
servt.modoro360.com — Cisco Umbrella Rank: 85328
8 KB
2 dalbouh.xyz
dalbouh.xyz — Cisco Umbrella Rank: 816176
560 B
2 shoot-yalla.tv
live.shoot-yalla.tv — Cisco Umbrella Rank: 399751
lives.shoot-yalla.tv — Cisco Umbrella Rank: 496500
2 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 939
402 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 276
67 KB
1 swarm.video
swarm.video — Cisco Umbrella Rank: 258514
134 KB
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2106
549 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 6168
551 B
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 12233
519 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 5004
293 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 339
777 B
1 urekamedia.com
cdn-adipolo.urekamedia.com — Cisco Umbrella Rank: 277329
1 ovh.net
storage.de.cloud.ovh.net — Cisco Umbrella Rank: 101538
15 KB
1 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 6866
5 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2631
2 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2758
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
46 KB
1 scorarab.com
web-api.scorarab.com — Cisco Umbrella Rank: 313034
2 KB
416 59
Domain Requested by
43 cm.g.doubleclick.net 7 redirects a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
googleads.g.doubleclick.net
39 securepubads.g.doubleclick.net live.demand.supply
securepubads.g.doubleclick.net
jscdn.greeter.me
a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
yalla-shoots.tv
www.googletagservices.com
36 tpc.googlesyndication.com 2 redirects a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
33 live.demand.supply yalla-shoots.tv
live.demand.supply
client
26 pagead2.googlesyndication.com securepubads.g.doubleclick.net
a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
tpc.googlesyndication.com
yalla-shoots.tv
www.googletagservices.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
20 csi.gstatic.com www.gstatic.com
19 imageproxy.eu.criteo.net a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
ads.eu.criteo.com
16 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
player.aplhb.adipolo.com
14 onetag-sys.com 4 redirects player.aplhb.adipolo.com
a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
10 ap.lijit.com 6 redirects player.aplhb.adipolo.com
9 www.googletagservices.com a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
jscdn.greeter.me
9 a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com securepubads.g.doubleclick.net
9 adservice.google.com securepubads.g.doubleclick.net
9 adservice.google.de securepubads.g.doubleclick.net
8 www.gstatic.com a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
6 fonts.googleapis.com a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
8gr9m8yqc15wvk.opposepresent.net
6 yalla-shoots.tv yalla-shoots.tv
5 cakcwbsnurkh.cdnexpress59.net swarm.video
5 googleads.g.doubleclick.net a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
pagead2.googlesyndication.com
5 pm.w55c.net 5 redirects
5 encrypted-tbn3.gstatic.com a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
5 www.google.com a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 fonts.gstatic.com fonts.googleapis.com
5 jscdn.greeter.me yalla-shoots.tv
4 c1.adform.net 4 redirects
4 youradexchange.com velocitycdn.com
4 sync.mathtag.com 4 redirects
4 mp.4dex.io player.aplhb.adipolo.com
4 bidder.criteo.com player.aplhb.adipolo.com
4 prebid.a-mo.net player.aplhb.adipolo.com
4 velocitycdn.com v3.sportsonline.sx
velocitycdn.com
8gr9m8yqc15wvk.opposepresent.net
4 gum.criteo.com 1 redirects static.criteo.net
player.aplhb.adipolo.com
3 dsum-sec.casalemedia.com 1 redirects googleads.g.doubleclick.net
3 pr-bh.ybp.yahoo.com 3 redirects
3 cms.quantserve.com 2 redirects a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
3 csm.eu.criteo.net ads.eu.criteo.com
3 8gr9m8yqc15wvk.opposepresent.net v3.sportsonline.sx
8gr9m8yqc15wvk.opposepresent.net
3 ghb.aplhb.adipolo.com player.aplhb.adipolo.com
3 player.aplhb.adipolo.com jscdn.greeter.me
player.aplhb.adipolo.com
3 id5-sync.com cdn.id5-sync.com
player.aplhb.adipolo.com
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 ib.adnxs.com 1 redirects googleads.g.doubleclick.net
2 awstats.cloud 8gr9m8yqc15wvk.opposepresent.net
awstats.cloud
2 b1sync.zemanta.com 2 redirects
2 d5p.de17a.com 2 redirects
2 cat.nl3.eu.criteo.com ads.eu.criteo.com
2 secure.adnxs.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 script.4dex.io player.aplhb.adipolo.com
script.4dex.io
2 widgets.amung.us v3.sportsonline.sx
8gr9m8yqc15wvk.opposepresent.net
2 whos.amung.us 2 redirects
2 ads.eu.criteo.com a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
2 rtb.fr3.eu.criteo.com a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
yalla-shoots.tv
2 v3.sportsonline.sx dalbouh.xyz
v3.sportsonline.sx
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 cdn.jsdelivr.net securepubads.g.doubleclick.net
8gr9m8yqc15wvk.opposepresent.net
2 dalbouh.xyz yalla-shoots.tv
1 lb.eu-1-id5-sync.com player.aplhb.adipolo.com
1 s0.2mdn.net a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
1 swarm.video 8gr9m8yqc15wvk.opposepresent.net
1 s4.histats.com s10.histats.com
1 s10.histats.com v3.sportsonline.sx
1 match.adsby.bidtheatre.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 im.bluevoox.com 1 redirects
1 s.uuidksinc.net 1 redirects
1 px.ads.linkedin.com 1 redirects
1 r5---sn-4g5lzned.gvt1.com a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
1 redirector.gvt1.com 1 redirects
1 encrypted-tbn1.gstatic.com a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
1 cdn-adipolo.urekamedia.com
1 rtb.nl3.eu.criteo.com yalla-shoots.tv
1 storage.de.cloud.ovh.net
1 player.adtelligent.com player.aplhb.adipolo.com
1 cat.fr3.eu.criteo.com a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
1 adipolo.com
1 servt.modoro360.com
1 player.avplayer.com tg1.modoro360.com
1 feed.avplayer.com tg1.modoro360.com
1 mug.criteo.com yalla-shoots.tv
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tg1.modoro360.com yalla-shoots.tv
1 www.googletagmanager.com yalla-shoots.tv
1 lives.shoot-yalla.tv yalla-shoots.tv
1 live.shoot-yalla.tv 1 redirects
1 web-api.scorarab.com yalla-shoots.tv
416 91
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-27 -
2024-01-26		 a year crt.sh
demand.supply
Cloudflare Inc ECC CA-3		 2023-02-19 -
2024-02-19		 a year crt.sh
greeter.me
E1		 2023-05-15 -
2023-08-13		 3 months crt.sh
scorarab.com
GTS CA 1P5		 2023-05-28 -
2023-08-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
wl1.aniview.com
R3		 2023-05-09 -
2023-08-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-04-28 -
2023-07-28		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-05-18 -
2023-08-16		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-05-17 -
2023-08-15		 3 months crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
*.avplayer.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-08-08 -
2023-09-08		 a year crt.sh
*.adservrs.com
Amazon RSA 2048 M01		 2023-05-26 -
2024-06-23		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
player.aplhb.adipolo.com
R3		 2023-05-20 -
2023-08-18		 3 months crt.sh
adipolo.com
E1		 2023-05-06 -
2023-08-04		 3 months crt.sh
*.sportsonline.sx
GTS CA 1P5		 2023-04-07 -
2023-07-06		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-26 -
2023-06-29		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2023-06-25		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-13 -
2023-08-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
player.adtelligent.com
R3		 2023-05-20 -
2023-08-18		 3 months crt.sh
ghb.aplhb.adipolo.com
ZeroSSL ECC Domain Secure Site CA		 2023-04-06 -
2023-07-05		 3 months crt.sh
velocitycdn.com
E1		 2023-05-03 -
2023-08-01		 3 months crt.sh
storage.de.cloud.ovh.net
Sectigo RSA Domain Validation Secure Server CA		 2023-01-25 -
2024-01-25		 a year crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-18 -
2023-08-18		 3 months crt.sh
1372348363.rsc.contentproxy9.cz
R3		 2023-03-23 -
2023-06-21		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.a-mo.net
R3		 2023-04-13 -
2023-07-12		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
youradexchange.com
GTS CA 1P5		 2023-04-23 -
2023-07-22		 3 months crt.sh
opposepresent.net
GTS CA 1P5		 2023-05-22 -
2023-08-20		 3 months crt.sh
histats.com
R3		 2023-03-15 -
2023-06-13		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
cakcwbsnurkh.cdnexpress59.net
R3		 2023-04-02 -
2023-07-01		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh

This page contains 30 frames:

Primary Page: https://yalla-shoots.tv/live/11082/0/roland-garros-vs-roland-garros/
Frame ID: 349A477294970E549355B2292EF16D1F
Requests: 163 HTTP requests in this frame

Frame: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7191F4068E079CDA7F8DCB1A15C5CCE3
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=yalla-shoots.tv
Frame ID: 2C928616261F52FE7FA3233285ECF0D5
Requests: 2 HTTP requests in this frame

Frame: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DD01501B3938B7A09BC63B7844CE08D1
Requests: 21 HTTP requests in this frame

Frame: https://dalbouh.xyz/hd.php?ch=hd2&lang=hd
Frame ID: E134E0553A4E82522CA10132555F48BE
Requests: 1 HTTP requests in this frame

Frame: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1F177F40EFD6261293CA6F0B79ED6DF3
Requests: 10 HTTP requests in this frame

Frame: https://v3.sportsonline.sx/channels/hd/hd2.php
Frame ID: FDF1D73800F0378F51D0416221C634E8
Requests: 9 HTTP requests in this frame

Frame: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 104ECA44D0233A3D00408BFB2F0CB87E
Requests: 10 HTTP requests in this frame

Frame: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2CD326F734E6A4F02D161A41459FC20F
Requests: 44 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAHELYIu88AAAFymVTmwbj6tazh-dZDPQ&u=%7CxiZKFHmULl9pB%2FWx1kArvOe2Y5WZUfsucSh1KvVgN5w%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4SSIM1uLI95CKOarvqzGH4ByNrjFbjJLTqeCHq7eE7vL1AhROuEo3n8E6T4WvGed6geOnFam5vK2_fUu-I6siexkyj9SwCOhrfLioHDIq1uFL6Nv93CTof204CO9TvPzTZtv65199HYbHA7jZSY91KEUtCg1__roeW2YYWkxru29IoG7dRsTryfVSs7DQrn5JdACy15MFIFucdwoAfPeNCa8u1f2obdxZamwnVi_sNuKWYUO7GtD2Jgp1f40yrw4VBDinohqVOPY5ZGRcwe9WOLcBpSm-LpYyNQbufFKGdidvgIYLpa3g6K-LHMeGdV5R-8fPsaTID34WUYJMar_ZxetYekUuHXlnWJ7ecu2hT3ZFkkX4Nmw_V3DQxopSZQVuyDes7idkvd29APZH9clhmPxYTkjPPvGEGz3ehDo7zda-Ly4_NmirKmwi8XFbfcfMMaJXrraqaueChkUw41yZzq52F8McfgBGQi7dmUy9gbF8MoeAnM8-H2NpHUTiems0XonxVIayxeAQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaau7_up1ZLahHICe7_UPmeWFqATJntKxXL2Ol_dwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAikNNiGa7rE-4AIAqAMBqgTMAk_QbFIoACkWXwoQi_EgsaTSYakrfatBaAGeCkzqN4DqY1FEfflWgSPj7p8U0VBFQb2PpvgPRaL45OLgaikr8aIgkBw0PrtYnLc6l2gXvNjhbo2JyhGAJzLaEawXthT0i-WIry62hZlbM-PHrRlITBM2tty6H5GSNLTrTo0QCVpOUlJt8f3784T0BVCrX8yrFnLergmf6e3dOHeLPUHCRjMT7yHZvg8J_DMWPK9-8oC-tq6KHTmUOJ-ekJzDv6RKpRFPiHXMPfipgD-p96UeaUmi0eMTMTQmtAHee1qYyPwgj7XrdR5-zRAfrrzo2OEnOtL7iQGprSdyVK6MuAijJA39tNUlvmNNvLgdp5AbkQkURKkRvl9mS7pDM96D0Umw13RZKECzMr18Ciecll1I-uYTmsRaGNT8vqaPdW57H8x6M2Qt7qXszCUncMDy4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lJJFnFrDC-DBm9XaUVa-2Ngrb8w%26client%3Dca-pub-3831894559014614%26adurl%3D
Frame ID: 308830CF6499CAADF583FE6600D61548
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2EEA445C7464C5DC3F193280A7037935
Requests: 9 HTTP requests in this frame

Frame: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3AC0802FE2D71C047FF4507AE2DDCF37
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A845BE360F19CC1256EBD397F103F75C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0C696E253379BDCAB3E313FB4F8368C5
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAIRS0Iu8BXAArzweK8hmwBjiXNbBZxzA&u=%7CxiZKFHmULl8eMeLJxdHHHwy55%2FblVBCs%2FtSojhEi1VM%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4R5eWn7RSgJbxCKfkLuFqDQH0wIbkZS-7qUkuZE5LGb_rxYi-f7HMLEUr4HRyEIakcbNCVcCezNG2759vLFP-m677tO9LkB9Yt6G4E-xLd4UdfbCiePsQ2cTfps9MlX8RG_uTm3r718Wp9C_SghPPJfn2HRI8Ah-PBtAMZVsk43Xb3IQYZvIJodS2GfT-cSj2-9wEf1OPnxeSNK8As76sETEkBeYMCjvtMERMoLEpILQYKkpZy4vz4PBRyx0iPKzrd1TmSO_Ufwl2ylh1D3ooVJiQQ26zKG7mW2qcV9NT7smP5rcRlbEWC6FEYsjn4FtEAHph7Ett6PbJ8OqLCDHWVDfd3lt4lDr8HISNtTh6UArBlXUNJ26b5YuVf-ShyJIs4E95OnbnRKvskpTDG9BdRoCMUs9mIxEG2lb78PrzNHZJz_oknm2rpBH7HGkzMDlMsXWbHW-0qwtPVNl4cjFioUDKA81kpNNtKpgJWToeG5PGVSh4Fz6rdtxZilwctGkwuxM985PzMVBBhVsfjKLNCb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCd1ku_up1ZK2KIdeA7_UPweermAjJntKxXPXalvdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjUz9aPP8LE-4AIAqAMBqgTSAk_QC-1_q3smfUOFpBOnscJvXfViJv8ygsKJTHPH79j3XQfuL0Vp_ucQs-phf-CgLc61m_3mdoObsv5RBccgJNNrJF8IEbC8bVV3b-wjZFNUzCd48uo89uuRx3zkWTlt4DcHXWNF2COkKXIg4LWIaWC6lZoMb6dikAMmixBG2WUOoyTNRjbOU8f55GXXCeDBpBJK7JciyQzesgNWTLt2PhQ3QRsHPtj8exp8s_n4WVCNyi9S-AGnomwCXKO81YHfE23iX0cinKDctHPeM2DB4Ja2sM3Yq871YuBXPCNA_bpgh6kotPMgx9aKs0bzp_yheYmPvVg_RYp8E0KYuaCsHtkm0ThJ--IHdnmfpZEsd8w_P-R_-8bJYXAB9P4knwEOT0_C9kfHQp6d7b_yxVyDj8ZD_sTLTNWSPQUqYgxowpGzYmdMW3VRZAoks0hwoabof98N4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07TLA4312aIGFVC5gADvLkdrUBlw%26client%3Dca-pub-3831894559014614%26adurl%3D
Frame ID: 9371E1643818265DA86508D85465BBD4
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 23070B4C6E5125C4CA9E891376785532
Requests: 9 HTTP requests in this frame

Frame: https://8gr9m8yqc15wvk.opposepresent.net/embed/awcg463b
Frame ID: 94B0D7C10D2F610D5905D09B88E0D738
Requests: 20 HTTP requests in this frame

Frame: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 69DB889EA069D6473D03D8A53EEEC5D6
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
Frame ID: 5B4E90FF208BD6B7BC2B690C9473525A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 11B9A1864FFCB88B60A3EE7B82B731F1
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
Frame ID: 9F6606B31593E645F343BB0A88EA264B
Requests: 1 HTTP requests in this frame

Frame: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0BD700F03A00AEAFEFFA04FD438071BC
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CD35C9EAE800DF14DEDADF356C5769E2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
Frame ID: 8A887D034979DA64379FAB74CFBE2D99
Requests: 1 HTTP requests in this frame

Frame: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 966CE37F504F33F685AD6ED355EFB93C
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEYlNif5QEwAQ&v=APEucNVYljZ_9T-TKriQjs7AwFGm-iL7C-IZr5XE8bU6pDQhGssl64gdEoUone9MnogVmPividymoKFj0Kp3ZBM3YoZTY_3I157y7PAEYeDHFBfumD8Ko75kVvXVxFvgEfZiuZiBo5PmzoPaf_cmpBL37QAJW45Xw97BFw2XICbf8pIPtBhKvlw
Frame ID: D0C2EC8651E128C5CD4FCFEC27A2F1B4
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 094A16D921512A17D672BE4DCC62DD8C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 01572A099CF7330DF47F95B6FB4A2825
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1685449472649&gdpr=0
Frame ID: A28475DC084A013B580C828D946D86A5
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1685449471163
Frame ID: 5710C1491DD15508B8A475A4DD01DF8A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

بث مباشر لمباراة رولان غاروس و رولان غاروس - رولان غاروس - 2023-05-30

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

416
Requests

89 %
HTTPS

55 %
IPv6

59
Domains

91
Subdomains

74
IPs

11
Countries

8991 kB
Transfer

14088 kB
Size

36
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://live.shoot-yalla.tv/uploads/img/telegram.svg HTTP 301
  • https://lives.shoot-yalla.tv/uploads/img/telegram.svg
Request Chain 66
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=yalla-shoots.tv&sn=ChromeSyncframe&so=0&topUrl=yalla-shoots.tv&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=ZXk9JXwrenJDV0RkVnJKcUozenJtREdVOVBHTWprY0xFMmZsWkc2S3ZRZUkraDgvVE5ZS1JKZG5MV1I4VmhIazYzNmJCWkxjU0NJMEpDS1QwWGZ5LzgzSXNOSmhaZWdlTzVvLy9QUXdCS2t3b3Y5UU1FV0hUMTZ1K1JZT2lmenhJMEpPVnpyemlBYTRnY1lsT3BMTHg3akVHWmFqVEhDSUlPcnd4dVJNYW40ekZGRlhYemF2NlF4Sjl1bi9zQS8yQU00N0VENDZuc1VVcGpiakhwZiszV3lFUGtsVUpjbVNDcFlzcXh3QlhTM0JzY3MvQXBQQnBSZ2FSSkpCVmpSbE1qWkNCM1ZIZGxyQmJ0WVN0VGF0Qkpyd1I3bW1RRWQ1YUN2emZPcVpSa1l3Q3djTT18&cppv=2
Request Chain 165
  • https://whos.amung.us/cwidget/sevaqeifj/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=763&c=000000ffffff&p=left
Request Chain 188
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCXk6KrVBCwCRj0BDII6Z4CQb2tJlY HTTP 301
  • https://tpc.googlesyndication.com/simgad/4587220354190784715
Request Chain 195
  • https://redirector.gvt1.com/videoplayback?id=0e09f6707f2165ff&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1685456670&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=58D019AB27D5F7E84CF36383FE7E60A7F1361E24.29CFC5CF24FB3EA43AA894B5C74ED350FE8F35C5&key=ck2 HTTP 302
  • https://r5---sn-4g5lzned.gvt1.com/videoplayback?id=0e09f6707f2165ff&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1685456670&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=82558217260981D5E50614BFFD8DB6EBA9272D2E.84D729A9CC41B4CED7EA96A6231DBE50AE76759A&key=cms1&cms_redirect=yes&mh=2O&mip=2001:1b60:2:240:3247::9&mm=28&mn=sn-4g5lzned&ms=nvh&mt=1685448681&mv=u&mvi=5&pl=29
Request Chain 198
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEN31wUs88wQXkXgk5L6-2Kg&google_cver=1&google_push=ATf1kGMcridp6QRMqqFk-Wb24HuPES3gSqAhU-NjjW0UnU40K5HrJiSSO8raqeFR3W3WqQJX_zCcgrqA4UtwAI_zYVhMUxsAe0FNHg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMcridp6QRMqqFk-Wb24HuPES3gSqAhU-NjjW0UnU40K5HrJiSSO8raqeFR3W3WqQJX_zCcgrqA4UtwAI_zYVhMUxsAe0FNHg
Request Chain 199
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEL_7D1kes7qE82hZyVf2zig&google_cver=1&google_push=ATf1kGOg04iPjKC1AnFuSkLj8heGvzH1P_BCt59lfKaILh5cLSGz5VC9pFRRmRAHfmAcNtIAOqaJkpiea0MEHarU7oKO_pkHI8iwNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGOg04iPjKC1AnFuSkLj8heGvzH1P_BCt59lfKaILh5cLSGz5VC9pFRRmRAHfmAcNtIAOqaJkpiea0MEHarU7oKO_pkHI8iwNw
Request Chain 200
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESELd_7cJOoam890nvhZbiHQM&c_param1=ATf1kGPmpdaxv9NbOnBbnXAwaQnPM7RyPFAEXlFNWBlAZEvu7JFC_7Q6BQG86XZhRDAG5_WWJV4RHlKZT_ZMtVgAd0LCiTtW7II-iw&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGPmpdaxv9NbOnBbnXAwaQnPM7RyPFAEXlFNWBlAZEvu7JFC_7Q6BQG86XZhRDAG5_WWJV4RHlKZT_ZMtVgAd0LCiTtW7II-iw
Request Chain 201
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAScbn0m6qsmE3Ii-u4glPg&google_cver=1&google_push=ATf1kGOkjTdaIi_REy3MjFdmHnlRnT6VruDrO2UO0l0sUotC9AxjHPBFgFe7iT13k8pGSKAdT0ppV8XxvNCCdseb771ctxpYxN1znw HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAScbn0m6qsmE3Ii-u4glPg&google_push=ATf1kGOkjTdaIi_REy3MjFdmHnlRnT6VruDrO2UO0l0sUotC9AxjHPBFgFe7iT13k8pGSKAdT0ppV8XxvNCCdseb771ctxpYxN1znw&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAScbn0m6qsmE3Ii-u4glPg&google_hm=ZHXq_1LtxKQEPhms_iwrFAAAFDwAAAAB&google_nid=index&google_push=ATf1kGOkjTdaIi_REy3MjFdmHnlRnT6VruDrO2UO0l0sUotC9AxjHPBFgFe7iT13k8pGSKAdT0ppV8XxvNCCdseb771ctxpYxN1znw
Request Chain 202
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHQh3olHwJ70QyIMHq-Cr0Q&google_cver=1&google_push=ATf1kGMVNYzN4uDv21rKhNz3tu7MjrnqvgzhcUonfMDRJHKxMQqXfou3i7ZIr_1epWQ41CyfeepjLEwr3xgZ-mWxunCJz2bae4VvnQ HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHQh3olHwJ70QyIMHq-Cr0Q&google_cver=1&google_push=ATf1kGMVNYzN4uDv21rKhNz3tu7MjrnqvgzhcUonfMDRJHKxMQqXfou3i7ZIr_1epWQ41CyfeepjLEwr3xgZ-mWxunCJz2bae4VvnQ&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGMVNYzN4uDv21rKhNz3tu7MjrnqvgzhcUonfMDRJHKxMQqXfou3i7ZIr_1epWQ41CyfeepjLEwr3xgZ-mWxunCJz2bae4VvnQ&google_hm=Gu2IqGZHYnFXcSmXSU67IRUe
Request Chain 203
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEHj9dKPurvV4RyfUm0x92hQ&google_cver=1&google_push=ATf1kGOzKzkmDCw4a5azjjSqmHaE_YwSNWy1ik0rPFi7THS19QLUY8rkk-oM2cWyPjZbn17fUFqzV7SfVC3xD57Klvby9YPZAyMhgg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGOzKzkmDCw4a5azjjSqmHaE_YwSNWy1ik0rPFi7THS19QLUY8rkk-oM2cWyPjZbn17fUFqzV7SfVC3xD57Klvby9YPZAyMhgg&google_hm=QlMuNTEyNi1hMzllLTQxZDktODQ3Yg==
Request Chain 204
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHTTCPziIBpW0fDpoAsJ6Cg&google_cver=1&google_push=ATf1kGNprePyFcgINGY5I457HJw9n44gl8UccJvVqTHdzOuErXv-hq5jNAQwyoFABZ6v6iQW8AmXPni4rES1JXkh8eHSz4bt3-iX4w HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEHTTCPziIBpW0fDpoAsJ6Cg%26google_cver%3D1%26google_push%3DATf1kGNprePyFcgINGY5I457HJw9n44gl8UccJvVqTHdzOuErXv-hq5jNAQwyoFABZ6v6iQW8AmXPni4rES1JXkh8eHSz4bt3-iX4w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTg1MzcxMzEyMzcwNzc4MDE5Mw%3D%3D&google_gid=CAESEHTTCPziIBpW0fDpoAsJ6Cg&google_cver=1&google_push=ATf1kGNprePyFcgINGY5I457HJw9n44gl8UccJvVqTHdzOuErXv-hq5jNAQwyoFABZ6v6iQW8AmXPni4rES1JXkh8eHSz4bt3-iX4w
Request Chain 213
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKY1Y50lyLXeNIijxfZRf5s&google_cver=1&google_push=ATf1kGN6N3pmC7rebItYSnrnuQVzWQtRbmhnnGWEARSKZAlL0YdABKf7WFTUSIw___Mn8ErOLPghmWiVu9Ngje2eKm8d2npsyjY HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKY1Y50lyLXeNIijxfZRf5s&google_cver=1&google_push=ATf1kGN6N3pmC7rebItYSnrnuQVzWQtRbmhnnGWEARSKZAlL0YdABKf7WFTUSIw___Mn8ErOLPghmWiVu9Ngje2eKm8d2npsyjY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RGo1QTJHMnAxUTNZb1Q1&google_gid=CAESEKY1Y50lyLXeNIijxfZRf5s&google_cver=1&google_push=ATf1kGN6N3pmC7rebItYSnrnuQVzWQtRbmhnnGWEARSKZAlL0YdABKf7WFTUSIw___Mn8ErOLPghmWiVu9Ngje2eKm8d2npsyjY
Request Chain 214
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEKV_JPgQTx9cpW8j-3dJT84&google_cver=1&google_push=ATf1kGPPD7cuxuJXb9W2r7OEw3yhb_JmZXVIF57UXshw841fID7ldtlDa-2mhueSyLgPY4XFVP83wu6B_lcmT_cFChJAIVEs0A HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=khHhHswMRyKuvHk3tYeccQ2&google_push=ATf1kGPPD7cuxuJXb9W2r7OEw3yhb_JmZXVIF57UXshw841fID7ldtlDa-2mhueSyLgPY4XFVP83wu6B_lcmT_cFChJAIVEs0A
Request Chain 215
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEBYobuAo54YOli_P_DaMf_Y&google_cver=1&google_push=ATf1kGMTPiHRTvOkxPYVOSYpUiI9ViHBBZITApFX-TAYhkPpEq-3QGT-QY_Iv3lV0ISCYuoIkJL1n_f2DOILjhjS3s9zISBojpI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGMTPiHRTvOkxPYVOSYpUiI9ViHBBZITApFX-TAYhkPpEq-3QGT-QY_Iv3lV0ISCYuoIkJL1n_f2DOILjhjS3s9zISBojpI
Request Chain 216
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEGupdXrUgGK-SHEf1uiARJ8&google_cver=1&google_push=ATf1kGO9jguNl8wXGIxtRSx6Babhgx62qcEJhLAHvhEL6qPRx4g_LJnZma2TrsL59Nj5WXQYzGT7q5jfHeyqDp7PI8zKX6slP94 HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGupdXrUgGK-SHEf1uiARJ8&google_cver=1&google_push=ATf1kGO9jguNl8wXGIxtRSx6Babhgx62qcEJhLAHvhEL6qPRx4g_LJnZma2TrsL59Nj5WXQYzGT7q5jfHeyqDp7PI8zKX6slP94 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGO9jguNl8wXGIxtRSx6Babhgx62qcEJhLAHvhEL6qPRx4g_LJnZma2TrsL59Nj5WXQYzGT7q5jfHeyqDp7PI8zKX6slP94
Request Chain 217
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIwj2wTu8NCD7s3prSY1d1s&google_cver=1&google_push=ATf1kGPmJ0chk-NH9IHdnJJGDTwGYO8y5jRKoXEhvb2A3XBdfcXbdOsB9C_aWmbOeMSRE4CArXmLxhfn7lI73XXNz96n1Dxz-6qZ HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEIwj2wTu8NCD7s3prSY1d1s&google_push=ATf1kGPmJ0chk-NH9IHdnJJGDTwGYO8y5jRKoXEhvb2A3XBdfcXbdOsB9C_aWmbOeMSRE4CArXmLxhfn7lI73XXNz96n1Dxz-6qZ&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGPmJ0chk-NH9IHdnJJGDTwGYO8y5jRKoXEhvb2A3XBdfcXbdOsB9C_aWmbOeMSRE4CArXmLxhfn7lI73XXNz96n1Dxz-6qZ&google_hm=cmg0N2haUlZOdW9jMkNjUGduVEs=
Request Chain 218
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDUyAVQdIms9JHoc305Hf38&google_cver=1&google_push=ATf1kGNIKh41yi0zlNx_C8vP7BqkhvokYS0dTaI6H4HGTF5nQ9V9To_ZYwLpjhyM6SFjDnh7bz0hE9_md-7iaUgte-me9eWd9eE HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNIKh41yi0zlNx_C8vP7BqkhvokYS0dTaI6H4HGTF5nQ9V9To_ZYwLpjhyM6SFjDnh7bz0hE9_md-7iaUgte-me9eWd9eE&google_hm=Gu2IqGZHYnFXcSmXSU67IRUe
Request Chain 219
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAEkagR1pzHPwkF0VmP8v7E&google_cver=1&google_push=ATf1kGOkZo-QuQC0qhRfoIIFCVHlOCZCfZpNGMGUwSkGvdX8qS8E-U7flylMnVEHd4hbOqlwauXrW2V4-pBWO_2YhKj13SBoZrNaoQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOkZo-QuQC0qhRfoIIFCVHlOCZCfZpNGMGUwSkGvdX8qS8E-U7flylMnVEHd4hbOqlwauXrW2V4-pBWO_2YhKj13SBoZrNaoQ HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 297
  • https://whos.amung.us/cwidget/bkw7sodkdx/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=1640&c=000000ffffff&p=left
Request Chain 300
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHtzPjJXQ6EGbVC3EDyHd78&google_cver=1&google_push=ATf1kGNI7rOmerecuVB1LvIt8-rkVJBPT3tVsVL8TP-QiAZbv7pxOEoWf7AqwxOqR_5CpXeCykoj_GBfmuSF0qi-NbZmPiG7CuY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RGo1QTJHMnAxUTNZb1Q1&google_gid=CAESEHtzPjJXQ6EGbVC3EDyHd78&google_cver=1&google_push=ATf1kGNI7rOmerecuVB1LvIt8-rkVJBPT3tVsVL8TP-QiAZbv7pxOEoWf7AqwxOqR_5CpXeCykoj_GBfmuSF0qi-NbZmPiG7CuY
Request Chain 301
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEN31wUs88wQXkXgk5L6-2Kg&google_cver=1&google_push=ATf1kGP5zAg8ZVpQPIZxUb7T_66Dgb7uS0vxl4n1mT_oZVbNwFdlvdHN9oUoipcJCNQGEP52IKIjL7z7WEp8BzC_FnuyUcB3-Qgh HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=vwdkder_QgCaem5m5h5R0A&google_push=ATf1kGP5zAg8ZVpQPIZxUb7T_66Dgb7uS0vxl4n1mT_oZVbNwFdlvdHN9oUoipcJCNQGEP52IKIjL7z7WEp8BzC_FnuyUcB3-Qgh
Request Chain 302
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPcqaQxqxsMUJ5qq5jzzwHs&google_cver=1&google_push=ATf1kGNzYWN0e9XBVlaqHoZhtST2JunaKPLnvtMill-niblqic9UDM3xqXX0diyyLL2mvAEay0Af63l7ekfVbX717BLA6lNtT8y8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNzYWN0e9XBVlaqHoZhtST2JunaKPLnvtMill-niblqic9UDM3xqXX0diyyLL2mvAEay0Af63l7ekfVbX717BLA6lNtT8y8&google_hm=eS1iV2pRVUJ0RTJwRnJpU3hEYTg3Mk5Wci5GVTN1UnZtSX5B
Request Chain 303
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN6G2a-dZReo2jQRokaU1gU&google_cver=1&google_push=ATf1kGOzvJrQrkxcbMRW7iVIFxKJP5hzCakxRkhCnMfW__hML61IDQYQNMdE_oPI7QP-O_1fC0kVDGFhk-XvBcUNy8l8MUGrBibB HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN6G2a-dZReo2jQRokaU1gU&google_cver=1&google_push=ATf1kGOzvJrQrkxcbMRW7iVIFxKJP5hzCakxRkhCnMfW__hML61IDQYQNMdE_oPI7QP-O_1fC0kVDGFhk-XvBcUNy8l8MUGrBibB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA0NjUyOTY5OTk1MjA2NTk5Mg&google_push=ATf1kGOzvJrQrkxcbMRW7iVIFxKJP5hzCakxRkhCnMfW__hML61IDQYQNMdE_oPI7QP-O_1fC0kVDGFhk-XvBcUNy8l8MUGrBibB
Request Chain 304
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHQh3olHwJ70QyIMHq-Cr0Q&google_cver=1&google_push=ATf1kGPYwWgzI-_EyQ_Fm1g6_D9In05Wa_I7TSwDs9RZrXP3LnOGIeSmj6qgqW1g2ZfUaLmEq5r74QW9bb_F3MeyS243jYFSGGAV HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPYwWgzI-_EyQ_Fm1g6_D9In05Wa_I7TSwDs9RZrXP3LnOGIeSmj6qgqW1g2ZfUaLmEq5r74QW9bb_F3MeyS243jYFSGGAV&google_hm=Gu2IqGZHYnFXcSmXSU67IRUe
Request Chain 305
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDogoB5G29Mm9eJ1syHj1wU&google_cver=1&google_push=ATf1kGMP88J2MbzMs1akXTABdiaE9Z-yHWOmZBE-7tJlbRfiRtQd_02HQggTK2zmLpXgaM5Hg8JiOPNoYQrX-KkkP61eJ6dkco9- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMP88J2MbzMs1akXTABdiaE9Z-yHWOmZBE-7tJlbRfiRtQd_02HQggTK2zmLpXgaM5Hg8JiOPNoYQrX-KkkP61eJ6dkco9- HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 345
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
  • https://tpc.googlesyndication.com/simgad/4091503581208051288
Request Chain 348
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKy_zpN8RfBSk7Gl97LfBvU&google_cver=1&google_push=ATf1kGPfsIfGyFwISeiTBzwvW5dBMMS-fmmU0wnTvsRU0UTXgCbctkz4vB33DwUSRMeTafvbTYmuJVeaY1MnwAYNyEXSGuCzG9OI HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGPfsIfGyFwISeiTBzwvW5dBMMS-fmmU0wnTvsRU0UTXgCbctkz4vB33DwUSRMeTafvbTYmuJVeaY1MnwAYNyEXSGuCzG9OI&google_hm=YsEdq984WNPkGBh7PMecPg
Request Chain 349
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHtzPjJXQ6EGbVC3EDyHd78&google_cver=1&google_push=ATf1kGMhrzIBgfWUJuVMXgDrQ6UTkOiUHCkdm9FabEEz_lx1ZvOGO7wQpyTv9CoeCc3qEDGlEWbeE3eeaIHUYsvLgBtChdxKbS4_0A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RGo1QTJHMnAxUTNZb1Q1&google_gid=CAESEHtzPjJXQ6EGbVC3EDyHd78&google_cver=1&google_push=ATf1kGMhrzIBgfWUJuVMXgDrQ6UTkOiUHCkdm9FabEEz_lx1ZvOGO7wQpyTv9CoeCc3qEDGlEWbeE3eeaIHUYsvLgBtChdxKbS4_0A
Request Chain 350
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEN31wUs88wQXkXgk5L6-2Kg&google_cver=1&google_push=ATf1kGOFVWDPQNMuAUy7YIDGa_twjpwOzsaBDkYmhCl3FinEjzC8RF6ofSdvupNC1pxt7IyW8tkYR4un1Jvv9qTCK54wlztEWeOx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=vwdkder_QgCaem5m5h5R0A&google_push=ATf1kGOFVWDPQNMuAUy7YIDGa_twjpwOzsaBDkYmhCl3FinEjzC8RF6ofSdvupNC1pxt7IyW8tkYR4un1Jvv9qTCK54wlztEWeOx
Request Chain 351
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPcqaQxqxsMUJ5qq5jzzwHs&google_cver=1&google_push=ATf1kGPXaDQihB0YscwDZMLpF7-ra3ls1_qmmWtvFGNY4G0w8L2pOQOWT5Tmk5tiNL-Iili-tpLP8slyriCuzapHKhLR6aqxQZntoQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPXaDQihB0YscwDZMLpF7-ra3ls1_qmmWtvFGNY4G0w8L2pOQOWT5Tmk5tiNL-Iili-tpLP8slyriCuzapHKhLR6aqxQZntoQ&google_hm=eS1iV2pRVUJ0RTJwRnJpU3hEYTg3Mk5Wci5GVTN1UnZtSX5B
Request Chain 352
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN6G2a-dZReo2jQRokaU1gU&google_cver=1&google_push=ATf1kGPzGrag3gW7SHdHD2UOtWaEYsdFKKq8sRkfI0mUg6kuCe6he-ADBStD17G9AGUVIVy_t_Po0AZHTrO77XfgWufnQiDpr3-8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA0NjUyOTY5OTk1MjA2NTk5Mg&google_push=ATf1kGPzGrag3gW7SHdHD2UOtWaEYsdFKKq8sRkfI0mUg6kuCe6he-ADBStD17G9AGUVIVy_t_Po0AZHTrO77XfgWufnQiDpr3-8
Request Chain 353
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHQh3olHwJ70QyIMHq-Cr0Q&google_cver=1&google_push=ATf1kGPn51XpHMc9jxCFQbEorCOEjSBGKaBC871QoKbJn4jz0FgVSQm77FBFdGZEXFTrhiL-D7X7qLnURim3remoQoR6B9yblk-f HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPn51XpHMc9jxCFQbEorCOEjSBGKaBC871QoKbJn4jz0FgVSQm77FBFdGZEXFTrhiL-D7X7qLnURim3remoQoR6B9yblk-f&google_hm=Gu2IqGZHYnFXcSmXSU67IRUe
Request Chain 354
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDogoB5G29Mm9eJ1syHj1wU&google_cver=1&google_push=ATf1kGNC8lKelbDRnTv5yjLoERjPrXRjVl9Dqy1UyIiUrfC92R4av1DRnPtVrypagald2UanWFZ9fTF2kCtYLNLKYfzOC_WCgpbMcwA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNC8lKelbDRnTv5yjLoERjPrXRjVl9Dqy1UyIiUrfC92R4av1DRnPtVrypagald2UanWFZ9fTF2kCtYLNLKYfzOC_WCgpbMcwA HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 382
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPn5G3ZZ6Fld4dPi1ukMjC0&google_cver=1
Request Chain 383
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHXq-1LtxKQEPhms-iwrFAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPn5G3ZZ6Fld4dPi1ukMjC0&google_cver=1
Request Chain 384
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELeCZAX-su9eGsg_S6AoZRE&google_cver=1
Request Chain 385
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg1MzcxMzEyMzcwNzc4MDE5Mw%3D%3D
Request Chain 397
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKy_zpN8RfBSk7Gl97LfBvU&google_cver=1&google_push=ATf1kGOINYnrJRX8H39yvSo2H624bZFzKwYvQMvWsggyAQ7JuFdXfpEZzQRRypnm9ifnpQvkgpzD4x3zHldrUzg7sQOIgCFw-PrH HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOINYnrJRX8H39yvSo2H624bZFzKwYvQMvWsggyAQ7JuFdXfpEZzQRRypnm9ifnpQvkgpzD4x3zHldrUzg7sQOIgCFw-PrH&google_hm=YsEdq984WNPkGBh7PMecPg
Request Chain 398
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHtzPjJXQ6EGbVC3EDyHd78&google_cver=1&google_push=ATf1kGNNOAUMHE0g4rlQ1gD2-gDRmQjxf8bcAEuHEIoutnQt9j9aYaV7eIxgHAmL7ARTmRx6ohx8RjYs2U5m_RO69zPrZsQnv_v6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RGo1QTJHMnAxUTNZb1Q1&google_gid=CAESEHtzPjJXQ6EGbVC3EDyHd78&google_cver=1&google_push=ATf1kGNNOAUMHE0g4rlQ1gD2-gDRmQjxf8bcAEuHEIoutnQt9j9aYaV7eIxgHAmL7ARTmRx6ohx8RjYs2U5m_RO69zPrZsQnv_v6
Request Chain 399
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEN31wUs88wQXkXgk5L6-2Kg&google_cver=1&google_push=ATf1kGP_0k8a2z5ABK4iOvEpujGhZLyoDVDDw9Hzo_6fWd_klUwt2a6bETq7nmayvF7MN44vcM6yti5bzznddquPNEWSU47qTvtX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=vwdkder_QgCaem5m5h5R0A&google_push=ATf1kGP_0k8a2z5ABK4iOvEpujGhZLyoDVDDw9Hzo_6fWd_klUwt2a6bETq7nmayvF7MN44vcM6yti5bzznddquPNEWSU47qTvtX
Request Chain 400
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPcqaQxqxsMUJ5qq5jzzwHs&google_cver=1&google_push=ATf1kGOTLjYI6GdxvdDOFRYRZmM4Mmj9o15cJfWSCp11CxwU4C5z2QOP-adp8D6c5CxOZ66oPQWO13UVH5oLn1bu-IhUlx0hBpma HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOTLjYI6GdxvdDOFRYRZmM4Mmj9o15cJfWSCp11CxwU4C5z2QOP-adp8D6c5CxOZ66oPQWO13UVH5oLn1bu-IhUlx0hBpma&google_hm=eS1iV2pRVUJ0RTJwRnJpU3hEYTg3Mk5Wci5GVTN1UnZtSX5B
Request Chain 401
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN6G2a-dZReo2jQRokaU1gU&google_cver=1&google_push=ATf1kGOLD-332UjevTgVwOCn0EvwubDS-nDQjb2WKvGCuadv6trSQfE00touSMipw-c1mm7F_RgeP7qSE-yVq4yaNQnk-up0gzk7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA0NjUyOTY5OTk1MjA2NTk5Mg&google_push=ATf1kGOLD-332UjevTgVwOCn0EvwubDS-nDQjb2WKvGCuadv6trSQfE00touSMipw-c1mm7F_RgeP7qSE-yVq4yaNQnk-up0gzk7
Request Chain 402
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHQh3olHwJ70QyIMHq-Cr0Q&google_cver=1&google_push=ATf1kGOgrtcqO6PmZSpBMOYLaegpQO3YQK63bSpe6MObhcAAJpepHHDMb5midg0FXa7CU9E4IajcRBdvsQeLUAIc_kc4neswh5XX HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOgrtcqO6PmZSpBMOYLaegpQO3YQK63bSpe6MObhcAAJpepHHDMb5midg0FXa7CU9E4IajcRBdvsQeLUAIc_kc4neswh5XX&google_hm=Gu2IqGZHYnFXcSmXSU67IRUe
Request Chain 403
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDogoB5G29Mm9eJ1syHj1wU&google_cver=1&google_push=ATf1kGNAILlFZ9ZmFvl9zNYuOzWoH-UWmQyGsgqKaMxsYZea3Qr-X-NKCkal-hqB3Yx8KiB1yUnHmu5Uy9w6Z0pIzTKD-S1zt3YaPg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNAILlFZ9ZmFvl9zNYuOzWoH-UWmQyGsgqKaMxsYZea3Qr-X-NKCkal-hqB3Yx8KiB1yUnHmu5Uy9w6Z0pIzTKD-S1zt3YaPg HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5

416 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
yalla-shoots.tv/live/11082/0/roland-garros-vs-roland-garros/ 		191 KB
60 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/live/11082/0/roland-garros-vs-roland-garros/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
683e5f1d6af38b278f6768fd3e940c12caa5b6a50d42818f2b17b9c8a496a698
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=60
cf-cache-status
DYNAMIC
cf-ray
7cf6f44f1be59b88-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 30 May 2023 12:24:29 GMT
expires
Tue, 30 May 2023 12:25:29 GMT
feature-policy
microphone none;camera none;geolocation none;
last-modified
Tue, 30 May 2023 12:23:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), microphone=(), geolocation=()
pragma
public
referrer-policy
strict-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMhZaNgpYuqJKEqHc9gOHHQhO3SUunvsHmAxR41qnBwdtKz%2F3NAeyJ5hOLoUxU2upvHtNbZtI1%2BWGNy4qP77xMkXVApTSStKCBAKaxwxPmXTzH3LZccJN62J1cJHg11RXX4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
up.js
live.demand.supply/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/up.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11082/0/roland-garros-vs-roland-garros/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0701156c044bdcd23404dab08a134e42f5510de8767ed16778a1b45f8ec23de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01H0JH3JA8TSZ1S1CGSMZY0Q5D
date
Tue, 30 May 2023 12:24:29 GMT
content-encoding
br
cf-cache-status
HIT
age
357
cf-polished
origSize=4391
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"ad72f581a14aa3fbbf4827fac4449705-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
7cf6f4501c0a3723-FRA
link
<https://live.demand.supply/impl.v16.9.1.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/eWFsbGEtc2hvb3RzLnR2Lw==>; rel=preload; as=script
timing-allow-origin
*
A-letterbigger_Savir.png
jscdn.greeter.me/ 		945 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jscdn.greeter.me/A-letterbigger_Savir.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11082/0/roland-garros-vs-roland-garros/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:29 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Sun, 10 Jul 2022 13:45:06 GMT
x-amz-request-id
tx0000000000000a64aba73-006475dfb2-97671145-fra1b
etag
"f07519ec5fbc46385f386b577e6e2a1d"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1685449469.dop242.fr8.t,1685449469.cds153.fr8.hn,1685449469.cds205.fr8.c
content-type
image/png
cache-control
max-age=709
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
945
yalla-shoot.png
yalla-shoots.tv/uploads/logo/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yalla-shoots.tv/uploads/logo/yalla-shoot.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11082/0/roland-garros-vs-roland-garros/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3790ed75687a3b6c3d71bcf4bd62c99f82a3dd738ae4b6b2639bd36e4f6bca29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1096095
alt-svc
h3=":443"; ma=86400
content-length
6352
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Sat, 23 Jul 2022 01:22:27 GMT
server
cloudflare
etag
"62db4d53-18d0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MobxlhZqbswjzVhyQOBJwUlrFogsn%2F%2BI%2F4xWSOBwnYW%2FBZlF9ln%2Fira%2BHoMbQELQDi4vOnyiTp%2FKW0EhRAPgiMIuZFxGDykF%2BjLj%2B0tnPDovRgMxWNOify7Qh%2BsXvgnnWjc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
cf-ray
7cf6f44fccd09b88-FRA
expires
Fri, 16 Jun 2023 19:56:14 GMT
truncated
/ 		451 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		944 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		248 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		460 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		500 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
NeoSansArabic.woff
yalla-shoots.tv/assets/fonts/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/assets/fonts/NeoSansArabic.woff
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11082/0/roland-garros-vs-roland-garros/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yalla-shoots.tv/live/11082/0/roland-garros-vs-roland-garros/
Origin
https://yalla-shoots.tv
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1096095
alt-svc
h3=":443"; ma=86400
content-length
57364
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Sat, 23 Jul 2022 01:21:21 GMT
server
cloudflare
etag
"62db4d11-e014"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3BrkEKmKve4%2BxDiptmeh8WVISDrEMYBTozo33t5B5ltBNE6QIDYyXAdrpdRDY9LuQTh%2BkUUJFhekWbJSx4o2tWf9UHCSzAnrwg3Ogr%2F0H1Keo%2BwZ3fFMV2z7wn1eozuiH90%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
accept-ranges
bytes
cf-ray
7cf6f44fccef9b88-FRA
expires
Fri, 16 Jun 2023 19:56:14 GMT
1602079301.png
web-api.scorarab.com/uploads/team/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-api.scorarab.com/uploads/team/1602079301.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11082/0/roland-garros-vs-roland-garros/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.141.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6971ca9515cc0a709fe12eba9547261df5770c55e807fb521fb5f027b6e81896
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:29 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
186676
alt-svc
h3=":443"; ma=86400
content-length
1204
x-xss-protection
1; mode=block
last-modified
Wed, 08 Dec 2021 17:06:39 GMT
server
cloudflare
etag
"61b0e61f-4b4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLD9JrtmqpcUdjjYb24ISUnYiZEUaKaAAE2BykuXjnHJov%2BDvYv%2FqnEgqCMF3dhJL36mb4zLgUYIatHvO7KLW5MLmmOYpqUCkNYuX7Q5EJjolhP3ES5VNZfAEVXs%2BdUgs4OUhY9ZNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7cf6f4504b211e6a-FRA
expires
Tue, 27 Jun 2023 08:33:13 GMT
rocket-loader.min.js
yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11082/0/roland-garros-vs-roland-garros/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 May 2023 08:39:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"646f1eba-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3jltx3kDi2EjnbLeMNL7WzxfbrAky%2BJeGRMTHRqYo0F4BCi%2B5x7uzamAbIxgJYOc2eGBWsRSrzr1nKe%2FdydE5WX8r8REkcUFkJm124YnFfwZ2aWFYzq3D%2B0KmbR%2BlXvT4k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7cf6f44fed1c9b88-FRA
expires
Thu, 01 Jun 2023 12:24:29 GMT
telegram.svg
lives.shoot-yalla.tv/uploads/img/
Redirect Chain
  • https://live.shoot-yalla.tv/uploads/img/telegram.svg
  • https://lives.shoot-yalla.tv/uploads/img/telegram.svg
1 KB
936 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lives.shoot-yalla.tv/uploads/img/telegram.svg
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11082/0/roland-garros-vs-roland-garros/
Protocol
H2
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45dd60aee8728ca8786226233d74694db5f4c0110647c8e48710c49cdd5bdf41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1096109
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Fri, 03 Jun 2022 01:24:02 GMT
server
cloudflare
etag
W/"629962b2-424"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oEccVrav59K%2BbBnYenmg24lSwrg2ZhKMidgLfuQagW%2Fiw82mCku300ncmAoWqYSc9568E9I26C4Vd9uWe33wKt8L9XyGCqQH9ZAqrips5ckBFD%2FKXzyPUcgPVGtaQh91eQuUAIVtKg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
7cf6f4509c6a9c0c-FRA
expires
Fri, 16 Jun 2023 19:56:00 GMT

Redirect headers

date
Tue, 30 May 2023 12:24:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
31
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WdGUtABSwMY2LwI2QkOUyRgCth5o8io6qoNyzCu2utc9d%2F1%2F9KOXQrWtQn6EZp7HVYj6mRxmuHfwaZBgOk2quzksD9Rc%2FrvlNfW6VwKzehQnmuHq1H%2BFtOMZh8FX9q%2FUkwn1PwE7"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://lives.shoot-yalla.tv/uploads/img/telegram.svg
access-control-allow-origin
*
cache-control
max-age=60
vary
Accept-Encoding
cf-ray
7cf6f4505c149c0c-FRA
expires
Tue, 30 May 2023 12:24:58 GMT
js
www.googletagmanager.com/gtag/ 		118 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-230085360-1
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8e5acea1f3347debe27edec7d78ed3864304ff935862a9d6f1dfdcde0b03c56b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46897
x-xss-protection
0
last-modified
Tue, 30 May 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 May 2023 12:24:29 GMT
lazyload.js
yalla-shoots.tv/assets/themes/yalla-shoot/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/assets/themes/yalla-shoot/js/lazyload.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1b682cb1fee45d7f80c900aba4d8ddcb18ac1016dcf38ece495801ac65eb14f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1096108
cf-polished
origSize=7249
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-bgj
minify
last-modified
Sat, 23 Jul 2022 01:24:16 GMT
server
cloudflare
etag
W/"62db4dc0-1c51"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NyFooN17GwB%2BYmfaHdHoHRuGWNeAHC8g%2FDba74H99C8oEqxIEkJB9LrrLZnIfXCkVq11Mabn1byvGTHWaORcp7kfkXgXG3dfAZmwyuez1khqWD1o8bUDI5NmQr42nqOnTAI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
cf-ray
7cf6f4502cb2bbf5-FRA
expires
Fri, 16 Jun 2023 19:56:01 GMT
matche
dalbouh.xyz/api/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dalbouh.xyz/api/matche?t=1685449421
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.233.172 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
spt
tg1.modoro360.com/api/adserver/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=63e0c53d06b87484dc0f3a56&AV_PUBLISHERID=63e0c30829bdc76cde070e85
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c::5c7b:682a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
28ea2ed2dcd96500156b626a9b0c19d67a2d2a9960dad3e6693db228a302e1a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

X-Bamboo-C-SkSt
1
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
Date
Tue, 30 May 2023 12:24:30 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Vary
Accept-Encoding
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Content-Length
7086
Expires
Tue, 30 May 2023 12:29:30 GMT
yalla-shoots.tvdynamic.js
jscdn.greeter.me/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jscdn.greeter.me/yalla-shoots.tvdynamic.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
35cf75de5d617b7a8e395dc30579c7245e3001a2b8227d55f3d3ddc2e773741d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:29 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Wed, 11 Jan 2023 19:24:32 GMT
x-amz-request-id
tx0000000000000a8d4ab7e-006475deb3-9733ce3a-fra1b
etag
"3cc898bc27a1b9035922667e9a7e891a"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1685449469.dop242.fr8.t,1685449469.cds153.fr8.hn,1685449469.cds321.fr8.c
content-type
text/javascript
cache-control
max-age=454
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
7957
yalla-shoots.tvhead.js
jscdn.greeter.me/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jscdn.greeter.me/yalla-shoots.tvhead.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
c73e7fcf76232d28a1760877bd3eccada211feb797fd25ba824df3bac45b46eb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:29 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Wed, 11 Jan 2023 19:35:56 GMT
x-amz-request-id
tx0000000000000a91e8845-006475e933-9620c93c-fra1b
etag
"559fe7c18011a3e1db9adb6276cba3f6"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1685449469.dop242.fr8.t,1685449469.cds153.fr8.hn,1685449469.cds149.fr8.c
content-type
text/javascript
cache-control
max-age=3142
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
7559
jquery.min.js
yalla-shoots.tv/assets/js/ 		87 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yalla-shoots.tv/assets/js/jquery.min.js?t=1685449421
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7e05b68eb47f0167793018bfc04a5fd640d8a9f406b6b2c1892a97f084f6769
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 21 Sep 2022 18:59:19 GMT
server
cloudflare
etag
W/"632b5f07-15d3a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHuOR9A5WwBEy1eLMXRp4qNLKX74htr0cejczmnmcUN1K7fZmSmNNoEDPiGkKzt1lJF2OpAA7lG3hJqxuFeFBGTYkDxfYi4lbKjNxLkiufeUAXzJNc%2FZKY9zZwrtL3lhhuM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
feature-policy
microphone none;camera none;geolocation none;
permissions-policy
camera=(), microphone=(), geolocation=()
cf-ray
7cf6f4502cb7bbf5-FRA
expires
Thu, 29 Jun 2023 12:24:29 GMT
impl.v16.9.1.js
live.demand.supply/ 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/impl.v16.9.1.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11082/0/roland-garros-vs-roland-garros/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdeda8658c3f891c883f5a83c5f2b5e20a18c2fa65658d77a1522fe440b6d0e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01H0JGE5H42NN0NCVBZSKPPTF4
date
Tue, 30 May 2023 12:24:29 GMT
content-encoding
br
cf-cache-status
HIT
age
1201064
cf-polished
origSize=75573
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"a92236f0259b51d5fbe112e5ac680198-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
7cf6f4516e263723-FRA
eWFsbGEtc2hvb3RzLnR2Lw==
live.demand.supply/p4/v16-2-0/ 		2 KB
973 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v16-2-0/eWFsbGEtc2hvb3RzLnR2Lw==
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11082/0/roland-garros-vs-roland-garros/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
322ad3e051494b3a3d2d00a425cf618d436ded37ca8df073c87a785fb8c867cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:29 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
7cf6f4516e2a3723-FRA
alt-svc
h3=":443"; ma=86400
e.js
live.demand.supply/e/ 		0
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?e=ll&d=262&cs=c&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Tue, 30 May 2023 12:24:29 GMT
cf-cache-status
HIT
age
1540823
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cf6f4519e7d2c2a-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37273ef94babc8cbdbe39b9aa8892ae8dd8fa7e083b859da603ca4aa3cfa848c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25149
x-xss-protection
0
server
cafe
etag
95 / 19507 / m202305250101 / config-hash: 6717680343649307308
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 30 May 2023 12:24:29 GMT
eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
live.demand.supply/p4/v16-2-0/ 		2 KB
923 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v16-2-0/eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e30d33de09a566251369aaab5f3b03ee854789a4dfbbe2db42454f6a9dfade97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:29 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
7cf6f4516e2f3723-FRA
alt-svc
h3=":443"; ma=86400
ds.2.html
live.demand.supply/ 		413 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GZ1RZWJJ11B8QMNKWM8Q3GJK
date
Tue, 30 May 2023 12:24:29 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1383618
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
7cf6f4519e802c2a-FRA
alt-svc
h3=":443"; ma=86400
yalla-shoots.tv_fluid_lb+sq
live.demand.supply/cp/ 		30 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_fluid_lb+sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
296a00aecaff9ba80e3d631d2ecb2614231c1c1fb09dd50b6e1503f75be755a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7cf6f4525f8e2c2a-FRA
alt-svc
h3=":443"; ma=86400
content-length
30
yalla-shoots.tv_native_multi_native1
live.demand.supply/cp/ 		21 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_native_multi_native1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:29 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7cf6f4525f922c2a-FRA
alt-svc
h3=":443"; ma=86400
content-length
21
yalla-shoots.tv_fluid_sky+sq
live.demand.supply/cp/ 		29 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_fluid_sky+sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
407f245424c71985ff71b2a920f2a1eb24e538756a53dac0d5613d16cf07b769

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7cf6f4526f972c2a-FRA
alt-svc
h3=":443"; ma=86400
content-length
29
yalla-shoots.tv_fluid_lb+sq
live.demand.supply/cp/ 		30 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_fluid_lb+sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
296a00aecaff9ba80e3d631d2ecb2614231c1c1fb09dd50b6e1503f75be755a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7cf6f4526f9c2c2a-FRA
alt-svc
h3=":443"; ma=86400
content-length
30
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/ 		405 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f9f532d9791610dfcc4f0902dcac54e5274eec29a675eae9612ad25c4512fbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 11:40:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
2641
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128027
x-xss-protection
0
server
cafe
etag
5295197450709426467
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 29 May 2024 11:40:28 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		2 KB
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36b808a258319847cbc8c3454e304bd3295ee377e65b30d8bf93903bd6a63f7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
578
x-xss-protection
0
expires
Tue, 30 May 2023 12:24:29 GMT
yalla-shoots.tv_auto_728x90_sticky_display_bottom
live.demand.supply/cp/ 		30 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/yalla-shoots.tv_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7fd313673e518ec15eeb82d0c37b3649e4a870ab258377629ed6e27a293aaa0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7cf6f45379902c2a-FRA
alt-svc
h3=":443"; ma=86400
content-length
30
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
877 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 May 2023 12:24:30 GMT
x-content-type-options
nosniff
content-encoding
br
age
3900
x-jsd-version
master
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230037-FRA
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:18:17 GMT
via
1.1 google
age
373
x-guploader-uploadid
ADPycdtfxbBiYRl18Rm-EjJojUuZtUIzzThvMhIg5KvMDD-r1qq-XdVSQJxsV0Hz483he_jecjcgbWDAACzD_QjbtQ_twA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1938
last-modified
Thu, 27 Apr 2023 19:53:17 GMT
server
UploadServer
etag
"0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation
1682625197861193
x-goog-hash
crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
1938
accept-ranges
bytes
expires
Tue, 30 May 2023 13:18:17 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-120.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 04:44:31 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 00:14:05 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
27609
x-amz-server-side-encryption
AES256
etag
W/"37e703da55f96b973658b8e7aeed0e93"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
-Shdeukrbd2YPMFioChaHkCXvu2JftDH2VbkiviHPrrwri0nTHNNWA==
esp.js
cdn.id5-sync.com/api/1.0/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
RJG8P9KGT25NARJA
age
1689
etag
W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7cf6f453ee0537f0-FRA
x-amz-id-2
p9caGrESjWYwkHsxUB/95tSAMOAWdfigQO7CUyIVO+HkWK6LxeSkGY+AhjJC0xfpQ02CliLtx7w=
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:7a00:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 30 May 2023 05:58:55 GMT
Via
1.1 28e56b9ddced4ed414e75f87cbd0d976.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
MUC50-P1
Age
23136
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
nxmra9e0TsMwe58uqPZuBHDwW10K8GqINKgd-otc0Az9eoBH8NOwOQ==
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d27d3ce9124909a5ff44640d1a1556822d10db85c40fd45c9c574d52ff30fb1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-a980"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 31 May 2023 12:24:30 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		2 KB
1022 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1459908131487426&correlator=2460140894962185&eid=31074695&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C175844fe-17b4-47e6-9355-28af1ff828c4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=1711219817&didk=1133630126&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D836aca35-ff33-458c-a37a-74033abb37e7%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D21%26bid-p%3Dgoogle%26bsc%3D79&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1685449470016&lmt=1685449420&dlt=1685449469390&idt=531&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1954965806.1685449470&ga_sid=1685449470&ga_hid=914313790&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYuOD35IYxSABSAghkEhsKDGlkNS1zeW5jLmNvbRi44PfkhjFIAFICCGQSGQoKcHViY2lkLm9yZxi44PfkhjFIAFICCGQSFwoIcnRiaG91c2UYuOD35IYxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLjg9-SGMUgAUgIIZBIZCgp1aWRhcGkuY29tGLjg9-SGMUgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
118417f9302bd9971a4e09f984d9797ede54f40c3e00d2908fcfce1dad34556e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
992
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7191 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 May 2023 12:24:30 GMT
expires
Wed, 29 May 2024 12:24:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34604045879551d9e3dc0a6bfff8ccc4f5acc35f7d91edd7855937ef417a9736
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 20:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
56935
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13015
x-xss-protection
0
server
cafe
etag
10195340191529681258
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 28 May 2024 20:35:35 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		92 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1459908131487426&correlator=262104460325421&eid=31074695&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cnative-multi%2C3d4ab4c6-6d5f-4b8c-9e83-ea0e7b3534e1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=2&adks=3368116147&didk=3429720029&sfv=1-0-40&prev_scp=ti%3D836aca35-ff33-458c-a37a-74033abb37e7%26chrand%3Dn%26pof%3D1%26rfi%3D30%26bsc%3D79%26format%3Dmulti-native&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1685449470035&lmt=1685449420&dlt=1685449469390&idt=531&adxs=262&adys=504&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&frm=20&vis=1&psz=1076x0&msz=1076x0&fws=4&ohw=1076&ga_vid=1954965806.1685449470&ga_sid=1685449470&ga_hid=914313790&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYuOD35IYxSABSAghkEhsKDGlkNS1zeW5jLmNvbRi44PfkhjFIAFICCGQSGQoKcHViY2lkLm9yZxi44PfkhjFIAFICCGQSFwoIcnRiaG91c2UYuOD35IYxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLjg9-SGMUgAUgIIZBIZCgp1aWRhcGkuY29tGLjg9-SGMUgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0755abe4aa5ee2d1d9dfad4ac92ff239343b1d7a0cc46b52dda9a34627065309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29070
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://yalla-shoots.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://yalla-shoots.tv
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Tue, 30 May 2023 12:24:30 GMT
server
Google Frontend
vary
Origin
via
1.1 google
x-cloud-trace-context
62331f58ca11b21bae3a5a79bf1e8119
encrypt
esp.rtbhouse.com/ 		265 B
360 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b20f2ea2b92396fba5fa0a7a4e33727d81b423ab05fff6da9cf1889df5cbb730

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
via
1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
276d1cf3de123e03008bd8dc77c906bf
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
265
increment
id5-sync.com/api/esp/ 		0
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://yalla-shoots.tv
date
Tue, 30 May 2023 12:24:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
map
bcp.crwdcntrl.net/6/ 		60 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.69.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-69-125.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
74fc1a72da63ce8893d1c626078dc84886590d182daf2309564d9396c5edc52a

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:30 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache
x-server
10.45.26.8
access-control-allow-credentials
true
content-length
60
expires
0
e.js
live.demand.supply/e/ 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_sky%2Bsq&pdc=0.5322707295417786&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Tue, 30 May 2023 12:24:30 GMT
cf-cache-status
HIT
age
1540824
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cf6f4545acd2c2a-FRA
e.js
live.demand.supply/e/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&pdc=0.09446706175804138&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Tue, 30 May 2023 12:24:30 GMT
cf-cache-status
HIT
age
1540824
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cf6f4545ad22c2a-FRA
e.js
live.demand.supply/x/ 		0
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=da&r=yalla-shoots.tv_fluid_lb%2Bsq&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYCRJ7Z7YMGJ3EFJYC5AKSDX
date
Tue, 30 May 2023 12:24:30 GMT
cf-cache-status
HIT
age
1538523
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cf6f4545adc2c2a-FRA
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1459908131487426&correlator=952044076454977&eid=31074695&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C356922b4-0932-42d8-8698-9fc099d8e22d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=3&adks=1743034735&didk=1418515199&sfv=1-0-40&prev_scp=ti%3D836aca35-ff33-458c-a37a-74033abb37e7%26chrand%3Dn%26pof%3D1%26rfi%3D30%26bsc%3D79&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1685449470138&lmt=1685449420&dlt=1685449469390&idt=531&adxs=314&adys=2344&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&frm=20&vis=1&psz=1076x116&msz=1076x116&fws=4&ohw=1100&ga_vid=1954965806.1685449470&ga_sid=1685449470&ga_hid=914313790&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYuOD35IYxSABSAghkEhkKCnB1YmNpZC5vcmcYjeH35IYxSABSAghqEhcKCHJ0YmhvdXNlGLjg9-SGMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRi44PfkhjFIAFICCGQSGQoKdWlkYXBpLmNvbRi44PfkhjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGLjg9-SGMUgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc948ce9fd8111b4b396d24510aea3dab647723459e91fab9853d1ebdc88f91e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
554
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		134 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1459908131487426&correlator=1603315158974254&eid=31074695&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C7b9be0bc-7aae-4298-84dd-8d5becb2ea92&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x600&ifi=4&adks=932317976&didk=412460675&sfv=1-0-40&prev_scp=ti%3D836aca35-ff33-458c-a37a-74033abb37e7%26chrand%3Dn%26pof%3D1%26bsc%3D79&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1685449470142&lmt=1685449420&dlt=1685449469390&idt=531&adxs=302&adys=504&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&frm=20&vis=1&psz=1052x616&msz=1052x616&fws=4&ohw=1100&ga_vid=1954965806.1685449470&ga_sid=1685449470&ga_hid=914313790&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYuOD35IYxSABSAghkEhkKCnB1YmNpZC5vcmcYjeH35IYxSABSAghqEhcKCHJ0YmhvdXNlGLjg9-SGMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRi44PfkhjFIAFICCGQSGQoKdWlkYXBpLmNvbRi44PfkhjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGLjg9-SGMUgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aab126f4f2188558e1f9b7f8a9ab755dd5097ee63fbe25dec6aa89a670d51071
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40235
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/ 		0
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&pdc=0.09446706175804138&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Tue, 30 May 2023 12:24:30 GMT
cf-cache-status
HIT
age
1540824
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cf6f4548b402c2a-FRA
e.js
live.demand.supply/x/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=da&r=yalla-shoots.tv_fluid_lb%2Bsq&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYCRJ7Z7YMGJ3EFJYC5AKSDX
date
Tue, 30 May 2023 12:24:30 GMT
cf-cache-status
HIT
age
1538523
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cf6f4548b422c2a-FRA
syncframe
gum.criteo.com/ Frame 2C92 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=yalla-shoots.tv
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 30 May 2023 12:24:29 GMT
server
Kestrel
server-processing-duration-in-ticks
370722
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1459908131487426&correlator=1961546682123396&eid=31074695&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C356922b4-0932-42d8-8698-9fc099d8e22d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=5&adks=3246021675&didk=1418515198&sfv=1-0-40&prev_scp=ti%3D836aca35-ff33-458c-a37a-74033abb37e7%26chrand%3Dn%26pof%3D1%26rfi%3D30%26bsc%3D79&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1685449470171&lmt=1685449420&dlt=1685449469390&idt=531&adxs=302&adys=220&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&frm=20&vis=1&psz=1052x116&msz=1052x116&fws=4&ohw=1100&ga_vid=1954965806.1685449470&ga_sid=1685449470&ga_hid=914313790&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYuOD35IYxSABSAghkEhkKCnB1YmNpZC5vcmcYjeH35IYxSABSAghqEhcKCHJ0YmhvdXNlGLjg9-SGMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRi44PfkhjFIAFICCGQSGQoKdWlkYXBpLmNvbRi44PfkhjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGLjg9-SGMUgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a354da14f966bdf1fc9a766a4cc89af81ee90a22ee06b8909fc44b5ea9f5522d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
548
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/ 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_interstitial_desktop&e=nai&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Tue, 30 May 2023 12:24:30 GMT
cf-cache-status
HIT
age
1540824
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cf6f454ebc12c2a-FRA
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
737 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1459908131487426&correlator=940144960619770&eid=31074695%2C31074825&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2Cb17090f6-08a6-4b68-a0ee-9e4e6b306a62&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=6&adks=4082428376&didk=3642258492&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D836aca35-ff33-458c-a37a-74033abb37e7%26chrand%3Dn%26pof%3D1%26bsc%3D79&eri=1&sc=1&cookie=ID%3D139f4a70377665d2%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MaHbutETAYznqT58qStesiQ_I-A-g&gpic=UID%3D00000c295c3cd01b%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MbVEh8wKmuW4bfbC2jxyhStgIBp7w&abxe=1&dt=1685449470232&lmt=1685449420&dlt=1685449469390&idt=531&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1954965806.1685449470&ga_sid=1685449470&ga_hid=914313790&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYuOD35IYxSABSAghkEhkKCnB1YmNpZC5vcmcYjeH35IYxSABSAghqEhcKCHJ0YmhvdXNlGLjg9-SGMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRi44PfkhjFIAFICCGQSGQoKdWlkYXBpLmNvbRi44PfkhjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGN7h9-SGMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1bc65fbbbf9681c2cb6284c6874a7dfe56bc9f227223a776f21ceca966e6c469
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
706
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/ 		0
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_728x90_sticky_display_bottom&pdc=0.27065563201904297&ucv=null&e=tcp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Tue, 30 May 2023 12:24:30 GMT
cf-cache-status
HIT
age
1540824
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cf6f4550c072c2a-FRA
sdb.css
live.demand.supply/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/css/sdb.css
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GTP882AJGXJCM3VNH3JF57QN
date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
2450436
etag
W/"14c5381be186641471a926a081d90c88-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
7cf6f4550fc11959-FRA
alt-svc
h3=":443"; ma=86400
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1459908131487426&correlator=1264556130365766&eid=31074695%2C31074825&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C2f5dd645-0d0d-422d-99d2-d7bef2ca8963&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=7&adks=3202367356&didk=4055989924&sfv=1-0-40&prev_scp=ti%3D836aca35-ff33-458c-a37a-74033abb37e7%26chrand%3Dn%26pof%3D1%26rfi%3D30%26stt%3Dbhs%26bsc%3D79&eri=1&sc=1&cookie=ID%3D139f4a70377665d2%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MaHbutETAYznqT58qStesiQ_I-A-g&gpic=UID%3D00000c295c3cd01b%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MbVEh8wKmuW4bfbC2jxyhStgIBp7w&abxe=1&dt=1685449470247&lmt=1685449420&dlt=1685449469390&idt=531&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1954965806.1685449470&ga_sid=1685449470&ga_hid=914313790&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYuOD35IYxSABSAghkEhkKCnB1YmNpZC5vcmcYjeH35IYxSABSAghqEu4BCghydGJob3VzZRLYAVkrUE9MVU9tSkdCNUVrZElyRW9KUlJLWDlyZTRHVTZ1NUhyckp1R0xHc1dpNGhDakZicHlCQ0xYajJCYmF2NlBFd2JKbkJtUmVub2Qyc1NGL2p1S2d6aFlObzZ4bHlwQ1d2STJ1cnZjeTdJR0pDUm95YmhZai9HV1lYNExrQnRPT09FaUw1WFNuWVk2bnplNXFWcW1GcEQ2UWNzZ1djSGRyRmtsR0Ruc3NvRUhmT1ZDVXczMmlCKzRMR0ZTT1BLT3RCN2phMy9MUkxYVW1NRG5KR2xtT3c9PRid4vfkhjFIABIdCg5lc3AuY3JpdGVvLmNvbRi44PfkhjFIAFICCGQSGQoKdWlkYXBpLmNvbRi44PfkhjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGN7h9-SGMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de15ae84e1cb9b0e9ef935dfb910395ac2e141cdbea3e927fe98f87c926b63db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11628
x-xss-protection
0
google-lineitem-id
6247069801
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138434208465
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 2C92
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=yalla-shoots.tv&sn=ChromeSyncframe&so=0&topUrl=yalla-shoots.tv&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=ZXk9JXwrenJDV0RkVnJKcUozenJtREdVOVBHTWprY0xFMmZsWkc2S3ZRZUkraDgvVE5ZS1JKZG5MV1I4VmhIazYzNmJCWkxjU0NJMEpDS1QwWGZ5LzgzSXNOSmhaZWdlTzVvLy9QUXdCS2t3b3Y5UU1FV0hUMTZ1K1JZT2...
428 B
657 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ZXk9JXwrenJDV0RkVnJKcUozenJtREdVOVBHTWprY0xFMmZsWkc2S3ZRZUkraDgvVE5ZS1JKZG5MV1I4VmhIazYzNmJCWkxjU0NJMEpDS1QwWGZ5LzgzSXNOSmhaZWdlTzVvLy9QUXdCS2t3b3Y5UU1FV0hUMTZ1K1JZT2lmenhJMEpPVnpyemlBYTRnY1lsT3BMTHg3akVHWmFqVEhDSUlPcnd4dVJNYW40ekZGRlhYemF2NlF4Sjl1bi9zQS8yQU00N0VENDZuc1VVcGpiakhwZiszV3lFUGtsVUpjbVNDcFlzcXh3QlhTM0JzY3MvQXBQQnBSZ2FSSkpCVmpSbE1qWkNCM1ZIZGxyQmJ0WVN0VGF0Qkpyd1I3bW1RRWQ1YUN2emZPcVpSa1l3Q3djTT18&cppv=2
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11082/0/roland-garros-vs-roland-garros/
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
717c8edc4966a38076d387c95b32caa0725ecd0d659479ec60be05d9b45d5c21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:29 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2654423
expires
0

Redirect headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:29 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=ZXk9JXwrenJDV0RkVnJKcUozenJtREdVOVBHTWprY0xFMmZsWkc2S3ZRZUkraDgvVE5ZS1JKZG5MV1I4VmhIazYzNmJCWkxjU0NJMEpDS1QwWGZ5LzgzSXNOSmhaZWdlTzVvLy9QUXdCS2t3b3Y5UU1FV0hUMTZ1K1JZT2lmenhJMEpPVnpyemlBYTRnY1lsT3BMTHg3akVHWmFqVEhDSUlPcnd4dVJNYW40ekZGRlhYemF2NlF4Sjl1bi9zQS8yQU00N0VENDZuc1VVcGpiakhwZiszV3lFUGtsVUpjbVNDcFlzcXh3QlhTM0JzY3MvQXBQQnBSZ2FSSkpCVmpSbE1qWkNCM1ZIZGxyQmJ0WVN0VGF0Qkpyd1I3bW1RRWQ1YUN2emZPcVpSa1l3Q3djTT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
373386
content-length
0
expires
0
e.js
live.demand.supply/e/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&e=nai&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Tue, 30 May 2023 12:24:30 GMT
cf-cache-status
HIT
age
1540824
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cf6f455dd382c2a-FRA
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		32 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1459908131487426&correlator=3600170871516145&eid=31074695%2C31074825&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C39a08c37-8599-49df-916b-1911d54fde51&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=8&adks=4294953168&didk=1418515198&sfv=1-0-40&prev_scp=ti%3D836aca35-ff33-458c-a37a-74033abb37e7%26chrand%3Dnbs%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26rfi%3D30%26bsc%3D79&eri=1&sc=1&cookie=ID%3D8e5ced81af17eb59%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MbM_4AMvHP-DGfPYocQ19-sGTrZfA&gpic=UID%3D00000c295bd045fe%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MZBouGrLEe3xkistr5f0GqvtWm5sw&abxe=1&dt=1685449470376&lmt=1685449420&dlt=1685449469390&idt=531&adxs=302&adys=220&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&frm=20&vis=1&psz=1052x116&msz=1052x116&fws=4&ohw=1100&ga_vid=1954965806.1685449470&ga_sid=1685449470&ga_hid=914313790&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYuOD35IYxSABSAghkEhkKCnB1YmNpZC5vcmcYjeH35IYxSABSAghqEu4BCghydGJob3VzZRLYAVkrUE9MVU9tSkdCNUVrZElyRW9KUlJLWDlyZTRHVTZ1NUhyckp1R0xHc1dpNGhDakZicHlCQ0xYajJCYmF2NlBFd2JKbkJtUmVub2Qyc1NGL2p1S2d6aFlObzZ4bHlwQ1d2STJ1cnZjeTdJR0pDUm95YmhZai9HV1lYNExrQnRPT09FaUw1WFNuWVk2bnplNXFWcW1GcEQ2UWNzZ1djSGRyRmtsR0Ruc3NvRUhmT1ZDVXczMmlCKzRMR0ZTT1BLT3RCN2phMy9MUkxYVW1NRG5KR2xtT3c9PRid4vfkhjFIABIdCg5lc3AuY3JpdGVvLmNvbRi44PfkhjFIAFICCGQSGQoKdWlkYXBpLmNvbRi44PfkhjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGN7h9-SGMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd954b5d4d222efb1781a8cb6850acbf36132d0a9977301f15b09d1242fa8b24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14127
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DD01 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 May 2023 12:24:30 GMT
expires
Wed, 29 May 2024 12:24:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=-1&r=yalla-shoots.tv_native_multi_native1&sy=7a34671b-714c-4f20-b02e-5e6da7a603de&ts=79&cd=2&pud=262&pus=c&pue=433&pid=126&pis=c&pie=559&ppd=257&pps=a&ppe=690&pcl=237&ttc=808&tti=1260&ttif=0&lca=690&lcak=ppe&lct=690&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=1024x600&mlbw=4g&mlcs=NaN&mltp=836aca35-ff33-458c-a37a-74033abb37e7&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Tue, 30 May 2023 12:24:30 GMT
cf-cache-status
HIT
age
1540824
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cf6f4568e242c2a-FRA
get
feed.avplayer.com/backend/ 		5 KB
924 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://feed.avplayer.com/backend/get?cmsType=playlist&id=631a2480b3d08269680f4be2&AV_TAGID=63e0c53d06b87484dc0f3a56&pid=63e0c30829bdc76cde070e85&cid=63e0c35e9283893b7f0c04f6&AV_TEMPID=62c2a28af9382161a05f9104&AV_PUBLISHERID=63e0c30829bdc76cde070e85
Requested by
Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=63e0c53d06b87484dc0f3a56&AV_PUBLISHERID=63e0c30829bdc76cde070e85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
c0883f3b1b0e7e616c54632fbdfbe938f3fecb3ce704695073acf41ef89b6030

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
gzip
x-hw
1685449470.dop154.fr8.t,1685449470.cds126.fr8.hn,1685449470.cds205.fr8.p
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
avcplayer.js
player.avplayer.com/script/2/v/ 		251 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/v/avcplayer.js
Requested by
Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=63e0c53d06b87484dc0f3a56&AV_PUBLISHERID=63e0c30829bdc76cde070e85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 17:18:44 GMT
etag
"1646327924"
x-hw
1685449470.dop241.fr8.t,1685449470.cds230.fr8.hn,1685449470.cds249.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
61326
track
servt.modoro360.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.modoro360.com/track?pid=63e0c30829bdc76cde070e85&cid=63e0c35e9283893b7f0c04f6&cb=1685449470484&r=yalla-shoots.tv&stagid=63e0c53d06b87484dc0f3a56&stplid=62c2a28af9382161a05f9104&d35=&d65=Test1&d66=7&d74=&e=playerLoaded&cpid=631a2480b3d08269680f4be2&str=viewable
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.186.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-186-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
hd.php
dalbouh.xyz/ Frame E134 		273 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dalbouh.xyz/hd.php?ch=hd2&lang=hd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.233.172 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0334441949b1749540cb71cdd3b29c6aab9f487b43b0fc7bd46d0afda2bac0d6

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7cf6f45699f52bdf-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 30 May 2023 12:24:30 GMT
last-modified
Tuesday, 30-May-2023 12:24:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VDtkzPys6ZC3EWM52V0uvWko9UkFW356WWDJ8TvUGKYm4hMHYHllh9i9o5DJ5WvnfemMLyReMMBz%2FkIuKTmiir6LvY8WT0oYwCQmdwmPkQUvmuYLeeTb0moGeAEig%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
e.js
live.demand.supply/e/ 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&e=nai&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Tue, 30 May 2023 12:24:30 GMT
cf-cache-status
HIT
age
1540824
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cf6f4569e352c2a-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		32 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1459908131487426&correlator=3727492412054735&eid=31074695%2C31074825&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C39a08c37-8599-49df-916b-1911d54fde51&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=9&adks=3798359599&didk=1418515199&sfv=1-0-40&prev_scp=ti%3D836aca35-ff33-458c-a37a-74033abb37e7%26chrand%3Dnbs%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26rfi%3D30%26bsc%3D79&eri=1&sc=1&cookie=ID%3Ddd9a4ca3654259a3%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MaAFlyWl7lcUgSRmYBAg7ZNq9pmGQ&gpic=UID%3D00000c295cb95d6d%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MYTQRr-zJyzMg5IG_KeIcE7vbQfaw&abxe=1&dt=1685449470493&lmt=1685449420&dlt=1685449469390&idt=531&adxs=314&adys=2604&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&frm=20&vis=1&psz=1076x116&msz=1076x116&fws=4&ohw=1100&ga_vid=1954965806.1685449470&ga_sid=1685449470&ga_hid=914313790&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYuOD35IYxSABSAghkEhkKCnB1YmNpZC5vcmcYjeH35IYxSABSAghqEu4BCghydGJob3VzZRLYAVkrUE9MVU9tSkdCNUVrZElyRW9KUlJLWDlyZTRHVTZ1NUhyckp1R0xHc1dpNGhDakZicHlCQ0xYajJCYmF2NlBFd2JKbkJtUmVub2Qyc1NGL2p1S2d6aFlObzZ4bHlwQ1d2STJ1cnZjeTdJR0pDUm95YmhZai9HV1lYNExrQnRPT09FaUw1WFNuWVk2bnplNXFWcW1GcEQ2UWNzZ1djSGRyRmtsR0Ruc3NvRUhmT1ZDVXczMmlCKzRMR0ZTT1BLT3RCN2phMy9MUkxYVW1NRG5KR2xtT3c9PRid4vfkhjFIABIdCg5lc3AuY3JpdGVvLmNvbRi44PfkhjFIAFICCGQSGQoKdWlkYXBpLmNvbRi44PfkhjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGN7h9-SGMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2117dcbb0fe87d3653b726dd3cfc6082c9d43b8c08d534f847ce7d56f6a0db42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13988
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_interstitial_desktop&e=nai&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Tue, 30 May 2023 12:24:30 GMT
cf-cache-status
HIT
age
1540824
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cf6f456ae482c2a-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
732 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1459908131487426&correlator=1438715085558779&eid=31074695%2C31074825&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fif&iu_parts=44890869%3A22849268940%2Cca-pub-3831894559014614-tag%2C0d2503d0-0ba5-488d-b5c8-a33cd4dbb165&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=10&adks=382925298&didk=2510433324&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D836aca35-ff33-458c-a37a-74033abb37e7%26chrand%3Dn%26pof%3D1%26bsc%3D79&eri=1&sc=1&cookie=ID%3Ddd9a4ca3654259a3%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MaAFlyWl7lcUgSRmYBAg7ZNq9pmGQ&gpic=UID%3D00000c295cb95d6d%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MYTQRr-zJyzMg5IG_KeIcE7vbQfaw&abxe=1&dt=1685449470500&lmt=1685449420&dlt=1685449469390&idt=531&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1954965806.1685449470&ga_sid=1685449470&ga_hid=914313790&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYuOD35IYxSABSAghkEhkKCnB1YmNpZC5vcmcYjeH35IYxSABSAghqEu4BCghydGJob3VzZRLYAVkrUE9MVU9tSkdCNUVrZElyRW9KUlJLWDlyZTRHVTZ1NUhyckp1R0xHc1dpNGhDakZicHlCQ0xYajJCYmF2NlBFd2JKbkJtUmVub2Qyc1NGL2p1S2d6aFlObzZ4bHlwQ1d2STJ1cnZjeTdJR0pDUm95YmhZai9HV1lYNExrQnRPT09FaUw1WFNuWVk2bnplNXFWcW1GcEQ2UWNzZ1djSGRyRmtsR0Ruc3NvRUhmT1ZDVXczMmlCKzRMR0ZTT1BLT3RCN2phMy9MUkxYVW1NRG5KR2xtT3c9PRid4vfkhjFIABIdCg5lc3AuY3JpdGVvLmNvbRi44PfkhjFIAFICCGQSGQoKdWlkYXBpLmNvbRi44PfkhjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGN7h9-SGMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
286f1a5764a71a9ce32e9bdf6c43866b85d375632e506139c9442ed989a09b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
703
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1F17 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 May 2023 12:24:30 GMT
expires
Wed, 29 May 2024 12:24:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		182 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		834 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
e.js
live.demand.supply/e/ 		0
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=-1&r=yalla-shoots.tv_auto_728x90_sticky_display_bottom&sy=7a34671b-714c-4f20-b02e-5e6da7a603de&ts=79&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=836aca35-ff33-458c-a37a-74033abb37e7&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Tue, 30 May 2023 12:24:30 GMT
cf-cache-status
HIT
age
1540824
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cf6f456be6e2c2a-FRA
e.js
live.demand.supply/x/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=fs&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYCRJ7Z7YMGJ3EFJYC5AKSDX
date
Tue, 30 May 2023 12:24:30 GMT
cf-cache-status
HIT
age
1538523
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cf6f456ce812c2a-FRA
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305250101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77d38085ab22f6339cc27177313aca1f72f76c1e285749b3e895de70b9eaffca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11304
x-xss-protection
0
A-letterbigger_Savir.png
jscdn.greeter.me/ 		945 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jscdn.greeter.me/A-letterbigger_Savir.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11082/0/roland-garros-vs-roland-garros/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Sun, 10 Jul 2022 13:45:06 GMT
x-amz-request-id
tx0000000000000a64aba73-006475dfb2-97671145-fra1b
etag
"f07519ec5fbc46385f386b577e6e2a1d"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1685449470.dop242.fr8.t,1685449470.cds153.fr8.hn,1685449470.cds205.fr8.c
content-type
image/png
cache-control
max-age=708
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
945
ef33bde3b6f53b5d50fc677805f1b9fa.js
www.gstatic.com/mysidia/ Frame DD01 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ef33bde3b6f53b5d50fc677805f1b9fa.js?tag=client_fast_engine_2019
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:41:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
575000
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3674
x-xss-protection
0
last-modified
Mon, 22 May 2023 16:52:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 21 Aug 2023 20:41:10 GMT
0cbec9e763571b586f17fffdb0e7c8db.js
www.gstatic.com/mysidia/ Frame DD01 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0cbec9e763571b586f17fffdb0e7c8db.js?tag=core/multiplex_design_v1
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e0b94cf96888a314b63218c371f8dbc49113b17436bdc392ec1f5c2a1f52290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 20:32:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4604
x-xss-protection
0
last-modified
Sat, 27 May 2023 00:00:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 27 Aug 2023 20:32:41 GMT
css
fonts.googleapis.com/ Frame DD01 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 May 2023 11:19:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 May 2023 12:24:30 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame DD01 		2 KB
945 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 14:16:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
79701
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 14:16:09 GMT
eeb2a7adf8655d5932316867a9074b54.js
www.gstatic.com/mysidia/ Frame DD01 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/eeb2a7adf8655d5932316867a9074b54.js?tag=exit_2019
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
677479b38b953fb5bf0de894444a188b45d659281d720350ec653013234c6720
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 21:47:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
571027
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9071
x-xss-protection
0
last-modified
Mon, 22 May 2023 15:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 21 Aug 2023 21:47:23 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/ Frame DD01 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/abg_lite_fy2021.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 14:16:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
79701
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8798
x-xss-protection
0
server
cafe
etag
11317101923912129037
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 14:16:09 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame DD01 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 14:13:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
79864
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 14:13:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame DD01 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 14:09:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
80109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7987
x-xss-protection
0
server
cafe
etag
5788035530912182302
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 14:09:21 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DD01 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 08:18:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
14762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 May 2024 08:18:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DD01 		171 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54244
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684927996807358"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 May 2023 12:24:30 GMT
hb_739813_17175.js
player.aplhb.adipolo.com/prebidlink/468180/ 		290 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.tvhead.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
f8aa9a880d6e487e7842722fbaee7c4c914803cef2baf4f92b76167b48df3bad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2022 12:00:43 GMT
server
nginx
etag
W/"63a0526b-48644"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Tue, 30 May 2023 13:24:30 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.tvhead.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
913c2512b4fc9e93b54dcf6beb2ec187b1abf60a98d8b9a2fd222b13637c7276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25152
x-xss-protection
0
server
cafe
etag
719 / 19507 / m202305250101 / config-hash: 6717680343649307308
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 30 May 2023 12:24:30 GMT
wrapper_hb_739813_17175.js
player.aplhb.adipolo.com/prebidlink/468180/ 		2 KB
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aplhb.adipolo.com/prebidlink/468180/wrapper_hb_739813_17175.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.tvhead.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
cba78783503f962e24d09c78f38add0360021817317c6972d14e37e250b52e3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2022 12:13:01 GMT
server
nginx
etag
W/"63a0554d-685"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Tue, 30 May 2023 13:24:30 GMT
gpt.js
www.googletagservices.com/tag/js/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoots.tvhead.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1a4f29f1536bd32a00691b8b339275d7232547c427e5edba7f5db709affa720
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25150
x-xss-protection
0
server
cafe
etag
458 / 19507 / m202305250101 / config-hash: 6717680343649307308
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 30 May 2023 12:24:30 GMT
adipolo_logo.png
adipolo.com/wp-content/uploads/2020/06/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
cf-cache-status
HIT
last-modified
Tue, 02 Jun 2020 09:04:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2792084
etag
"5ed61610-1b9c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1j8GF%2FmLUTBbr1%2FDn2R7w8NEzxBRBGVxEDxsiJdh5NaqeaUnwrwsvqZRxlkQSnbf653q5695h1wgVrV%2BcDRz%2FlMUUj7rnDs7mgvGK95qtFgXDGh%2F5n5Og2drounReHOs6hH0zr0LmueoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7cf6f4574c3d924a-FRA
alt-svc
h3=":443"; ma=86400
content-length
7068
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-230085360-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 30 May 2023 10:35:34 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
6536
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Tue, 30 May 2023 12:35:34 GMT
hd2.php
v3.sportsonline.sx/channels/hd/ Frame FDF1 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://v3.sportsonline.sx/channels/hd/hd2.php
Requested by
Host: dalbouh.xyz
URL: https://dalbouh.xyz/hd.php?ch=hd2&lang=hd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
230db669b1d4ba704bb51facd5614acae4744853cc90e26f7051b2ef3ad2011d

Request headers

Referer
https://dalbouh.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7cf6f457685d3802-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 30 May 2023 12:24:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2M6dh4LY31kDh%2BVRht%2BmzJRBiITObEcetB2De5PX8UyGf%2FQ4BOV50OTr9zm3MvDKfjNTzeiQlIdWd7dR4%2BMG92hUdS6heytD7iwGuOOBtvBbRpNogfD74EY524%2BMFu4Zh1wNvJuhjE38F%2F6oj7%2F6j4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.2.34
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1F17 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 08:18:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
14762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 May 2024 08:18:28 GMT
css
fonts.googleapis.com/ Frame 1F17 		2 KB
534 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cardo:400,700&lang=de
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
82fc44d47488df64278445c8fd1f9bbf3b97c98d19d9d4ae4976c7c28840f1d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 May 2023 12:24:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 May 2023 12:24:30 GMT
4374473173132342163
tpc.googlesyndication.com/simgad/ Frame 1F17 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4374473173132342163?
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ffdc3ac4306a19c995a12935fcbebddba0d65dce9680443e84fb04541cf43f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 21:02:32 GMT
x-content-type-options
nosniff
age
314518
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48986
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 23:06:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 25 May 2024 21:02:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1F17 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54244
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684927996807358"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 May 2023 12:24:30 GMT
A-letterbigger_Savir.png
jscdn.greeter.me/ 		945 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jscdn.greeter.me/A-letterbigger_Savir.png
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11082/0/roland-garros-vs-roland-garros/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Sun, 10 Jul 2022 13:45:06 GMT
x-amz-request-id
tx0000000000000a64aba73-006475dfb2-97671145-fra1b
etag
"f07519ec5fbc46385f386b577e6e2a1d"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1685449470.dop242.fr8.t,1685449470.cds153.fr8.hn,1685449470.cds205.fr8.c
content-type
image/png
cache-control
max-age=708
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
945
img
imageproxy.eu.criteo.net/img/ Frame DD01 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=87930&q=80&r=0&u=https%3A%2F%2Fwww.11teamsports.com%2Fde-de%2FData%2FImages%2FBig%2Fadidas-predator-com-torwarthandschuhe-schwarz-hn3342-equipment_front.jpg&ups=1&v=3&w=800&s=Hyge4nSdlS1NeRVz139U0-8A
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
df9f105132f597d241f2c8865eb746f0353bb880f19f67f1fcd36b03d8ee1a74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
36704
expires
Tue, 30 Apr 2024 06:56:43 GMT
img
imageproxy.eu.criteo.net/img/ Frame DD01 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=87930&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F87930%2F221205%2Fa598dd089dcf4240a7a55c9071884fdb_download.png&v=3&w=1200&s=2plJGtBcH1U3COQ8QyNxrMnO
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2fc194c6bf65df7e6f2bceb5eccf395b368e6cc7a803429ad8086240c5c69fc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
11220
expires
Tue, 30 Apr 2024 07:42:51 GMT
truncated
/ Frame DD01 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38354e6a0119fe113356e1506a115ca148a6b9ea22cf88136baa9167d6fde794

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
lgn.php
cat.fr3.eu.criteo.com/delivery/ Frame DD01 		43 B
348 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cat.fr3.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=Yoh3lw5Zh4dRN84VKjJSmokVn82gPjo6pCjQN8YBZvIr9HD5fiGmMpiXOz-hskKetuf9qr-Pdlu5VTnEVqrAcadf0LB1d_v0_quNnuyxEXr5P6pOd0vdd2igjVi0Th8CsAWblLs0NCcL9gwJLdlNUHJUPprBBec4_RvOOvNuAjDK2tAj5_xaZ5k_8An7koarHRgYRiFUdQEPSUIgKdP8EKjqBP2yllaNos_MLbqESgpafLK_GrpbOlcrPXsrn4CdhRvj-LBYQ8j3WIhOuPrCTTovK2V6-KEK-2Ftood_DkI-GesRPcnF6X6SsjERVHeSZpv91nfjVgrpAcHHJISiLBVsmKn2g11ZI0om0GubxUDnOVDwy-e90Edv6Zn1AQJvawxAVJeG57qmSNmzSHpj18l1wu8b3vHLyS0oSSa13ptCV0NXGupTREcITNdm3HimjJpmDmd_CDSXwZILudu4ar-32mc&z=ZHXq_gABaN0Iu8eYAANt_S_yCp7YYYZU6MqPgQ
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:30 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3210958
expires
Mon, 26 Jul 1997 05:00:00 GMT
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame DD01 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kvL6FfHZWwAAnYNiAgIAAABBMwNpbeGlfgcGddEQ_ep1ZEVezCAy0LnG_wEAABIDAQoKQVFVQkR3RUJEdw&wp=ZHXq_gABaN0Iu8eYAANt_S_yCp7YYYZU6MqPgQ
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:29 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
178686
server
Kestrel
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame DD01 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CC08e_up1ZN3RBZiP7_UP_duN8ATJntKxXNWdkfdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjUz9aPP8LE-4AIAqAMBqgS6Ak_QUsSUVLfRoaVapijzE-HbYSVu6u-cBBJFLAd5yR7WMO3ydtYTtHEvU9KELBf42rMCnsTzpa69Bwv_F1Vmp-MFm-TcvOzy_3CGoGNE6GTzjE5OBFlV0eRLATb4I3nhQQ8XMfLPwNVy4AtuAmYJncagOwt83nTBobWJQ7l_FyPfJ2D2_9JyVb90IFuoEp4zgvWWWJ8kYhFunwQRkulvoikMXqtrUeFxTRnLhsYR0v_XpmPbBRXYJ2LxzMYfaQmJSNu_DSNad37wtvDRmfQsGRuJZiHfW8VyxJH-09MMia4McpWCOpl8GQVpnVBBc4wIAx0bKh-gDxKWXuh3tvUcFYO3zXb3nLN9A-WBauCgLiZteDC7nceowz1Jxs9DyTxbbZHACW3HqvwaAil71yXNm4aX9y-QPTZDeiLJ4AQBgAa7go6El866yLoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=ARxbtWXabQ4&uach_m=[UACH]&cid=CAQSTABygQiDbdkd-eTftkRMcIClUtK59fCaDH4M1CFzCdYgvKyfkeq99F-thhCdEFqKK0EZMkX0mhS1ONFPx1jSrKE2eXMf9sDzb3CMx_AYAQ&vt=10
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame DD01 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CzVZo_up1ZN3RBZiP7_UP_duN8ATJntKxXNWdkfdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjUz9aPP8LE-4AIAqAMByAMCqgS6Ak_QUsSUVLfRoaVapijzE-HbYSVu6u-cBBJFLAd5yR7WMO3ydtYTtHEvU9KELBf42rMCnsTzpa69Bwv_F1Vmp-MFm-TcvOzy_3CGoGNE6GTzjE5OBFlV0eRLATb4I3nhQQ8XMfLPwNVy4AtuAmYJncagOwt83nTBobWJQ7l_FyPfJ2D2_9JyVb90IFuoEp4zgvWWWJ8kYhFunwQRkulvoikMXqtrUeFxTRnLhsYR0v_XpmPbBRXYJ2LxzMYfaQmJSNu_DSNad37wtvDRmfQsGRuJZiHfW8VyxJH-09MMia4McpWCOpl8GQVpnVBBc4wIAx0bKh-gDxKWXuh3tvUcFYO3zXb3nLN9A-WBauCgLiZteDC7nceowz1Jxs9DyTxbbZHACW3HqvwaAil71yXNm4aX9y-QPTZDeiLJ4AQBgAa7go6El866yLoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=URnprKjvRU8&uach_m=[UACH]&cid=CAQSTABygQiDbdkd-eTftkRMcIClUtK59fCaDH4M1CFzCdYgvKyfkeq99F-thhCdEFqKK0EZMkX0mhS1ONFPx1jSrKE2eXMf9sDzb3CMx_AYAQ
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
container.html
a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 104E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 May 2023 12:24:30 GMT
expires
Wed, 29 May 2024 12:24:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&pn=-1&sn=3&pc=0.09446706175804138&ds=true&e=wdp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Tue, 30 May 2023 12:24:30 GMT
cf-cache-status
HIT
age
1540824
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cf6f4578f872c2a-FRA
e.js
live.demand.supply/e/ 		0
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=yalla-shoots.tv_fluid_lb%2Bsq&sy=7a34671b-714c-4f20-b02e-5e6da7a603de&ts=79&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=836aca35-ff33-458c-a37a-74033abb37e7&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Tue, 30 May 2023 12:24:30 GMT
cf-cache-status
HIT
age
1540824
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cf6f4578f8d2c2a-FRA
container.html
a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2CD3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 May 2023 12:24:30 GMT
expires
Wed, 29 May 2024 12:24:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=-1&r=yalla-shoots.tv_fluid_sky%2Bsq&sy=7a34671b-714c-4f20-b02e-5e6da7a603de&ts=79&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=1024x600&mlbw=4g&mlcs=NaN&mltp=836aca35-ff33-458c-a37a-74033abb37e7&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Tue, 30 May 2023 12:24:30 GMT
cf-cache-status
HIT
age
1540824
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cf6f457afa42c2a-FRA
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 30 May 2023 12:24:30 GMT
truncated
/ Frame DD01 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c568f7495971a8e6b5347c63161fde1936923d9201e86b048342a4e4ef0d03d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
collect
www.google-analytics.com/j/ 		1 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=914313790&t=pageview&_s=1&dl=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&ul=en-us&de=UTF-8&dt=%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9%20%D8%B1%D9%88%D9%84%D8%A7%D9%86%20%D8%BA%D8%A7%D8%B1%D9%88%D8%B3%20%D9%88%20%D8%B1%D9%88%D9%84%D8%A7%D9%86%20%D8%BA%D8%A7%D8%B1%D9%88%D8%B3%20-%20%D8%B1%D9%88%D9%84%D8%A7%D9%86%20%D8%BA%D8%A7%D8%B1%D9%88%D8%B3%20-%202023-05-30&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=504106413&gjid=325811646&cid=1954965806.1685449470&tid=UA-230085360-1&_gid=1537707820.1685449471&_r=1&gtm=457e35o0&jsscut=1&z=795029198
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1F17 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuHdBFUGG_ZcXRsBXTulZpoB19j4jICFPnaXCnCEPBLJ8Dz63kqVp-Bxpc5kAHhEAxccqPIbG_mQkkxre4YU7NUlTgvZbVt8DCGdYLVbbS1MCxaU-J85DHIv43C0HyziOA8bYYcUXCqryynqBBraG59IqUnrQXwCSYQqxiDLF3cbTA32MiefsxWTl3Y10YplGt41mrWUipbVBb7yIcLVAzBAw3f3W9bOA7UFtHVeRf29asf_NUyZ_EBsBxfOzWIZX3NWQVqnxBSxJ4gbLhX0NWzkgnPPrW8pKj29YnumvnVMyVSN918Sys6r65ws_v1InvAj5XA-xQ5CPWHE6zcjF5UJuFpVGJ2IDo7L9luB8o7tFkzGJNxjD_XFUmFqMKLKnyVWdSFD90_&sai=AMfl-YRCSCrkrzW2zmaj22cDcfhA4yIROwwXJ3NrQik_H127EYBUICkrqnsk9gvfGf7CPMuqp1aN_NRrZWEl5W61XW6R7lYjJkHc9V7T0o-pBUd5DWkW99-xuon8xCevQA&sig=Cg0ArKJSzIZJdVD9Rde7EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
wlpygwjKBV1pqhND-ZQW-WM.woff2
fonts.gstatic.com/s/cardo/v19/ Frame 1F17 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cardo/v19/wlpygwjKBV1pqhND-ZQW-WM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cardo:400,700&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f94a0b25ed421e6643ca8ae21ccd63cf5630e8db8a3b64f63a669936d068c427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 17:27:27 GMT
x-content-type-options
nosniff
age
241023
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18852
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 17:09:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 May 2024 17:27:27 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 104E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C8k7g_up1ZLahHICe7_UPmeWFqATJntKxXL2Ol_dwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAikNNiGa7rE-4AIAqAMBqgTJAk_QbFIoACkWXwoQi_EgsaTSYakrfatBaAGeCkzqN4DqY1FEfflWgSPj7p8U0VBFQb2PpvgPRaL45OLgaikr8aIgkBw0PrtYnLc6l2gXvNjhbo2JyhGAJzLaEawXthT0i-WIry62hZlbM-PHrRlITBM2tty6H5GSNLTrTo0QCVpOUlJt8f3784T0BVCrX8yrFnLergmf6e3dOHeLPUHCRjMT7yHZvg8J_DMWPK9-8oC-tq6KHTmUOJ-ekJzDv6RKpRFPiHXMPfipgD-p96UeaUmi0eMTMTQmtAHee1qYyPwgj7XrdR5-zRAfrrzo2OEnOtL7iQGprSdyVK6MuAijJA39tNUlvmNNvLgdp5AbkQkURKkRvl9mS7pDM96D0Umw13RZKAKxEy_7hbuPKcFcWTYuPDxTDN5KtIiX99qzImqIjHoB9iBGSDaY4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=-7E67P9kInw&uach_m=[UACH]&cid=CAQSPABygQiD2LEy2jNBlcKEwsQl7bffm5SMim86zFjNoJ14uc13MIHzei31YaXIinym6SVWmhWQXblWpl_K3xgB
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11082/0/roland-garros-vs-roland-garros/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 104E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kPL6FezZW4AImAKdg2ICAgAAAEEzA2lt4aV-EP7qdWSBSOkqxb2L65TBAAASAAAKCkFRVUFEd0VBRHc&wp=ZHXq_gAHELYIu88AAAFymVTmwbj6tazh-dZDPQ
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11082/0/roland-garros-vs-roland-garros/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
160449
server
Kestrel
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 3088 		153 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAHELYIu88AAAFymVTmwbj6tazh-dZDPQ&u=%7CxiZKFHmULl9pB%2FWx1kArvOe2Y5WZUfsucSh1KvVgN5w%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4SSIM1uLI95CKOarvqzGH4ByNrjFbjJLTqeCHq7eE7vL1AhROuEo3n8E6T4WvGed6geOnFam5vK2_fUu-I6siexkyj9SwCOhrfLioHDIq1uFL6Nv93CTof204CO9TvPzTZtv65199HYbHA7jZSY91KEUtCg1__roeW2YYWkxru29IoG7dRsTryfVSs7DQrn5JdACy15MFIFucdwoAfPeNCa8u1f2obdxZamwnVi_sNuKWYUO7GtD2Jgp1f40yrw4VBDinohqVOPY5ZGRcwe9WOLcBpSm-LpYyNQbufFKGdidvgIYLpa3g6K-LHMeGdV5R-8fPsaTID34WUYJMar_ZxetYekUuHXlnWJ7ecu2hT3ZFkkX4Nmw_V3DQxopSZQVuyDes7idkvd29APZH9clhmPxYTkjPPvGEGz3ehDo7zda-Ly4_NmirKmwi8XFbfcfMMaJXrraqaueChkUw41yZzq52F8McfgBGQi7dmUy9gbF8MoeAnM8-H2NpHUTiems0XonxVIayxeAQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaau7_up1ZLahHICe7_UPmeWFqATJntKxXL2Ol_dwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAikNNiGa7rE-4AIAqAMBqgTMAk_QbFIoACkWXwoQi_EgsaTSYakrfatBaAGeCkzqN4DqY1FEfflWgSPj7p8U0VBFQb2PpvgPRaL45OLgaikr8aIgkBw0PrtYnLc6l2gXvNjhbo2JyhGAJzLaEawXthT0i-WIry62hZlbM-PHrRlITBM2tty6H5GSNLTrTo0QCVpOUlJt8f3784T0BVCrX8yrFnLergmf6e3dOHeLPUHCRjMT7yHZvg8J_DMWPK9-8oC-tq6KHTmUOJ-ekJzDv6RKpRFPiHXMPfipgD-p96UeaUmi0eMTMTQmtAHee1qYyPwgj7XrdR5-zRAfrrzo2OEnOtL7iQGprSdyVK6MuAijJA39tNUlvmNNvLgdp5AbkQkURKkRvl9mS7pDM96D0Umw13RZKECzMr18Ciecll1I-uYTmsRaGNT8vqaPdW57H8x6M2Qt7qXszCUncMDy4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lJJFnFrDC-DBm9XaUVa-2Ngrb8w%26client%3Dca-pub-3831894559014614%26adurl%3D
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f48ddff7ac8a05910892b86dea9a1926e44ae04026acb4f5042b198a36d5042a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 30 May 2023 12:24:30 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=DLJSh5QXNarbvS9ywdvMbIpayi99NFAMRsCBewlEoyEmJwpJtdneR4fg-OI7uHnuz5i7AAxnn5VW6DXYd_g7LVOJfNP91LSJ9sC-fgAdnfv_TZJv23kZeG3o0aKfJPuJkrmxF_glovkRijTwqTIkS9Da3L8wEQkIVEmQ1P6ZB_9wpxvBA2AIQ4gHPOHFEQKT33k2xVLMfmHGalp1ITh3Xm6AuFiycQifbfvcERnr9tHfljDEDSGqJvhQQKNuVNTsNWBAaQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
72471196
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 104E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 14:13:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
79864
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 14:13:26 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2EEA 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
6654
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 May 2023 10:33:36 GMT
etag
48472445140208031
expires
Wed, 31 May 2023 10:33:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 104E 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 14:09:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
80109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7987
x-xss-protection
0
server
cafe
etag
5788035530912182302
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 14:09:21 GMT
l
www.google.com/ads/measurement/ Frame 104E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTUznX5l8kBnKNf_bvjPPPtEmfW3_OOFPSu89FOjxHfr2wQO9hBmBtz2eyCVVhcaqvnKqbQfoRkmWu4xCXITlarocAX7A
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 104E 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 08:18:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
14762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 May 2024 08:18:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 104E 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54244
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684927996807358"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 May 2023 12:24:30 GMT
ef33bde3b6f53b5d50fc677805f1b9fa.js
www.gstatic.com/mysidia/ Frame 2CD3 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ef33bde3b6f53b5d50fc677805f1b9fa.js?tag=client_fast_engine_2019
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:41:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
575000
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3674
x-xss-protection
0
last-modified
Mon, 22 May 2023 16:52:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 21 Aug 2023 20:41:10 GMT
fc5ca179bcc5c13a10383053c3380af3.js
www.gstatic.com/mysidia/ Frame 2CD3 		148 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fc5ca179bcc5c13a10383053c3380af3.js?tag=gpa/dynamic_fig_web_banner_v2
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a79f239a978530eec45abf72e8f4e6a20776f8ff1f3305bebbac1c26a249e8db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 01:37:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
557232
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55745
x-xss-protection
0
last-modified
Mon, 22 May 2023 15:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 22 Aug 2023 01:37:18 GMT
css
fonts.googleapis.com/ Frame 2CD3 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 May 2023 11:23:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 May 2023 12:24:30 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 2CD3 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 14:16:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
79701
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 14:16:09 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/ Frame 2CD3 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/abg_lite_fy2021.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 14:16:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
79701
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8798
x-xss-protection
0
server
cafe
etag
11317101923912129037
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 14:16:09 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 2CD3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 14:13:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
79864
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 14:13:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 2CD3 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 14:09:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
80109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7987
x-xss-protection
0
server
cafe
etag
5788035530912182302
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 14:09:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2CD3 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54244
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684927996807358"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 May 2023 12:24:30 GMT
32da0f4bcd46006ef465cafdfe68b840.js
www.gstatic.com/mysidia/ Frame 2CD3 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
575631
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13640
x-xss-protection
0
last-modified
Wed, 17 May 2023 01:31:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 21 Aug 2023 20:30:39 GMT
e.js
live.demand.supply/e/ 		0
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_interstitial_desktop&e=nai&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Tue, 30 May 2023 12:24:30 GMT
cf-cache-status
HIT
age
1540824
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cf6f458a9762c2a-FRA
container.html
a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3AC0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 May 2023 12:24:30 GMT
expires
Wed, 29 May 2024 12:24:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_fluid_lb%2Bsq&pn=-1&sn=3&pc=0.09446706175804138&ds=true&e=wdp&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Tue, 30 May 2023 12:24:30 GMT
cf-cache-status
HIT
age
1540824
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cf6f458a9772c2a-FRA
e.js
live.demand.supply/e/ 		0
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=yalla-shoots.tv_fluid_lb%2Bsq&sy=7a34671b-714c-4f20-b02e-5e6da7a603de&ts=79&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=yalla-shoots.tv&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=836aca35-ff33-458c-a37a-74033abb37e7&e=lm&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Tue, 30 May 2023 12:24:30 GMT
cf-cache-status
HIT
age
1540824
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cf6f458a9782c2a-FRA
view
securepubads.g.doubleclick.net/pcs/ Frame 1F17 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoh9lmdyi3_4y9EwQ0RfC7HNy1WV89lODCsuqSKvOi-WB_hhTLn5fw1AsL6cBois-TlO4psQjzelsYxczHnS3Nh1aQhFneP3GOJ46H_hm5Lxs7_Sa-s5BOosLM37qVIQ0ipm-NY5wH4SogLUZCte6kGD-XhhQccD_OsVqLDLsTpcn38fwktVOufuzDBzAo3GAqsmqYD8a_mRDiFT_Yo6_7oO7EfdD8MT7hbGKyu0ph9fdrPXX7WO1miop-fbzqFHZRUBpBDYt8_0qE8_3WCTK6SNVEuz7HTRBZyb9NM-X8Y6D6kkuMu2guyMm9bCKpeZDn1L0Zyhtk5U9vRRt0CXhrw1cl14oUPZ0Z5-MvsKawWDScQ3TH_BK5-FiP9pRZJU7WJFNh6ONFNI0&sai=AMfl-YQhi4FCgiCQD0eCrm1uqD6Tbjx4qzn-wHhVWYlHUQYje3c2RA_vkOKL4HHKakU9QX9JiNhlN6Ciw44BUYhCxz9FdeALek9XITB39Ny6wbbC1f6-Am9OfyVpqjbKhw&sig=Cg0ArKJSzKENgNdYQL5-EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 30 May 2023 12:24:30 GMT
hbw_master_739813_17175.js
player.aplhb.adipolo.com/prebidlink/19507/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aplhb.adipolo.com/prebidlink/19507/hbw_master_739813_17175.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/wrapper_hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
a31e81b5ee962da98d89c99da3f964c57755440e8b8e0c950b6cf63f4f29b7fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
gzip
last-modified
Mon, 19 Dec 2022 12:13:01 GMT
server
nginx
etag
W/"63a0554d-152fa"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Tue, 30 May 2023 13:24:30 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DD01 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 18:58:23 GMT
x-content-type-options
nosniff
age
235567
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 May 2024 18:58:23 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A845 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3164
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 May 2023 11:31:46 GMT
expires
Wed, 29 May 2024 11:31:46 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0C69 		783 B
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
05f11e54d9bfbe14db49a28c5cf70dceb5ed516392e2a1f130edb6c4655d88d4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nHHc3lLq2ZnOGXH19cqZqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-nHHc3lLq2ZnOGXH19cqZqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 30 May 2023 12:24:30 GMT
expires
Tue, 30 May 2023 12:24:30 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/ Frame 1F17 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e32200aac5ef452666f4340ca2a457ed95d3e534bbd9e1ac84fe97a7172d4219

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
config.json
player.adtelligent.com/exchange_rates/313490/ 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
45eac8baca5730b7c137680022ef7a751eb13c730c66e764e4b391e160e08cb0

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

expires
Thu, 01 Jun 2023 12:24:30 GMT
date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
gzip
last-modified
Mon, 29 May 2023 12:02:20 GMT
server
nginx
etag
W/"6474944c-2ad1"
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=172800
x-proxy-cache
HIT
e.js
live.demand.supply/x/ 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=nsi&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYCRJ7Z7YMGJ3EFJYC5AKSDX
date
Tue, 30 May 2023 12:24:30 GMT
cf-cache-status
HIT
age
1538523
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cf6f458c9aa2c2a-FRA
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		378 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1459908131487426&correlator=1726499078778644&eid=31074695%2C31074825&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Cnativefeedapl&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=11&adks=1483024627&didk=3551856684&sfv=1-0-40&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3Da21db3fede674b59%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MbiJublblMJ28VmXwv_XsSJrah7zQ&gpic=UID%3D00000c295cbb895a%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MZBxudIro3CPAskob6wXAlh5DDrjA&abxe=1&dt=1685449470853&lmt=1685449420&dlt=1685449469390&idt=531&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1954965806.1685449470&ga_sid=1685449470&ga_hid=914313790&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuOD35IYxSABSAghkEhkKCnB1YmNpZC5vcmcYjeH35IYxSABSAghqEu4BCghydGJob3VzZRLYAVkrUE9MVU9tSkdCNUVrZElyRW9KUlJLWDlyZTRHVTZ1NUhyckp1R0xHc1dpNGhDakZicHlCQ0xYajJCYmF2NlBFd2JKbkJtUmVub2Qyc1NGL2p1S2d6aFlObzZ4bHlwQ1d2STJ1cnZjeTdJR0pDUm95YmhZai9HV1lYNExrQnRPT09FaUw1WFNuWVk2bnplNXFWcW1GcEQ2UWNzZ1djSGRyRmtsR0Ruc3NvRUhmT1ZDVXczMmlCKzRMR0ZTT1BLT3RCN2phMy9MUkxYVW1NRG5KR2xtT3c9PRid4vfkhjFIABIdCg5lc3AuY3JpdGVvLmNvbRi44PfkhjFIAFICCGQSGQoKdWlkYXBpLmNvbRi44PfkhjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGN7h9-SGMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c61b268fb472e3e182ba3a561cd23c56b84f25f0202aaefc3e5b1f1191df2cc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		111 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1459908131487426&correlator=2793421625362776&eid=31074695%2C31074825&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Canchor%2Canchortop&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=12&adks=1163496608&didk=3847343502&sfv=1-0-40&ists=1&fas=2&eri=1&sc=1&cookie=ID%3Da21db3fede674b59%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MbiJublblMJ28VmXwv_XsSJrah7zQ&gpic=UID%3D00000c295cbb895a%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MZBxudIro3CPAskob6wXAlh5DDrjA&abxe=1&dt=1685449470856&lmt=1685449420&dlt=1685449469390&idt=531&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1954965806.1685449470&ga_sid=1685449470&ga_hid=914313790&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuOD35IYxSABSAghkEhkKCnB1YmNpZC5vcmcYjeH35IYxSABSAghqEu4BCghydGJob3VzZRLYAVkrUE9MVU9tSkdCNUVrZElyRW9KUlJLWDlyZTRHVTZ1NUhyckp1R0xHc1dpNGhDakZicHlCQ0xYajJCYmF2NlBFd2JKbkJtUmVub2Qyc1NGL2p1S2d6aFlObzZ4bHlwQ1d2STJ1cnZjeTdJR0pDUm95YmhZai9HV1lYNExrQnRPT09FaUw1WFNuWVk2bnplNXFWcW1GcEQ2UWNzZ1djSGRyRmtsR0Ruc3NvRUhmT1ZDVXczMmlCKzRMR0ZTT1BLT3RCN2phMy9MUkxYVW1NRG5KR2xtT3c9PRid4vfkhjFIABIdCg5lc3AuY3JpdGVvLmNvbRi44PfkhjFIAFICCGQSGQoKdWlkYXBpLmNvbRi44PfkhjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGN7h9-SGMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5e56ffef36bcb5671235972d691c8b522e910d823e96092c3207472e0c44f04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39356
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ghb.aplhb.adipolo.com/geo/ 		143 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/geo/
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19507/hbw_master_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
eeddffed9e8b89a1b0a474a838d92252b52c9b4265ab12f060f2a6a995cd66ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 30 May 2023 12:24:30 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
143
tracking
ghb.aplhb.adipolo.com/adunit/ 		43 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=739813&site_id=17175&pbjsv=v6.25.4&full_page_url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&adid=a93iwh.i5&features=81952&vpbv=N108&tte=324&lifecycle_tte=1638
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19507/hbw_master_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 30 May 2023 12:24:30 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
asset.js
velocitycdn.com/script/ Frame FDF1 		107 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://velocitycdn.com/script/asset.js
Requested by
Host: v3.sportsonline.sx
URL: https://v3.sportsonline.sx/channels/hd/hd2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60a23ba9976ca655705031ac97edff6bb6d1c07eace4cd7131bae9abb9f4d21b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.sportsonline.sx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1424
x-guploader-uploadid
ADPycdtPDObNAxvFClZT4fm66avxySPN5Pj4AmNiGmJUNl4Gk0wLF2xZd4PO8yuJTPsBoQM_X6yj_8PkMb-RiZPoxHed
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 17 May 2023 11:38:40 GMT
server
cloudflare
etag
W/"f1f0deef583dde7d079b2085920edfbb"
vary
Accept-Encoding
x-goog-hash
crc32c=OZJHng==, md5=8fDe71g93n0HmyCFkg7fuw==
x-goog-generation
1684323520541450
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPdk%2F5yYs1l79zSm382IK8FLc1qCY9SOYTk47pwNvvlA534AiYk%2FnRlAZT7sii9bykIYR5EaSYGllYJZ8Oh3xGgRRC87Gf9EPuPf5igSd07a1mDipahHvnlS57vroYXKY2Yex%2FjXHc5PSW2uD5E%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
109331
cf-ray
7cf6f4595f013608-FRA
expires
Tue, 30 May 2023 12:58:18 GMT
SCCfwxq.png
v3.sportsonline.sx/channels/hd/ Frame FDF1 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.sportsonline.sx/channels/hd/SCCfwxq.png
Requested by
Host: v3.sportsonline.sx
URL: https://v3.sportsonline.sx/channels/hd/hd2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae0433ac5d000ac03daf9059492d0390e427b7461332f0f488bbc6f44b5107a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.sportsonline.sx/channels/hd/hd2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Dec 2021 14:48:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3896
etag
"61af7432-4c4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hKV81oM6mue1tQ10Mr2zyPNDj9iuK0Lp%2F%2B557Oo5VPDJCYfoWFlrWodZt1Y6aPnNtwIDZLRV13DgW%2B%2BBS1Q8NGT8yybgEKEM7jqdS%2FJbyk%2BynAP0%2FcCslqrT7hjiQzlytl%2Bsi%2BJXoc6yEXV1pTF%2BnIY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7cf6f458fa1f3802-FRA
alt-svc
h3=":443"; ma=86400
content-length
1220
/
widgets.amung.us/draw/ Frame FDF1
Redirect Chain
  • https://whos.amung.us/cwidget/sevaqeifj/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=763&c=000000ffffff&p=left
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=763&c=000000ffffff&p=left
Requested by
Host: v3.sportsonline.sx
URL: https://v3.sportsonline.sx/channels/hd/hd2.php
Protocol
H2
Server
2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dd92c489a8022b99f36c161be9649b0ceab8ce2749aa8d08d0ca628c07c8b6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.sportsonline.sx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 20:17:59 GMT
server
cloudflare
age
2477192
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
content-disposition
filename=wau-widget.png
cf-ray
7cf6f45adee09004-FRA
expires
Tue, 02 May 2023 20:17:59 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=763&c=000000ffffff&p=left
date
Tue, 30 May 2023 12:24:31 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7cf6f4599cf99004-FRA
content-type
text/html; charset=UTF-8
truncated
/ 		385 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
favicon.ico
storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.95.4.196 , France, ASN16276 (OVH, FR),
Reverse DNS
ip196.ip-141-95-4.eu
Software
/
Resource Hash
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 30 May 2023 12:24:31 GMT
X-Openstack-Request-Id
tx81564b4020204846b0983-006475eaff
Last-Modified
Sun, 31 Jan 2021 12:57:34 GMT
Etag
7bf4f6782dee3b520a65ff84286e3691
Content-Type
image/x-icon
X-Timestamp
1612097853.12655
Accept-Ranges
bytes
Content-Length
15086
X-Trans-Id
tx81564b4020204846b0983-006475eaff
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
adview
securepubads.g.doubleclick.net/pagead/ Frame 3AC0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CciWS_up1ZK2KIdeA7_UPweermAjJntKxXPXalvdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjUz9aPP8LE-4AIAqAMBqgTPAk_QC-1_q3smfUOFpBOnscJvXfViJv8ygsKJTHPH79j3XQfuL0Vp_ucQs-phf-CgLc61m_3mdoObsv5RBccgJNNrJF8IEbC8bVV3b-wjZFNUzCd48uo89uuRx3zkWTlt4DcHXWNF2COkKXIg4LWIaWC6lZoMb6dikAMmixBG2WUOoyTNRjbOU8f55GXXCeDBpBJK7JciyQzesgNWTLt2PhQ3QRsHPtj8exp8s_n4WVCNyi9S-AGnomwCXKO81YHfE23iX0cinKDctHPeM2DB4Ja2sM3Yq871YuBXPCNA_bpgh6kotPMgx9aKs0bzp_yheYmPvVg_RYp8E0KYuaCsHtkm0ThJ--IHdnmfpZEsd8w_P-R_-8bJYXAB9P4knwEOT0_C9kfHQp6d7f3w5M4EAFpQQVjf7wWvm_0jdgbeyL-r4NOEZtOj2xQIq83aJbVX4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=JhrH5P8yJj0&uach_m=[UACH]&cid=CAQSPABygQiDGz1OluNACGJgcXCDMFN8NiLeOXfSBaVxdux0dgyyX_6_drM_RvIFqOS6nWiGbZKEdgnxN4RVERgB
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11082/0/roland-garros-vs-roland-garros/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 3AC0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kPL6FezZW4AImAKdg2ICAgAAAEEzA2lt4aV-EP7qdWSKpCgNW3kmso-TAAASAAAKCkFRVUJBUUVCQVE&wp=ZHXq_gAIRS0Iu8BXAArzweK8hmwBjiXNbBZxzA
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11082/0/roland-garros-vs-roland-garros/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
197138
server
Kestrel
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 9371 		164 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAIRS0Iu8BXAArzweK8hmwBjiXNbBZxzA&u=%7CxiZKFHmULl8eMeLJxdHHHwy55%2FblVBCs%2FtSojhEi1VM%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4R5eWn7RSgJbxCKfkLuFqDQH0wIbkZS-7qUkuZE5LGb_rxYi-f7HMLEUr4HRyEIakcbNCVcCezNG2759vLFP-m677tO9LkB9Yt6G4E-xLd4UdfbCiePsQ2cTfps9MlX8RG_uTm3r718Wp9C_SghPPJfn2HRI8Ah-PBtAMZVsk43Xb3IQYZvIJodS2GfT-cSj2-9wEf1OPnxeSNK8As76sETEkBeYMCjvtMERMoLEpILQYKkpZy4vz4PBRyx0iPKzrd1TmSO_Ufwl2ylh1D3ooVJiQQ26zKG7mW2qcV9NT7smP5rcRlbEWC6FEYsjn4FtEAHph7Ett6PbJ8OqLCDHWVDfd3lt4lDr8HISNtTh6UArBlXUNJ26b5YuVf-ShyJIs4E95OnbnRKvskpTDG9BdRoCMUs9mIxEG2lb78PrzNHZJz_oknm2rpBH7HGkzMDlMsXWbHW-0qwtPVNl4cjFioUDKA81kpNNtKpgJWToeG5PGVSh4Fz6rdtxZilwctGkwuxM985PzMVBBhVsfjKLNCb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCd1ku_up1ZK2KIdeA7_UPweermAjJntKxXPXalvdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjUz9aPP8LE-4AIAqAMBqgTSAk_QC-1_q3smfUOFpBOnscJvXfViJv8ygsKJTHPH79j3XQfuL0Vp_ucQs-phf-CgLc61m_3mdoObsv5RBccgJNNrJF8IEbC8bVV3b-wjZFNUzCd48uo89uuRx3zkWTlt4DcHXWNF2COkKXIg4LWIaWC6lZoMb6dikAMmixBG2WUOoyTNRjbOU8f55GXXCeDBpBJK7JciyQzesgNWTLt2PhQ3QRsHPtj8exp8s_n4WVCNyi9S-AGnomwCXKO81YHfE23iX0cinKDctHPeM2DB4Ja2sM3Yq871YuBXPCNA_bpgh6kotPMgx9aKs0bzp_yheYmPvVg_RYp8E0KYuaCsHtkm0ThJ--IHdnmfpZEsd8w_P-R_-8bJYXAB9P4knwEOT0_C9kfHQp6d7b_yxVyDj8ZD_sTLTNWSPQUqYgxowpGzYmdMW3VRZAoks0hwoabof98N4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07TLA4312aIGFVC5gADvLkdrUBlw%26client%3Dca-pub-3831894559014614%26adurl%3D
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5e1ac455185c609811803c8fda5ff8f126ad8399b7a23111c8579f5fa86af3d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 30 May 2023 12:24:30 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=QmehqZQXNarbvS9y3lgnCcAJNOrfjTxoGARKfejszuNV3pZaqBY5Qsd0MbBGFQdFs7sVJLeB_N8k2yYEWXt2ry2fvjMpGbOrCUJSufesDbi3MiNxZ2Q3PBDnbHKtSevutN74FdhzzVyTZ4iieRR6gekf79aMY6U22qXQ-UqxHbvU6CG56LIo8NgXKfsImRwiMIAfzyLLiT3kV-je_vdiOA0Yycr9MHRMOyxx8T7txhFLVJsr5g2v4iyU_-UkY5ojjwArlg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
104851755
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 3AC0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 14:13:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
79864
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 14:13:26 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2307 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
6654
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 May 2023 10:33:36 GMT
etag
48472445140208031
expires
Wed, 31 May 2023 10:33:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 3AC0 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 14:09:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
80109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7987
x-xss-protection
0
server
cafe
etag
5788035530912182302
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 14:09:21 GMT
l
www.google.com/ads/measurement/ Frame 3AC0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSMDj0FZc2T1I1ia_FdHejy9lloZtXxJ4j5wxzSE5Kpe1lIC_jTtBiGAwTJi1Q_B-tM8tyA-DusM-63i_zFZBtCJ1IElw
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3AC0 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 08:18:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
14762
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 May 2024 08:18:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3AC0 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54244
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684927996807358"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 May 2023 12:24:30 GMT
Yamkarish.mp4
cdn-adipolo.urekamedia.com/test/a92a53cfdb1b435a8/ 		80 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn-adipolo.urekamedia.com/test/a92a53cfdb1b435a8/Yamkarish.mp4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash

Request headers

Referer
https://yalla-shoots.tv/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range
bytes=0-

Response headers

x-77-pop
frankfurtDE
date
Tue, 30 May 2023 12:24:31 GMT
x-cache
HIT
x-77-cache
HIT
Content-Range
bytes 0-900871/900872
x-age
767739
x-accel-date
1684681732
Content-Length
900872
x-77-nzt
AcO1ryfHyET/+7YLAA
x-accel-expires
@1685718532
last-modified
Tue, 06 Sep 2022 14:19:18 GMT
server
CDN77-Turbo
etag
"631756e6-dbf08"
x-77-nzt-ray
25b02131e1789abaffea75642a222901
content-type
video/mp4
access-control-allow-origin
*
localstore.js
script.4dex.io/ 		483 B
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 30 May 2023 12:24:31 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1698466
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4u9qLJwXUkbhQ4MWxNl%2F54SK%2FsRB8kNfreF2lIUe8m8QRHwCB9SvdYnyhHUHNU3sBV32cM%2B4GTptO1PUg%2BOc85F3QpO2qGdS2d1v0PkiyYmsE1rVyanfgXnfrqsyhzBijI0XExEbBlPmLfZv"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7cf6f459b89f9b5d-FRA
csi
csi.gstatic.com/ Frame 2CD3 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lia93iz7&c=2532417103167&slotId=1266208551583.5&qqid=CM6w1MeEnf8CFffGuwgdBF0Jzw&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fc5ca179bcc5c13a10383053c3380af3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 2CD3 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcR3AdQPjWzczt1WKyZMPuRZsloVuPm0_Mx9NzofiUpPduUoyH_CXkgoY714yw&usqp=CAI
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5720bbc5886f9cae5475547e9b57068b45d4e4c0efc69b763714dd3aad11e25c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 01:14:16 GMT
x-content-type-options
nosniff
age
299415
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22615
x-xss-protection
0
last-modified
Fri, 26 Jan 2024 12:36:17 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 26 May 2024 01:14:16 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 2CD3 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQ4ctkf8q4rwI3gmuv2n3-5iLRFv0OhGZmXSh9uU-PyMjGybAnsYgjerh5eeL4&usqp=CAI
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e0cbf855099cc859918084f04b9037947d957c0aa61dbfe03041c6205323988
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 19:23:15 GMT
x-content-type-options
nosniff
age
61276
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20891
x-xss-protection
0
last-modified
Tue, 21 Feb 2023 17:31:28 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Tue, 28 May 2024 19:23:15 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 2CD3 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcS8ZdEujvAI42fBYIOANI3wMzZSPv_2s2pu7uYQamr_kuZ4DI3eJnPn-iYiHg&usqp=CAI
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e19710390f24d6e6682ae4ead6829d24d47f8d4c93ac8ad2ef7f7cfa3132030e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 22:12:11 GMT
x-content-type-options
nosniff
age
223940
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24172
x-xss-protection
0
last-modified
Sat, 11 Mar 2023 18:01:43 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 26 May 2024 22:12:11 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 2CD3 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTBYpAIoFpFySZbKWnzgNN7tooNF3a8W7mUwfEXdiimdzgFX7py1lwYzPkxT6E&usqp=CAI
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1877f51abf80b10102b200e96c3b6a52fad9f9ca26b7897fc7500de9f0faa4cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 17:30:47 GMT
x-content-type-options
nosniff
age
240824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22755
x-xss-protection
0
last-modified
Sun, 16 Apr 2023 13:07:41 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 26 May 2024 17:30:47 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 2CD3 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSCC91wsDegRveMDIErtE5L6ycQw2n-fCGPShv3_QmQ-MHT6Z3XZft12qxhp4o&usqp=CAI
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffc0fcd7df5c69a011e415aa73f66a59fae4c09686f7722eb585f53d60e5c7e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 03:59:14 GMT
x-content-type-options
nosniff
age
203117
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36954
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 12:18:36 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 27 May 2024 03:59:14 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 2CD3 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcShbPr1olk0e9TW32eVjT3U3CXuXFXAyjKt3lE5fBUL4xQO5W4_pMo7FH9Yag&usqp=CAI
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f6cb5059e0cfa8aed6e6a7b7137bfe2eb19e43858032c4e4ba50a75027965cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 18:35:56 GMT
x-content-type-options
nosniff
age
236915
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29397
x-xss-protection
0
last-modified
Thu, 15 Jun 2023 06:22:50 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 26 May 2024 18:35:56 GMT
4587220354190784715
tpc.googlesyndication.com/simgad/ Frame 2CD3
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCXk6KrVBCwCRj0BDII6Z4CQb2tJlY
  • https://tpc.googlesyndication.com/simgad/4587220354190784715
403 KB
403 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4587220354190784715
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f528eaef5135d0b984c1853c2f6848ccb0918367b3428b4d85baf3344b9177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 16:49:27 GMT
x-content-type-options
nosniff
age
502504
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
412765
x-xss-protection
0
last-modified
Wed, 15 Jul 2020 06:13:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 23 May 2024 16:49:27 GMT

Redirect headers

date
Tue, 30 May 2023 10:31:58 GMT
x-content-type-options
nosniff
server
cafe
age
6752
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/4587220354190784715
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 29 Jun 2023 10:31:58 GMT
truncated
/ Frame 104E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
435750f71fafd9776e554fd8c752c99f7a483edadbcc8185bba1164e598c784a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
c
prebid.a-mo.net/a/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Tue, 30 May 2023 12:24:30 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=4850742511
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e6cbf7d07ccd6e0a7f287a272b291e50eefdaace4c97acd5dde29818c0af4c0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
bid
ap.lijit.com/rtb/ 		25 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.4
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
f6d6f9f14dbe6d337a4d6fdd7f2bbfcf7b3648c1b6030d6764485f106d632b0c

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 30 May 2023 12:24:31 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
prebid
mp.4dex.io/ 		0
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
x-err
Parsing the Prebid Request. org/site not found
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7cf6f45a3863368b-FRA
expires
0
videoplayback
r5---sn-4g5lzned.gvt1.com/ Frame 2CD3
Redirect Chain
  • https://redirector.gvt1.com/videoplayback?id=0e09f6707f2165ff&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1685456670&sparams=ip,ipbits,expire,id,...
  • https://r5---sn-4g5lzned.gvt1.com/videoplayback?id=0e09f6707f2165ff&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1685456670&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...
1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r5---sn-4g5lzned.gvt1.com/videoplayback?id=0e09f6707f2165ff&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1685456670&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=82558217260981D5E50614BFFD8DB6EBA9272D2E.84D729A9CC41B4CED7EA96A6231DBE50AE76759A&key=cms1&cms_redirect=yes&mh=2O&mip=2001:1b60:2:240:3247::9&mm=28&mn=sn-4g5lzned&ms=nvh&mt=1685448681&mv=u&mvi=5&pl=29
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:4001:13::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
c8291ff4fc609916e7ea8d4921cada460f2ce4f77b28067288aff17ce724df4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

client-protocol
quic
date
Tue, 30 May 2023 12:24:31 GMT
x-content-type-options
nosniff
last-modified
Mon, 15 May 2023 09:10:33 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 0-1322219/1322220
cache-control
private, max-age=6899
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
1322220
expires
Tue, 30 May 2023 12:24:31 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r5---sn-4g5lzned.gvt1.com/videoplayback?id=0e09f6707f2165ff&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1685456670&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=82558217260981D5E50614BFFD8DB6EBA9272D2E.84D729A9CC41B4CED7EA96A6231DBE50AE76759A&key=cms1&cms_redirect=yes&mh=2O&mip=2001:1b60:2:240:3247::9&mm=28&mn=sn-4g5lzned&ms=nvh&mt=1685448681&mv=u&mvi=5&pl=29
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
710
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2CD3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ClFUm_up1ZM65C_eN7_UPhLql-Azin9btcNqhoOrSEK7G6I-oMBABIJWbyiFglcqZgqwHoAHV_omnAsgBCeACAKgDAcgDywSqBJ8CT9AqpVCfIraA5JVHCb-NLUf5i9s03f53TpDV_auL33_sNKUgwOe0tj7P0dBCc8vtbnej5cSstP3cUCcL7wwZ82GMcePZnSp52XYn93cirz3Pw7IGzZSHd5v17H1nB67shej_OhrwTPlFj1Pas1ovoRb7sMqB3Fu_UQeVf-sooEM5aElaN5alS4JSIRB37y-5DF2nFGD4k01-WQar9PgEUa6OXJbiAZAzxK16OSMdGD_vVQ2RcM33iuBHevLoLDX0Ju4r2Y6AHOVyUQDVzuRpAU2PklGfYLU4SpOBsCepHjOr-8zMezudk5tW4gMQcIa_LV8WuVgnh5oB6seHaYA49H94JWOdBhdtvxvESnZjXHC6CHCZLyypK55sVbx3D43ABILcqPyEBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfOsPTYAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCmlBLSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB2BML0BUBgBcBshceChwIABIUcHViLTc1MDc0MzkyMzM4NjU0MTUY_fkT&sigh=TQd6cEZBhlQ&uach_m=[UACH]&cid=CAQSTABygQiDDZCCT0bwdZn6WZ_WENoRXQCPUSmyXRiCGjuJblxXszBY3OXBQp4MeqmtVmeTdbtPi0mjM8LAxpEMF5mjVXfH--a4lvm-e2QYAQ&template_id=499
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
truncated
/ Frame 2CD3 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3face1b37e41abe0ef6095b7eb472fea47c3e0d991ee6aed7e7527683521f916

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 2EEA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEN31wUs88wQXkXgk5L6-2Kg&google_cver=1&google_push=ATf1kGMcridp6QRMqqFk-Wb24HuPES3gSqAhU-NjjW0UnU40K5HrJiSSO8raqeFR3W3WqQJX_zCcgrqA4UtwAI_z...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMcridp6QRMqqFk-Wb24HuPES3gSqAhU-NjjW0UnU40K5HrJiSSO8raqeFR3W3WqQJX_zCcgrqA4UtwAI_zYVhMUxsAe0FNHg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMcridp6QRMqqFk-Wb24HuPES3gSqAhU-NjjW0UnU40K5HrJiSSO8raqeFR3W3WqQJX_zCcgrqA4UtwAI_zYVhMUxsAe0FNHg
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 30 May 2023 12:24:31 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x35 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMcridp6QRMqqFk-Wb24HuPES3gSqAhU-NjjW0UnU40K5HrJiSSO8raqeFR3W3WqQJX_zCcgrqA4UtwAI_zYVhMUxsAe0FNHg
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 30 May 2023 12:24:30 GMT
pixel
cm.g.doubleclick.net/ Frame 2EEA
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEL_7D1kes7qE82hZyVf2zig&google_cver=1&google_push=ATf1kGOg04iPjKC1AnFuSkLj8heGvzH1P_BCt59lfKaILh5cLSGz5VC9pFRRmRAHfmAcNtIAOqaJk...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGOg04iPjKC1AnFuSkLj8heGvzH1P_BCt59lfKaILh5cLSGz5VC9pFRRmRAHfmAcNtIAOqaJkpiea0MEHarU7oKO_pkHI8iwNw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGOg04iPjKC1AnFuSkLj8heGvzH1P_BCt59lfKaILh5cLSGz5VC9pFRRmRAHfmAcNtIAOqaJkpiea0MEHarU7oKO_pkHI8iwNw
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 30 May 2023 12:24:31 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 299257FE01234160BFAF5E4053DF7ADE Ref B: FRAEDGE1107 Ref C: 2023-05-30T12:24:31Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGOg04iPjKC1AnFuSkLj8heGvzH1P_BCt59lfKaILh5cLSGz5VC9pFRRmRAHfmAcNtIAOqaJkpiea0MEHarU7oKO_pkHI8iwNw
x-li-proto
http/2
content-length
0
x-li-uuid
AAX86EkES/Q1ffCFo78IKA==
pixel
cm.g.doubleclick.net/ Frame 2EEA
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESELd_7cJOoam890nvhZbiHQM&c_param1=ATf1kGPmpdaxv9NbOnBbnXAwaQnPM7RyPFAEXlFNWBlAZEvu7JFC_7Q6BQG86XZhRDAG5_WWJV4RHlKZT_ZMtVgAd0LCiTtW7II-iw&gdpr=%%GDPR%...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGPmpdaxv9NbOnBbnXAwaQnPM7RyPFAEXlFNWBlAZEvu7JFC_7Q6BQG86XZhRDAG5_WWJV4RHlKZT_ZMtVgAd0LCiTtW7II-iw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGPmpdaxv9NbOnBbnXAwaQnPM7RyPFAEXlFNWBlAZEvu7JFC_7Q6BQG86XZhRDAG5_WWJV4RHlKZT_ZMtVgAd0LCiTtW7II-iw
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGPmpdaxv9NbOnBbnXAwaQnPM7RyPFAEXlFNWBlAZEvu7JFC_7Q6BQG86XZhRDAG5_WWJV4RHlKZT_ZMtVgAd0LCiTtW7II-iw
date
Tue, 30 May 2023 12:24:31 GMT
server
nginx/1.23.2
content-length
0
pixel
cm.g.doubleclick.net/ Frame 2EEA
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAScbn0m6qsmE3Ii-u4glPg&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAScbn0m6qsmE3Ii-u4glPg&google_push=AT...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAScbn0m6qsmE3Ii-u4glPg&google_hm=ZHXq_1LtxKQEPhms_iwrFAAAFDwAAAAB&google_nid=index&google_push=ATf1kGOkjTdaIi_REy3MjFdmHnlRnT6VruDrO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAScbn0m6qsmE3Ii-u4glPg&google_hm=ZHXq_1LtxKQEPhms_iwrFAAAFDwAAAAB&google_nid=index&google_push=ATf1kGOkjTdaIi_REy3MjFdmHnlRnT6VruDrO2UO0l0sUotC9AxjHPBFgFe7iT13k8pGSKAdT0ppV8XxvNCCdseb771ctxpYxN1znw
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 30 May 2023 12:24:31 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAScbn0m6qsmE3Ii-u4glPg&google_hm=ZHXq_1LtxKQEPhms_iwrFAAAFDwAAAAB&google_nid=index&google_push=ATf1kGOkjTdaIi_REy3MjFdmHnlRnT6VruDrO2UO0l0sUotC9AxjHPBFgFe7iT13k8pGSKAdT0ppV8XxvNCCdseb771ctxpYxN1znw
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame 2EEA
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHQh3olHwJ70QyIMHq-Cr0Q&google_cver=1&google_push=ATf1kGMVNYzN4uDv21rKhNz3tu7MjrnqvgzhcUonfMDRJHKxMQqXfou3i7ZIr_1epWQ41CyfeepjLEwr3xgZ-mWxu...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHQh3olHwJ70QyIMHq-Cr0Q&google_cver=1&google_push=ATf1kGMVNYzN4uDv21rKhNz3tu7MjrnqvgzhcUonfMDRJHKxMQqXfou3i7ZIr_1epWQ41CyfeepjLEwr3xgZ-mWxu...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGMVNYzN4uDv21rKhNz3tu7MjrnqvgzhcUonfMDRJHKxMQqXfou3i7ZIr_1epWQ41CyfeepjLEwr3xgZ-mWxunCJz2bae4VvnQ&google_hm=Gu2IqGZHYnFXcSmXSU67...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGMVNYzN4uDv21rKhNz3tu7MjrnqvgzhcUonfMDRJHKxMQqXfou3i7ZIr_1epWQ41CyfeepjLEwr3xgZ-mWxunCJz2bae4VvnQ&google_hm=Gu2IqGZHYnFXcSmXSU67IRUe
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 30 May 2023 12:24:31 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGMVNYzN4uDv21rKhNz3tu7MjrnqvgzhcUonfMDRJHKxMQqXfou3i7ZIr_1epWQ41CyfeepjLEwr3xgZ-mWxunCJz2bae4VvnQ&google_hm=Gu2IqGZHYnFXcSmXSU67IRUe
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 2EEA
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEHj9dKPurvV4RyfUm0x92hQ&google_cver=1&google_push=ATf1kGOzKzkmDCw4a5azjjSqmHaE_YwSNWy1ik0rPFi7THS19QLUY8rkk...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGOzKzkmDCw4a5azjjSqmHaE_YwSNWy1ik0rPFi7THS19QLUY8rkk-oM2cWyPjZbn17fUFqzV7SfVC3xD57Klvby9YPZAyMhgg&google_hm=QlMuNTEyNi1hMzll...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGOzKzkmDCw4a5azjjSqmHaE_YwSNWy1ik0rPFi7THS19QLUY8rkk-oM2cWyPjZbn17fUFqzV7SfVC3xD57Klvby9YPZAyMhgg&google_hm=QlMuNTEyNi1hMzllLTQxZDktODQ3Yg==
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGOzKzkmDCw4a5azjjSqmHaE_YwSNWy1ik0rPFi7THS19QLUY8rkk-oM2cWyPjZbn17fUFqzV7SfVC3xD57Klvby9YPZAyMhgg&google_hm=QlMuNTEyNi1hMzllLTQxZDktODQ3Yg==
Date
Tue, 30 May 2023 12:24:31 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
pixel
cm.g.doubleclick.net/ Frame 2EEA
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHTTCPziIBpW0fDpoAsJ6Cg&google_cver=1&google_push=ATf1kGNprePyFcgIN...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEHTTCPziIBpW0fDpoAsJ6Cg%26goo...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTg1MzcxMzEyMzcwNzc4MDE5Mw%3D%3D&google_gid=CAESEHTTCPziIBpW0fDpoAsJ6Cg&google_cver=1&google_push=ATf1kGNprePyFcgINGY5I457HJw9n44gl8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTg1MzcxMzEyMzcwNzc4MDE5Mw%3D%3D&google_gid=CAESEHTTCPziIBpW0fDpoAsJ6Cg&google_cver=1&google_push=ATf1kGNprePyFcgINGY5I457HJw9n44gl8UccJvVqTHdzOuErXv-hq5jNAQwyoFABZ6v6iQW8AmXPni4rES1JXkh8eHSz4bt3-iX4w
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 30 May 2023 12:24:31 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c4316d11-47c9-4a21-a1d7-7961afc41524
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTg1MzcxMzEyMzcwNzc4MDE5Mw%3D%3D&google_gid=CAESEHTTCPziIBpW0fDpoAsJ6Cg&google_cver=1&google_push=ATf1kGNprePyFcgINGY5I457HJw9n44gl8UccJvVqTHdzOuErXv-hq5jNAQwyoFABZ6v6iQW8AmXPni4rES1JXkh8eHSz4bt3-iX4w
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 2EEA 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iv8TybbJUwePDb0lACQmotMDf6-e26rbqQsu0XGTAfKETSN-IOwiQTZmyuC1CcByR6vAAxb7s
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
privacy_small.svg
static.criteo.net/flash/icon/ Frame 3088 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAHELYIu88AAAFymVTmwbj6tazh-dZDPQ&u=%7CxiZKFHmULl9pB%2FWx1kArvOe2Y5WZUfsucSh1KvVgN5w%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4SSIM1uLI95CKOarvqzGH4ByNrjFbjJLTqeCHq7eE7vL1AhROuEo3n8E6T4WvGed6geOnFam5vK2_fUu-I6siexkyj9SwCOhrfLioHDIq1uFL6Nv93CTof204CO9TvPzTZtv65199HYbHA7jZSY91KEUtCg1__roeW2YYWkxru29IoG7dRsTryfVSs7DQrn5JdACy15MFIFucdwoAfPeNCa8u1f2obdxZamwnVi_sNuKWYUO7GtD2Jgp1f40yrw4VBDinohqVOPY5ZGRcwe9WOLcBpSm-LpYyNQbufFKGdidvgIYLpa3g6K-LHMeGdV5R-8fPsaTID34WUYJMar_ZxetYekUuHXlnWJ7ecu2hT3ZFkkX4Nmw_V3DQxopSZQVuyDes7idkvd29APZH9clhmPxYTkjPPvGEGz3ehDo7zda-Ly4_NmirKmwi8XFbfcfMMaJXrraqaueChkUw41yZzq52F8McfgBGQi7dmUy9gbF8MoeAnM8-H2NpHUTiems0XonxVIayxeAQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaau7_up1ZLahHICe7_UPmeWFqATJntKxXL2Ol_dwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAikNNiGa7rE-4AIAqAMBqgTMAk_QbFIoACkWXwoQi_EgsaTSYakrfatBaAGeCkzqN4DqY1FEfflWgSPj7p8U0VBFQb2PpvgPRaL45OLgaikr8aIgkBw0PrtYnLc6l2gXvNjhbo2JyhGAJzLaEawXthT0i-WIry62hZlbM-PHrRlITBM2tty6H5GSNLTrTo0QCVpOUlJt8f3784T0BVCrX8yrFnLergmf6e3dOHeLPUHCRjMT7yHZvg8J_DMWPK9-8oC-tq6KHTmUOJ-ekJzDv6RKpRFPiHXMPfipgD-p96UeaUmi0eMTMTQmtAHee1qYyPwgj7XrdR5-zRAfrrzo2OEnOtL7iQGprSdyVK6MuAijJA39tNUlvmNNvLgdp5AbkQkURKkRvl9mS7pDM96D0Umw13RZKECzMr18Ciecll1I-uYTmsRaGNT8vqaPdW57H8x6M2Qt7qXszCUncMDy4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lJJFnFrDC-DBm9XaUVa-2Ngrb8w%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 May 2024 12:24:31 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 3088 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAHELYIu88AAAFymVTmwbj6tazh-dZDPQ&u=%7CxiZKFHmULl9pB%2FWx1kArvOe2Y5WZUfsucSh1KvVgN5w%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4SSIM1uLI95CKOarvqzGH4ByNrjFbjJLTqeCHq7eE7vL1AhROuEo3n8E6T4WvGed6geOnFam5vK2_fUu-I6siexkyj9SwCOhrfLioHDIq1uFL6Nv93CTof204CO9TvPzTZtv65199HYbHA7jZSY91KEUtCg1__roeW2YYWkxru29IoG7dRsTryfVSs7DQrn5JdACy15MFIFucdwoAfPeNCa8u1f2obdxZamwnVi_sNuKWYUO7GtD2Jgp1f40yrw4VBDinohqVOPY5ZGRcwe9WOLcBpSm-LpYyNQbufFKGdidvgIYLpa3g6K-LHMeGdV5R-8fPsaTID34WUYJMar_ZxetYekUuHXlnWJ7ecu2hT3ZFkkX4Nmw_V3DQxopSZQVuyDes7idkvd29APZH9clhmPxYTkjPPvGEGz3ehDo7zda-Ly4_NmirKmwi8XFbfcfMMaJXrraqaueChkUw41yZzq52F8McfgBGQi7dmUy9gbF8MoeAnM8-H2NpHUTiems0XonxVIayxeAQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaau7_up1ZLahHICe7_UPmeWFqATJntKxXL2Ol_dwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAikNNiGa7rE-4AIAqAMBqgTMAk_QbFIoACkWXwoQi_EgsaTSYakrfatBaAGeCkzqN4DqY1FEfflWgSPj7p8U0VBFQb2PpvgPRaL45OLgaikr8aIgkBw0PrtYnLc6l2gXvNjhbo2JyhGAJzLaEawXthT0i-WIry62hZlbM-PHrRlITBM2tty6H5GSNLTrTo0QCVpOUlJt8f3784T0BVCrX8yrFnLergmf6e3dOHeLPUHCRjMT7yHZvg8J_DMWPK9-8oC-tq6KHTmUOJ-ekJzDv6RKpRFPiHXMPfipgD-p96UeaUmi0eMTMTQmtAHee1qYyPwgj7XrdR5-zRAfrrzo2OEnOtL7iQGprSdyVK6MuAijJA39tNUlvmNNvLgdp5AbkQkURKkRvl9mS7pDM96D0Umw13RZKECzMr18Ciecll1I-uYTmsRaGNT8vqaPdW57H8x6M2Qt7qXszCUncMDy4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lJJFnFrDC-DBm9XaUVa-2Ngrb8w%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 May 2024 12:24:31 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 3088 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAHELYIu88AAAFymVTmwbj6tazh-dZDPQ&u=%7CxiZKFHmULl9pB%2FWx1kArvOe2Y5WZUfsucSh1KvVgN5w%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4SSIM1uLI95CKOarvqzGH4ByNrjFbjJLTqeCHq7eE7vL1AhROuEo3n8E6T4WvGed6geOnFam5vK2_fUu-I6siexkyj9SwCOhrfLioHDIq1uFL6Nv93CTof204CO9TvPzTZtv65199HYbHA7jZSY91KEUtCg1__roeW2YYWkxru29IoG7dRsTryfVSs7DQrn5JdACy15MFIFucdwoAfPeNCa8u1f2obdxZamwnVi_sNuKWYUO7GtD2Jgp1f40yrw4VBDinohqVOPY5ZGRcwe9WOLcBpSm-LpYyNQbufFKGdidvgIYLpa3g6K-LHMeGdV5R-8fPsaTID34WUYJMar_ZxetYekUuHXlnWJ7ecu2hT3ZFkkX4Nmw_V3DQxopSZQVuyDes7idkvd29APZH9clhmPxYTkjPPvGEGz3ehDo7zda-Ly4_NmirKmwi8XFbfcfMMaJXrraqaueChkUw41yZzq52F8McfgBGQi7dmUy9gbF8MoeAnM8-H2NpHUTiems0XonxVIayxeAQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaau7_up1ZLahHICe7_UPmeWFqATJntKxXL2Ol_dwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAikNNiGa7rE-4AIAqAMBqgTMAk_QbFIoACkWXwoQi_EgsaTSYakrfatBaAGeCkzqN4DqY1FEfflWgSPj7p8U0VBFQb2PpvgPRaL45OLgaikr8aIgkBw0PrtYnLc6l2gXvNjhbo2JyhGAJzLaEawXthT0i-WIry62hZlbM-PHrRlITBM2tty6H5GSNLTrTo0QCVpOUlJt8f3784T0BVCrX8yrFnLergmf6e3dOHeLPUHCRjMT7yHZvg8J_DMWPK9-8oC-tq6KHTmUOJ-ekJzDv6RKpRFPiHXMPfipgD-p96UeaUmi0eMTMTQmtAHee1qYyPwgj7XrdR5-zRAfrrzo2OEnOtL7iQGprSdyVK6MuAijJA39tNUlvmNNvLgdp5AbkQkURKkRvl9mS7pDM96D0Umw13RZKECzMr18Ciecll1I-uYTmsRaGNT8vqaPdW57H8x6M2Qt7qXszCUncMDy4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lJJFnFrDC-DBm9XaUVa-2Ngrb8w%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 24 May 2024 12:24:31 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 3088 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAHELYIu88AAAFymVTmwbj6tazh-dZDPQ&u=%7CxiZKFHmULl9pB%2FWx1kArvOe2Y5WZUfsucSh1KvVgN5w%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4SSIM1uLI95CKOarvqzGH4ByNrjFbjJLTqeCHq7eE7vL1AhROuEo3n8E6T4WvGed6geOnFam5vK2_fUu-I6siexkyj9SwCOhrfLioHDIq1uFL6Nv93CTof204CO9TvPzTZtv65199HYbHA7jZSY91KEUtCg1__roeW2YYWkxru29IoG7dRsTryfVSs7DQrn5JdACy15MFIFucdwoAfPeNCa8u1f2obdxZamwnVi_sNuKWYUO7GtD2Jgp1f40yrw4VBDinohqVOPY5ZGRcwe9WOLcBpSm-LpYyNQbufFKGdidvgIYLpa3g6K-LHMeGdV5R-8fPsaTID34WUYJMar_ZxetYekUuHXlnWJ7ecu2hT3ZFkkX4Nmw_V3DQxopSZQVuyDes7idkvd29APZH9clhmPxYTkjPPvGEGz3ehDo7zda-Ly4_NmirKmwi8XFbfcfMMaJXrraqaueChkUw41yZzq52F8McfgBGQi7dmUy9gbF8MoeAnM8-H2NpHUTiems0XonxVIayxeAQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaau7_up1ZLahHICe7_UPmeWFqATJntKxXL2Ol_dwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAikNNiGa7rE-4AIAqAMBqgTMAk_QbFIoACkWXwoQi_EgsaTSYakrfatBaAGeCkzqN4DqY1FEfflWgSPj7p8U0VBFQb2PpvgPRaL45OLgaikr8aIgkBw0PrtYnLc6l2gXvNjhbo2JyhGAJzLaEawXthT0i-WIry62hZlbM-PHrRlITBM2tty6H5GSNLTrTo0QCVpOUlJt8f3784T0BVCrX8yrFnLergmf6e3dOHeLPUHCRjMT7yHZvg8J_DMWPK9-8oC-tq6KHTmUOJ-ekJzDv6RKpRFPiHXMPfipgD-p96UeaUmi0eMTMTQmtAHee1qYyPwgj7XrdR5-zRAfrrzo2OEnOtL7iQGprSdyVK6MuAijJA39tNUlvmNNvLgdp5AbkQkURKkRvl9mS7pDM96D0Umw13RZKECzMr18Ciecll1I-uYTmsRaGNT8vqaPdW57H8x6M2Qt7qXszCUncMDy4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lJJFnFrDC-DBm9XaUVa-2Ngrb8w%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 24 May 2024 12:24:31 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 3088 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=0AtltVHvvG8HtQ7QDtR4HVttAn4_nqayE89i5ovsOdW6Xxi4dM26DWczIS1SrTYxbINzdTcyo8oC_39g8lmuHIMavvMINBEueK5FLgzqC3xXJj7Ail_yrM_jdfb4F8DBAILXyy-ZOcm2Gm4cpBRvnCvCx_MWOEJ52z5q6VBdkfxclKLWUPg-hHVXDWnqiN3RRkpPVffEEheNYjrCnrQGKa5eSMgsaF06fXxCwNXtfAJwiy1d1XImXhoC10AoZkbVKSBMhtkCs_XYfKKvKmuxyOwpiloHMJHMZ6onib8V6RsWmwgiXg42-f6z5X9vLyQtppt-rWwvrdxj8sOdHfxPl6UWxhsL7p4C6Wo0nlCzSSPnmv92dMW9vu4EkKLFIKn76zZk3YHsn_zxuVNBHIXacMZ_UIe6kj9hvDSLzebydkp29rcO
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAHELYIu88AAAFymVTmwbj6tazh-dZDPQ&u=%7CxiZKFHmULl9pB%2FWx1kArvOe2Y5WZUfsucSh1KvVgN5w%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4SSIM1uLI95CKOarvqzGH4ByNrjFbjJLTqeCHq7eE7vL1AhROuEo3n8E6T4WvGed6geOnFam5vK2_fUu-I6siexkyj9SwCOhrfLioHDIq1uFL6Nv93CTof204CO9TvPzTZtv65199HYbHA7jZSY91KEUtCg1__roeW2YYWkxru29IoG7dRsTryfVSs7DQrn5JdACy15MFIFucdwoAfPeNCa8u1f2obdxZamwnVi_sNuKWYUO7GtD2Jgp1f40yrw4VBDinohqVOPY5ZGRcwe9WOLcBpSm-LpYyNQbufFKGdidvgIYLpa3g6K-LHMeGdV5R-8fPsaTID34WUYJMar_ZxetYekUuHXlnWJ7ecu2hT3ZFkkX4Nmw_V3DQxopSZQVuyDes7idkvd29APZH9clhmPxYTkjPPvGEGz3ehDo7zda-Ly4_NmirKmwi8XFbfcfMMaJXrraqaueChkUw41yZzq52F8McfgBGQi7dmUy9gbF8MoeAnM8-H2NpHUTiems0XonxVIayxeAQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaau7_up1ZLahHICe7_UPmeWFqATJntKxXL2Ol_dwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAikNNiGa7rE-4AIAqAMBqgTMAk_QbFIoACkWXwoQi_EgsaTSYakrfatBaAGeCkzqN4DqY1FEfflWgSPj7p8U0VBFQb2PpvgPRaL45OLgaikr8aIgkBw0PrtYnLc6l2gXvNjhbo2JyhGAJzLaEawXthT0i-WIry62hZlbM-PHrRlITBM2tty6H5GSNLTrTo0QCVpOUlJt8f3784T0BVCrX8yrFnLergmf6e3dOHeLPUHCRjMT7yHZvg8J_DMWPK9-8oC-tq6KHTmUOJ-ekJzDv6RKpRFPiHXMPfipgD-p96UeaUmi0eMTMTQmtAHee1qYyPwgj7XrdR5-zRAfrrzo2OEnOtL7iQGprSdyVK6MuAijJA39tNUlvmNNvLgdp5AbkQkURKkRvl9mS7pDM96D0Umw13RZKECzMr18Ciecll1I-uYTmsRaGNT8vqaPdW57H8x6M2Qt7qXszCUncMDy4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lJJFnFrDC-DBm9XaUVa-2Ngrb8w%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2708479
expires
Mon, 26 Jul 1997 05:00:00 GMT
ut.js
velocitycdn.com/script/ Frame FDF1 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://velocitycdn.com/script/ut.js?cb=1685449471138
Requested by
Host: velocitycdn.com
URL: https://velocitycdn.com/script/asset.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44ca64a9e8fe2cba0e19f10b5be4ad2556352a9783f2277d99133fc1ef81ea4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.sportsonline.sx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycduGyKbg2IbuKKx0JZsUlUNSkeat0y0j6l2nfEhkSL40qSiqe3AVEoJLW2gv4xil3W2B3G12wolFMzCEEPcxX-t9EA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 17 May 2023 11:51:44 GMT
server
cloudflare
etag
W/"2acde53b155be86bcae1a94b039efe42"
vary
Accept-Encoding
x-goog-hash
crc32c=jRxOWQ==, md5=Ks3lOxVb6GvK4alLA57+Qg==
x-goog-generation
1684324304128147
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLKdWFRy5AgktLKx1Pb%2FIpACZ1qkKMngZcZoIFNemaBf8zlbci%2F1W0f7QUTv8S9QaOtLhzdNqOy824VvQSw6jANfrckCBHdUZShzAz4%2FMTrJozJn%2FOHZqjZm7Isv8ytB23iKCpcecP3v2TnOSbE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
79538
cf-ray
7cf6f45aa8c33608-FRA
expires
Tue, 30 May 2023 12:33:46 GMT
animejs.js
static.criteo.net/animejs/ Frame 3088 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAHELYIu88AAAFymVTmwbj6tazh-dZDPQ&u=%7CxiZKFHmULl9pB%2FWx1kArvOe2Y5WZUfsucSh1KvVgN5w%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4SSIM1uLI95CKOarvqzGH4ByNrjFbjJLTqeCHq7eE7vL1AhROuEo3n8E6T4WvGed6geOnFam5vK2_fUu-I6siexkyj9SwCOhrfLioHDIq1uFL6Nv93CTof204CO9TvPzTZtv65199HYbHA7jZSY91KEUtCg1__roeW2YYWkxru29IoG7dRsTryfVSs7DQrn5JdACy15MFIFucdwoAfPeNCa8u1f2obdxZamwnVi_sNuKWYUO7GtD2Jgp1f40yrw4VBDinohqVOPY5ZGRcwe9WOLcBpSm-LpYyNQbufFKGdidvgIYLpa3g6K-LHMeGdV5R-8fPsaTID34WUYJMar_ZxetYekUuHXlnWJ7ecu2hT3ZFkkX4Nmw_V3DQxopSZQVuyDes7idkvd29APZH9clhmPxYTkjPPvGEGz3ehDo7zda-Ly4_NmirKmwi8XFbfcfMMaJXrraqaueChkUw41yZzq52F8McfgBGQi7dmUy9gbF8MoeAnM8-H2NpHUTiems0XonxVIayxeAQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaau7_up1ZLahHICe7_UPmeWFqATJntKxXL2Ol_dwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAikNNiGa7rE-4AIAqAMBqgTMAk_QbFIoACkWXwoQi_EgsaTSYakrfatBaAGeCkzqN4DqY1FEfflWgSPj7p8U0VBFQb2PpvgPRaL45OLgaikr8aIgkBw0PrtYnLc6l2gXvNjhbo2JyhGAJzLaEawXthT0i-WIry62hZlbM-PHrRlITBM2tty6H5GSNLTrTo0QCVpOUlJt8f3784T0BVCrX8yrFnLergmf6e3dOHeLPUHCRjMT7yHZvg8J_DMWPK9-8oC-tq6KHTmUOJ-ekJzDv6RKpRFPiHXMPfipgD-p96UeaUmi0eMTMTQmtAHee1qYyPwgj7XrdR5-zRAfrrzo2OEnOtL7iQGprSdyVK6MuAijJA39tNUlvmNNvLgdp5AbkQkURKkRvl9mS7pDM96D0Umw13RZKECzMr18Ciecll1I-uYTmsRaGNT8vqaPdW57H8x6M2Qt7qXszCUncMDy4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lJJFnFrDC-DBm9XaUVa-2Ngrb8w%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 May 2024 12:24:31 GMT
pixel
cm.g.doubleclick.net/ Frame 2307
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKY1Y50lyLXeNIijxfZRf5s&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKY1Y50lyLXeNIijxfZRf5s&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RGo1QTJHMnAxUTNZb1Q1&google_gid=CAESEKY1Y50lyLXeNIijxfZRf5s&google_cver=1&google_push=ATf1kGN6N3pmC7rebItYSnrnuQVzWQtRbmhnnGWEARSKZAl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RGo1QTJHMnAxUTNZb1Q1&google_gid=CAESEKY1Y50lyLXeNIijxfZRf5s&google_cver=1&google_push=ATf1kGN6N3pmC7rebItYSnrnuQVzWQtRbmhnnGWEARSKZAlL0YdABKf7WFTUSIw___Mn8ErOLPghmWiVu9Ngje2eKm8d2npsyjY
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 30 May 2023 12:24:30 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-03b3f67f69a828fdc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RGo1QTJHMnAxUTNZb1Q1&google_gid=CAESEKY1Y50lyLXeNIijxfZRf5s&google_cver=1&google_push=ATf1kGN6N3pmC7rebItYSnrnuQVzWQtRbmhnnGWEARSKZAlL0YdABKf7WFTUSIw___Mn8ErOLPghmWiVu9Ngje2eKm8d2npsyjY
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2307
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEKV_JPgQTx9cpW8j-3dJT84&google_cver=1&google_push=ATf1kGPPD7cuxuJXb9W2r7OEw3yhb_JmZXVIF57UXshw841fID7ldtlDa-2mhueSyLgPY4XFVP83wu6B_lcmT_cF...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=khHhHswMRyKuvHk3tYeccQ2&google_push=ATf1kGPPD7cuxuJXb9W2r7OEw3yhb_JmZXVIF57UXshw841fID7ldtlDa-2mhueSyLgPY4XFVP83wu6B_lcmT_cFChJAIVEs0A
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=khHhHswMRyKuvHk3tYeccQ2&google_push=ATf1kGPPD7cuxuJXb9W2r7OEw3yhb_JmZXVIF57UXshw841fID7ldtlDa-2mhueSyLgPY4XFVP83wu6B_lcmT_cFChJAIVEs0A
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 30 May 2023 12:24:31 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=khHhHswMRyKuvHk3tYeccQ2&google_push=ATf1kGPPD7cuxuJXb9W2r7OEw3yhb_JmZXVIF57UXshw841fID7ldtlDa-2mhueSyLgPY4XFVP83wu6B_lcmT_cFChJAIVEs0A
x-host
tde-deliveryengine-production-6c9c7cbbbc-9f96t
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 2307
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEBYobuAo54YOli_P_DaMf_Y&google_cver=1&google_push=ATf1kGMTPiHRTvOkxPYVOSYpUiI9ViHBBZITApFX-TAYhkPpEq-3QGT-QY_Iv3lV0ISCYuoIkJL1n_f2DOI...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGMTPiHRTvOkxPYVOSYpUiI9ViHBBZITApFX-TAYhkPpEq-3QGT-QY_Iv3lV0ISCYuoIkJL1n_f2DOILjhjS3s9zISBojpI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGMTPiHRTvOkxPYVOSYpUiI9ViHBBZITApFX-TAYhkPpEq-3QGT-QY_Iv3lV0ISCYuoIkJL1n_f2DOILjhjS3s9zISBojpI
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGMTPiHRTvOkxPYVOSYpUiI9ViHBBZITApFX-TAYhkPpEq-3QGT-QY_Iv3lV0ISCYuoIkJL1n_f2DOILjhjS3s9zISBojpI
Date
Tue, 30 May 2023 12:24:34 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixel
cm.g.doubleclick.net/ Frame 2307
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEGupdXrUgGK-SHEf1uiARJ8&google_cver=1&google_push=ATf1kGO9jguNl8wXGIxtRSx6Babhgx62qcEJhLAHvhEL6qPRx4g_LJnZma2TrsL59Nj5WXQYzGT7q5jfHeyqDp7PI8zKX6s...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGupdXrUgGK-SHEf1uiARJ8&google_cver=1&google_push=ATf1kGO9jguNl8wXGIxtRSx6Babhgx62qcEJhLAHvhEL6qPRx4g_LJnZma2TrsL59Nj5WXQYzGT7q5jfHeyqDp7PI8zKX...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGO9jguNl8wXGIxtRSx6Babhgx62qcEJhLAHvhEL6qPRx4g_LJnZma2TrsL59Nj5WXQYzGT7q5jfHeyqDp7PI8zKX6slP94
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGO9jguNl8wXGIxtRSx6Babhgx62qcEJhLAHvhEL6qPRx4g_LJnZma2TrsL59Nj5WXQYzGT7q5jfHeyqDp7PI8zKX6slP94
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGO9jguNl8wXGIxtRSx6Babhgx62qcEJhLAHvhEL6qPRx4g_LJnZma2TrsL59Nj5WXQYzGT7q5jfHeyqDp7PI8zKX6slP94
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 2307
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIwj2wTu8NCD7s3prSY1d1s&google_cver=1&google_push=ATf1kGPmJ0chk-NH9IHdnJJGDTwGYO8y5jRKoXEhvb2A3XBdfcXbdOsB9C_aWmbOeMSRE4CArXmLxhfn7lI73...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEIwj2wTu8NCD7s3prSY1d1s&google_push=ATf1kGPmJ0chk-NH9IHdnJJGDTwGYO8y5jRKoXEhvb2A3XBdfcXbdOsB9C_aWmbOeMSRE4CArXmLxhfn7lI73...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGPmJ0chk-NH9IHdnJJGDTwGYO8y5jRKoXEhvb2A3XBdfcXbdOsB9C_aWmbOeMSRE4CArXmLxhfn7lI73XXNz96n1Dxz-6qZ&google_hm=cmg0N2haUlZOdW9jMkNj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGPmJ0chk-NH9IHdnJJGDTwGYO8y5jRKoXEhvb2A3XBdfcXbdOsB9C_aWmbOeMSRE4CArXmLxhfn7lI73XXNz96n1Dxz-6qZ&google_hm=cmg0N2haUlZOdW9jMkNjUGduVEs=
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 30 May 2023 12:24:31 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ATf1kGPmJ0chk-NH9IHdnJJGDTwGYO8y5jRKoXEhvb2A3XBdfcXbdOsB9C_aWmbOeMSRE4CArXmLxhfn7lI73XXNz96n1Dxz-6qZ&google_hm=cmg0N2haUlZOdW9jMkNjUGduVEs=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2307
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDUyAVQdIms9JHoc305Hf38&google_cver=1&google_push=ATf1kGNIKh41yi0zlNx_C8vP7BqkhvokYS0dTaI6H4HGTF5nQ9V9To_ZYwLpjhyM6SFjDnh7bz0hE9_md-7iaUgte...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNIKh41yi0zlNx_C8vP7BqkhvokYS0dTaI6H4HGTF5nQ9V9To_ZYwLpjhyM6SFjDnh7bz0hE9_md-7iaUgte-me9eWd9eE&google_hm=Gu2IqGZHYnFXcSmXSU67IRUe
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNIKh41yi0zlNx_C8vP7BqkhvokYS0dTaI6H4HGTF5nQ9V9To_ZYwLpjhyM6SFjDnh7bz0hE9_md-7iaUgte-me9eWd9eE&google_hm=Gu2IqGZHYnFXcSmXSU67IRUe
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 30 May 2023 12:24:31 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNIKh41yi0zlNx_C8vP7BqkhvokYS0dTaI6H4HGTF5nQ9V9To_ZYwLpjhyM6SFjDnh7bz0hE9_md-7iaUgte-me9eWd9eE&google_hm=Gu2IqGZHYnFXcSmXSU67IRUe
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
/
onetag-sys.com/match/ Frame 2307
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAEkagR1pzHPwkF0VmP8v7E&google_cver=1&google_push=ATf1kGOkZo-QuQC0qhRfoIIFCVHlOCZCfZpNGMGUwSkGvdX8qS8E-U7flylMnVEHd4hbOqlwauXrW2V4-pB...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOkZo-QuQC0qhRfoIIFCVHlOCZCfZpNGMGUwSkGvdX8qS8E-U7flylMnVEHd4hbOqlwauXrW2V4-pBWO_2YhKj13SBoZrNaoQ
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 2307 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jhv5JhBpEYdGuH6bNL54azzqSYH8RlcTjxj1DVgLALEKyDLU_Sjq1AMy0JDXGMXO9BzzH_kg
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
privacy_small.svg
static.criteo.net/flash/icon/ Frame 9371 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAIRS0Iu8BXAArzweK8hmwBjiXNbBZxzA&u=%7CxiZKFHmULl8eMeLJxdHHHwy55%2FblVBCs%2FtSojhEi1VM%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4R5eWn7RSgJbxCKfkLuFqDQH0wIbkZS-7qUkuZE5LGb_rxYi-f7HMLEUr4HRyEIakcbNCVcCezNG2759vLFP-m677tO9LkB9Yt6G4E-xLd4UdfbCiePsQ2cTfps9MlX8RG_uTm3r718Wp9C_SghPPJfn2HRI8Ah-PBtAMZVsk43Xb3IQYZvIJodS2GfT-cSj2-9wEf1OPnxeSNK8As76sETEkBeYMCjvtMERMoLEpILQYKkpZy4vz4PBRyx0iPKzrd1TmSO_Ufwl2ylh1D3ooVJiQQ26zKG7mW2qcV9NT7smP5rcRlbEWC6FEYsjn4FtEAHph7Ett6PbJ8OqLCDHWVDfd3lt4lDr8HISNtTh6UArBlXUNJ26b5YuVf-ShyJIs4E95OnbnRKvskpTDG9BdRoCMUs9mIxEG2lb78PrzNHZJz_oknm2rpBH7HGkzMDlMsXWbHW-0qwtPVNl4cjFioUDKA81kpNNtKpgJWToeG5PGVSh4Fz6rdtxZilwctGkwuxM985PzMVBBhVsfjKLNCb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCd1ku_up1ZK2KIdeA7_UPweermAjJntKxXPXalvdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjUz9aPP8LE-4AIAqAMBqgTSAk_QC-1_q3smfUOFpBOnscJvXfViJv8ygsKJTHPH79j3XQfuL0Vp_ucQs-phf-CgLc61m_3mdoObsv5RBccgJNNrJF8IEbC8bVV3b-wjZFNUzCd48uo89uuRx3zkWTlt4DcHXWNF2COkKXIg4LWIaWC6lZoMb6dikAMmixBG2WUOoyTNRjbOU8f55GXXCeDBpBJK7JciyQzesgNWTLt2PhQ3QRsHPtj8exp8s_n4WVCNyi9S-AGnomwCXKO81YHfE23iX0cinKDctHPeM2DB4Ja2sM3Yq871YuBXPCNA_bpgh6kotPMgx9aKs0bzp_yheYmPvVg_RYp8E0KYuaCsHtkm0ThJ--IHdnmfpZEsd8w_P-R_-8bJYXAB9P4knwEOT0_C9kfHQp6d7b_yxVyDj8ZD_sTLTNWSPQUqYgxowpGzYmdMW3VRZAoks0hwoabof98N4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07TLA4312aIGFVC5gADvLkdrUBlw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 May 2024 12:24:31 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 9371 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAIRS0Iu8BXAArzweK8hmwBjiXNbBZxzA&u=%7CxiZKFHmULl8eMeLJxdHHHwy55%2FblVBCs%2FtSojhEi1VM%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4R5eWn7RSgJbxCKfkLuFqDQH0wIbkZS-7qUkuZE5LGb_rxYi-f7HMLEUr4HRyEIakcbNCVcCezNG2759vLFP-m677tO9LkB9Yt6G4E-xLd4UdfbCiePsQ2cTfps9MlX8RG_uTm3r718Wp9C_SghPPJfn2HRI8Ah-PBtAMZVsk43Xb3IQYZvIJodS2GfT-cSj2-9wEf1OPnxeSNK8As76sETEkBeYMCjvtMERMoLEpILQYKkpZy4vz4PBRyx0iPKzrd1TmSO_Ufwl2ylh1D3ooVJiQQ26zKG7mW2qcV9NT7smP5rcRlbEWC6FEYsjn4FtEAHph7Ett6PbJ8OqLCDHWVDfd3lt4lDr8HISNtTh6UArBlXUNJ26b5YuVf-ShyJIs4E95OnbnRKvskpTDG9BdRoCMUs9mIxEG2lb78PrzNHZJz_oknm2rpBH7HGkzMDlMsXWbHW-0qwtPVNl4cjFioUDKA81kpNNtKpgJWToeG5PGVSh4Fz6rdtxZilwctGkwuxM985PzMVBBhVsfjKLNCb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCd1ku_up1ZK2KIdeA7_UPweermAjJntKxXPXalvdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjUz9aPP8LE-4AIAqAMBqgTSAk_QC-1_q3smfUOFpBOnscJvXfViJv8ygsKJTHPH79j3XQfuL0Vp_ucQs-phf-CgLc61m_3mdoObsv5RBccgJNNrJF8IEbC8bVV3b-wjZFNUzCd48uo89uuRx3zkWTlt4DcHXWNF2COkKXIg4LWIaWC6lZoMb6dikAMmixBG2WUOoyTNRjbOU8f55GXXCeDBpBJK7JciyQzesgNWTLt2PhQ3QRsHPtj8exp8s_n4WVCNyi9S-AGnomwCXKO81YHfE23iX0cinKDctHPeM2DB4Ja2sM3Yq871YuBXPCNA_bpgh6kotPMgx9aKs0bzp_yheYmPvVg_RYp8E0KYuaCsHtkm0ThJ--IHdnmfpZEsd8w_P-R_-8bJYXAB9P4knwEOT0_C9kfHQp6d7b_yxVyDj8ZD_sTLTNWSPQUqYgxowpGzYmdMW3VRZAoks0hwoabof98N4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07TLA4312aIGFVC5gADvLkdrUBlw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 May 2024 12:24:31 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 9371 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAIRS0Iu8BXAArzweK8hmwBjiXNbBZxzA&u=%7CxiZKFHmULl8eMeLJxdHHHwy55%2FblVBCs%2FtSojhEi1VM%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4R5eWn7RSgJbxCKfkLuFqDQH0wIbkZS-7qUkuZE5LGb_rxYi-f7HMLEUr4HRyEIakcbNCVcCezNG2759vLFP-m677tO9LkB9Yt6G4E-xLd4UdfbCiePsQ2cTfps9MlX8RG_uTm3r718Wp9C_SghPPJfn2HRI8Ah-PBtAMZVsk43Xb3IQYZvIJodS2GfT-cSj2-9wEf1OPnxeSNK8As76sETEkBeYMCjvtMERMoLEpILQYKkpZy4vz4PBRyx0iPKzrd1TmSO_Ufwl2ylh1D3ooVJiQQ26zKG7mW2qcV9NT7smP5rcRlbEWC6FEYsjn4FtEAHph7Ett6PbJ8OqLCDHWVDfd3lt4lDr8HISNtTh6UArBlXUNJ26b5YuVf-ShyJIs4E95OnbnRKvskpTDG9BdRoCMUs9mIxEG2lb78PrzNHZJz_oknm2rpBH7HGkzMDlMsXWbHW-0qwtPVNl4cjFioUDKA81kpNNtKpgJWToeG5PGVSh4Fz6rdtxZilwctGkwuxM985PzMVBBhVsfjKLNCb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCd1ku_up1ZK2KIdeA7_UPweermAjJntKxXPXalvdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjUz9aPP8LE-4AIAqAMBqgTSAk_QC-1_q3smfUOFpBOnscJvXfViJv8ygsKJTHPH79j3XQfuL0Vp_ucQs-phf-CgLc61m_3mdoObsv5RBccgJNNrJF8IEbC8bVV3b-wjZFNUzCd48uo89uuRx3zkWTlt4DcHXWNF2COkKXIg4LWIaWC6lZoMb6dikAMmixBG2WUOoyTNRjbOU8f55GXXCeDBpBJK7JciyQzesgNWTLt2PhQ3QRsHPtj8exp8s_n4WVCNyi9S-AGnomwCXKO81YHfE23iX0cinKDctHPeM2DB4Ja2sM3Yq871YuBXPCNA_bpgh6kotPMgx9aKs0bzp_yheYmPvVg_RYp8E0KYuaCsHtkm0ThJ--IHdnmfpZEsd8w_P-R_-8bJYXAB9P4knwEOT0_C9kfHQp6d7b_yxVyDj8ZD_sTLTNWSPQUqYgxowpGzYmdMW3VRZAoks0hwoabof98N4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07TLA4312aIGFVC5gADvLkdrUBlw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 24 May 2024 12:24:31 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 9371 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAIRS0Iu8BXAArzweK8hmwBjiXNbBZxzA&u=%7CxiZKFHmULl8eMeLJxdHHHwy55%2FblVBCs%2FtSojhEi1VM%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4R5eWn7RSgJbxCKfkLuFqDQH0wIbkZS-7qUkuZE5LGb_rxYi-f7HMLEUr4HRyEIakcbNCVcCezNG2759vLFP-m677tO9LkB9Yt6G4E-xLd4UdfbCiePsQ2cTfps9MlX8RG_uTm3r718Wp9C_SghPPJfn2HRI8Ah-PBtAMZVsk43Xb3IQYZvIJodS2GfT-cSj2-9wEf1OPnxeSNK8As76sETEkBeYMCjvtMERMoLEpILQYKkpZy4vz4PBRyx0iPKzrd1TmSO_Ufwl2ylh1D3ooVJiQQ26zKG7mW2qcV9NT7smP5rcRlbEWC6FEYsjn4FtEAHph7Ett6PbJ8OqLCDHWVDfd3lt4lDr8HISNtTh6UArBlXUNJ26b5YuVf-ShyJIs4E95OnbnRKvskpTDG9BdRoCMUs9mIxEG2lb78PrzNHZJz_oknm2rpBH7HGkzMDlMsXWbHW-0qwtPVNl4cjFioUDKA81kpNNtKpgJWToeG5PGVSh4Fz6rdtxZilwctGkwuxM985PzMVBBhVsfjKLNCb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCd1ku_up1ZK2KIdeA7_UPweermAjJntKxXPXalvdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjUz9aPP8LE-4AIAqAMBqgTSAk_QC-1_q3smfUOFpBOnscJvXfViJv8ygsKJTHPH79j3XQfuL0Vp_ucQs-phf-CgLc61m_3mdoObsv5RBccgJNNrJF8IEbC8bVV3b-wjZFNUzCd48uo89uuRx3zkWTlt4DcHXWNF2COkKXIg4LWIaWC6lZoMb6dikAMmixBG2WUOoyTNRjbOU8f55GXXCeDBpBJK7JciyQzesgNWTLt2PhQ3QRsHPtj8exp8s_n4WVCNyi9S-AGnomwCXKO81YHfE23iX0cinKDctHPeM2DB4Ja2sM3Yq871YuBXPCNA_bpgh6kotPMgx9aKs0bzp_yheYmPvVg_RYp8E0KYuaCsHtkm0ThJ--IHdnmfpZEsd8w_P-R_-8bJYXAB9P4knwEOT0_C9kfHQp6d7b_yxVyDj8ZD_sTLTNWSPQUqYgxowpGzYmdMW3VRZAoks0hwoabof98N4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07TLA4312aIGFVC5gADvLkdrUBlw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 24 May 2024 12:24:31 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 9371 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=CQqwRFHvvG8HtQ7QDtR4HVttAn7Fu0bm2TSvuv2oBtT0L1ioSj18Ffyf-QKWMOfepPzH2NuUDWtQYmkUiMycVbO9l4VPzK00HL9u4xXmbzAlwJqlSbAfkGuBlqcxJ8XN24v6_hJcF67Y49YzoLjvcZxVx9e4PTVMFk10kFRU6rI8o8-bShY-bLko1cdq1TY-gLKa8Xwmu3pcMqrw6bL9sDcObeORSjq3BKbDXAXA4wJoDTkMyXXK9sRByp3I8vj3HtWOudUPll4OLY9bg1ubL9va1EoP2a9nl65iOWo3dVRpQcDmRkipFhJWkg-27YCYQfTw4w8fSznAqFfnMaquZhfnLxYbXH465yzcHt3RWsMAeb_RlIrfPhex92g28FobniMSqqua0HMVCR2MOMQCJqs8PeNJ4kd_aUHVAuFhjpTsiflY
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAIRS0Iu8BXAArzweK8hmwBjiXNbBZxzA&u=%7CxiZKFHmULl8eMeLJxdHHHwy55%2FblVBCs%2FtSojhEi1VM%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4R5eWn7RSgJbxCKfkLuFqDQH0wIbkZS-7qUkuZE5LGb_rxYi-f7HMLEUr4HRyEIakcbNCVcCezNG2759vLFP-m677tO9LkB9Yt6G4E-xLd4UdfbCiePsQ2cTfps9MlX8RG_uTm3r718Wp9C_SghPPJfn2HRI8Ah-PBtAMZVsk43Xb3IQYZvIJodS2GfT-cSj2-9wEf1OPnxeSNK8As76sETEkBeYMCjvtMERMoLEpILQYKkpZy4vz4PBRyx0iPKzrd1TmSO_Ufwl2ylh1D3ooVJiQQ26zKG7mW2qcV9NT7smP5rcRlbEWC6FEYsjn4FtEAHph7Ett6PbJ8OqLCDHWVDfd3lt4lDr8HISNtTh6UArBlXUNJ26b5YuVf-ShyJIs4E95OnbnRKvskpTDG9BdRoCMUs9mIxEG2lb78PrzNHZJz_oknm2rpBH7HGkzMDlMsXWbHW-0qwtPVNl4cjFioUDKA81kpNNtKpgJWToeG5PGVSh4Fz6rdtxZilwctGkwuxM985PzMVBBhVsfjKLNCb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCd1ku_up1ZK2KIdeA7_UPweermAjJntKxXPXalvdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjUz9aPP8LE-4AIAqAMBqgTSAk_QC-1_q3smfUOFpBOnscJvXfViJv8ygsKJTHPH79j3XQfuL0Vp_ucQs-phf-CgLc61m_3mdoObsv5RBccgJNNrJF8IEbC8bVV3b-wjZFNUzCd48uo89uuRx3zkWTlt4DcHXWNF2COkKXIg4LWIaWC6lZoMb6dikAMmixBG2WUOoyTNRjbOU8f55GXXCeDBpBJK7JciyQzesgNWTLt2PhQ3QRsHPtj8exp8s_n4WVCNyi9S-AGnomwCXKO81YHfE23iX0cinKDctHPeM2DB4Ja2sM3Yq871YuBXPCNA_bpgh6kotPMgx9aKs0bzp_yheYmPvVg_RYp8E0KYuaCsHtkm0ThJ--IHdnmfpZEsd8w_P-R_-8bJYXAB9P4knwEOT0_C9kfHQp6d7b_yxVyDj8ZD_sTLTNWSPQUqYgxowpGzYmdMW3VRZAoks0hwoabof98N4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07TLA4312aIGFVC5gADvLkdrUBlw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:30 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2534315
expires
Mon, 26 Jul 1997 05:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0C69 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305250101&jk=1459908131487426&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
pagead2.googlesyndication.com/bg/ Frame A845 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 09:37:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
10045
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14660
x-xss-protection
0
last-modified
Mon, 22 May 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 May 2024 09:37:06 GMT
suurl4.php
youradexchange.com/script/ Frame FDF1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=4827899&chmob=%3F0&cbur=0.5284708753786052&cbiframe=1&cbWidth=1060&cbHeight=484&cbtitle=&cbpage=https%3A%2F%2Fdalbouh.xyz%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=velocitycdn.com&aggr=0&ts=1685449471190
Requested by
Host: velocitycdn.com
URL: https://velocitycdn.com/script/asset.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8b25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.sportsonline.sx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTIe4WFbvx6CX1OgpluOeu5BJSkCRzOA0DZIQHzyqqgRudEGP6TGtiZNICagy3W8ci1%2FYONjW63fPMwEYEWuxrbJrHZmMcFHBCU3Zm0TjyO%2BjGHW0Qk9pZnkUtvlWkBtgLOQxKtI%2F9flPtIzldoxALo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7cf6f45b58ba37f8-FRA
alt-svc
h3=":443"; ma=86400
awcg463b
8gr9m8yqc15wvk.opposepresent.net/embed/ Frame 94B0 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8gr9m8yqc15wvk.opposepresent.net/embed/awcg463b
Requested by
Host: v3.sportsonline.sx
URL: https://v3.sportsonline.sx/channels/hd/hd2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.70.33 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cc85fc172bceeb36905c517abe98d47ff02bc00e73189c5e5137d687bacbe78

Request headers

Referer
https://v3.sportsonline.sx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7cf6f45b5a2003cd-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 30 May 2023 12:24:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GEMddDSIGOG1wMzxDqCVP3l%2BYmc%2FAinEn%2FWe51HbA3otpYbVp6x0vb9MC4nyz0pLcy7Al7Zk5w%2FMS9A20np6FDy7BCnsfW6yLC9lbgAEXlbpzWUCqO6CCJU0lT%2Bl1tDKQv4zQVMylqHKiHciF%2BdqKpRsrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
js15_as.js
s10.histats.com/ Frame FDF1 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: v3.sportsonline.sx
URL: https://v3.sportsonline.sx/channels/hd/hd2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.sportsonline.sx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
70014
etag
W/"5e983700-2cb0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=28800
cf-ray
7cf6f45b58962c4a-FRA
img
imageproxy.eu.criteo.net/img/ Frame 3088 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=87930&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F87930%2F221205%2Fa598dd089dcf4240a7a55c9071884fdb_download.png&v=3&w=196&s=UIeb3p7dC4BTuF-F3CAfwAkj
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAHELYIu88AAAFymVTmwbj6tazh-dZDPQ&u=%7CxiZKFHmULl9pB%2FWx1kArvOe2Y5WZUfsucSh1KvVgN5w%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4SSIM1uLI95CKOarvqzGH4ByNrjFbjJLTqeCHq7eE7vL1AhROuEo3n8E6T4WvGed6geOnFam5vK2_fUu-I6siexkyj9SwCOhrfLioHDIq1uFL6Nv93CTof204CO9TvPzTZtv65199HYbHA7jZSY91KEUtCg1__roeW2YYWkxru29IoG7dRsTryfVSs7DQrn5JdACy15MFIFucdwoAfPeNCa8u1f2obdxZamwnVi_sNuKWYUO7GtD2Jgp1f40yrw4VBDinohqVOPY5ZGRcwe9WOLcBpSm-LpYyNQbufFKGdidvgIYLpa3g6K-LHMeGdV5R-8fPsaTID34WUYJMar_ZxetYekUuHXlnWJ7ecu2hT3ZFkkX4Nmw_V3DQxopSZQVuyDes7idkvd29APZH9clhmPxYTkjPPvGEGz3ehDo7zda-Ly4_NmirKmwi8XFbfcfMMaJXrraqaueChkUw41yZzq52F8McfgBGQi7dmUy9gbF8MoeAnM8-H2NpHUTiems0XonxVIayxeAQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaau7_up1ZLahHICe7_UPmeWFqATJntKxXL2Ol_dwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAikNNiGa7rE-4AIAqAMBqgTMAk_QbFIoACkWXwoQi_EgsaTSYakrfatBaAGeCkzqN4DqY1FEfflWgSPj7p8U0VBFQb2PpvgPRaL45OLgaikr8aIgkBw0PrtYnLc6l2gXvNjhbo2JyhGAJzLaEawXthT0i-WIry62hZlbM-PHrRlITBM2tty6H5GSNLTrTo0QCVpOUlJt8f3784T0BVCrX8yrFnLergmf6e3dOHeLPUHCRjMT7yHZvg8J_DMWPK9-8oC-tq6KHTmUOJ-ekJzDv6RKpRFPiHXMPfipgD-p96UeaUmi0eMTMTQmtAHee1qYyPwgj7XrdR5-zRAfrrzo2OEnOtL7iQGprSdyVK6MuAijJA39tNUlvmNNvLgdp5AbkQkURKkRvl9mS7pDM96D0Umw13RZKECzMr18Ciecll1I-uYTmsRaGNT8vqaPdW57H8x6M2Qt7qXszCUncMDy4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lJJFnFrDC-DBm9XaUVa-2Ngrb8w%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1a25c109fabd28f417063371b2d6e9819189f218a66747a51a8d28ae40af5d0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
5854
expires
Fri, 17 May 2024 06:53:39 GMT
img
imageproxy.eu.criteo.net/img/ Frame 3088 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=87930&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F87930%2F230316%2F52ad8c7b758b44a98473fdcf46ba82ed_img_horizontal_3.jpg&v=3&w=1200&s=kbJo3xZT21kBhmYGXy1wSTBL
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAHELYIu88AAAFymVTmwbj6tazh-dZDPQ&u=%7CxiZKFHmULl9pB%2FWx1kArvOe2Y5WZUfsucSh1KvVgN5w%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4SSIM1uLI95CKOarvqzGH4ByNrjFbjJLTqeCHq7eE7vL1AhROuEo3n8E6T4WvGed6geOnFam5vK2_fUu-I6siexkyj9SwCOhrfLioHDIq1uFL6Nv93CTof204CO9TvPzTZtv65199HYbHA7jZSY91KEUtCg1__roeW2YYWkxru29IoG7dRsTryfVSs7DQrn5JdACy15MFIFucdwoAfPeNCa8u1f2obdxZamwnVi_sNuKWYUO7GtD2Jgp1f40yrw4VBDinohqVOPY5ZGRcwe9WOLcBpSm-LpYyNQbufFKGdidvgIYLpa3g6K-LHMeGdV5R-8fPsaTID34WUYJMar_ZxetYekUuHXlnWJ7ecu2hT3ZFkkX4Nmw_V3DQxopSZQVuyDes7idkvd29APZH9clhmPxYTkjPPvGEGz3ehDo7zda-Ly4_NmirKmwi8XFbfcfMMaJXrraqaueChkUw41yZzq52F8McfgBGQi7dmUy9gbF8MoeAnM8-H2NpHUTiems0XonxVIayxeAQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaau7_up1ZLahHICe7_UPmeWFqATJntKxXL2Ol_dwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAikNNiGa7rE-4AIAqAMBqgTMAk_QbFIoACkWXwoQi_EgsaTSYakrfatBaAGeCkzqN4DqY1FEfflWgSPj7p8U0VBFQb2PpvgPRaL45OLgaikr8aIgkBw0PrtYnLc6l2gXvNjhbo2JyhGAJzLaEawXthT0i-WIry62hZlbM-PHrRlITBM2tty6H5GSNLTrTo0QCVpOUlJt8f3784T0BVCrX8yrFnLergmf6e3dOHeLPUHCRjMT7yHZvg8J_DMWPK9-8oC-tq6KHTmUOJ-ekJzDv6RKpRFPiHXMPfipgD-p96UeaUmi0eMTMTQmtAHee1qYyPwgj7XrdR5-zRAfrrzo2OEnOtL7iQGprSdyVK6MuAijJA39tNUlvmNNvLgdp5AbkQkURKkRvl9mS7pDM96D0Umw13RZKECzMr18Ciecll1I-uYTmsRaGNT8vqaPdW57H8x6M2Qt7qXszCUncMDy4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lJJFnFrDC-DBm9XaUVa-2Ngrb8w%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
27fdcff158fd7bcae8892ebdd7952e97f68f3d094222f3b2517bdacdee5d2fc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
111946
expires
Sat, 18 May 2024 07:05:15 GMT
img
imageproxy.eu.criteo.net/img/ Frame 3088 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=87930&q=80&r=0&u=https%3A%2F%2Fwww.11teamsports.com%2Fde-de%2FData%2FImages%2FBig%2Fadidas-copa-pure-3-tf-kids-schwarz-grau-gy9038-fussballschuh_right_out.jpg&v=3&w=400&s=kAvXxQp0nkTdWREUs1mRnCdF&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAHELYIu88AAAFymVTmwbj6tazh-dZDPQ&u=%7CxiZKFHmULl9pB%2FWx1kArvOe2Y5WZUfsucSh1KvVgN5w%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4SSIM1uLI95CKOarvqzGH4ByNrjFbjJLTqeCHq7eE7vL1AhROuEo3n8E6T4WvGed6geOnFam5vK2_fUu-I6siexkyj9SwCOhrfLioHDIq1uFL6Nv93CTof204CO9TvPzTZtv65199HYbHA7jZSY91KEUtCg1__roeW2YYWkxru29IoG7dRsTryfVSs7DQrn5JdACy15MFIFucdwoAfPeNCa8u1f2obdxZamwnVi_sNuKWYUO7GtD2Jgp1f40yrw4VBDinohqVOPY5ZGRcwe9WOLcBpSm-LpYyNQbufFKGdidvgIYLpa3g6K-LHMeGdV5R-8fPsaTID34WUYJMar_ZxetYekUuHXlnWJ7ecu2hT3ZFkkX4Nmw_V3DQxopSZQVuyDes7idkvd29APZH9clhmPxYTkjPPvGEGz3ehDo7zda-Ly4_NmirKmwi8XFbfcfMMaJXrraqaueChkUw41yZzq52F8McfgBGQi7dmUy9gbF8MoeAnM8-H2NpHUTiems0XonxVIayxeAQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaau7_up1ZLahHICe7_UPmeWFqATJntKxXL2Ol_dwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAikNNiGa7rE-4AIAqAMBqgTMAk_QbFIoACkWXwoQi_EgsaTSYakrfatBaAGeCkzqN4DqY1FEfflWgSPj7p8U0VBFQb2PpvgPRaL45OLgaikr8aIgkBw0PrtYnLc6l2gXvNjhbo2JyhGAJzLaEawXthT0i-WIry62hZlbM-PHrRlITBM2tty6H5GSNLTrTo0QCVpOUlJt8f3784T0BVCrX8yrFnLergmf6e3dOHeLPUHCRjMT7yHZvg8J_DMWPK9-8oC-tq6KHTmUOJ-ekJzDv6RKpRFPiHXMPfipgD-p96UeaUmi0eMTMTQmtAHee1qYyPwgj7XrdR5-zRAfrrzo2OEnOtL7iQGprSdyVK6MuAijJA39tNUlvmNNvLgdp5AbkQkURKkRvl9mS7pDM96D0Umw13RZKECzMr18Ciecll1I-uYTmsRaGNT8vqaPdW57H8x6M2Qt7qXszCUncMDy4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lJJFnFrDC-DBm9XaUVa-2Ngrb8w%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
98d8f2bbd895433aa005561d4b8cee089fb0d88649db870427a5751e56d44e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
7526
expires
Thu, 16 May 2024 03:47:57 GMT
img
imageproxy.eu.criteo.net/img/ Frame 3088 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=87930&q=80&r=0&u=https%3A%2F%2Fwww.11teamsports.com%2Fde-de%2FData%2FImages%2FBig%2Fadidas-copa-pure-3-fg-schwarz-weiss-pink-hq8942-fussballschuh_right_out.jpg&v=3&w=400&s=nvNGgPfiHnypUA8c8dxl2FmX&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAHELYIu88AAAFymVTmwbj6tazh-dZDPQ&u=%7CxiZKFHmULl9pB%2FWx1kArvOe2Y5WZUfsucSh1KvVgN5w%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4SSIM1uLI95CKOarvqzGH4ByNrjFbjJLTqeCHq7eE7vL1AhROuEo3n8E6T4WvGed6geOnFam5vK2_fUu-I6siexkyj9SwCOhrfLioHDIq1uFL6Nv93CTof204CO9TvPzTZtv65199HYbHA7jZSY91KEUtCg1__roeW2YYWkxru29IoG7dRsTryfVSs7DQrn5JdACy15MFIFucdwoAfPeNCa8u1f2obdxZamwnVi_sNuKWYUO7GtD2Jgp1f40yrw4VBDinohqVOPY5ZGRcwe9WOLcBpSm-LpYyNQbufFKGdidvgIYLpa3g6K-LHMeGdV5R-8fPsaTID34WUYJMar_ZxetYekUuHXlnWJ7ecu2hT3ZFkkX4Nmw_V3DQxopSZQVuyDes7idkvd29APZH9clhmPxYTkjPPvGEGz3ehDo7zda-Ly4_NmirKmwi8XFbfcfMMaJXrraqaueChkUw41yZzq52F8McfgBGQi7dmUy9gbF8MoeAnM8-H2NpHUTiems0XonxVIayxeAQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaau7_up1ZLahHICe7_UPmeWFqATJntKxXL2Ol_dwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAikNNiGa7rE-4AIAqAMBqgTMAk_QbFIoACkWXwoQi_EgsaTSYakrfatBaAGeCkzqN4DqY1FEfflWgSPj7p8U0VBFQb2PpvgPRaL45OLgaikr8aIgkBw0PrtYnLc6l2gXvNjhbo2JyhGAJzLaEawXthT0i-WIry62hZlbM-PHrRlITBM2tty6H5GSNLTrTo0QCVpOUlJt8f3784T0BVCrX8yrFnLergmf6e3dOHeLPUHCRjMT7yHZvg8J_DMWPK9-8oC-tq6KHTmUOJ-ekJzDv6RKpRFPiHXMPfipgD-p96UeaUmi0eMTMTQmtAHee1qYyPwgj7XrdR5-zRAfrrzo2OEnOtL7iQGprSdyVK6MuAijJA39tNUlvmNNvLgdp5AbkQkURKkRvl9mS7pDM96D0Umw13RZKECzMr18Ciecll1I-uYTmsRaGNT8vqaPdW57H8x6M2Qt7qXszCUncMDy4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lJJFnFrDC-DBm9XaUVa-2Ngrb8w%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0e129a1d02af54d402629181c5a4ea2535dbbea1470a80da3c2f11f854818592
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
6116
expires
Wed, 15 May 2024 03:52:00 GMT
img
imageproxy.eu.criteo.net/img/ Frame 3088 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=87930&q=80&r=0&u=https%3A%2F%2Fwww.11teamsports.com%2Fde-de%2FData%2FImages%2FBig%2Fadidas-predator-accuracy-3-ll-fg-schwarz-weiss-gw4597-fussballschuh_right_out.jpg&v=3&w=400&s=FywwJuhKM3Rjo_nxHfIMK_xM&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAHELYIu88AAAFymVTmwbj6tazh-dZDPQ&u=%7CxiZKFHmULl9pB%2FWx1kArvOe2Y5WZUfsucSh1KvVgN5w%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4SSIM1uLI95CKOarvqzGH4ByNrjFbjJLTqeCHq7eE7vL1AhROuEo3n8E6T4WvGed6geOnFam5vK2_fUu-I6siexkyj9SwCOhrfLioHDIq1uFL6Nv93CTof204CO9TvPzTZtv65199HYbHA7jZSY91KEUtCg1__roeW2YYWkxru29IoG7dRsTryfVSs7DQrn5JdACy15MFIFucdwoAfPeNCa8u1f2obdxZamwnVi_sNuKWYUO7GtD2Jgp1f40yrw4VBDinohqVOPY5ZGRcwe9WOLcBpSm-LpYyNQbufFKGdidvgIYLpa3g6K-LHMeGdV5R-8fPsaTID34WUYJMar_ZxetYekUuHXlnWJ7ecu2hT3ZFkkX4Nmw_V3DQxopSZQVuyDes7idkvd29APZH9clhmPxYTkjPPvGEGz3ehDo7zda-Ly4_NmirKmwi8XFbfcfMMaJXrraqaueChkUw41yZzq52F8McfgBGQi7dmUy9gbF8MoeAnM8-H2NpHUTiems0XonxVIayxeAQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaau7_up1ZLahHICe7_UPmeWFqATJntKxXL2Ol_dwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAikNNiGa7rE-4AIAqAMBqgTMAk_QbFIoACkWXwoQi_EgsaTSYakrfatBaAGeCkzqN4DqY1FEfflWgSPj7p8U0VBFQb2PpvgPRaL45OLgaikr8aIgkBw0PrtYnLc6l2gXvNjhbo2JyhGAJzLaEawXthT0i-WIry62hZlbM-PHrRlITBM2tty6H5GSNLTrTo0QCVpOUlJt8f3784T0BVCrX8yrFnLergmf6e3dOHeLPUHCRjMT7yHZvg8J_DMWPK9-8oC-tq6KHTmUOJ-ekJzDv6RKpRFPiHXMPfipgD-p96UeaUmi0eMTMTQmtAHee1qYyPwgj7XrdR5-zRAfrrzo2OEnOtL7iQGprSdyVK6MuAijJA39tNUlvmNNvLgdp5AbkQkURKkRvl9mS7pDM96D0Umw13RZKECzMr18Ciecll1I-uYTmsRaGNT8vqaPdW57H8x6M2Qt7qXszCUncMDy4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lJJFnFrDC-DBm9XaUVa-2Ngrb8w%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
138bbeec71d389fe5deb41a9a16918c06f5dfdd8b921cf01cc3dab84630f7029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
8806
expires
Thu, 16 May 2024 06:39:05 GMT
img
imageproxy.eu.criteo.net/img/ Frame 3088 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=87930&q=80&r=0&u=https%3A%2F%2Fwww.11teamsports.com%2Fde-de%2FData%2FImages%2FBig%2Fadidas-predator-com-torwarthandschuhe-schwarz-hn3342-equipment_front.jpg&v=3&w=400&s=YRORh0yEhx6mCHfxsYVTK_24&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAHELYIu88AAAFymVTmwbj6tazh-dZDPQ&u=%7CxiZKFHmULl9pB%2FWx1kArvOe2Y5WZUfsucSh1KvVgN5w%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4SSIM1uLI95CKOarvqzGH4ByNrjFbjJLTqeCHq7eE7vL1AhROuEo3n8E6T4WvGed6geOnFam5vK2_fUu-I6siexkyj9SwCOhrfLioHDIq1uFL6Nv93CTof204CO9TvPzTZtv65199HYbHA7jZSY91KEUtCg1__roeW2YYWkxru29IoG7dRsTryfVSs7DQrn5JdACy15MFIFucdwoAfPeNCa8u1f2obdxZamwnVi_sNuKWYUO7GtD2Jgp1f40yrw4VBDinohqVOPY5ZGRcwe9WOLcBpSm-LpYyNQbufFKGdidvgIYLpa3g6K-LHMeGdV5R-8fPsaTID34WUYJMar_ZxetYekUuHXlnWJ7ecu2hT3ZFkkX4Nmw_V3DQxopSZQVuyDes7idkvd29APZH9clhmPxYTkjPPvGEGz3ehDo7zda-Ly4_NmirKmwi8XFbfcfMMaJXrraqaueChkUw41yZzq52F8McfgBGQi7dmUy9gbF8MoeAnM8-H2NpHUTiems0XonxVIayxeAQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaau7_up1ZLahHICe7_UPmeWFqATJntKxXL2Ol_dwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAikNNiGa7rE-4AIAqAMBqgTMAk_QbFIoACkWXwoQi_EgsaTSYakrfatBaAGeCkzqN4DqY1FEfflWgSPj7p8U0VBFQb2PpvgPRaL45OLgaikr8aIgkBw0PrtYnLc6l2gXvNjhbo2JyhGAJzLaEawXthT0i-WIry62hZlbM-PHrRlITBM2tty6H5GSNLTrTo0QCVpOUlJt8f3784T0BVCrX8yrFnLergmf6e3dOHeLPUHCRjMT7yHZvg8J_DMWPK9-8oC-tq6KHTmUOJ-ekJzDv6RKpRFPiHXMPfipgD-p96UeaUmi0eMTMTQmtAHee1qYyPwgj7XrdR5-zRAfrrzo2OEnOtL7iQGprSdyVK6MuAijJA39tNUlvmNNvLgdp5AbkQkURKkRvl9mS7pDM96D0Umw13RZKECzMr18Ciecll1I-uYTmsRaGNT8vqaPdW57H8x6M2Qt7qXszCUncMDy4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lJJFnFrDC-DBm9XaUVa-2Ngrb8w%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6a4cd4cc0611b7e185314511bdf771b4a928136d04b427562107bb50003b2415
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
13174
expires
Tue, 30 Apr 2024 06:56:43 GMT
all
csm.eu.criteo.net/ Frame 3088 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=DLJSh5QXNarbvS9ywdvMbIpayi99NFAMRsCBewlEoyEmJwpJtdneR4fg-OI7uHnuz5i7AAxnn5VW6DXYd_g7LVOJfNP91LSJ9sC-fgAdnfv_TZJv23kZeG3o0aKfJPuJkrmxF_glovkRijTwqTIkS9Da3L8wEQkIVEmQ1P6ZB_9wpxvBA2AIQ4gHPOHFEQKT33k2xVLMfmHGalp1ITh3Xm6AuFiycQifbfvcERnr9tHfljDEDSGqJvhQQKNuVNTsNWBAaQ&sds=2&rev=86437.3&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAHELYIu88AAAFymVTmwbj6tazh-dZDPQ&u=%7CxiZKFHmULl9pB%2FWx1kArvOe2Y5WZUfsucSh1KvVgN5w%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4SSIM1uLI95CKOarvqzGH4ByNrjFbjJLTqeCHq7eE7vL1AhROuEo3n8E6T4WvGed6geOnFam5vK2_fUu-I6siexkyj9SwCOhrfLioHDIq1uFL6Nv93CTof204CO9TvPzTZtv65199HYbHA7jZSY91KEUtCg1__roeW2YYWkxru29IoG7dRsTryfVSs7DQrn5JdACy15MFIFucdwoAfPeNCa8u1f2obdxZamwnVi_sNuKWYUO7GtD2Jgp1f40yrw4VBDinohqVOPY5ZGRcwe9WOLcBpSm-LpYyNQbufFKGdidvgIYLpa3g6K-LHMeGdV5R-8fPsaTID34WUYJMar_ZxetYekUuHXlnWJ7ecu2hT3ZFkkX4Nmw_V3DQxopSZQVuyDes7idkvd29APZH9clhmPxYTkjPPvGEGz3ehDo7zda-Ly4_NmirKmwi8XFbfcfMMaJXrraqaueChkUw41yZzq52F8McfgBGQi7dmUy9gbF8MoeAnM8-H2NpHUTiems0XonxVIayxeAQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaau7_up1ZLahHICe7_UPmeWFqATJntKxXL2Ol_dwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAikNNiGa7rE-4AIAqAMBqgTMAk_QbFIoACkWXwoQi_EgsaTSYakrfatBaAGeCkzqN4DqY1FEfflWgSPj7p8U0VBFQb2PpvgPRaL45OLgaikr8aIgkBw0PrtYnLc6l2gXvNjhbo2JyhGAJzLaEawXthT0i-WIry62hZlbM-PHrRlITBM2tty6H5GSNLTrTo0QCVpOUlJt8f3784T0BVCrX8yrFnLergmf6e3dOHeLPUHCRjMT7yHZvg8J_DMWPK9-8oC-tq6KHTmUOJ-ekJzDv6RKpRFPiHXMPfipgD-p96UeaUmi0eMTMTQmtAHee1qYyPwgj7XrdR5-zRAfrrzo2OEnOtL7iQGprSdyVK6MuAijJA39tNUlvmNNvLgdp5AbkQkURKkRvl9mS7pDM96D0Umw13RZKECzMr18Ciecll1I-uYTmsRaGNT8vqaPdW57H8x6M2Qt7qXszCUncMDy4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lJJFnFrDC-DBm9XaUVa-2Ngrb8w%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 30 May 2023 12:24:30 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3088 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAHELYIu88AAAFymVTmwbj6tazh-dZDPQ&u=%7CxiZKFHmULl9pB%2FWx1kArvOe2Y5WZUfsucSh1KvVgN5w%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4SSIM1uLI95CKOarvqzGH4ByNrjFbjJLTqeCHq7eE7vL1AhROuEo3n8E6T4WvGed6geOnFam5vK2_fUu-I6siexkyj9SwCOhrfLioHDIq1uFL6Nv93CTof204CO9TvPzTZtv65199HYbHA7jZSY91KEUtCg1__roeW2YYWkxru29IoG7dRsTryfVSs7DQrn5JdACy15MFIFucdwoAfPeNCa8u1f2obdxZamwnVi_sNuKWYUO7GtD2Jgp1f40yrw4VBDinohqVOPY5ZGRcwe9WOLcBpSm-LpYyNQbufFKGdidvgIYLpa3g6K-LHMeGdV5R-8fPsaTID34WUYJMar_ZxetYekUuHXlnWJ7ecu2hT3ZFkkX4Nmw_V3DQxopSZQVuyDes7idkvd29APZH9clhmPxYTkjPPvGEGz3ehDo7zda-Ly4_NmirKmwi8XFbfcfMMaJXrraqaueChkUw41yZzq52F8McfgBGQi7dmUy9gbF8MoeAnM8-H2NpHUTiems0XonxVIayxeAQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaau7_up1ZLahHICe7_UPmeWFqATJntKxXL2Ol_dwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAikNNiGa7rE-4AIAqAMBqgTMAk_QbFIoACkWXwoQi_EgsaTSYakrfatBaAGeCkzqN4DqY1FEfflWgSPj7p8U0VBFQb2PpvgPRaL45OLgaikr8aIgkBw0PrtYnLc6l2gXvNjhbo2JyhGAJzLaEawXthT0i-WIry62hZlbM-PHrRlITBM2tty6H5GSNLTrTo0QCVpOUlJt8f3784T0BVCrX8yrFnLergmf6e3dOHeLPUHCRjMT7yHZvg8J_DMWPK9-8oC-tq6KHTmUOJ-ekJzDv6RKpRFPiHXMPfipgD-p96UeaUmi0eMTMTQmtAHee1qYyPwgj7XrdR5-zRAfrrzo2OEnOtL7iQGprSdyVK6MuAijJA39tNUlvmNNvLgdp5AbkQkURKkRvl9mS7pDM96D0Umw13RZKECzMr18Ciecll1I-uYTmsRaGNT8vqaPdW57H8x6M2Qt7qXszCUncMDy4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lJJFnFrDC-DBm9XaUVa-2Ngrb8w%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 May 2024 12:24:31 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 3088 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAHELYIu88AAAFymVTmwbj6tazh-dZDPQ&u=%7CxiZKFHmULl9pB%2FWx1kArvOe2Y5WZUfsucSh1KvVgN5w%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4SSIM1uLI95CKOarvqzGH4ByNrjFbjJLTqeCHq7eE7vL1AhROuEo3n8E6T4WvGed6geOnFam5vK2_fUu-I6siexkyj9SwCOhrfLioHDIq1uFL6Nv93CTof204CO9TvPzTZtv65199HYbHA7jZSY91KEUtCg1__roeW2YYWkxru29IoG7dRsTryfVSs7DQrn5JdACy15MFIFucdwoAfPeNCa8u1f2obdxZamwnVi_sNuKWYUO7GtD2Jgp1f40yrw4VBDinohqVOPY5ZGRcwe9WOLcBpSm-LpYyNQbufFKGdidvgIYLpa3g6K-LHMeGdV5R-8fPsaTID34WUYJMar_ZxetYekUuHXlnWJ7ecu2hT3ZFkkX4Nmw_V3DQxopSZQVuyDes7idkvd29APZH9clhmPxYTkjPPvGEGz3ehDo7zda-Ly4_NmirKmwi8XFbfcfMMaJXrraqaueChkUw41yZzq52F8McfgBGQi7dmUy9gbF8MoeAnM8-H2NpHUTiems0XonxVIayxeAQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaau7_up1ZLahHICe7_UPmeWFqATJntKxXL2Ol_dwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAikNNiGa7rE-4AIAqAMBqgTMAk_QbFIoACkWXwoQi_EgsaTSYakrfatBaAGeCkzqN4DqY1FEfflWgSPj7p8U0VBFQb2PpvgPRaL45OLgaikr8aIgkBw0PrtYnLc6l2gXvNjhbo2JyhGAJzLaEawXthT0i-WIry62hZlbM-PHrRlITBM2tty6H5GSNLTrTo0QCVpOUlJt8f3784T0BVCrX8yrFnLergmf6e3dOHeLPUHCRjMT7yHZvg8J_DMWPK9-8oC-tq6KHTmUOJ-ekJzDv6RKpRFPiHXMPfipgD-p96UeaUmi0eMTMTQmtAHee1qYyPwgj7XrdR5-zRAfrrzo2OEnOtL7iQGprSdyVK6MuAijJA39tNUlvmNNvLgdp5AbkQkURKkRvl9mS7pDM96D0Umw13RZKECzMr18Ciecll1I-uYTmsRaGNT8vqaPdW57H8x6M2Qt7qXszCUncMDy4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lJJFnFrDC-DBm9XaUVa-2Ngrb8w%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 May 2024 12:24:31 GMT
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 30 May 2023 12:24:31 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
626268
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Gv0tgYqbkkgHo1pzkSC68nL0XGjfUBAc6S%2Fxfa2ap7gdAGdqgIN9oANwU4KzJfODHTgpzDRnEemOR3q6FqPo%2Bts1WYTRCvuv1hiFRlL6bUDuqXKOcsiMKfNZuINOGVpLShPQL%2FuAzzoQ4kB"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7cf6f45b58852be2-FRA
animejs.js
static.criteo.net/animejs/ Frame 9371 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAIRS0Iu8BXAArzweK8hmwBjiXNbBZxzA&u=%7CxiZKFHmULl8eMeLJxdHHHwy55%2FblVBCs%2FtSojhEi1VM%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4R5eWn7RSgJbxCKfkLuFqDQH0wIbkZS-7qUkuZE5LGb_rxYi-f7HMLEUr4HRyEIakcbNCVcCezNG2759vLFP-m677tO9LkB9Yt6G4E-xLd4UdfbCiePsQ2cTfps9MlX8RG_uTm3r718Wp9C_SghPPJfn2HRI8Ah-PBtAMZVsk43Xb3IQYZvIJodS2GfT-cSj2-9wEf1OPnxeSNK8As76sETEkBeYMCjvtMERMoLEpILQYKkpZy4vz4PBRyx0iPKzrd1TmSO_Ufwl2ylh1D3ooVJiQQ26zKG7mW2qcV9NT7smP5rcRlbEWC6FEYsjn4FtEAHph7Ett6PbJ8OqLCDHWVDfd3lt4lDr8HISNtTh6UArBlXUNJ26b5YuVf-ShyJIs4E95OnbnRKvskpTDG9BdRoCMUs9mIxEG2lb78PrzNHZJz_oknm2rpBH7HGkzMDlMsXWbHW-0qwtPVNl4cjFioUDKA81kpNNtKpgJWToeG5PGVSh4Fz6rdtxZilwctGkwuxM985PzMVBBhVsfjKLNCb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCd1ku_up1ZK2KIdeA7_UPweermAjJntKxXPXalvdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjUz9aPP8LE-4AIAqAMBqgTSAk_QC-1_q3smfUOFpBOnscJvXfViJv8ygsKJTHPH79j3XQfuL0Vp_ucQs-phf-CgLc61m_3mdoObsv5RBccgJNNrJF8IEbC8bVV3b-wjZFNUzCd48uo89uuRx3zkWTlt4DcHXWNF2COkKXIg4LWIaWC6lZoMb6dikAMmixBG2WUOoyTNRjbOU8f55GXXCeDBpBJK7JciyQzesgNWTLt2PhQ3QRsHPtj8exp8s_n4WVCNyi9S-AGnomwCXKO81YHfE23iX0cinKDctHPeM2DB4Ja2sM3Yq871YuBXPCNA_bpgh6kotPMgx9aKs0bzp_yheYmPvVg_RYp8E0KYuaCsHtkm0ThJ--IHdnmfpZEsd8w_P-R_-8bJYXAB9P4knwEOT0_C9kfHQp6d7b_yxVyDj8ZD_sTLTNWSPQUqYgxowpGzYmdMW3VRZAoks0hwoabof98N4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07TLA4312aIGFVC5gADvLkdrUBlw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 May 2024 12:24:31 GMT
4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 2CD3 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 19:19:28 GMT
x-content-type-options
nosniff
age
579903
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21360
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 May 2024 19:19:28 GMT
truncated
/ Frame 3AC0 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69513486476f788c93edd1b16f09d7b67f812bb43b5402e3bb74adf402523c59

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
img
imageproxy.eu.criteo.net/img/ Frame 9371 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=87930&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F87930%2F221205%2Fa598dd089dcf4240a7a55c9071884fdb_download.png&v=3&w=196&s=UIeb3p7dC4BTuF-F3CAfwAkj
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAIRS0Iu8BXAArzweK8hmwBjiXNbBZxzA&u=%7CxiZKFHmULl8eMeLJxdHHHwy55%2FblVBCs%2FtSojhEi1VM%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4R5eWn7RSgJbxCKfkLuFqDQH0wIbkZS-7qUkuZE5LGb_rxYi-f7HMLEUr4HRyEIakcbNCVcCezNG2759vLFP-m677tO9LkB9Yt6G4E-xLd4UdfbCiePsQ2cTfps9MlX8RG_uTm3r718Wp9C_SghPPJfn2HRI8Ah-PBtAMZVsk43Xb3IQYZvIJodS2GfT-cSj2-9wEf1OPnxeSNK8As76sETEkBeYMCjvtMERMoLEpILQYKkpZy4vz4PBRyx0iPKzrd1TmSO_Ufwl2ylh1D3ooVJiQQ26zKG7mW2qcV9NT7smP5rcRlbEWC6FEYsjn4FtEAHph7Ett6PbJ8OqLCDHWVDfd3lt4lDr8HISNtTh6UArBlXUNJ26b5YuVf-ShyJIs4E95OnbnRKvskpTDG9BdRoCMUs9mIxEG2lb78PrzNHZJz_oknm2rpBH7HGkzMDlMsXWbHW-0qwtPVNl4cjFioUDKA81kpNNtKpgJWToeG5PGVSh4Fz6rdtxZilwctGkwuxM985PzMVBBhVsfjKLNCb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCd1ku_up1ZK2KIdeA7_UPweermAjJntKxXPXalvdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjUz9aPP8LE-4AIAqAMBqgTSAk_QC-1_q3smfUOFpBOnscJvXfViJv8ygsKJTHPH79j3XQfuL0Vp_ucQs-phf-CgLc61m_3mdoObsv5RBccgJNNrJF8IEbC8bVV3b-wjZFNUzCd48uo89uuRx3zkWTlt4DcHXWNF2COkKXIg4LWIaWC6lZoMb6dikAMmixBG2WUOoyTNRjbOU8f55GXXCeDBpBJK7JciyQzesgNWTLt2PhQ3QRsHPtj8exp8s_n4WVCNyi9S-AGnomwCXKO81YHfE23iX0cinKDctHPeM2DB4Ja2sM3Yq871YuBXPCNA_bpgh6kotPMgx9aKs0bzp_yheYmPvVg_RYp8E0KYuaCsHtkm0ThJ--IHdnmfpZEsd8w_P-R_-8bJYXAB9P4knwEOT0_C9kfHQp6d7b_yxVyDj8ZD_sTLTNWSPQUqYgxowpGzYmdMW3VRZAoks0hwoabof98N4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07TLA4312aIGFVC5gADvLkdrUBlw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1a25c109fabd28f417063371b2d6e9819189f218a66747a51a8d28ae40af5d0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
5854
expires
Fri, 17 May 2024 06:53:39 GMT
img
imageproxy.eu.criteo.net/img/ Frame 9371 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=87930&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F87930%2F230316%2F52ad8c7b758b44a98473fdcf46ba82ed_img_horizontal_3.jpg&v=3&w=1200&s=kbJo3xZT21kBhmYGXy1wSTBL
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAIRS0Iu8BXAArzweK8hmwBjiXNbBZxzA&u=%7CxiZKFHmULl8eMeLJxdHHHwy55%2FblVBCs%2FtSojhEi1VM%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4R5eWn7RSgJbxCKfkLuFqDQH0wIbkZS-7qUkuZE5LGb_rxYi-f7HMLEUr4HRyEIakcbNCVcCezNG2759vLFP-m677tO9LkB9Yt6G4E-xLd4UdfbCiePsQ2cTfps9MlX8RG_uTm3r718Wp9C_SghPPJfn2HRI8Ah-PBtAMZVsk43Xb3IQYZvIJodS2GfT-cSj2-9wEf1OPnxeSNK8As76sETEkBeYMCjvtMERMoLEpILQYKkpZy4vz4PBRyx0iPKzrd1TmSO_Ufwl2ylh1D3ooVJiQQ26zKG7mW2qcV9NT7smP5rcRlbEWC6FEYsjn4FtEAHph7Ett6PbJ8OqLCDHWVDfd3lt4lDr8HISNtTh6UArBlXUNJ26b5YuVf-ShyJIs4E95OnbnRKvskpTDG9BdRoCMUs9mIxEG2lb78PrzNHZJz_oknm2rpBH7HGkzMDlMsXWbHW-0qwtPVNl4cjFioUDKA81kpNNtKpgJWToeG5PGVSh4Fz6rdtxZilwctGkwuxM985PzMVBBhVsfjKLNCb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCd1ku_up1ZK2KIdeA7_UPweermAjJntKxXPXalvdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjUz9aPP8LE-4AIAqAMBqgTSAk_QC-1_q3smfUOFpBOnscJvXfViJv8ygsKJTHPH79j3XQfuL0Vp_ucQs-phf-CgLc61m_3mdoObsv5RBccgJNNrJF8IEbC8bVV3b-wjZFNUzCd48uo89uuRx3zkWTlt4DcHXWNF2COkKXIg4LWIaWC6lZoMb6dikAMmixBG2WUOoyTNRjbOU8f55GXXCeDBpBJK7JciyQzesgNWTLt2PhQ3QRsHPtj8exp8s_n4WVCNyi9S-AGnomwCXKO81YHfE23iX0cinKDctHPeM2DB4Ja2sM3Yq871YuBXPCNA_bpgh6kotPMgx9aKs0bzp_yheYmPvVg_RYp8E0KYuaCsHtkm0ThJ--IHdnmfpZEsd8w_P-R_-8bJYXAB9P4knwEOT0_C9kfHQp6d7b_yxVyDj8ZD_sTLTNWSPQUqYgxowpGzYmdMW3VRZAoks0hwoabof98N4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07TLA4312aIGFVC5gADvLkdrUBlw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
27fdcff158fd7bcae8892ebdd7952e97f68f3d094222f3b2517bdacdee5d2fc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
111946
expires
Sat, 18 May 2024 07:05:15 GMT
img
imageproxy.eu.criteo.net/img/ Frame 9371 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=87930&q=80&r=0&u=https%3A%2F%2Fwww.11teamsports.com%2Fde-de%2FData%2FImages%2FBig%2Fadidas-copa-pure-3-fg-schwarz-weiss-pink-hq8942-fussballschuh_right_out.jpg&v=3&w=400&s=nvNGgPfiHnypUA8c8dxl2FmX&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAIRS0Iu8BXAArzweK8hmwBjiXNbBZxzA&u=%7CxiZKFHmULl8eMeLJxdHHHwy55%2FblVBCs%2FtSojhEi1VM%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4R5eWn7RSgJbxCKfkLuFqDQH0wIbkZS-7qUkuZE5LGb_rxYi-f7HMLEUr4HRyEIakcbNCVcCezNG2759vLFP-m677tO9LkB9Yt6G4E-xLd4UdfbCiePsQ2cTfps9MlX8RG_uTm3r718Wp9C_SghPPJfn2HRI8Ah-PBtAMZVsk43Xb3IQYZvIJodS2GfT-cSj2-9wEf1OPnxeSNK8As76sETEkBeYMCjvtMERMoLEpILQYKkpZy4vz4PBRyx0iPKzrd1TmSO_Ufwl2ylh1D3ooVJiQQ26zKG7mW2qcV9NT7smP5rcRlbEWC6FEYsjn4FtEAHph7Ett6PbJ8OqLCDHWVDfd3lt4lDr8HISNtTh6UArBlXUNJ26b5YuVf-ShyJIs4E95OnbnRKvskpTDG9BdRoCMUs9mIxEG2lb78PrzNHZJz_oknm2rpBH7HGkzMDlMsXWbHW-0qwtPVNl4cjFioUDKA81kpNNtKpgJWToeG5PGVSh4Fz6rdtxZilwctGkwuxM985PzMVBBhVsfjKLNCb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCd1ku_up1ZK2KIdeA7_UPweermAjJntKxXPXalvdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjUz9aPP8LE-4AIAqAMBqgTSAk_QC-1_q3smfUOFpBOnscJvXfViJv8ygsKJTHPH79j3XQfuL0Vp_ucQs-phf-CgLc61m_3mdoObsv5RBccgJNNrJF8IEbC8bVV3b-wjZFNUzCd48uo89uuRx3zkWTlt4DcHXWNF2COkKXIg4LWIaWC6lZoMb6dikAMmixBG2WUOoyTNRjbOU8f55GXXCeDBpBJK7JciyQzesgNWTLt2PhQ3QRsHPtj8exp8s_n4WVCNyi9S-AGnomwCXKO81YHfE23iX0cinKDctHPeM2DB4Ja2sM3Yq871YuBXPCNA_bpgh6kotPMgx9aKs0bzp_yheYmPvVg_RYp8E0KYuaCsHtkm0ThJ--IHdnmfpZEsd8w_P-R_-8bJYXAB9P4knwEOT0_C9kfHQp6d7b_yxVyDj8ZD_sTLTNWSPQUqYgxowpGzYmdMW3VRZAoks0hwoabof98N4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07TLA4312aIGFVC5gADvLkdrUBlw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0e129a1d02af54d402629181c5a4ea2535dbbea1470a80da3c2f11f854818592
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
6116
expires
Wed, 15 May 2024 03:52:00 GMT
img
imageproxy.eu.criteo.net/img/ Frame 9371 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=87930&q=80&r=0&u=https%3A%2F%2Fwww.11teamsports.com%2Fde-de%2FData%2FImages%2FBig%2Fadidas-predator-accuracy-3-ll-fg-schwarz-weiss-gw4597-fussballschuh_right_out.jpg&v=3&w=400&s=FywwJuhKM3Rjo_nxHfIMK_xM&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAIRS0Iu8BXAArzweK8hmwBjiXNbBZxzA&u=%7CxiZKFHmULl8eMeLJxdHHHwy55%2FblVBCs%2FtSojhEi1VM%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4R5eWn7RSgJbxCKfkLuFqDQH0wIbkZS-7qUkuZE5LGb_rxYi-f7HMLEUr4HRyEIakcbNCVcCezNG2759vLFP-m677tO9LkB9Yt6G4E-xLd4UdfbCiePsQ2cTfps9MlX8RG_uTm3r718Wp9C_SghPPJfn2HRI8Ah-PBtAMZVsk43Xb3IQYZvIJodS2GfT-cSj2-9wEf1OPnxeSNK8As76sETEkBeYMCjvtMERMoLEpILQYKkpZy4vz4PBRyx0iPKzrd1TmSO_Ufwl2ylh1D3ooVJiQQ26zKG7mW2qcV9NT7smP5rcRlbEWC6FEYsjn4FtEAHph7Ett6PbJ8OqLCDHWVDfd3lt4lDr8HISNtTh6UArBlXUNJ26b5YuVf-ShyJIs4E95OnbnRKvskpTDG9BdRoCMUs9mIxEG2lb78PrzNHZJz_oknm2rpBH7HGkzMDlMsXWbHW-0qwtPVNl4cjFioUDKA81kpNNtKpgJWToeG5PGVSh4Fz6rdtxZilwctGkwuxM985PzMVBBhVsfjKLNCb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCd1ku_up1ZK2KIdeA7_UPweermAjJntKxXPXalvdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjUz9aPP8LE-4AIAqAMBqgTSAk_QC-1_q3smfUOFpBOnscJvXfViJv8ygsKJTHPH79j3XQfuL0Vp_ucQs-phf-CgLc61m_3mdoObsv5RBccgJNNrJF8IEbC8bVV3b-wjZFNUzCd48uo89uuRx3zkWTlt4DcHXWNF2COkKXIg4LWIaWC6lZoMb6dikAMmixBG2WUOoyTNRjbOU8f55GXXCeDBpBJK7JciyQzesgNWTLt2PhQ3QRsHPtj8exp8s_n4WVCNyi9S-AGnomwCXKO81YHfE23iX0cinKDctHPeM2DB4Ja2sM3Yq871YuBXPCNA_bpgh6kotPMgx9aKs0bzp_yheYmPvVg_RYp8E0KYuaCsHtkm0ThJ--IHdnmfpZEsd8w_P-R_-8bJYXAB9P4knwEOT0_C9kfHQp6d7b_yxVyDj8ZD_sTLTNWSPQUqYgxowpGzYmdMW3VRZAoks0hwoabof98N4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07TLA4312aIGFVC5gADvLkdrUBlw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
138bbeec71d389fe5deb41a9a16918c06f5dfdd8b921cf01cc3dab84630f7029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
8806
expires
Thu, 16 May 2024 06:39:05 GMT
img
imageproxy.eu.criteo.net/img/ Frame 9371 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=87930&q=80&r=0&u=https%3A%2F%2Fwww.11teamsports.com%2Fde-de%2FData%2FImages%2FBig%2Fadidas-copa-pure-3-tf-kids-schwarz-grau-gy9038-fussballschuh_right_out.jpg&v=3&w=400&s=kAvXxQp0nkTdWREUs1mRnCdF&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAIRS0Iu8BXAArzweK8hmwBjiXNbBZxzA&u=%7CxiZKFHmULl8eMeLJxdHHHwy55%2FblVBCs%2FtSojhEi1VM%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4R5eWn7RSgJbxCKfkLuFqDQH0wIbkZS-7qUkuZE5LGb_rxYi-f7HMLEUr4HRyEIakcbNCVcCezNG2759vLFP-m677tO9LkB9Yt6G4E-xLd4UdfbCiePsQ2cTfps9MlX8RG_uTm3r718Wp9C_SghPPJfn2HRI8Ah-PBtAMZVsk43Xb3IQYZvIJodS2GfT-cSj2-9wEf1OPnxeSNK8As76sETEkBeYMCjvtMERMoLEpILQYKkpZy4vz4PBRyx0iPKzrd1TmSO_Ufwl2ylh1D3ooVJiQQ26zKG7mW2qcV9NT7smP5rcRlbEWC6FEYsjn4FtEAHph7Ett6PbJ8OqLCDHWVDfd3lt4lDr8HISNtTh6UArBlXUNJ26b5YuVf-ShyJIs4E95OnbnRKvskpTDG9BdRoCMUs9mIxEG2lb78PrzNHZJz_oknm2rpBH7HGkzMDlMsXWbHW-0qwtPVNl4cjFioUDKA81kpNNtKpgJWToeG5PGVSh4Fz6rdtxZilwctGkwuxM985PzMVBBhVsfjKLNCb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCd1ku_up1ZK2KIdeA7_UPweermAjJntKxXPXalvdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjUz9aPP8LE-4AIAqAMBqgTSAk_QC-1_q3smfUOFpBOnscJvXfViJv8ygsKJTHPH79j3XQfuL0Vp_ucQs-phf-CgLc61m_3mdoObsv5RBccgJNNrJF8IEbC8bVV3b-wjZFNUzCd48uo89uuRx3zkWTlt4DcHXWNF2COkKXIg4LWIaWC6lZoMb6dikAMmixBG2WUOoyTNRjbOU8f55GXXCeDBpBJK7JciyQzesgNWTLt2PhQ3QRsHPtj8exp8s_n4WVCNyi9S-AGnomwCXKO81YHfE23iX0cinKDctHPeM2DB4Ja2sM3Yq871YuBXPCNA_bpgh6kotPMgx9aKs0bzp_yheYmPvVg_RYp8E0KYuaCsHtkm0ThJ--IHdnmfpZEsd8w_P-R_-8bJYXAB9P4knwEOT0_C9kfHQp6d7b_yxVyDj8ZD_sTLTNWSPQUqYgxowpGzYmdMW3VRZAoks0hwoabof98N4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07TLA4312aIGFVC5gADvLkdrUBlw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
98d8f2bbd895433aa005561d4b8cee089fb0d88649db870427a5751e56d44e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
7526
expires
Thu, 16 May 2024 03:47:57 GMT
img
imageproxy.eu.criteo.net/img/ Frame 9371 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=87930&q=80&r=0&u=https%3A%2F%2Fwww.11teamsports.com%2Fde-de%2FData%2FImages%2FBig%2Fadidas-predator-com-torwarthandschuhe-schwarz-hn3342-equipment_front.jpg&v=3&w=400&s=YRORh0yEhx6mCHfxsYVTK_24&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAIRS0Iu8BXAArzweK8hmwBjiXNbBZxzA&u=%7CxiZKFHmULl8eMeLJxdHHHwy55%2FblVBCs%2FtSojhEi1VM%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4R5eWn7RSgJbxCKfkLuFqDQH0wIbkZS-7qUkuZE5LGb_rxYi-f7HMLEUr4HRyEIakcbNCVcCezNG2759vLFP-m677tO9LkB9Yt6G4E-xLd4UdfbCiePsQ2cTfps9MlX8RG_uTm3r718Wp9C_SghPPJfn2HRI8Ah-PBtAMZVsk43Xb3IQYZvIJodS2GfT-cSj2-9wEf1OPnxeSNK8As76sETEkBeYMCjvtMERMoLEpILQYKkpZy4vz4PBRyx0iPKzrd1TmSO_Ufwl2ylh1D3ooVJiQQ26zKG7mW2qcV9NT7smP5rcRlbEWC6FEYsjn4FtEAHph7Ett6PbJ8OqLCDHWVDfd3lt4lDr8HISNtTh6UArBlXUNJ26b5YuVf-ShyJIs4E95OnbnRKvskpTDG9BdRoCMUs9mIxEG2lb78PrzNHZJz_oknm2rpBH7HGkzMDlMsXWbHW-0qwtPVNl4cjFioUDKA81kpNNtKpgJWToeG5PGVSh4Fz6rdtxZilwctGkwuxM985PzMVBBhVsfjKLNCb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCd1ku_up1ZK2KIdeA7_UPweermAjJntKxXPXalvdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjUz9aPP8LE-4AIAqAMBqgTSAk_QC-1_q3smfUOFpBOnscJvXfViJv8ygsKJTHPH79j3XQfuL0Vp_ucQs-phf-CgLc61m_3mdoObsv5RBccgJNNrJF8IEbC8bVV3b-wjZFNUzCd48uo89uuRx3zkWTlt4DcHXWNF2COkKXIg4LWIaWC6lZoMb6dikAMmixBG2WUOoyTNRjbOU8f55GXXCeDBpBJK7JciyQzesgNWTLt2PhQ3QRsHPtj8exp8s_n4WVCNyi9S-AGnomwCXKO81YHfE23iX0cinKDctHPeM2DB4Ja2sM3Yq871YuBXPCNA_bpgh6kotPMgx9aKs0bzp_yheYmPvVg_RYp8E0KYuaCsHtkm0ThJ--IHdnmfpZEsd8w_P-R_-8bJYXAB9P4knwEOT0_C9kfHQp6d7b_yxVyDj8ZD_sTLTNWSPQUqYgxowpGzYmdMW3VRZAoks0hwoabof98N4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07TLA4312aIGFVC5gADvLkdrUBlw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6a4cd4cc0611b7e185314511bdf771b4a928136d04b427562107bb50003b2415
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
13174
expires
Tue, 30 Apr 2024 06:56:43 GMT
img
imageproxy.eu.criteo.net/img/ Frame 9371 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=87930&q=80&r=0&u=https%3A%2F%2Fwww.11teamsports.com%2Fde-de%2FData%2FImages%2FBig%2Fadidas-predator-accuracy-3-fg-kids-schwarz-weiss-gw4609-fussballschuh_right_out.jpg&v=3&w=400&s=317GdlAob8IfPtt_vZSoTf6j&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAIRS0Iu8BXAArzweK8hmwBjiXNbBZxzA&u=%7CxiZKFHmULl8eMeLJxdHHHwy55%2FblVBCs%2FtSojhEi1VM%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4R5eWn7RSgJbxCKfkLuFqDQH0wIbkZS-7qUkuZE5LGb_rxYi-f7HMLEUr4HRyEIakcbNCVcCezNG2759vLFP-m677tO9LkB9Yt6G4E-xLd4UdfbCiePsQ2cTfps9MlX8RG_uTm3r718Wp9C_SghPPJfn2HRI8Ah-PBtAMZVsk43Xb3IQYZvIJodS2GfT-cSj2-9wEf1OPnxeSNK8As76sETEkBeYMCjvtMERMoLEpILQYKkpZy4vz4PBRyx0iPKzrd1TmSO_Ufwl2ylh1D3ooVJiQQ26zKG7mW2qcV9NT7smP5rcRlbEWC6FEYsjn4FtEAHph7Ett6PbJ8OqLCDHWVDfd3lt4lDr8HISNtTh6UArBlXUNJ26b5YuVf-ShyJIs4E95OnbnRKvskpTDG9BdRoCMUs9mIxEG2lb78PrzNHZJz_oknm2rpBH7HGkzMDlMsXWbHW-0qwtPVNl4cjFioUDKA81kpNNtKpgJWToeG5PGVSh4Fz6rdtxZilwctGkwuxM985PzMVBBhVsfjKLNCb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCd1ku_up1ZK2KIdeA7_UPweermAjJntKxXPXalvdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjUz9aPP8LE-4AIAqAMBqgTSAk_QC-1_q3smfUOFpBOnscJvXfViJv8ygsKJTHPH79j3XQfuL0Vp_ucQs-phf-CgLc61m_3mdoObsv5RBccgJNNrJF8IEbC8bVV3b-wjZFNUzCd48uo89uuRx3zkWTlt4DcHXWNF2COkKXIg4LWIaWC6lZoMb6dikAMmixBG2WUOoyTNRjbOU8f55GXXCeDBpBJK7JciyQzesgNWTLt2PhQ3QRsHPtj8exp8s_n4WVCNyi9S-AGnomwCXKO81YHfE23iX0cinKDctHPeM2DB4Ja2sM3Yq871YuBXPCNA_bpgh6kotPMgx9aKs0bzp_yheYmPvVg_RYp8E0KYuaCsHtkm0ThJ--IHdnmfpZEsd8w_P-R_-8bJYXAB9P4knwEOT0_C9kfHQp6d7b_yxVyDj8ZD_sTLTNWSPQUqYgxowpGzYmdMW3VRZAoks0hwoabof98N4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07TLA4312aIGFVC5gADvLkdrUBlw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
fc0ac2d1dc80b20f3c4cef92ec47463bc44135de8c5ca21cd2c432998833662a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
9260
expires
Fri, 17 May 2024 04:19:50 GMT
img
imageproxy.eu.criteo.net/img/ Frame 9371 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=87930&q=80&r=0&u=https%3A%2F%2Fwww.11teamsports.com%2Fde-de%2FData%2FImages%2FBig%2Fadidas-x-speedportal-3-ll-fg-kids-pink-schwarz-gz5061-fussballschuh_right_out.jpg&v=3&w=400&s=6NNEkhltnuyPQYBGZ-lp9h_b&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAIRS0Iu8BXAArzweK8hmwBjiXNbBZxzA&u=%7CxiZKFHmULl8eMeLJxdHHHwy55%2FblVBCs%2FtSojhEi1VM%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4R5eWn7RSgJbxCKfkLuFqDQH0wIbkZS-7qUkuZE5LGb_rxYi-f7HMLEUr4HRyEIakcbNCVcCezNG2759vLFP-m677tO9LkB9Yt6G4E-xLd4UdfbCiePsQ2cTfps9MlX8RG_uTm3r718Wp9C_SghPPJfn2HRI8Ah-PBtAMZVsk43Xb3IQYZvIJodS2GfT-cSj2-9wEf1OPnxeSNK8As76sETEkBeYMCjvtMERMoLEpILQYKkpZy4vz4PBRyx0iPKzrd1TmSO_Ufwl2ylh1D3ooVJiQQ26zKG7mW2qcV9NT7smP5rcRlbEWC6FEYsjn4FtEAHph7Ett6PbJ8OqLCDHWVDfd3lt4lDr8HISNtTh6UArBlXUNJ26b5YuVf-ShyJIs4E95OnbnRKvskpTDG9BdRoCMUs9mIxEG2lb78PrzNHZJz_oknm2rpBH7HGkzMDlMsXWbHW-0qwtPVNl4cjFioUDKA81kpNNtKpgJWToeG5PGVSh4Fz6rdtxZilwctGkwuxM985PzMVBBhVsfjKLNCb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCd1ku_up1ZK2KIdeA7_UPweermAjJntKxXPXalvdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjUz9aPP8LE-4AIAqAMBqgTSAk_QC-1_q3smfUOFpBOnscJvXfViJv8ygsKJTHPH79j3XQfuL0Vp_ucQs-phf-CgLc61m_3mdoObsv5RBccgJNNrJF8IEbC8bVV3b-wjZFNUzCd48uo89uuRx3zkWTlt4DcHXWNF2COkKXIg4LWIaWC6lZoMb6dikAMmixBG2WUOoyTNRjbOU8f55GXXCeDBpBJK7JciyQzesgNWTLt2PhQ3QRsHPtj8exp8s_n4WVCNyi9S-AGnomwCXKO81YHfE23iX0cinKDctHPeM2DB4Ja2sM3Yq871YuBXPCNA_bpgh6kotPMgx9aKs0bzp_yheYmPvVg_RYp8E0KYuaCsHtkm0ThJ--IHdnmfpZEsd8w_P-R_-8bJYXAB9P4knwEOT0_C9kfHQp6d7b_yxVyDj8ZD_sTLTNWSPQUqYgxowpGzYmdMW3VRZAoks0hwoabof98N4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07TLA4312aIGFVC5gADvLkdrUBlw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0fe00a83c1d70570487f1cf7e1931fbfaf512855eac0af99e7a659f7eb56e5b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
10448
expires
Wed, 15 May 2024 04:00:07 GMT
img
imageproxy.eu.criteo.net/img/ Frame 9371 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=87930&q=80&r=0&u=https%3A%2F%2Fwww.11teamsports.com%2Fde-de%2FData%2FImages%2FBig%2Fadidas-predator-accuracy-2-fg-schwarz-weiss-pink-gw4586-fussballschuh_right_out.jpg&v=3&w=400&s=7ssFHwYwAFqUsACQRCYc0CTh&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAIRS0Iu8BXAArzweK8hmwBjiXNbBZxzA&u=%7CxiZKFHmULl8eMeLJxdHHHwy55%2FblVBCs%2FtSojhEi1VM%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4R5eWn7RSgJbxCKfkLuFqDQH0wIbkZS-7qUkuZE5LGb_rxYi-f7HMLEUr4HRyEIakcbNCVcCezNG2759vLFP-m677tO9LkB9Yt6G4E-xLd4UdfbCiePsQ2cTfps9MlX8RG_uTm3r718Wp9C_SghPPJfn2HRI8Ah-PBtAMZVsk43Xb3IQYZvIJodS2GfT-cSj2-9wEf1OPnxeSNK8As76sETEkBeYMCjvtMERMoLEpILQYKkpZy4vz4PBRyx0iPKzrd1TmSO_Ufwl2ylh1D3ooVJiQQ26zKG7mW2qcV9NT7smP5rcRlbEWC6FEYsjn4FtEAHph7Ett6PbJ8OqLCDHWVDfd3lt4lDr8HISNtTh6UArBlXUNJ26b5YuVf-ShyJIs4E95OnbnRKvskpTDG9BdRoCMUs9mIxEG2lb78PrzNHZJz_oknm2rpBH7HGkzMDlMsXWbHW-0qwtPVNl4cjFioUDKA81kpNNtKpgJWToeG5PGVSh4Fz6rdtxZilwctGkwuxM985PzMVBBhVsfjKLNCb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCd1ku_up1ZK2KIdeA7_UPweermAjJntKxXPXalvdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjUz9aPP8LE-4AIAqAMBqgTSAk_QC-1_q3smfUOFpBOnscJvXfViJv8ygsKJTHPH79j3XQfuL0Vp_ucQs-phf-CgLc61m_3mdoObsv5RBccgJNNrJF8IEbC8bVV3b-wjZFNUzCd48uo89uuRx3zkWTlt4DcHXWNF2COkKXIg4LWIaWC6lZoMb6dikAMmixBG2WUOoyTNRjbOU8f55GXXCeDBpBJK7JciyQzesgNWTLt2PhQ3QRsHPtj8exp8s_n4WVCNyi9S-AGnomwCXKO81YHfE23iX0cinKDctHPeM2DB4Ja2sM3Yq871YuBXPCNA_bpgh6kotPMgx9aKs0bzp_yheYmPvVg_RYp8E0KYuaCsHtkm0ThJ--IHdnmfpZEsd8w_P-R_-8bJYXAB9P4knwEOT0_C9kfHQp6d7b_yxVyDj8ZD_sTLTNWSPQUqYgxowpGzYmdMW3VRZAoks0hwoabof98N4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07TLA4312aIGFVC5gADvLkdrUBlw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
897d3edf994f111036c0fa780423af15d391088ed8cd919786025b59e695c560
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:30 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
9558
expires
Wed, 15 May 2024 03:42:31 GMT
all
csm.eu.criteo.net/ Frame 9371 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=QmehqZQXNarbvS9y3lgnCcAJNOrfjTxoGARKfejszuNV3pZaqBY5Qsd0MbBGFQdFs7sVJLeB_N8k2yYEWXt2ry2fvjMpGbOrCUJSufesDbi3MiNxZ2Q3PBDnbHKtSevutN74FdhzzVyTZ4iieRR6gekf79aMY6U22qXQ-UqxHbvU6CG56LIo8NgXKfsImRwiMIAfzyLLiT3kV-je_vdiOA0Yycr9MHRMOyxx8T7txhFLVJsr5g2v4iyU_-UkY5ojjwArlg&sds=2&rev=86437.3&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAIRS0Iu8BXAArzweK8hmwBjiXNbBZxzA&u=%7CxiZKFHmULl8eMeLJxdHHHwy55%2FblVBCs%2FtSojhEi1VM%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4R5eWn7RSgJbxCKfkLuFqDQH0wIbkZS-7qUkuZE5LGb_rxYi-f7HMLEUr4HRyEIakcbNCVcCezNG2759vLFP-m677tO9LkB9Yt6G4E-xLd4UdfbCiePsQ2cTfps9MlX8RG_uTm3r718Wp9C_SghPPJfn2HRI8Ah-PBtAMZVsk43Xb3IQYZvIJodS2GfT-cSj2-9wEf1OPnxeSNK8As76sETEkBeYMCjvtMERMoLEpILQYKkpZy4vz4PBRyx0iPKzrd1TmSO_Ufwl2ylh1D3ooVJiQQ26zKG7mW2qcV9NT7smP5rcRlbEWC6FEYsjn4FtEAHph7Ett6PbJ8OqLCDHWVDfd3lt4lDr8HISNtTh6UArBlXUNJ26b5YuVf-ShyJIs4E95OnbnRKvskpTDG9BdRoCMUs9mIxEG2lb78PrzNHZJz_oknm2rpBH7HGkzMDlMsXWbHW-0qwtPVNl4cjFioUDKA81kpNNtKpgJWToeG5PGVSh4Fz6rdtxZilwctGkwuxM985PzMVBBhVsfjKLNCb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCd1ku_up1ZK2KIdeA7_UPweermAjJntKxXPXalvdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjUz9aPP8LE-4AIAqAMBqgTSAk_QC-1_q3smfUOFpBOnscJvXfViJv8ygsKJTHPH79j3XQfuL0Vp_ucQs-phf-CgLc61m_3mdoObsv5RBccgJNNrJF8IEbC8bVV3b-wjZFNUzCd48uo89uuRx3zkWTlt4DcHXWNF2COkKXIg4LWIaWC6lZoMb6dikAMmixBG2WUOoyTNRjbOU8f55GXXCeDBpBJK7JciyQzesgNWTLt2PhQ3QRsHPtj8exp8s_n4WVCNyi9S-AGnomwCXKO81YHfE23iX0cinKDctHPeM2DB4Ja2sM3Yq871YuBXPCNA_bpgh6kotPMgx9aKs0bzp_yheYmPvVg_RYp8E0KYuaCsHtkm0ThJ--IHdnmfpZEsd8w_P-R_-8bJYXAB9P4knwEOT0_C9kfHQp6d7b_yxVyDj8ZD_sTLTNWSPQUqYgxowpGzYmdMW3VRZAoks0hwoabof98N4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07TLA4312aIGFVC5gADvLkdrUBlw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 30 May 2023 12:24:30 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9371 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAIRS0Iu8BXAArzweK8hmwBjiXNbBZxzA&u=%7CxiZKFHmULl8eMeLJxdHHHwy55%2FblVBCs%2FtSojhEi1VM%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4R5eWn7RSgJbxCKfkLuFqDQH0wIbkZS-7qUkuZE5LGb_rxYi-f7HMLEUr4HRyEIakcbNCVcCezNG2759vLFP-m677tO9LkB9Yt6G4E-xLd4UdfbCiePsQ2cTfps9MlX8RG_uTm3r718Wp9C_SghPPJfn2HRI8Ah-PBtAMZVsk43Xb3IQYZvIJodS2GfT-cSj2-9wEf1OPnxeSNK8As76sETEkBeYMCjvtMERMoLEpILQYKkpZy4vz4PBRyx0iPKzrd1TmSO_Ufwl2ylh1D3ooVJiQQ26zKG7mW2qcV9NT7smP5rcRlbEWC6FEYsjn4FtEAHph7Ett6PbJ8OqLCDHWVDfd3lt4lDr8HISNtTh6UArBlXUNJ26b5YuVf-ShyJIs4E95OnbnRKvskpTDG9BdRoCMUs9mIxEG2lb78PrzNHZJz_oknm2rpBH7HGkzMDlMsXWbHW-0qwtPVNl4cjFioUDKA81kpNNtKpgJWToeG5PGVSh4Fz6rdtxZilwctGkwuxM985PzMVBBhVsfjKLNCb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCd1ku_up1ZK2KIdeA7_UPweermAjJntKxXPXalvdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjUz9aPP8LE-4AIAqAMBqgTSAk_QC-1_q3smfUOFpBOnscJvXfViJv8ygsKJTHPH79j3XQfuL0Vp_ucQs-phf-CgLc61m_3mdoObsv5RBccgJNNrJF8IEbC8bVV3b-wjZFNUzCd48uo89uuRx3zkWTlt4DcHXWNF2COkKXIg4LWIaWC6lZoMb6dikAMmixBG2WUOoyTNRjbOU8f55GXXCeDBpBJK7JciyQzesgNWTLt2PhQ3QRsHPtj8exp8s_n4WVCNyi9S-AGnomwCXKO81YHfE23iX0cinKDctHPeM2DB4Ja2sM3Yq871YuBXPCNA_bpgh6kotPMgx9aKs0bzp_yheYmPvVg_RYp8E0KYuaCsHtkm0ThJ--IHdnmfpZEsd8w_P-R_-8bJYXAB9P4knwEOT0_C9kfHQp6d7b_yxVyDj8ZD_sTLTNWSPQUqYgxowpGzYmdMW3VRZAoks0hwoabof98N4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07TLA4312aIGFVC5gADvLkdrUBlw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 May 2024 12:24:31 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 9371 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAIRS0Iu8BXAArzweK8hmwBjiXNbBZxzA&u=%7CxiZKFHmULl8eMeLJxdHHHwy55%2FblVBCs%2FtSojhEi1VM%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4R5eWn7RSgJbxCKfkLuFqDQH0wIbkZS-7qUkuZE5LGb_rxYi-f7HMLEUr4HRyEIakcbNCVcCezNG2759vLFP-m677tO9LkB9Yt6G4E-xLd4UdfbCiePsQ2cTfps9MlX8RG_uTm3r718Wp9C_SghPPJfn2HRI8Ah-PBtAMZVsk43Xb3IQYZvIJodS2GfT-cSj2-9wEf1OPnxeSNK8As76sETEkBeYMCjvtMERMoLEpILQYKkpZy4vz4PBRyx0iPKzrd1TmSO_Ufwl2ylh1D3ooVJiQQ26zKG7mW2qcV9NT7smP5rcRlbEWC6FEYsjn4FtEAHph7Ett6PbJ8OqLCDHWVDfd3lt4lDr8HISNtTh6UArBlXUNJ26b5YuVf-ShyJIs4E95OnbnRKvskpTDG9BdRoCMUs9mIxEG2lb78PrzNHZJz_oknm2rpBH7HGkzMDlMsXWbHW-0qwtPVNl4cjFioUDKA81kpNNtKpgJWToeG5PGVSh4Fz6rdtxZilwctGkwuxM985PzMVBBhVsfjKLNCb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCd1ku_up1ZK2KIdeA7_UPweermAjJntKxXPXalvdwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAjUz9aPP8LE-4AIAqAMBqgTSAk_QC-1_q3smfUOFpBOnscJvXfViJv8ygsKJTHPH79j3XQfuL0Vp_ucQs-phf-CgLc61m_3mdoObsv5RBccgJNNrJF8IEbC8bVV3b-wjZFNUzCd48uo89uuRx3zkWTlt4DcHXWNF2COkKXIg4LWIaWC6lZoMb6dikAMmixBG2WUOoyTNRjbOU8f55GXXCeDBpBJK7JciyQzesgNWTLt2PhQ3QRsHPtj8exp8s_n4WVCNyi9S-AGnomwCXKO81YHfE23iX0cinKDctHPeM2DB4Ja2sM3Yq871YuBXPCNA_bpgh6kotPMgx9aKs0bzp_yheYmPvVg_RYp8E0KYuaCsHtkm0ThJ--IHdnmfpZEsd8w_P-R_-8bJYXAB9P4knwEOT0_C9kfHQp6d7b_yxVyDj8ZD_sTLTNWSPQUqYgxowpGzYmdMW3VRZAoks0hwoabof98N4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07TLA4312aIGFVC5gADvLkdrUBlw%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 May 2024 12:24:31 GMT
csi
csi.gstatic.com/ Frame 2CD3 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lia93izd&c=2532417103167&slotId=1266208551583.5&qqid=CM6w1MeEnf8CFffGuwgdBF0Jzw&umsem=0&ple=1&ape=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Fef33bde3b6f53b5d50fc677805f1b9fa.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fc5ca179bcc5c13a10383053c3380af3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2CD3 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lia93j9w&c=2532417103167&slotId=1266208551583.5&qqid=CM6w1MeEnf8CFffGuwgdBF0Jzw&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Ffc5ca179bcc5c13a10383053c3380af3.js%253Ftag%253Dgpa%252Fdynamic_fig_web_banner_v2&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fc5ca179bcc5c13a10383053c3380af3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2CD3 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lia93j9w&c=2532417103167&slotId=1266208551583.5&qqid=CM6w1MeEnf8CFffGuwgdBF0Jzw&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F32da0f4bcd46006ef465cafdfe68b840.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fc5ca179bcc5c13a10383053c3380af3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2CD3 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~lia93j9w&c=2532417103167&slotId=1266208551583.5&qqid=CM6w1MeEnf8CFffGuwgdBF0Jzw&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fencrypted-tbn3.gstatic.com%252Fshopping%253Fq%253Dtbn%253AANd9GcR3AdQPjWzczt1WKyZMPuRZsloVuPm0_Mx9NzofiUpPduUoyH_CXkgoY714yw%2526usqp%253DCAI&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fc5ca179bcc5c13a10383053c3380af3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2CD3 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=6~lia93j9x&c=2532417103167&slotId=1266208551583.5&qqid=CM6w1MeEnf8CFffGuwgdBF0Jzw&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fencrypted-tbn1.gstatic.com%252Fshopping%253Fq%253Dtbn%253AANd9GcQ4ctkf8q4rwI3gmuv2n3-5iLRFv0OhGZmXSh9uU-PyMjGybAnsYgjerh5eeL4%2526usqp%253DCAI&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fc5ca179bcc5c13a10383053c3380af3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2CD3 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=7~lia93j9x&c=2532417103167&slotId=1266208551583.5&qqid=CM6w1MeEnf8CFffGuwgdBF0Jzw&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fencrypted-tbn3.gstatic.com%252Fshopping%253Fq%253Dtbn%253AANd9GcS8ZdEujvAI42fBYIOANI3wMzZSPv_2s2pu7uYQamr_kuZ4DI3eJnPn-iYiHg%2526usqp%253DCAI&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fc5ca179bcc5c13a10383053c3380af3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2CD3 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=8~lia93j9x&c=2532417103167&slotId=1266208551583.5&qqid=CM6w1MeEnf8CFffGuwgdBF0Jzw&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fencrypted-tbn3.gstatic.com%252Fshopping%253Fq%253Dtbn%253AANd9GcTBYpAIoFpFySZbKWnzgNN7tooNF3a8W7mUwfEXdiimdzgFX7py1lwYzPkxT6E%2526usqp%253DCAI&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fc5ca179bcc5c13a10383053c3380af3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2CD3 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=9~lia93j9x&c=2532417103167&slotId=1266208551583.5&qqid=CM6w1MeEnf8CFffGuwgdBF0Jzw&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fencrypted-tbn3.gstatic.com%252Fshopping%253Fq%253Dtbn%253AANd9GcShbPr1olk0e9TW32eVjT3U3CXuXFXAyjKt3lE5fBUL4xQO5W4_pMo7FH9Yag%2526usqp%253DCAI&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fc5ca179bcc5c13a10383053c3380af3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
imageproxy.eu.criteo.net/img/ Frame 3088 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=87930&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F87930%2F221205%2Fa598dd089dcf4240a7a55c9071884fdb_download.png&v=3&w=196&s=UIeb3p7dC4BTuF-F3CAfwAkj
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAHELYIu88AAAFymVTmwbj6tazh-dZDPQ&u=%7CxiZKFHmULl9pB%2FWx1kArvOe2Y5WZUfsucSh1KvVgN5w%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4SSIM1uLI95CKOarvqzGH4ByNrjFbjJLTqeCHq7eE7vL1AhROuEo3n8E6T4WvGed6geOnFam5vK2_fUu-I6siexkyj9SwCOhrfLioHDIq1uFL6Nv93CTof204CO9TvPzTZtv65199HYbHA7jZSY91KEUtCg1__roeW2YYWkxru29IoG7dRsTryfVSs7DQrn5JdACy15MFIFucdwoAfPeNCa8u1f2obdxZamwnVi_sNuKWYUO7GtD2Jgp1f40yrw4VBDinohqVOPY5ZGRcwe9WOLcBpSm-LpYyNQbufFKGdidvgIYLpa3g6K-LHMeGdV5R-8fPsaTID34WUYJMar_ZxetYekUuHXlnWJ7ecu2hT3ZFkkX4Nmw_V3DQxopSZQVuyDes7idkvd29APZH9clhmPxYTkjPPvGEGz3ehDo7zda-Ly4_NmirKmwi8XFbfcfMMaJXrraqaueChkUw41yZzq52F8McfgBGQi7dmUy9gbF8MoeAnM8-H2NpHUTiems0XonxVIayxeAQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaau7_up1ZLahHICe7_UPmeWFqATJntKxXL2Ol_dwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAikNNiGa7rE-4AIAqAMBqgTMAk_QbFIoACkWXwoQi_EgsaTSYakrfatBaAGeCkzqN4DqY1FEfflWgSPj7p8U0VBFQb2PpvgPRaL45OLgaikr8aIgkBw0PrtYnLc6l2gXvNjhbo2JyhGAJzLaEawXthT0i-WIry62hZlbM-PHrRlITBM2tty6H5GSNLTrTo0QCVpOUlJt8f3784T0BVCrX8yrFnLergmf6e3dOHeLPUHCRjMT7yHZvg8J_DMWPK9-8oC-tq6KHTmUOJ-ekJzDv6RKpRFPiHXMPfipgD-p96UeaUmi0eMTMTQmtAHee1qYyPwgj7XrdR5-zRAfrrzo2OEnOtL7iQGprSdyVK6MuAijJA39tNUlvmNNvLgdp5AbkQkURKkRvl9mS7pDM96D0Umw13RZKECzMr18Ciecll1I-uYTmsRaGNT8vqaPdW57H8x6M2Qt7qXszCUncMDy4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lJJFnFrDC-DBm9XaUVa-2Ngrb8w%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1a25c109fabd28f417063371b2d6e9819189f218a66747a51a8d28ae40af5d0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
5854
expires
Fri, 17 May 2024 06:53:39 GMT
img
imageproxy.eu.criteo.net/img/ Frame 3088 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=87930&q=80&r=0&u=https%3A%2F%2Fwww.11teamsports.com%2Fde-de%2FData%2FImages%2FBig%2Fadidas-copa-pure-3-tf-kids-schwarz-grau-gy9038-fussballschuh_right_out.jpg&v=3&w=400&s=kAvXxQp0nkTdWREUs1mRnCdF&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAHELYIu88AAAFymVTmwbj6tazh-dZDPQ&u=%7CxiZKFHmULl9pB%2FWx1kArvOe2Y5WZUfsucSh1KvVgN5w%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4SSIM1uLI95CKOarvqzGH4ByNrjFbjJLTqeCHq7eE7vL1AhROuEo3n8E6T4WvGed6geOnFam5vK2_fUu-I6siexkyj9SwCOhrfLioHDIq1uFL6Nv93CTof204CO9TvPzTZtv65199HYbHA7jZSY91KEUtCg1__roeW2YYWkxru29IoG7dRsTryfVSs7DQrn5JdACy15MFIFucdwoAfPeNCa8u1f2obdxZamwnVi_sNuKWYUO7GtD2Jgp1f40yrw4VBDinohqVOPY5ZGRcwe9WOLcBpSm-LpYyNQbufFKGdidvgIYLpa3g6K-LHMeGdV5R-8fPsaTID34WUYJMar_ZxetYekUuHXlnWJ7ecu2hT3ZFkkX4Nmw_V3DQxopSZQVuyDes7idkvd29APZH9clhmPxYTkjPPvGEGz3ehDo7zda-Ly4_NmirKmwi8XFbfcfMMaJXrraqaueChkUw41yZzq52F8McfgBGQi7dmUy9gbF8MoeAnM8-H2NpHUTiems0XonxVIayxeAQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaau7_up1ZLahHICe7_UPmeWFqATJntKxXL2Ol_dwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAikNNiGa7rE-4AIAqAMBqgTMAk_QbFIoACkWXwoQi_EgsaTSYakrfatBaAGeCkzqN4DqY1FEfflWgSPj7p8U0VBFQb2PpvgPRaL45OLgaikr8aIgkBw0PrtYnLc6l2gXvNjhbo2JyhGAJzLaEawXthT0i-WIry62hZlbM-PHrRlITBM2tty6H5GSNLTrTo0QCVpOUlJt8f3784T0BVCrX8yrFnLergmf6e3dOHeLPUHCRjMT7yHZvg8J_DMWPK9-8oC-tq6KHTmUOJ-ekJzDv6RKpRFPiHXMPfipgD-p96UeaUmi0eMTMTQmtAHee1qYyPwgj7XrdR5-zRAfrrzo2OEnOtL7iQGprSdyVK6MuAijJA39tNUlvmNNvLgdp5AbkQkURKkRvl9mS7pDM96D0Umw13RZKECzMr18Ciecll1I-uYTmsRaGNT8vqaPdW57H8x6M2Qt7qXszCUncMDy4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lJJFnFrDC-DBm9XaUVa-2Ngrb8w%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
98d8f2bbd895433aa005561d4b8cee089fb0d88649db870427a5751e56d44e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
content-length
7526
expires
Thu, 16 May 2024 03:47:57 GMT
hb.php
youradexchange.com/ut/ Frame FDF1 		0
416 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/ut/hb.php?cb=0.633127324899482
Requested by
Host: velocitycdn.com
URL: https://velocitycdn.com/script/ut.js?cb=1685449471138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8b25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://v3.sportsonline.sx/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GetH5e3oxQhloDkHLfD2Y4hix7SLth4SxO59f%2BUr8D7dyfq%2FAggwxi4k3CGNh05A1JIAl5HR5DdB7ki%2BcAlg8kQ3iF8XZNT%2BFv85NI%2Fyg7iQyUZIuOnkt492FywNz1YaQJ1PMlwTB15kfRG83HJecXI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7cf6f45c787c9247-FRA
alt-svc
h3=":443"; ma=86400
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1459908131487426&correlator=2814108529822802&eid=31074695%2C31074825&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Ccube&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=13&adks=323800357&didk=2675907389&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-1%26hb_r_id%3D44a2807318f859c%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.08%26hb_adid%3D2059cfdeacc9633e%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F11082%252F0%252Froland-garros-vs-roland-garros%252F&sc=1&cookie=ID%3Da21db3fede674b59%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MbiJublblMJ28VmXwv_XsSJrah7zQ&gpic=UID%3D00000c295cbb895a%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MZBxudIro3CPAskob6wXAlh5DDrjA&abxe=1&dt=1685449471399&lmt=1685449420&dlt=1685449469390&idt=531&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1954965806.1685449470&ga_sid=1685449470&ga_hid=914313790&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuOD35IYxSABSAghkEhkKCnB1YmNpZC5vcmcYjeH35IYxSABSAghqEu4BCghydGJob3VzZRLYAVkrUE9MVU9tSkdCNUVrZElyRW9KUlJLWDlyZTRHVTZ1NUhyckp1R0xHc1dpNGhDakZicHlCQ0xYajJCYmF2NlBFd2JKbkJtUmVub2Qyc1NGL2p1S2d6aFlObzZ4bHlwQ1d2STJ1cnZjeTdJR0pDUm95YmhZai9HV1lYNExrQnRPT09FaUw1WFNuWVk2bnplNXFWcW1GcEQ2UWNzZ1djSGRyRmtsR0Ruc3NvRUhmT1ZDVXczMmlCKzRMR0ZTT1BLT3RCN2phMy9MUkxYVW1NRG5KR2xtT3c9PRid4vfkhjFIABIdCg5lc3AuY3JpdGVvLmNvbRi44PfkhjFIAFICCGQSGQoKdWlkYXBpLmNvbRi44PfkhjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGN7h9-SGMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdaad798d774e2bfe82a6b76bfbebc01c68c9c630d8fce9c7f1e56814a32f686
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11018
x-xss-protection
0
google-lineitem-id
5818019657
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374037624
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1459908131487426&correlator=2814108529822802&eid=31074695%2C31074825&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Ccube2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=14&adks=2685385890&didk=2675907388&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-2%26hb_r_id%3D539a78c6d58dbf4%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.05%26hb_adid%3D20620448bfbe8d34%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F11082%252F0%252Froland-garros-vs-roland-garros%252F&sc=1&cookie=ID%3Da21db3fede674b59%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MbiJublblMJ28VmXwv_XsSJrah7zQ&gpic=UID%3D00000c295cbb895a%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MZBxudIro3CPAskob6wXAlh5DDrjA&abxe=1&dt=1685449471402&lmt=1685449420&dlt=1685449469390&idt=531&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1954965806.1685449470&ga_sid=1685449470&ga_hid=914313790&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuOD35IYxSABSAghkEhkKCnB1YmNpZC5vcmcYjeH35IYxSABSAghqEu4BCghydGJob3VzZRLYAVkrUE9MVU9tSkdCNUVrZElyRW9KUlJLWDlyZTRHVTZ1NUhyckp1R0xHc1dpNGhDakZicHlCQ0xYajJCYmF2NlBFd2JKbkJtUmVub2Qyc1NGL2p1S2d6aFlObzZ4bHlwQ1d2STJ1cnZjeTdJR0pDUm95YmhZai9HV1lYNExrQnRPT09FaUw1WFNuWVk2bnplNXFWcW1GcEQ2UWNzZ1djSGRyRmtsR0Ruc3NvRUhmT1ZDVXczMmlCKzRMR0ZTT1BLT3RCN2phMy9MUkxYVW1NRG5KR2xtT3c9PRid4vfkhjFIABIdCg5lc3AuY3JpdGVvLmNvbRi44PfkhjFIAFICCGQSGQoKdWlkYXBpLmNvbRi44PfkhjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGN7h9-SGMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
073efb0edb3ceba2aba8568196928e8295c45470ceed0e5f9221251dcd6c5409
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11017
x-xss-protection
0
google-lineitem-id
5818019657
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374033787
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1459908131487426&correlator=2814108529822802&eid=31074695%2C31074825&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Ccube3&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=15&adks=1315967423&didk=2675907387&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-3%26hb_r_id%3D62f7909f2edae43%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.08%26hb_adid%3D207e65b46b5c4f3a%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F11082%252F0%252Froland-garros-vs-roland-garros%252F&sc=1&cookie=ID%3Da21db3fede674b59%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MbiJublblMJ28VmXwv_XsSJrah7zQ&gpic=UID%3D00000c295cbb895a%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MZBxudIro3CPAskob6wXAlh5DDrjA&abxe=1&dt=1685449471404&lmt=1685449420&dlt=1685449469390&idt=531&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=f&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1954965806.1685449470&ga_sid=1685449470&ga_hid=914313790&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuOD35IYxSABSAghkEhkKCnB1YmNpZC5vcmcYjeH35IYxSABSAghqEu4BCghydGJob3VzZRLYAVkrUE9MVU9tSkdCNUVrZElyRW9KUlJLWDlyZTRHVTZ1NUhyckp1R0xHc1dpNGhDakZicHlCQ0xYajJCYmF2NlBFd2JKbkJtUmVub2Qyc1NGL2p1S2d6aFlObzZ4bHlwQ1d2STJ1cnZjeTdJR0pDUm95YmhZai9HV1lYNExrQnRPT09FaUw1WFNuWVk2bnplNXFWcW1GcEQ2UWNzZ1djSGRyRmtsR0Ruc3NvRUhmT1ZDVXczMmlCKzRMR0ZTT1BLT3RCN2phMy9MUkxYVW1NRG5KR2xtT3c9PRid4vfkhjFIABIdCg5lc3AuY3JpdGVvLmNvbRi44PfkhjFIAFICCGQSGQoKdWlkYXBpLmNvbRi44PfkhjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGN7h9-SGMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
88fdf8bfc504ff9bd5d7e729c0285027326da3c17b73dfd6858437eb6cb4ed3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11033
x-xss-protection
0
google-lineitem-id
5818019657
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374037645
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		380 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1459908131487426&correlator=2814108529822802&eid=31074695%2C31074825&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Crich&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C320x50%7C320x100&ifi=16&adks=4183778&didk=2675907386&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-4%26hb_r_id%3D712f8dc454a55d9%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.07%26hb_adid%3D208a4a448c577cd7%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F11082%252F0%252Froland-garros-vs-roland-garros%252F&sc=1&cookie=ID%3Da21db3fede674b59%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MbiJublblMJ28VmXwv_XsSJrah7zQ&gpic=UID%3D00000c295cbb895a%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MZBxudIro3CPAskob6wXAlh5DDrjA&abxe=1&dt=1685449471406&lmt=1685449420&dlt=1685449469390&idt=531&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=g&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1954965806.1685449470&ga_sid=1685449470&ga_hid=914313790&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuOD35IYxSABSAghkEhkKCnB1YmNpZC5vcmcYjeH35IYxSABSAghqEu4BCghydGJob3VzZRLYAVkrUE9MVU9tSkdCNUVrZElyRW9KUlJLWDlyZTRHVTZ1NUhyckp1R0xHc1dpNGhDakZicHlCQ0xYajJCYmF2NlBFd2JKbkJtUmVub2Qyc1NGL2p1S2d6aFlObzZ4bHlwQ1d2STJ1cnZjeTdJR0pDUm95YmhZai9HV1lYNExrQnRPT09FaUw1WFNuWVk2bnplNXFWcW1GcEQ2UWNzZ1djSGRyRmtsR0Ruc3NvRUhmT1ZDVXczMmlCKzRMR0ZTT1BLT3RCN2phMy9MUkxYVW1NRG5KR2xtT3c9PRid4vfkhjFIABIdCg5lc3AuY3JpdGVvLmNvbRi44PfkhjFIAFICCGQSGQoKdWlkYXBpLmNvbRi44PfkhjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGN7h9-SGMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92321314668f4748e22349250e353caad0a27064783d9ca8e4f2a62bef831387
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		381 B
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1459908131487426&correlator=2814108529822802&eid=31074695%2C31074825&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Crich2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C320x50%7C320x100&ifi=17&adks=861436630&didk=2675907385&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-5%26hb_r_id%3D80a7ea53a432d82%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.08%26hb_adid%3D209298e30d6e23fe%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F11082%252F0%252Froland-garros-vs-roland-garros%252F&sc=1&cookie=ID%3Da21db3fede674b59%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MbiJublblMJ28VmXwv_XsSJrah7zQ&gpic=UID%3D00000c295cbb895a%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MZBxudIro3CPAskob6wXAlh5DDrjA&abxe=1&dt=1685449471407&lmt=1685449420&dlt=1685449469390&idt=531&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=h&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1954965806.1685449470&ga_sid=1685449470&ga_hid=914313790&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuOD35IYxSABSAghkEhkKCnB1YmNpZC5vcmcYjeH35IYxSABSAghqEu4BCghydGJob3VzZRLYAVkrUE9MVU9tSkdCNUVrZElyRW9KUlJLWDlyZTRHVTZ1NUhyckp1R0xHc1dpNGhDakZicHlCQ0xYajJCYmF2NlBFd2JKbkJtUmVub2Qyc1NGL2p1S2d6aFlObzZ4bHlwQ1d2STJ1cnZjeTdJR0pDUm95YmhZai9HV1lYNExrQnRPT09FaUw1WFNuWVk2bnplNXFWcW1GcEQ2UWNzZ1djSGRyRmtsR0Ruc3NvRUhmT1ZDVXczMmlCKzRMR0ZTT1BLT3RCN2phMy9MUkxYVW1NRG5KR2xtT3c9PRid4vfkhjFIABIdCg5lc3AuY3JpdGVvLmNvbRi44PfkhjFIAFICCGQSGQoKdWlkYXBpLmNvbRi44PfkhjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGN7h9-SGMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00a3a2285754aaafb6bd96042a59d7a9a8bfaf462977b514bc011620544206d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1459908131487426&correlator=2814108529822802&eid=31074695%2C31074825&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Csky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=120x600%7C160x600%7C300x600&ifi=18&adks=2501595801&didk=2675907384&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-6%26hb_r_id%3D8939b8675e8c133%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.06%26hb_adid%3D210fded62e18eb8d%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F11082%252F0%252Froland-garros-vs-roland-garros%252F&sc=1&cookie=ID%3Da21db3fede674b59%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MbiJublblMJ28VmXwv_XsSJrah7zQ&gpic=UID%3D00000c295cbb895a%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MZBxudIro3CPAskob6wXAlh5DDrjA&abxe=1&dt=1685449471408&lmt=1685449420&dlt=1685449469390&idt=531&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=i&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1954965806.1685449470&ga_sid=1685449470&ga_hid=914313790&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuOD35IYxSABSAghkEhkKCnB1YmNpZC5vcmcYjeH35IYxSABSAghqEu4BCghydGJob3VzZRLYAVkrUE9MVU9tSkdCNUVrZElyRW9KUlJLWDlyZTRHVTZ1NUhyckp1R0xHc1dpNGhDakZicHlCQ0xYajJCYmF2NlBFd2JKbkJtUmVub2Qyc1NGL2p1S2d6aFlObzZ4bHlwQ1d2STJ1cnZjeTdJR0pDUm95YmhZai9HV1lYNExrQnRPT09FaUw1WFNuWVk2bnplNXFWcW1GcEQ2UWNzZ1djSGRyRmtsR0Ruc3NvRUhmT1ZDVXczMmlCKzRMR0ZTT1BLT3RCN2phMy9MUkxYVW1NRG5KR2xtT3c9PRid4vfkhjFIABIdCg5lc3AuY3JpdGVvLmNvbRi44PfkhjFIAFICCGQSGQoKdWlkYXBpLmNvbRi44PfkhjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGN7h9-SGMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4bf5b2004016e02950b3452cd44831480ea9603b2fa759ba4c4a9717cb6ae65e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10992
x-xss-protection
0
google-lineitem-id
5850403633
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374455612
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		85 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1459908131487426&correlator=2814108529822802&eid=31074695%2C31074825&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cresponsive&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=19&adks=656180126&didk=2675907335&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-7%26hb_r_id%3D98cdab887fd4e8c%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.06%26hb_adid%3D2111902599ac2c34%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F11082%252F0%252Froland-garros-vs-roland-garros%252F&sc=1&cookie=ID%3Da21db3fede674b59%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MbiJublblMJ28VmXwv_XsSJrah7zQ&gpic=UID%3D00000c295cbb895a%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MZBxudIro3CPAskob6wXAlh5DDrjA&abxe=1&dt=1685449471410&lmt=1685449420&dlt=1685449469390&idt=531&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=j&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1954965806.1685449470&ga_sid=1685449470&ga_hid=914313790&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuOD35IYxSABSAghkEhkKCnB1YmNpZC5vcmcYjeH35IYxSABSAghqEu4BCghydGJob3VzZRLYAVkrUE9MVU9tSkdCNUVrZElyRW9KUlJLWDlyZTRHVTZ1NUhyckp1R0xHc1dpNGhDakZicHlCQ0xYajJCYmF2NlBFd2JKbkJtUmVub2Qyc1NGL2p1S2d6aFlObzZ4bHlwQ1d2STJ1cnZjeTdJR0pDUm95YmhZai9HV1lYNExrQnRPT09FaUw1WFNuWVk2bnplNXFWcW1GcEQ2UWNzZ1djSGRyRmtsR0Ruc3NvRUhmT1ZDVXczMmlCKzRMR0ZTT1BLT3RCN2phMy9MUkxYVW1NRG5KR2xtT3c9PRid4vfkhjFIABIdCg5lc3AuY3JpdGVvLmNvbRi44PfkhjFIAFICCGQSGQoKdWlkYXBpLmNvbRi44PfkhjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGN7h9-SGMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8a5979e309bb544d8906a00e06d069296e3aeeb3a51127d0161f1bbcc965c3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39819
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		109 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1459908131487426&correlator=2814108529822802&eid=31074695%2C31074825&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cresponsive3&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=20&adks=1041763575&didk=2675907334&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-8%26hb_r_id%3D107857398cc5a33d%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.07%26hb_adid%3D2124a0d3d5dc4e8a%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F11082%252F0%252Froland-garros-vs-roland-garros%252F&sc=1&cookie=ID%3Da21db3fede674b59%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MbiJublblMJ28VmXwv_XsSJrah7zQ&gpic=UID%3D00000c295cbb895a%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MZBxudIro3CPAskob6wXAlh5DDrjA&abxe=1&dt=1685449471412&lmt=1685449420&dlt=1685449469390&idt=531&adxs=1018&adys=635&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=k&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&frm=20&vis=1&psz=1076x293&msz=1076x0&fws=4&ohw=1076&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1954965806.1685449470&ga_sid=1685449470&ga_hid=914313790&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuOD35IYxSABSAghkEhkKCnB1YmNpZC5vcmcYjeH35IYxSABSAghqEu4BCghydGJob3VzZRLYAVkrUE9MVU9tSkdCNUVrZElyRW9KUlJLWDlyZTRHVTZ1NUhyckp1R0xHc1dpNGhDakZicHlCQ0xYajJCYmF2NlBFd2JKbkJtUmVub2Qyc1NGL2p1S2d6aFlObzZ4bHlwQ1d2STJ1cnZjeTdJR0pDUm95YmhZai9HV1lYNExrQnRPT09FaUw1WFNuWVk2bnplNXFWcW1GcEQ2UWNzZ1djSGRyRmtsR0Ruc3NvRUhmT1ZDVXczMmlCKzRMR0ZTT1BLT3RCN2phMy9MUkxYVW1NRG5KR2xtT3c9PRid4vfkhjFIABIdCg5lc3AuY3JpdGVvLmNvbRi44PfkhjFIAFICCGQSGQoKdWlkYXBpLmNvbRi44PfkhjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGN7h9-SGMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f9173abcb2218684b9c9a0b4339d5f07661b23eb0722138c348316c54bad709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36492
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1459908131487426&correlator=2814108529822802&eid=31074695%2C31074825&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cresponsive4&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=21&adks=2149091243&didk=2675907333&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-9%26hb_r_id%3D1165d89cec0bda96%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.08%26hb_adid%3D21391a9ab854dcda%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F11082%252F0%252Froland-garros-vs-roland-garros%252F&sc=1&cookie=ID%3Da21db3fede674b59%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MbiJublblMJ28VmXwv_XsSJrah7zQ&gpic=UID%3D00000c295cbb895a%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MZBxudIro3CPAskob6wXAlh5DDrjA&abxe=1&dt=1685449471416&lmt=1685449420&dlt=1685449469390&idt=531&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=l&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1954965806.1685449470&ga_sid=1685449470&ga_hid=914313790&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuOD35IYxSABSAghkEhkKCnB1YmNpZC5vcmcYjeH35IYxSABSAghqEu4BCghydGJob3VzZRLYAVkrUE9MVU9tSkdCNUVrZElyRW9KUlJLWDlyZTRHVTZ1NUhyckp1R0xHc1dpNGhDakZicHlCQ0xYajJCYmF2NlBFd2JKbkJtUmVub2Qyc1NGL2p1S2d6aFlObzZ4bHlwQ1d2STJ1cnZjeTdJR0pDUm95YmhZai9HV1lYNExrQnRPT09FaUw1WFNuWVk2bnplNXFWcW1GcEQ2UWNzZ1djSGRyRmtsR0Ruc3NvRUhmT1ZDVXczMmlCKzRMR0ZTT1BLT3RCN2phMy9MUkxYVW1NRG5KR2xtT3c9PRid4vfkhjFIABIdCg5lc3AuY3JpdGVvLmNvbRi44PfkhjFIAFICCGQSGQoKdWlkYXBpLmNvbRi44PfkhjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGN7h9-SGMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29ea687fcce3c207ee2e21eb2a10c0f3a5129e10b3b134134be26062cea0ccff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11018
x-xss-protection
0
google-lineitem-id
5818019657
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374438803
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1459908131487426&correlator=2814108529822802&eid=31074695%2C31074825&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cresponsive5&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=22&adks=2023909493&didk=1220294050&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-8176806-10%26hb_r_id%3D1250aa112779e38e%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.08%26hb_adid%3D2146765177983d8a%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F11082%252F0%252Froland-garros-vs-roland-garros%252F&sc=1&cookie=ID%3Da21db3fede674b59%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MbiJublblMJ28VmXwv_XsSJrah7zQ&gpic=UID%3D00000c295cbb895a%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MZBxudIro3CPAskob6wXAlh5DDrjA&abxe=1&dt=1685449471417&lmt=1685449420&dlt=1685449469390&idt=531&adxs=1018&adys=4269&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=m&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&frm=20&vis=1&psz=1076x2779&msz=1076x0&fws=4&ohw=1100&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1954965806.1685449470&ga_sid=1685449470&ga_hid=914313790&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuOD35IYxSABSAghkEhkKCnB1YmNpZC5vcmcYjeH35IYxSABSAghqEu4BCghydGJob3VzZRLYAVkrUE9MVU9tSkdCNUVrZElyRW9KUlJLWDlyZTRHVTZ1NUhyckp1R0xHc1dpNGhDakZicHlCQ0xYajJCYmF2NlBFd2JKbkJtUmVub2Qyc1NGL2p1S2d6aFlObzZ4bHlwQ1d2STJ1cnZjeTdJR0pDUm95YmhZai9HV1lYNExrQnRPT09FaUw1WFNuWVk2bnplNXFWcW1GcEQ2UWNzZ1djSGRyRmtsR0Ruc3NvRUhmT1ZDVXczMmlCKzRMR0ZTT1BLT3RCN2phMy9MUkxYVW1NRG5KR2xtT3c9PRid4vfkhjFIABIdCg5lc3AuY3JpdGVvLmNvbRi44PfkhjFIAFICCGQSGQoKdWlkYXBpLmNvbRi44PfkhjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGN7h9-SGMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4288e9ca22aed335ebbfe0b90d969604283f10bfb0a6f6befce0d303e3dc5689
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10734
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		382 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1459908131487426&correlator=2814108529822802&eid=31074695%2C31074825&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90&ifi=23&adks=3539973942&didk=1959687422&sfv=1-0-40&prev_scp=test%3Drefresh%26hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Dstick%26hb_r_id%3D134d29d69a536f4d%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.05%26hb_adid%3D2156e450f3113916%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F11082%252F0%252Froland-garros-vs-roland-garros%252F&sc=1&cookie=ID%3Da21db3fede674b59%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MbiJublblMJ28VmXwv_XsSJrah7zQ&gpic=UID%3D00000c295cbb895a%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MZBxudIro3CPAskob6wXAlh5DDrjA&abxe=1&dt=1685449471420&lmt=1685449420&dlt=1685449469390&idt=531&adxs=315&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=n&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1954965806.1685449470&ga_sid=1685449470&ga_hid=914313790&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuOD35IYxSABSAghkEhkKCnB1YmNpZC5vcmcYjeH35IYxSABSAghqEu4BCghydGJob3VzZRLYAVkrUE9MVU9tSkdCNUVrZElyRW9KUlJLWDlyZTRHVTZ1NUhyckp1R0xHc1dpNGhDakZicHlCQ0xYajJCYmF2NlBFd2JKbkJtUmVub2Qyc1NGL2p1S2d6aFlObzZ4bHlwQ1d2STJ1cnZjeTdJR0pDUm95YmhZai9HV1lYNExrQnRPT09FaUw1WFNuWVk2bnplNXFWcW1GcEQ2UWNzZ1djSGRyRmtsR0Ruc3NvRUhmT1ZDVXczMmlCKzRMR0ZTT1BLT3RCN2phMy9MUkxYVW1NRG5KR2xtT3c9PRid4vfkhjFIABIdCg5lc3AuY3JpdGVvLmNvbRi44PfkhjFIAFICCGQSGQoKdWlkYXBpLmNvbRi44PfkhjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGN7h9-SGMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ab3c14a79fadc01f78e56ed88625b6741bcc1843238740de85c94935b65d2d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 69DB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 May 2023 12:24:30 GMT
expires
Wed, 29 May 2024 12:24:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
0.php
s4.histats.com/stats/ Frame FDF1 		52 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4743517&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fdalbouh.xyz%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:145186930&@b3:1685449471&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fv3.sportsonline.sx%2Fchannels%2Fhd%2Fhd2.php&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.131 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534299.ip-149-56-240.net
Software
/
Resource Hash
7048a34fdb63bdb513d4a25a939bb2b42515351292c3b263a7277ac60591a54f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.sportsonline.sx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 30 May 2023 12:24:31 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 2CD3 		42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cpsgg_up1ZM65C_eN7_UPhLql-Azin9btcNqhoOrSEK7G6I-oMBABIJWbyiFglcqZgqwHoAHV_omnAsgBCeACAKgDAcgDywSqBKICT9AqpVCfIraA5JVHCb-NLUf5i9s03f53TpDV_auL33_sNKUgwOe0tj7P0dBCc8vtbnej5cSstP3cUCcL7wwZ82GMcePZnSp52XYn93cirz3Pw7IGzZSHd5v17H1nB67shej_OhrwTPlFj1Pas1ovoRb7sMqB3Fu_UQeVf-sooEM5aElaN5alS4JSIRB37y-5DF2nFGD4k01-WQar9PgEUa6OXJbiAZAzxK16OSMdGD_vVQ2RcM33iuBHevLoLDX0Ju4r2Y6AHOVyUQDVzuRpAU2PklGfYLU4SpOBsCepHjOr-8zMezudk5tW4gMQcIa_LV8WuVgnh5oB6oWFSRKjEq5WwbLltu52DMoZQ15qcmh1nJGCnPd9ALJ0zH6-IWn-xw7ABILcqPyEBOAEAcAFBaAGLoAHzrD02AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAG4DAHgEszMsMHondnWHtgTC6AUzMywweid2dYeoBTmipLP7qylxT-gFOqI6_qm-4XqVaAUoMrd7qGsi51DoBTj97KHqaGy6o4BoBSLjLKY2_ekr3DQFQH4FgGAFwE&sigh=V8JDCO2eKOM&cid=CAQSTABygQiDDZCCT0bwdZn6WZ_WENoRXQCPUSmyXRiCGjuJblxXszBY3OXBQp4MeqmtVmeTdbtPi0mjM8LAxpEMF5mjVXfH--a4lvm-e2Q&label=adresume
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 69DB 		2 KB
566 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 May 2023 11:26:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 May 2023 12:24:31 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 69DB 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 14:16:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
79702
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 14:16:09 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/ Frame 69DB 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/abg_lite_fy2021.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 14:16:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
79702
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8798
x-xss-protection
0
server
cafe
etag
11317101923912129037
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 14:16:09 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 69DB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 14:13:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
79865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 14:13:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 69DB 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 14:09:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
80110
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7987
x-xss-protection
0
server
cafe
etag
5788035530912182302
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 14:09:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 69DB 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54244
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684927996807358"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 May 2023 12:24:31 GMT
32da0f4bcd46006ef465cafdfe68b840.js
www.gstatic.com/mysidia/ Frame 69DB 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
575632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13640
x-xss-protection
0
last-modified
Wed, 17 May 2023 01:31:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 21 Aug 2023 20:30:39 GMT
WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
pagead2.googlesyndication.com/bg/ Frame 5B4E 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 09:37:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
10045
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14660
x-xss-protection
0
last-modified
Mon, 22 May 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 May 2024 09:37:06 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 11B9 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
6655
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 May 2023 10:33:36 GMT
etag
48472445140208031
expires
Wed, 31 May 2023 10:33:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame A845 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?nlJGWg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
embed.min.css
8gr9m8yqc15wvk.opposepresent.net/css/ Frame 94B0 		1 KB
903 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://8gr9m8yqc15wvk.opposepresent.net/css/embed.min.css?v=0.4
Requested by
Host: 8gr9m8yqc15wvk.opposepresent.net
URL: https://8gr9m8yqc15wvk.opposepresent.net/embed/awcg463b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.70.33 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c7cf941b4eb9254e850875107ded812b5cf2da9de46f85919561f2a73876257

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8gr9m8yqc15wvk.opposepresent.net/embed/awcg463b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 09 Jun 2022 09:49:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2453
etag
W/"62a1c21c-4f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldD1vayestLlb5q%2Bds2yWXduDp5rk%2FcjlFsI2vDhcRqnKnFhJZXEQS4VSHodQbYVSOYtdGM74cBDSWpH5QzHp%2BvoeP7lLKiunGj82Ny90%2BU%2FFLHTfzAK2f9pKjOiq0FdYT1ONHHVRrZHeiPUhH0XYo3Bog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=608400
cf-ray
7cf6f45dde7c03cd-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 06 Jun 2023 12:43:38 GMT
jquery.min.js
8gr9m8yqc15wvk.opposepresent.net/js/ Frame 94B0 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8gr9m8yqc15wvk.opposepresent.net/js/jquery.min.js
Requested by
Host: 8gr9m8yqc15wvk.opposepresent.net
URL: https://8gr9m8yqc15wvk.opposepresent.net/embed/awcg463b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.70.33 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8gr9m8yqc15wvk.opposepresent.net/embed/awcg463b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 18:05:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2261
etag
W/"5fa984ce-15283"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=trPWtFYyq%2FsIjPLN9qk9fEgWWJyLFdWytJIUCUgCf9YFRd%2BJPkVq7gOel%2B4Ver%2FmgZj6eeUbhSyw3LL2JinYWQmaDHW0eFBqf7j5YtPDj5OAsoy2fqDsnBT5v3%2FiJRTqdlFKw3NoK%2FT91x3g%2F4MU10rFBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=608400
cf-ray
7cf6f45dde7e03cd-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 06 Jun 2023 12:46:50 GMT
nsns.js
swarm.video/ Frame 94B0 		532 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://swarm.video/nsns.js?v=1.1
Requested by
Host: 8gr9m8yqc15wvk.opposepresent.net
URL: https://8gr9m8yqc15wvk.opposepresent.net/embed/awcg463b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7c260f5e1dcb04331e9fb5ea2c0a5b82552133dd170d219384ec76afb1ec9b3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8gr9m8yqc15wvk.opposepresent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
564655
cf-polished
origSize=545594
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 16 Feb 2023 19:59:09 GMT
server
cloudflare
etag
W/"8533a-1865bcf2c90"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X82PoiseWKnefusFhhX7VYFVpNe0F6Ka0gmr11AzSV2PyNmhuDt0sB3w0IsA%2Bhd96pOBJTQioBIxVMy69ICYqtgI%2Fhjy8jCUARm7YiPVXJos94JtjW4b3wu7c3%2FJXYO5lKgGOVtquV0XyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
7cf6f45e3c99047e-FRA
clappr.min.js
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 94B0 		513 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Requested by
Host: 8gr9m8yqc15wvk.opposepresent.net
URL: https://8gr9m8yqc15wvk.opposepresent.net/embed/awcg463b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8gr9m8yqc15wvk.opposepresent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 May 2023 12:24:31 GMT
x-content-type-options
nosniff
content-encoding
br
age
27444
x-jsd-version
0.3.13
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
145133
x-served-by
cache-fra-eddf8230037-FRA
x-jsd-version-type
version
etag
W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
/
widgets.amung.us/draw/ Frame 94B0
Redirect Chain
  • https://whos.amung.us/cwidget/bkw7sodkdx/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=1640&c=000000ffffff&p=left
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=1640&c=000000ffffff&p=left
Requested by
Host: 8gr9m8yqc15wvk.opposepresent.net
URL: https://8gr9m8yqc15wvk.opposepresent.net/embed/awcg463b
Protocol
H2
Server
2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6f9fc041d31f34f52fbf032e44d50717806c403cd7e276d5637870c7a2b0538

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8gr9m8yqc15wvk.opposepresent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
cf-cache-status
HIT
last-modified
Sat, 27 May 2023 03:07:54 GMT
server
cloudflare
age
292597
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
content-disposition
filename=wau-widget.png
cf-ray
7cf6f45edc429004-FRA
expires
Sun, 28 May 2023 03:07:54 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=1640&c=000000ffffff&p=left
date
Tue, 30 May 2023 12:24:31 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7cf6f45deb099004-FRA
content-type
text/html; charset=UTF-8
plausible.js
awstats.cloud/js/ Frame 94B0 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awstats.cloud/js/plausible.js
Requested by
Host: 8gr9m8yqc15wvk.opposepresent.net
URL: https://8gr9m8yqc15wvk.opposepresent.net/embed/awcg463b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2e3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eec3429c76cb48e5fd457c5afb71b7cf34bc4298d53023bae8aea715443b4a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8gr9m8yqc15wvk.opposepresent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHmmjrhkvXWMm6vtPRTPueNcor3iPM1XOj%2BQITYD79FwBUAaXLcHz5d8QzYffB%2BHYio%2BzfghWJ8Lz5IzNORMtI%2BzksjUdKWPx%2BIYqNckd6UsVdNyoX1%2BffYL84Di88CArcpe85dLDyDKBjdu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cross-origin-resource-policy
cross-origin
cf-ray
7cf6f45e4a619b7d-FRA
alt-svc
h3=":443"; ma=86400
dpixel
cms.quantserve.com/ Frame 11B9 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKy_zpN8RfBSk7Gl97LfBvU&google_cver=1&google_push=ATf1kGPE_hwjRTr_DtZm5Q57ab0JC7BesL6C_5iFxLBN4RphmmagqnHqZNvjhnBP_b04w5nFvFMx50Ag49iVRkk8ZbYT3zqNcWE
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 11B9
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHtzPjJXQ6EGbVC3EDyHd78&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RGo1QTJHMnAxUTNZb1Q1&google_gid=CAESEHtzPjJXQ6EGbVC3EDyHd78&google_cver=1&google_push=ATf1kGNI7rOmerecuVB1LvIt8-rkVJBPT3tVsVL8TP-QiAZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RGo1QTJHMnAxUTNZb1Q1&google_gid=CAESEHtzPjJXQ6EGbVC3EDyHd78&google_cver=1&google_push=ATf1kGNI7rOmerecuVB1LvIt8-rkVJBPT3tVsVL8TP-QiAZbv7pxOEoWf7AqwxOqR_5CpXeCykoj_GBfmuSF0qi-NbZmPiG7CuY
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 30 May 2023 12:24:31 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-085c90e762a864cb4@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RGo1QTJHMnAxUTNZb1Q1&google_gid=CAESEHtzPjJXQ6EGbVC3EDyHd78&google_cver=1&google_push=ATf1kGNI7rOmerecuVB1LvIt8-rkVJBPT3tVsVL8TP-QiAZbv7pxOEoWf7AqwxOqR_5CpXeCykoj_GBfmuSF0qi-NbZmPiG7CuY
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 11B9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEN31wUs88wQXkXgk5L6-2Kg&google_cver=1&google_push=ATf1kGP5zAg8ZVpQPIZxUb7T_66Dgb7uS0vxl4n1mT_oZVbNwFdlvdHN9oUoipcJCNQGEP52IKIjL7z7WEp8BzC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=vwdkder_QgCaem5m5h5R0A&google_push=ATf1kGP5zAg8ZVpQPIZxUb7T_66Dgb7uS0vxl4n1mT_oZVbNwFdlvdHN9oUoipcJCNQGEP52IKIjL7z7WEp8BzC_FnuyUcB3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=vwdkder_QgCaem5m5h5R0A&google_push=ATf1kGP5zAg8ZVpQPIZxUb7T_66Dgb7uS0vxl4n1mT_oZVbNwFdlvdHN9oUoipcJCNQGEP52IKIjL7z7WEp8BzC_FnuyUcB3-Qgh
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 30 May 2023 12:24:31 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x33 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=vwdkder_QgCaem5m5h5R0A&google_push=ATf1kGP5zAg8ZVpQPIZxUb7T_66Dgb7uS0vxl4n1mT_oZVbNwFdlvdHN9oUoipcJCNQGEP52IKIjL7z7WEp8BzC_FnuyUcB3-Qgh
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 30 May 2023 12:24:30 GMT
pixel
cm.g.doubleclick.net/ Frame 11B9
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPcqaQxqxsMUJ5qq5jzzwHs&google_cver=1&google_push=ATf1kGNzYWN0e9XBVlaqHoZhtST2JunaKPLnvtMill-niblqic9UDM3xqXX0diyyLL2mvAEay0Af63l7ekfVbX717BLA6lN...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNzYWN0e9XBVlaqHoZhtST2JunaKPLnvtMill-niblqic9UDM3xqXX0diyyLL2mvAEay0Af63l7ekfVbX717BLA6lNtT8y8&google_hm=eS1iV2pRVUJ0RTJwRnJpU3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNzYWN0e9XBVlaqHoZhtST2JunaKPLnvtMill-niblqic9UDM3xqXX0diyyLL2mvAEay0Af63l7ekfVbX717BLA6lNtT8y8&google_hm=eS1iV2pRVUJ0RTJwRnJpU3hEYTg3Mk5Wci5GVTN1UnZtSX5B
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 30 May 2023 12:24:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNzYWN0e9XBVlaqHoZhtST2JunaKPLnvtMill-niblqic9UDM3xqXX0diyyLL2mvAEay0Af63l7ekfVbX717BLA6lNtT8y8&google_hm=eS1iV2pRVUJ0RTJwRnJpU3hEYTg3Mk5Wci5GVTN1UnZtSX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 11B9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN6G2a-dZReo2jQRokaU1gU&google_cver=1&google_push=ATf1kGOzvJrQrkxcbMRW7iVIFxKJP5hzCakxRkhCnMfW__hML61IDQYQNMdE_oPI7QP-O_1fC0kVDGFh...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN6G2a-dZReo2jQRokaU1gU&google_cver=1&google_push=ATf1kGOzvJrQrkxcbMRW7iVIFxKJP5hzCakxRkhCnMfW__hML61IDQYQNMdE_oPI7QP-O_1fC0k...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA0NjUyOTY5OTk1MjA2NTk5Mg&google_push=ATf1kGOzvJrQrkxcbMRW7iVIFxKJP5hzCakxRkhCnMfW__hML61IDQYQNMdE_oPI7QP-O_1fC0kVDG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA0NjUyOTY5OTk1MjA2NTk5Mg&google_push=ATf1kGOzvJrQrkxcbMRW7iVIFxKJP5hzCakxRkhCnMfW__hML61IDQYQNMdE_oPI7QP-O_1fC0kVDGFhk-XvBcUNy8l8MUGrBibB
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA0NjUyOTY5OTk1MjA2NTk5Mg&google_push=ATf1kGOzvJrQrkxcbMRW7iVIFxKJP5hzCakxRkhCnMfW__hML61IDQYQNMdE_oPI7QP-O_1fC0kVDGFhk-XvBcUNy8l8MUGrBibB
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 11B9
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHQh3olHwJ70QyIMHq-Cr0Q&google_cver=1&google_push=ATf1kGPYwWgzI-_EyQ_Fm1g6_D9In05Wa_I7TSwDs9RZrXP3LnOGIeSmj6qgqW1g2ZfUaLmEq5r74QW9bb_F3MeyS...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPYwWgzI-_EyQ_Fm1g6_D9In05Wa_I7TSwDs9RZrXP3LnOGIeSmj6qgqW1g2ZfUaLmEq5r74QW9bb_F3MeyS243jYFSGGAV&google_hm=Gu2IqGZHYnFXcSmXSU67IRUe
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPYwWgzI-_EyQ_Fm1g6_D9In05Wa_I7TSwDs9RZrXP3LnOGIeSmj6qgqW1g2ZfUaLmEq5r74QW9bb_F3MeyS243jYFSGGAV&google_hm=Gu2IqGZHYnFXcSmXSU67IRUe
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 30 May 2023 12:24:31 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPYwWgzI-_EyQ_Fm1g6_D9In05Wa_I7TSwDs9RZrXP3LnOGIeSmj6qgqW1g2ZfUaLmEq5r74QW9bb_F3MeyS243jYFSGGAV&google_hm=Gu2IqGZHYnFXcSmXSU67IRUe
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
/
onetag-sys.com/match/ Frame 11B9
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDogoB5G29Mm9eJ1syHj1wU&google_cver=1&google_push=ATf1kGMP88J2MbzMs1akXTABdiaE9Z-yHWOmZBE-7tJlbRfiRtQd_02HQggTK2zmLpXgaM5Hg8JiOPNoYQr...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMP88J2MbzMs1akXTABdiaE9Z-yHWOmZBE-7tJlbRfiRtQd_02HQggTK2zmLpXgaM5Hg8JiOPNoYQrX-KkkP61eJ6dkco9-
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 11B9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IGkfk1HH8V1BYTOjrMebFBbPVY5laBeHC4qVaUDQ0j_Ap-oYJd3GmD8HRbGj_IEShTnhc4Ww
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
pagead2.googlesyndication.com/bg/ Frame 9F66 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11082/0/roland-garros-vs-roland-garros/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 09:37:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
10045
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14660
x-xss-protection
0
last-modified
Mon, 22 May 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 May 2024 09:37:06 GMT
css
fonts.googleapis.com/ Frame 94B0 		1 KB
408 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: 8gr9m8yqc15wvk.opposepresent.net
URL: https://8gr9m8yqc15wvk.opposepresent.net/css/embed.min.css?v=0.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83bb47871b3895cd8f4bf5da67037710b6d9a9e1fab80d03b579cd83a448fe23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8gr9m8yqc15wvk.opposepresent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 May 2023 11:23:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 May 2023 12:24:31 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 2CD3 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cpsgg_up1ZM65C_eN7_UPhLql-Azin9btcNqhoOrSEK7G6I-oMBABIJWbyiFglcqZgqwHoAHV_omnAsgBCeACAKgDAcgDywSqBKICT9AqpVCfIraA5JVHCb-NLUf5i9s03f53TpDV_auL33_sNKUgwOe0tj7P0dBCc8vtbnej5cSstP3cUCcL7wwZ82GMcePZnSp52XYn93cirz3Pw7IGzZSHd5v17H1nB67shej_OhrwTPlFj1Pas1ovoRb7sMqB3Fu_UQeVf-sooEM5aElaN5alS4JSIRB37y-5DF2nFGD4k01-WQar9PgEUa6OXJbiAZAzxK16OSMdGD_vVQ2RcM33iuBHevLoLDX0Ju4r2Y6AHOVyUQDVzuRpAU2PklGfYLU4SpOBsCepHjOr-8zMezudk5tW4gMQcIa_LV8WuVgnh5oB6oWFSRKjEq5WwbLltu52DMoZQ15qcmh1nJGCnPd9ALJ0zH6-IWn-xw7ABILcqPyEBOAEAcAFBaAGLoAHzrD02AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAG4DAHgEszMsMHondnWHtgTC6AUzMywweid2dYeoBTmipLP7qylxT-gFOqI6_qm-4XqVaAUoMrd7qGsi51DoBTj97KHqaGy6o4BoBSLjLKY2_ekr3DQFQH4FgGAFwE&sigh=V8JDCO2eKOM&cid=CAQSTABygQiDDZCCT0bwdZn6WZ_WENoRXQCPUSmyXRiCGjuJblxXszBY3OXBQp4MeqmtVmeTdbtPi0mjM8LAxpEMF5mjVXfH--a4lvm-e2Q&label=part2viewed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1F17 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPb1z27DrwvjHZ9rjxc6LpmnHl2b695M2842dlq76hYMQFGM_j7HAbXs-mG3Rwd08qeJOqZbZgcei2i0-fq0cJ8usY6JhAE3sNkpPhrnH4zvvNzSI4&sig=Cg0ArKJSzM1xgNfLVLTgEAE&id=lidar2&mcvt=1027&p=1111,437,1199,1163&mtos=1027,1027,1027,1027,1027&tos=1027,0,0,0,0&v=20230524&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=3202367356&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685449470506&rpt=290&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
asset.js
velocitycdn.com/script/ Frame 94B0 		107 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://velocitycdn.com/script/asset.js
Requested by
Host: 8gr9m8yqc15wvk.opposepresent.net
URL: https://8gr9m8yqc15wvk.opposepresent.net/embed/awcg463b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60a23ba9976ca655705031ac97edff6bb6d1c07eace4cd7131bae9abb9f4d21b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8gr9m8yqc15wvk.opposepresent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1425
x-guploader-uploadid
ADPycdtPDObNAxvFClZT4fm66avxySPN5Pj4AmNiGmJUNl4Gk0wLF2xZd4PO8yuJTPsBoQM_X6yj_8PkMb-RiZPoxHed
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 17 May 2023 11:38:40 GMT
server
cloudflare
etag
W/"f1f0deef583dde7d079b2085920edfbb"
vary
Accept-Encoding
x-goog-hash
crc32c=OZJHng==, md5=8fDe71g93n0HmyCFkg7fuw==
x-goog-generation
1684323520541450
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4iapkFnmBy3rgT6NGLY%2FNlvY9qJKyCysUYtUwWKqHk21lihTJa%2F3kQn0XTvumioZoYUTr%2FTwbtptx26vX0A9z%2BDCI%2F0C5kE3U6Lzm5CPVKPa9nKryqdP6yXuHX9nQjxg91dv%2FZPOQYARsBidTQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
109331
cf-ray
7cf6f45f09423642-FRA
expires
Tue, 30 May 2023 12:58:18 GMT
awcg463b.m3u8
cakcwbsnurkh.cdnexpress59.net/hls/ Frame 94B0 		825 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cakcwbsnurkh.cdnexpress59.net:8443/hls/awcg463b.m3u8?s=OCSBNBmDdVZElvfhMC15fw&e=1685471071
Requested by
Host: swarm.video
URL: https://swarm.video/nsns.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.154.206.69 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
5588259a690baa791bc2b8e19f86199cadbbefcdcab997c4380c28dd3efc62c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8gr9m8yqc15wvk.opposepresent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 30 May 2023 12:24:31 GMT
Last-Modified
Tue, 30 May 2023 12:24:29 GMT
Server
nginx/1.18.0
ETag
"6475eafd-339"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
825
event
awstats.cloud/api/ Frame 94B0 		2 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://awstats.cloud/api/event
Requested by
Host: awstats.cloud
URL: https://awstats.cloud/js/plausible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:2e3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://8gr9m8yqc15wvk.opposepresent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2YFrd1w6rfy0z1nNpV4IYw0k0aarCHzhKOp8OnNso%2FwC1ycQBcjpxhNBNFtXwK8qtW0deyLO6hntwkCX27rRXa0U%2FclwBSF67%2F3v6LNpWqVu%2BCQWQ3eUpd5w7daISkSuIVBXBpCWthKr2ZKw"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
7cf6f45f88b61c2a-FRA
alt-svc
h3=":443"; ma=86400
content-length
2
x-request-id
F2PrXWYE6bDbDSMCK2SB
ut.js
velocitycdn.com/script/ Frame 94B0 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://velocitycdn.com/script/ut.js?cb=1685449471921
Requested by
Host: velocitycdn.com
URL: https://velocitycdn.com/script/asset.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44ca64a9e8fe2cba0e19f10b5be4ad2556352a9783f2277d99133fc1ef81ea4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8gr9m8yqc15wvk.opposepresent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:31 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdtwZfiOSVNTyNuGXWQXvj6BdmcntLW3dJyFoqVd1fOqmdUEQjPv0_iSLRxOzjkNipErPrnEU_Z_ctBSGcRcgMoS21z6tC5v
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 17 May 2023 11:51:44 GMT
server
cloudflare
etag
W/"2acde53b155be86bcae1a94b039efe42"
vary
Accept-Encoding
x-goog-hash
crc32c=jRxOWQ==, md5=Ks3lOxVb6GvK4alLA57+Qg==
x-goog-generation
1684324304128147
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2fIuStZukHowYpkJI7rivCl1QOuSEJz6ow5lMhV8BhJ7e2DnIXhkuw5xTrW4ZZNiinwxyl2qVXD6zisu%2Fj44VGoGwau9OnJJX4k5cf0hMFPUKirzKAIqEa9Uw0HkX9d%2F3HY8mA98e1H3HFaxmGA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
79538
cf-ray
7cf6f45f8a1d3642-FRA
expires
Tue, 30 May 2023 13:16:52 GMT
suurl4.php
youradexchange.com/script/ Frame 94B0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=5954546&chmob=%3F0&cbur=0.8183665545826884&cbiframe=1&cbWidth=1060&cbHeight=484&cbtitle=&cbpage=https%3A%2F%2Fv3.sportsonline.sx%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=velocitycdn.com&aggr=0&ts=1685449471931
Requested by
Host: velocitycdn.com
URL: https://velocitycdn.com/script/asset.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8b25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8gr9m8yqc15wvk.opposepresent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:32 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0Wz6MIythBwN2O4S6RWmr1K96EVpqpJMxG6XlbXzV7mZz3Zwf1qVU3ofaBPk1SacK2wMZZzPQ1q%2FJq5a8qmrd9rueNB2ORj3LWFlr1SbsaBVTYzZspleMl4WEp3Fp%2BHeOZ8kDcuT4utBTwI63TmJSI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7cf6f45f9f6637f8-FRA
alt-svc
h3=":443"; ma=86400
activeview
pagead2.googlesyndication.com/pcs/ Frame DD01 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-6BZOp5f5a2_QX0ezD6pUiwRzacgA_xDlnWbm-VUFtCoc6vBDpm1SC4JrPz8sH8EyFnZ06ZxxOvIDL1JT5462KrI&sig=Cg0ArKJSzO4ddOzJuk7LEAE&id=lidar2&mcvt=1001&p=680,262,929,1338&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230524&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3368116147&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685449470475&rpt=438&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hb.php
youradexchange.com/ut/ Frame 94B0 		0
286 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/ut/hb.php?cb=0.7310033544609857
Requested by
Host: velocitycdn.com
URL: https://velocitycdn.com/script/ut.js?cb=1685449471921
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8b25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://8gr9m8yqc15wvk.opposepresent.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Tue, 30 May 2023 12:24:32 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=007hxk%2Fz3k9q5HJs97q2w8f2%2ByYr%2Btiyd2Vl4A1vDAw7CTvtqXYrfRwMrHudoPvE4QcNs66NILJJfN3me3uolCpkjoZYmeF8oBtpnLBLXj18Z9tPj3LHzeUXpYjAeHD%2BW0j1BaE9UOJoC7q6ZthgR1M%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7cf6f45fdf899247-FRA
alt-svc
h3=":443"; ma=86400
e.js
live.demand.supply/e/ 		0
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=yalla-shoots.tv_auto_728x90_sticky_display_bottom&e=ao&dsReferer=eWFsbGEtc2hvb3RzLnR2L2xpdmUvMTEwODIvMC9yb2xhbmQtZ2Fycm9zLXZzLXJvbGFuZC1nYXJyb3Mv
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nf-request-id
01GYDDGMBY27K80Y4X8K1PFF70
date
Tue, 30 May 2023 12:24:32 GMT
cf-cache-status
HIT
age
1540826
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"f15d547d05a495f7c5d3db1ac2af131f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7cf6f4607e282c2a-FRA
activeview
pagead2.googlesyndication.com/pcs/ Frame 104E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvy5hoSRe2tulkNnY79tZ9dbKWBAkcoiF4lh4ono5BfPXhfxLIJC2rCk75A7HN5_W16SXrLE4nmcy7bAngS3zLhYzY&sig=Cg0ArKJSzE3cdXVnd71jEAE&id=lidar2&mcvt=1000&p=220,288,500,1312&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230524&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4294953168&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685449470636&rpt=340&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
awcg463b.m3u8
cakcwbsnurkh.cdnexpress59.net/hls/ Frame 94B0 		825 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cakcwbsnurkh.cdnexpress59.net:8443/hls/awcg463b.m3u8?s=OCSBNBmDdVZElvfhMC15fw&e=1685471071
Requested by
Host: swarm.video
URL: https://swarm.video/nsns.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.154.206.69 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
5588259a690baa791bc2b8e19f86199cadbbefcdcab997c4380c28dd3efc62c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8gr9m8yqc15wvk.opposepresent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 30 May 2023 12:24:32 GMT
Last-Modified
Tue, 30 May 2023 12:24:29 GMT
Server
nginx/1.18.0
ETag
"6475eafd-339"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
825
2eb74478-0a5d-4f1c-92c5-3b40ad3d40c6
https://8gr9m8yqc15wvk.opposepresent.net/ Frame 94B0 		61 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://8gr9m8yqc15wvk.opposepresent.net/2eb74478-0a5d-4f1c-92c5-3b40ad3d40c6
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length
62280
Content-Type
text/javascript
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305250101&jk=1459908131487426&bg=!h4SlhNDNAAZu7ficTu07ADkAdvg8Wh2fCj7O0vgUkbn9brozBBbx6HyJoYUAz3eZy0JPcqANngj7yF4xjS7YB2gD57hh2eTZ8KACAAABJ1IAAAACaAEHCgAQsY5bp2oB1RXNCgK_md0Ig5kCo7mT8TgnJGr3pfVq8kO2ugaKmQPcdcZsgtZpZZuflhzV2kumfWNpj58MCMSvotRhh1nGe6HUHqqEa2ugkfOcxPN3WhViSDSNDHPlTfrE5hY6lZXXeBWNWpbQcDGrEacrp6AwOaJgs-sxk6NA2lafheCBDGDmsoHLZiri7T8_Z5cAK_HTIn4gQCyPKjV5kD8elJenStRZUwu7ZkjUTbSw3QsrDV0I8W71XfsGKSQ2PxqGWXaM-PkPB1HC4MZpuZYAB58Lwcc-4eiVmk54YSk5r1ePCcSuX7HBxDe8F_tuCHc2ANmlkyf8eh2cKNfW10lu5lYrtUj-hYW0R8DHiqwjYVWXRYVRaC4DfE2fAhuLjI5XsZQ4qkf8cLG-PSzneohvjqffmAmv5x8k80uxGv-F5_Yn_LK6Lr_9uelAlI3XXBx6ncc9sRMNNa3DCpcjpJEofNV29AJUEqgaVzVYdb26kC0JaPDnCoMnw0kC8MrVPCRqv8WmaAOI-e8tZLLTQjEGsk146AHXNXy0pkKomSQWusEg7COLLNFqNTU7XDu3OZ9j0b6Tfk6WmPr8PPwVVPaa_HwFzfZI6wB_agIjK8rxRRPisKgDxwh9eihQ8G1rd4uQiUm9vQiL6XEfm3CqVL3sb5qqs_u0NtJ-4cHQpLT4LW3PFRXTVq46UPGcffJ_xyw0IZJi_Dsvf4-Sg7LRpRWkE4YUXagKK8Vgt8QlLdX6myUqPzjoIng5b6lBJh6I-M7D_XUcIPOCUDBHimypxyjKagymGhbtx2eVwMJDmUJtQaRoLx6t4aLT6y6CzC32WjgJXgzHI3j6dcjMhpb6op1Chcl4TbwTJRFRMZmizcIDoYZBHRGd9nktAyzi5OHco3lpU0JrlVsMyY_woYGMuvLOXLZiDQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
container.html
a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0BD7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 May 2023 12:24:30 GMT
expires
Wed, 29 May 2024 12:24:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame 2CD3 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=a~lia93j9x&c=2532417103167&slotId=1266208551583.5&qqid=CM6w1MeEnf8CFffGuwgdBF0Jzw&dm=30000&event_name=first_play&asset_bytes=434520&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=15&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=9&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.lia93jn3
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fc5ca179bcc5c13a10383053c3380af3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2CD3 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=b~lia93jz0&c=2532417103167&slotId=1266208551583.5&qqid=CM6w1MeEnf8CFffGuwgdBF0Jzw&dm=30000&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Fef33bde3b6f53b5d50fc677805f1b9fa.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fc5ca179bcc5c13a10383053c3380af3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2CD3 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=c~lia93jz0&c=2532417103167&slotId=1266208551583.5&qqid=CM6w1MeEnf8CFffGuwgdBF0Jzw&dm=30000&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Ffc5ca179bcc5c13a10383053c3380af3.js%253Ftag%253Dgpa%252Fdynamic_fig_web_banner_v2&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fc5ca179bcc5c13a10383053c3380af3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2CD3 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=d~lia93jz0&c=2532417103167&slotId=1266208551583.5&qqid=CM6w1MeEnf8CFffGuwgdBF0Jzw&dm=30000&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F32da0f4bcd46006ef465cafdfe68b840.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fc5ca179bcc5c13a10383053c3380af3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2CD3 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=e~lia93jz1&c=2532417103167&slotId=1266208551583.5&qqid=CM6w1MeEnf8CFffGuwgdBF0Jzw&dm=30000&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fencrypted-tbn3.gstatic.com%252Fshopping%253Fq%253Dtbn%253AANd9GcR3AdQPjWzczt1WKyZMPuRZsloVuPm0_Mx9NzofiUpPduUoyH_CXkgoY714yw%2526usqp%253DCAI&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fc5ca179bcc5c13a10383053c3380af3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2CD3 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=f~lia93jz1&c=2532417103167&slotId=1266208551583.5&qqid=CM6w1MeEnf8CFffGuwgdBF0Jzw&dm=30000&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fencrypted-tbn1.gstatic.com%252Fshopping%253Fq%253Dtbn%253AANd9GcQ4ctkf8q4rwI3gmuv2n3-5iLRFv0OhGZmXSh9uU-PyMjGybAnsYgjerh5eeL4%2526usqp%253DCAI&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fc5ca179bcc5c13a10383053c3380af3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2CD3 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=g~lia93jz1&c=2532417103167&slotId=1266208551583.5&qqid=CM6w1MeEnf8CFffGuwgdBF0Jzw&dm=30000&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fencrypted-tbn3.gstatic.com%252Fshopping%253Fq%253Dtbn%253AANd9GcS8ZdEujvAI42fBYIOANI3wMzZSPv_2s2pu7uYQamr_kuZ4DI3eJnPn-iYiHg%2526usqp%253DCAI&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fc5ca179bcc5c13a10383053c3380af3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2CD3 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=h~lia93jz1&c=2532417103167&slotId=1266208551583.5&qqid=CM6w1MeEnf8CFffGuwgdBF0Jzw&dm=30000&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fencrypted-tbn3.gstatic.com%252Fshopping%253Fq%253Dtbn%253AANd9GcTBYpAIoFpFySZbKWnzgNN7tooNF3a8W7mUwfEXdiimdzgFX7py1lwYzPkxT6E%2526usqp%253DCAI&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fc5ca179bcc5c13a10383053c3380af3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2CD3 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=i~lia93jz1&c=2532417103167&slotId=1266208551583.5&qqid=CM6w1MeEnf8CFffGuwgdBF0Jzw&dm=30000&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fencrypted-tbn3.gstatic.com%252Fshopping%253Fq%253Dtbn%253AANd9GcShbPr1olk0e9TW32eVjT3U3CXuXFXAyjKt3lE5fBUL4xQO5W4_pMo7FH9Yag%2526usqp%253DCAI&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fc5ca179bcc5c13a10383053c3380af3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2CD3 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=j~lia93jz2&c=2532417103167&slotId=1266208551583.5&qqid=CM6w1MeEnf8CFffGuwgdBF0Jzw&dm=30000&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fredirector.gvt1.com%252Fvideoplayback%253Fid%253D0e09f6707f2165ff%2526itag%253D18%2526source%253Dweb_video_ads%2526requiressl%253Dyes%2526cmo%253Dsecure_transport%253Dyes%2526ip%253D0.0.0.0%2526ipbits%253D0%2526expire%253D1685456670%2526sparams%253Dip%252Cipbits%252Cexpire%252Cid%252Citag%252Csource%252Crequiressl%2526signature%253D58D019AB27D5F7E84CF36383FE7E60A7F1361E24.29CFC5CF24FB3EA43AA894B5C74ED350FE8F35C5%2526key%253Dck2&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fc5ca179bcc5c13a10383053c3380af3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 2CD3 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cpsgg_up1ZM65C_eN7_UPhLql-Azin9btcNqhoOrSEK7G6I-oMBABIJWbyiFglcqZgqwHoAHV_omnAsgBCeACAKgDAcgDywSqBKICT9AqpVCfIraA5JVHCb-NLUf5i9s03f53TpDV_auL33_sNKUgwOe0tj7P0dBCc8vtbnej5cSstP3cUCcL7wwZ82GMcePZnSp52XYn93cirz3Pw7IGzZSHd5v17H1nB67shej_OhrwTPlFj1Pas1ovoRb7sMqB3Fu_UQeVf-sooEM5aElaN5alS4JSIRB37y-5DF2nFGD4k01-WQar9PgEUa6OXJbiAZAzxK16OSMdGD_vVQ2RcM33iuBHevLoLDX0Ju4r2Y6AHOVyUQDVzuRpAU2PklGfYLU4SpOBsCepHjOr-8zMezudk5tW4gMQcIa_LV8WuVgnh5oB6oWFSRKjEq5WwbLltu52DMoZQ15qcmh1nJGCnPd9ALJ0zH6-IWn-xw7ABILcqPyEBOAEAcAFBaAGLoAHzrD02AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAG4DAHgEszMsMHondnWHtgTC6AUzMywweid2dYeoBTmipLP7qylxT-gFOqI6_qm-4XqVaAUoMrd7qGsi51DoBTj97KHqaGy6o4BoBSLjLKY2_ekr3DQFQH4FgGAFwE&sigh=V8JDCO2eKOM&cid=CAQSTABygQiDDZCCT0bwdZn6WZ_WENoRXQCPUSmyXRiCGjuJblxXszBY3OXBQp4MeqmtVmeTdbtPi0mjM8LAxpEMF5mjVXfH--a4lvm-e2Q&label=adpause
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 0BD7 		4 KB
655 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 May 2023 12:24:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 May 2023 11:05:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 May 2023 12:24:32 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 0BD7 		2 KB
893 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 14:16:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
79703
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 14:16:09 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 0BD7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CYw_S_-p1ZJT2MeGZlQeKpZ7oAc2q28ZtwcDswagM_9GivcABEAEgudvzJmCVypmCrAegAbC6odcDyAEJqQIpDTYhmu6xPuACAKgDAcgDywSqBJwCT9A6-j85OA8sia6vLE-De9kJ7J8ChW3-7vqNQnMnmJq0ZI3V6iVQWRIGIuWthwfo75sz2SDeO_2QUxRcqr6HYA5n3BE4-a0AUcgEXG099UaiDwTT1EO5z7EY96oqnDeqUwq0q-bPmyNQDI1nvT3xtQevaQqPsIQGxp8xEcHl26OHOfi1eZIPn53WklUEIo216vcxXSh4sVkpl9LqQp6d323RF_5MILJUzZIcpkJt9_MQpwLTvj0RLGyyH-R5N4GaOEsOKY1mktd0MGdFWPlrY5MgwhSOre6HXxXSXe13MrI7qsgL1By2vo-7H88xmq4VX9ost4caCxB0H9COunreW5GkTHuEIaQ8QtNejmqM4pmU_ilJ55U8QkxPgObABPnh4sqOA-AEAZIFBAgEGAGSBQQIBRgEoAYugAe_2b1gqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEN6cCNIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHYEwyIFAHQFQGAFwGyFx4KHAgAEhRwdWItNjczNjI1NjQ3MzIwMjczMxjkww4&sigh=w3cyf6xyQCc&uach_m=[UACH]&cid=CAQSPABygQiDY5NjPASmdM-Oh88w4Wwbu0zSt22rtANO7mJWoavbnqbzltSZ3ZLLPgleRgXBzL00HRNOmGjoQRgB&template_id=494
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11082/0/roland-garros-vs-roland-garros/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/ Frame 0BD7 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/abg_lite_fy2021.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 14:16:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
79703
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8798
x-xss-protection
0
server
cafe
etag
11317101923912129037
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 14:16:09 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 0BD7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 14:13:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
79866
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 14:13:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 0BD7 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 14:09:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
80111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7987
x-xss-protection
0
server
cafe
etag
5788035530912182302
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 14:09:21 GMT
l
www.google.com/ads/measurement/ Frame 0BD7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQnE9cANRcOEKjZ2VwF6xEAgewVDtY16SMnaIxuzMY9du-IZdwsIkQUAqAnKf4rhR34R6X93q5YJ2bkYFlY9gTZcKg1sg
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0BD7 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54244
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684927996807358"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 May 2023 12:24:32 GMT
32da0f4bcd46006ef465cafdfe68b840.js
www.gstatic.com/mysidia/ Frame 0BD7 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 20:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
575633
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13640
x-xss-protection
0
last-modified
Wed, 17 May 2023 01:31:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 21 Aug 2023 20:30:39 GMT
truncated
/ Frame 0BD7 		287 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
4091503581208051288
tpc.googlesyndication.com/simgad/ Frame 0BD7
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
  • https://tpc.googlesyndication.com/simgad/4091503581208051288
107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4091503581208051288
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 08:42:39 GMT
x-content-type-options
nosniff
age
358913
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109931
x-xss-protection
0
last-modified
Wed, 23 Oct 2019 12:45:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 25 May 2024 08:42:39 GMT

Redirect headers

date
Mon, 29 May 2023 19:39:31 GMT
x-content-type-options
nosniff
server
cafe
age
60301
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/4091503581208051288
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 28 Jun 2023 19:39:31 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CD35 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
6656
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 May 2023 10:33:36 GMT
etag
48472445140208031
expires
Wed, 31 May 2023 10:33:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0BD7 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b35d449300be79f0dafcc67974bdad447f5c244e429ddbd6314952cf45305a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame CD35
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKy_zpN8RfBSk7Gl97LfBvU&google_cver=1&google_push=ATf1kGPfsIfGyFwISeiTBzwvW5dBMMS-fmmU0wnTvsRU0UTXgCbctkz4vB...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGPfsIfGyFwISeiTBzwvW5dBMMS-fmmU0wnTvsRU0UTXgCbctkz4vB33DwUSRMeTafvbTYmuJVeaY1MnwAYNyEXSGuCzG9OI&google_hm=YsEdq984WNPk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGPfsIfGyFwISeiTBzwvW5dBMMS-fmmU0wnTvsRU0UTXgCbctkz4vB33DwUSRMeTafvbTYmuJVeaY1MnwAYNyEXSGuCzG9OI&google_hm=YsEdq984WNPkGBh7PMecPg
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGPfsIfGyFwISeiTBzwvW5dBMMS-fmmU0wnTvsRU0UTXgCbctkz4vB33DwUSRMeTafvbTYmuJVeaY1MnwAYNyEXSGuCzG9OI&google_hm=YsEdq984WNPkGBh7PMecPg
pragma
no-cache
date
Tue, 30 May 2023 12:24:32 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CD35
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHtzPjJXQ6EGbVC3EDyHd78&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RGo1QTJHMnAxUTNZb1Q1&google_gid=CAESEHtzPjJXQ6EGbVC3EDyHd78&google_cver=1&google_push=ATf1kGMhrzIBgfWUJuVMXgDrQ6UTkOiUHCkdm9FabEEz_lx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RGo1QTJHMnAxUTNZb1Q1&google_gid=CAESEHtzPjJXQ6EGbVC3EDyHd78&google_cver=1&google_push=ATf1kGMhrzIBgfWUJuVMXgDrQ6UTkOiUHCkdm9FabEEz_lx1ZvOGO7wQpyTv9CoeCc3qEDGlEWbeE3eeaIHUYsvLgBtChdxKbS4_0A
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 30 May 2023 12:24:32 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-0a1a90ed6ac66fe36@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RGo1QTJHMnAxUTNZb1Q1&google_gid=CAESEHtzPjJXQ6EGbVC3EDyHd78&google_cver=1&google_push=ATf1kGMhrzIBgfWUJuVMXgDrQ6UTkOiUHCkdm9FabEEz_lx1ZvOGO7wQpyTv9CoeCc3qEDGlEWbeE3eeaIHUYsvLgBtChdxKbS4_0A
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CD35
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEN31wUs88wQXkXgk5L6-2Kg&google_cver=1&google_push=ATf1kGOFVWDPQNMuAUy7YIDGa_twjpwOzsaBDkYmhCl3FinEjzC8RF6ofSdvupNC1pxt7IyW8tkYR4un1Jvv9qTC...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=vwdkder_QgCaem5m5h5R0A&google_push=ATf1kGOFVWDPQNMuAUy7YIDGa_twjpwOzsaBDkYmhCl3FinEjzC8RF6ofSdvupNC1pxt7IyW8tkYR4un1Jvv9qTCK54wlztE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=vwdkder_QgCaem5m5h5R0A&google_push=ATf1kGOFVWDPQNMuAUy7YIDGa_twjpwOzsaBDkYmhCl3FinEjzC8RF6ofSdvupNC1pxt7IyW8tkYR4un1Jvv9qTCK54wlztEWeOx
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 30 May 2023 12:24:32 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x34 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=vwdkder_QgCaem5m5h5R0A&google_push=ATf1kGOFVWDPQNMuAUy7YIDGa_twjpwOzsaBDkYmhCl3FinEjzC8RF6ofSdvupNC1pxt7IyW8tkYR4un1Jvv9qTCK54wlztEWeOx
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 30 May 2023 12:24:31 GMT
pixel
cm.g.doubleclick.net/ Frame CD35
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPcqaQxqxsMUJ5qq5jzzwHs&google_cver=1&google_push=ATf1kGPXaDQihB0YscwDZMLpF7-ra3ls1_qmmWtvFGNY4G0w8L2pOQOWT5Tmk5tiNL-Iili-tpLP8slyriCuzapHKhLR6aq...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPXaDQihB0YscwDZMLpF7-ra3ls1_qmmWtvFGNY4G0w8L2pOQOWT5Tmk5tiNL-Iili-tpLP8slyriCuzapHKhLR6aqxQZntoQ&google_hm=eS1iV2pRVUJ0RTJwRnJp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPXaDQihB0YscwDZMLpF7-ra3ls1_qmmWtvFGNY4G0w8L2pOQOWT5Tmk5tiNL-Iili-tpLP8slyriCuzapHKhLR6aqxQZntoQ&google_hm=eS1iV2pRVUJ0RTJwRnJpU3hEYTg3Mk5Wci5GVTN1UnZtSX5B
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 30 May 2023 12:24:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPXaDQihB0YscwDZMLpF7-ra3ls1_qmmWtvFGNY4G0w8L2pOQOWT5Tmk5tiNL-Iili-tpLP8slyriCuzapHKhLR6aqxQZntoQ&google_hm=eS1iV2pRVUJ0RTJwRnJpU3hEYTg3Mk5Wci5GVTN1UnZtSX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame CD35
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN6G2a-dZReo2jQRokaU1gU&google_cver=1&google_push=ATf1kGPzGrag3gW7SHdHD2UOtWaEYsdFKKq8sRkfI0mUg6kuCe6he-ADBStD17G9AGUVIVy_t_Po0AZH...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA0NjUyOTY5OTk1MjA2NTk5Mg&google_push=ATf1kGPzGrag3gW7SHdHD2UOtWaEYsdFKKq8sRkfI0mUg6kuCe6he-ADBStD17G9AGUVIVy_t_Po0A...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA0NjUyOTY5OTk1MjA2NTk5Mg&google_push=ATf1kGPzGrag3gW7SHdHD2UOtWaEYsdFKKq8sRkfI0mUg6kuCe6he-ADBStD17G9AGUVIVy_t_Po0AZHTrO77XfgWufnQiDpr3-8
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA0NjUyOTY5OTk1MjA2NTk5Mg&google_push=ATf1kGPzGrag3gW7SHdHD2UOtWaEYsdFKKq8sRkfI0mUg6kuCe6he-ADBStD17G9AGUVIVy_t_Po0AZHTrO77XfgWufnQiDpr3-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame CD35
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHQh3olHwJ70QyIMHq-Cr0Q&google_cver=1&google_push=ATf1kGPn51XpHMc9jxCFQbEorCOEjSBGKaBC871QoKbJn4jz0FgVSQm77FBFdGZEXFTrhiL-D7X7qLnURim3remoQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPn51XpHMc9jxCFQbEorCOEjSBGKaBC871QoKbJn4jz0FgVSQm77FBFdGZEXFTrhiL-D7X7qLnURim3remoQoR6B9yblk-f&google_hm=Gu2IqGZHYnFXcSmXSU67IRUe
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPn51XpHMc9jxCFQbEorCOEjSBGKaBC871QoKbJn4jz0FgVSQm77FBFdGZEXFTrhiL-D7X7qLnURim3remoQoR6B9yblk-f&google_hm=Gu2IqGZHYnFXcSmXSU67IRUe
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 30 May 2023 12:24:32 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGPn51XpHMc9jxCFQbEorCOEjSBGKaBC871QoKbJn4jz0FgVSQm77FBFdGZEXFTrhiL-D7X7qLnURim3remoQoR6B9yblk-f&google_hm=Gu2IqGZHYnFXcSmXSU67IRUe
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
/
onetag-sys.com/match/ Frame CD35
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDogoB5G29Mm9eJ1syHj1wU&google_cver=1&google_push=ATf1kGNC8lKelbDRnTv5yjLoERjPrXRjVl9Dqy1UyIiUrfC92R4av1DRnPtVrypagald2UanWFZ9fTF2kCt...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNC8lKelbDRnTv5yjLoERjPrXRjVl9Dqy1UyIiUrfC92R4av1DRnPtVrypagald2UanWFZ9fTF2kCtYLNLKYfzOC_WCgpbMcwA
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame CD35 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JEo6YD2-P13wvSyGVvFzezr--6KMx3kp9AaVoHq4lWvclb3Y6GTQ4WmMwIthL6NRoSjEZV1w
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0BD7 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 18:58:23 GMT
x-content-type-options
nosniff
age
235569
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 May 2024 18:58:23 GMT
all
csm.eu.criteo.net/ Frame 3088 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=DLJSh5QXNarbvS9ywdvMbIpayi99NFAMRsCBewlEoyEmJwpJtdneR4fg-OI7uHnuz5i7AAxnn5VW6DXYd_g7LVOJfNP91LSJ9sC-fgAdnfv_TZJv23kZeG3o0aKfJPuJkrmxF_glovkRijTwqTIkS9Da3L8wEQkIVEmQ1P6ZB_9wpxvBA2AIQ4gHPOHFEQKT33k2xVLMfmHGalp1ITh3Xm6AuFiycQifbfvcERnr9tHfljDEDSGqJvhQQKNuVNTsNWBAaQ&sds=2&rev=86437.3&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZHXq_gAHELYIu88AAAFymVTmwbj6tazh-dZDPQ&u=%7CxiZKFHmULl9pB%2FWx1kArvOe2Y5WZUfsucSh1KvVgN5w%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9_UZloKNb2cUrtAt_J-5viyXSbI-tLvo6QUVMSHOqv4SSIM1uLI95CKOarvqzGH4ByNrjFbjJLTqeCHq7eE7vL1AhROuEo3n8E6T4WvGed6geOnFam5vK2_fUu-I6siexkyj9SwCOhrfLioHDIq1uFL6Nv93CTof204CO9TvPzTZtv65199HYbHA7jZSY91KEUtCg1__roeW2YYWkxru29IoG7dRsTryfVSs7DQrn5JdACy15MFIFucdwoAfPeNCa8u1f2obdxZamwnVi_sNuKWYUO7GtD2Jgp1f40yrw4VBDinohqVOPY5ZGRcwe9WOLcBpSm-LpYyNQbufFKGdidvgIYLpa3g6K-LHMeGdV5R-8fPsaTID34WUYJMar_ZxetYekUuHXlnWJ7ecu2hT3ZFkkX4Nmw_V3DQxopSZQVuyDes7idkvd29APZH9clhmPxYTkjPPvGEGz3ehDo7zda-Ly4_NmirKmwi8XFbfcfMMaJXrraqaueChkUw41yZzq52F8McfgBGQi7dmUy9gbF8MoeAnM8-H2NpHUTiems0XonxVIayxeAQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaau7_up1ZLahHICe7_UPmeWFqATJntKxXL2Ol_dwwI23ARABIABglcqZgqwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAikNNiGa7rE-4AIAqAMBqgTMAk_QbFIoACkWXwoQi_EgsaTSYakrfatBaAGeCkzqN4DqY1FEfflWgSPj7p8U0VBFQb2PpvgPRaL45OLgaikr8aIgkBw0PrtYnLc6l2gXvNjhbo2JyhGAJzLaEawXthT0i-WIry62hZlbM-PHrRlITBM2tty6H5GSNLTrTo0QCVpOUlJt8f3784T0BVCrX8yrFnLergmf6e3dOHeLPUHCRjMT7yHZvg8J_DMWPK9-8oC-tq6KHTmUOJ-ekJzDv6RKpRFPiHXMPfipgD-p96UeaUmi0eMTMTQmtAHee1qYyPwgj7XrdR5-zRAfrrzo2OEnOtL7iQGprSdyVK6MuAijJA39tNUlvmNNvLgdp5AbkQkURKkRvl9mS7pDM96D0Umw13RZKECzMr18Ciecll1I-uYTmsRaGNT8vqaPdW57H8x6M2Qt7qXszCUncMDy4AQBgAb63YrSzY2ekpwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2lJJFnFrDC-DBm9XaUVa-2Ngrb8w%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 30 May 2023 12:24:31 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
pagead2.googlesyndication.com/bg/ Frame 8A88 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
Requested by
Host: yalla-shoots.tv
URL: https://yalla-shoots.tv/live/11082/0/roland-garros-vs-roland-garros/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 09:37:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
10046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14660
x-xss-protection
0
last-modified
Mon, 22 May 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 May 2024 09:37:06 GMT
awcg463b-501261840.ts
cakcwbsnurkh.cdnexpress59.net/hls/ Frame 94B0 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cakcwbsnurkh.cdnexpress59.net:8443/hls/awcg463b-501261840.ts
Requested by
Host: swarm.video
URL: https://swarm.video/nsns.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.154.206.69 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b467039b95ce413c02ed45178615d2f41881181cab80b71249269d0c2ddde269

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8gr9m8yqc15wvk.opposepresent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 30 May 2023 12:24:32 GMT
Last-Modified
Tue, 30 May 2023 12:23:34 GMT
Server
nginx/1.18.0
ETag
"6475eac6-22fc70"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
2292848
awcg463b-502161840.ts
cakcwbsnurkh.cdnexpress59.net/hls/ Frame 94B0 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cakcwbsnurkh.cdnexpress59.net:8443/hls/awcg463b-502161840.ts
Requested by
Host: swarm.video
URL: https://swarm.video/nsns.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.154.206.69 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
1d6bfe9afd10a2ca27a6d73cbd7c61f0d74e5c141282db9311982dba8e1c449d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8gr9m8yqc15wvk.opposepresent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 30 May 2023 12:24:32 GMT
Last-Modified
Tue, 30 May 2023 12:23:44 GMT
Server
nginx/1.18.0
ETag
"6475ead0-185c50"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
1596496
bid
ap.lijit.com/rtb/ 		24 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.4
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
0e90789fcb748938325c8e19f648c5d873a88351db8b138d49723e9ecb781097

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 30 May 2023 12:24:32 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=66960689273
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6f9ef4853bfe665b34cf7a2c4b9ac3a0a29aee6a4c3524be5afeb941fce4bfaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 May 2023 12:24:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
prebid
mp.4dex.io/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:32 GMT
x-err
Parsing the Prebid Request. org/site not found
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7cf6f463d827368b-FRA
expires
0
c
prebid.a-mo.net/a/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Tue, 30 May 2023 12:24:31 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
csi
csi.gstatic.com/ Frame 2CD3 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=k~lia93jz2&c=2532417103167&slotId=1266208551583.5&qqid=CM6w1MeEnf8CFffGuwgdBF0Jzw&dm=30000&event_name=first_pause&asset_bytes=435204&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=18&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=10&video_played_seconds=0.69&video_muted=true&video_seconds_loaded=30.00&vqdf=0&vqtf=25&vqfr=36
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fc5ca179bcc5c13a10383053c3380af3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		384 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1459908131487426&correlator=2248278403580056&eid=31074695%2C31074825&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=160x600&ifi=24&adks=3127296869&didk=1287726829&sfv=1-0-40&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-1685449472571-0%26hb_r_id%3D2416772b95482b34%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.07%26hb_adid%3D2512014ee24e81ec%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F11082%252F0%252Froland-garros-vs-roland-garros%252F&sc=1&cookie=ID%3Da21db3fede674b59%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MbiJublblMJ28VmXwv_XsSJrah7zQ&gpic=UID%3D00000c295cbb895a%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MZBxudIro3CPAskob6wXAlh5DDrjA&abxe=1&dt=1685449472673&lmt=1685449420&dlt=1685449469390&idt=531&adxs=-160&adys=310&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=o&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=160&psts=ABHeCviXCgYd7ojjInzjsRLmpLydw19F0hiBYTzDskWy51_2K-E3GnG4cMQhL3ADGVzL0U9oIgLQvJ3QhXfci-PJpkAMZwA%2CABHeCvgpXoHOx9brv-GoU_AKqLjg2I_KjfwUZ3ETvrIHpB2XofKPVnqL4fzVUSpUyT38FySCftpfJy3BnAYoIGC7Xa5lGKo%2CABHeCvh79HfRToY0pu1fcjh4yK1qZ1uM3V6rzUzR-TAEQcJwKMI-F4MPvR-xtG9wjmTZe72QnYZNSDM743tzxYa4U__64uE%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCviRMbSVU44yZuKmW90qla3h1QmNMbZl3GjX7l3kNJ1B-LG0b3eTPtxsAg2wG3MeDaEKJpS7Vc68kOowxkM0s91N9CA%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1954965806.1685449470&ga_sid=1685449470&ga_hid=914313790&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuOD35IYxSABSAghkEhkKCnB1YmNpZC5vcmcYjeH35IYxSABSAghqEu4BCghydGJob3VzZRLYAVkrUE9MVU9tSkdCNUVrZElyRW9KUlJLWDlyZTRHVTZ1NUhyckp1R0xHc1dpNGhDakZicHlCQ0xYajJCYmF2NlBFd2JKbkJtUmVub2Qyc1NGL2p1S2d6aFlObzZ4bHlwQ1d2STJ1cnZjeTdJR0pDUm95YmhZai9HV1lYNExrQnRPT09FaUw1WFNuWVk2bnplNXFWcW1GcEQ2UWNzZ1djSGRyRmtsR0Ruc3NvRUhmT1ZDVXczMmlCKzRMR0ZTT1BLT3RCN2phMy9MUkxYVW1NRG5KR2xtT3c9PRid4vfkhjFIABIdCg5lc3AuY3JpdGVvLmNvbRi44PfkhjFIAFICCGQSGQoKdWlkYXBpLmNvbRi44PfkhjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGN7h9-SGMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144aa068060cf43481d52283d230998a413a56962a16790804a5c8382884ae09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame 94B0 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://8gr9m8yqc15wvk.opposepresent.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 00:06:44 GMT
x-content-type-options
nosniff
age
303469
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 May 2024 00:06:44 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:13:32 GMT
server
nginx
etag
W/"642e8d3c-15c1d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 31 May 2023 12:24:33 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0BD7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvURT8dKeL1dJat7fysxEt51CWG-1wS9fOhdQjg_EqKxSgC_QKk1r4Zt4YJHeZ48XABr50H1HNNFtVVSnjPwmhXK8bBnOwSbIh39S2ldAxEy2n73DGyJPu7hwh8CBGgDBK4qM-C9A&sai=AMfl-YQRU6609CaeN96J_ZYivHL9AuKh3KVYYn4Q2HatprTK6PhyibSm3eDS_S9dnUZ8yds4t4pLY7SZ3Biv6HaC-hy9w5wZEx1WPZgsoAdUqKma8a90WohSBrxyxUsO&sig=Cg0ArKJSzL7Rv8BOgYs2EAE&cid=CAQSPABygQiDY5NjPASmdM-Oh88w4Wwbu0zSt22rtANO7mJWoavbnqbzltSZ3ZLLPgleRgXBzL00HRNOmGjoQRgB&id=lidar2&mcvt=1000&p=647,1018,897,1338&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230524&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1041763575&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685449472205&rpt=140&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 966C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 May 2023 12:24:30 GMT
expires
Wed, 29 May 2024 12:24:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame D0C2 		624 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEYlNif5QEwAQ&v=APEucNVYljZ_9T-TKriQjs7AwFGm-iL7C-IZr5XE8bU6pDQhGssl64gdEoUone9MnogVmPividymoKFj0Kp3ZBM3YoZTY_3I157y7PAEYeDHFBfumD8Ko75kVvXVxFvgEfZiuZiBo5PmzoPaf_cmpBL37QAJW45Xw97BFw2XICbf8pIPtBhKvlw
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 May 2023 12:24:33 GMT
expires
Tue, 30 May 2023 12:24:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 966C 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 30 May 2023 12:24:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 966C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A-5pEP5aDAig-q7u3Xc4p9MGnUFVQfa4_TjifrjVfu1YUTI4L4A6dX2yXddxJF5ERRuB7pHTMHOuUKJt8CP4Y0BUnWUSUV_dF1LR1z0rZ31hGFVqI
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 966C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14917842135716011432&x=1&ct=76
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 966C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 14:13:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
79867
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 14:13:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 966C 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 14:09:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
80112
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7987
x-xss-protection
0
server
cafe
etag
5788035530912182302
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Jun 2023 14:09:21 GMT
l
www.google.com/ads/measurement/ Frame 966C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSB5gBlRwhI5XnIVc8sn2XszPOJgwOcODnTw6YsQm7OKaQrMrO3jD7h52CBbf9UObRLVLfJl1XL6oiAmDk_6648Y8fH_A
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 966C 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54244
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684927996807358"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 May 2023 12:24:33 GMT
rum
dsum-sec.casalemedia.com/ Frame D0C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPn5G3ZZ6Fld4dPi1ukMjC0&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPn5G3ZZ6Fld4dPi1ukMjC0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEYlNif5QEwAQ&v=APEucNVYljZ_9T-TKriQjs7AwFGm-iL7C-IZr5XE8bU6pDQhGssl64gdEoUone9MnogVmPividymoKFj0Kp3ZBM3YoZTY_3I157y7PAEYeDHFBfumD8Ko75kVvXVxFvgEfZiuZiBo5PmzoPaf_cmpBL37QAJW45Xw97BFw2XICbf8pIPtBhKvlw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 May 2023 12:24:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPn5G3ZZ6Fld4dPi1ukMjC0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D0C2
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHXq-1LtxKQEPhms-iwrFAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPn5G3ZZ6Fld4dPi1ukMjC0&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPn5G3ZZ6Fld4dPi1ukMjC0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEYlNif5QEwAQ&v=APEucNVYljZ_9T-TKriQjs7AwFGm-iL7C-IZr5XE8bU6pDQhGssl64gdEoUone9MnogVmPividymoKFj0Kp3ZBM3YoZTY_3I157y7PAEYeDHFBfumD8Ko75kVvXVxFvgEfZiuZiBo5PmzoPaf_cmpBL37QAJW45Xw97BFw2XICbf8pIPtBhKvlw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 May 2023 12:24:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPn5G3ZZ6Fld4dPi1ukMjC0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame D0C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELeCZAX-su9eGsg_S6AoZRE&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELeCZAX-su9eGsg_S6AoZRE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEYlNif5QEwAQ&v=APEucNVYljZ_9T-TKriQjs7AwFGm-iL7C-IZr5XE8bU6pDQhGssl64gdEoUone9MnogVmPividymoKFj0Kp3ZBM3YoZTY_3I157y7PAEYeDHFBfumD8Ko75kVvXVxFvgEfZiuZiBo5PmzoPaf_cmpBL37QAJW45Xw97BFw2XICbf8pIPtBhKvlw
Protocol
HTTP/1.1
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 May 2023 12:24:33 GMT
AN-X-Request-Uuid
ccb2d73f-ddfa-4165-921e-c9d8ce07e7dc
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELeCZAX-su9eGsg_S6AoZRE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D0C2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg1MzcxMzEyMzcwNzc4MDE5Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg1MzcxMzEyMzcwNzc4MDE5Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEYlNif5QEwAQ&v=APEucNVYljZ_9T-TKriQjs7AwFGm-iL7C-IZr5XE8bU6pDQhGssl64gdEoUone9MnogVmPividymoKFj0Kp3ZBM3YoZTY_3I157y7PAEYeDHFBfumD8Ko75kVvXVxFvgEfZiuZiBo5PmzoPaf_cmpBL37QAJW45Xw97BFw2XICbf8pIPtBhKvlw
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 30 May 2023 12:24:33 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ea3e3ba2-1a69-439d-b6f0-9184e1e32434
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg1MzcxMzEyMzcwNzc4MDE5Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 966C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7937829289780&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 966C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7937829289780&version=m202301230201&ct=76&x=1&cor=14917842135716012000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 966C 		73 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Akz87Km-nqvikfO0lh61t93vCVRBunyFlio8Rwclj64LDT5TzZlu47-LK7wZ9g27QIYmrmcNlYY3nO64pUbURZr5a0AQ&cry=1&dbm_d=AKAmf-CUjkxRa3jdUUllLjprlhbdmNAyM0Y17c2OXe6f7k1Sohheb4aUS4KXTjnwRb3hP5SCVUrQDKQM5U15gkzRAG99SeccAveQJtjO53YseUPOE4h5F43VnbAskz0lN-YUYtkQENtYQNM1GDE1aQcvloiWPzabAWcgqemW9ugr_6iFKxZF5qXbpasQVemwH_ZHWKYeyvHOtMWCtIlPVigQJSAUZ9aTtDulxGdMTBtCh1e966gwVzovXHv_mvKDLM8fx2GRIP1vYnvFmsElwLLhXLLO5PwJVisKlLD2JuTIKRSljLv_UKFD-YP7UtSaYntLHkT7ag36xfMuOLO4up84eYEWgyTW_gKsh5qolxdCqr2AISVJea6np3Kb0sPR9ncF4HYyUnyFpXz597xGh583nmncpA9A_YNJB0jE08CRuoF5K4TpK2bCCgMVvLm52W__KHQfO6GesDtUWqet9a4qEX1DUdFThWHYyoMq8xBq-jj0KOlMItdsv0ALbQUw-q2xwcTjdNsqVJYXhREPjszrVf1GpLxD5O8AH-xRHasLL-IN_Vus9kZn4VujT0CQxeT_-lR6NXdyuJPsXjuGRd0dlwTo68T-dNN32x4XV5fjr07KIG10WS4S9j3ZNiTJ5wUXkfhsIf4_BVPu6WxeJJOeFgLPpGV6uyxAvjESSOaPVhcqLS3aI-9xGlSljhQj40UaX1Kn15Md6fkQXGQYySmyTNW3rhRfRZXsxMa3v6KzKf50hSjmKlIE-f16slZJ9ukPpJohIZyAdr9lUAvd4RXxeeakIWRM-Yunwm5bfQoOhPpRjUVL4QoqcdjmVj0B32K9t82n6dM1ew6MiZ8y-qzyd7gIijK3haTxXKUCG9PPKsG0fgnJ-08-rFngRjIbW-J4Ehe_BdNOaKx7KZ37X1GPp-Z8g9vhTDlUflwP-ECKUQUhAX5JKptruFrmDjupLg1aP0d9K0hpWs7SSZftDhMXZgpOlFwvLoIESVYf9BnPEllE808nMMtEuSayLL7vUzDMKfXDpIPVorVOXFL3YsGAzwWj5KHgcZlDP4XtbolfW2c8skHg5KbxCL903kqshhz9wNyotXOdsaWB4VrNBAkWiBMjFi_qVH4Aiah5toynFGTXbVjvXXhHB26LP7gOSqlNrGiJwhZ-I_nS_MdjP_DTA8D4skoH2JrYqSDEr9s4PsunChvRbpfk0Yj-u_DYf4CHTY8Q7DrkH2-Zc7nw11BoFynyu-CxW59Dsn1zHe-WklHYmDxkxwTtmQYP_I0bP3L8YTJP0ZQeEq1ldT1Qv2_ZT_xBI-hC342H0h_5zZo0xO2wqmV6RBsuJX6tlhwSWhgdYKp4x0X6HZU5vEIdiXm45ZJYpCyLtCmqfViqCTU9farA-ZUTROK6V4A5UA2rzecnuE5qhmsVsxzEa9z6yihdS-tCzgY-dAlQCLFV1G4nKmu5yJabIMAxrywpp8GWM5Zyr24pvHH-8oZdjki45hWaEaKw8Ybxi6lTBUVWB2yOais8e3DP5irooODT8FJh995SV7dAMYTXQAwjgDjSBao-S6r81qiRTcypiI6ddaR06UrsIyg_sd3oVGJRVs9-JWlQn_6fdZCpJEoam6V85GiiOKnMhWtpgviVDBMwy_o8wMPUPRS2jnhH84eutz8Aqr98jpoBQvxD4faTHe_GDdMzAU8IRbmvK6POBXM8ttbnGoWS5gdf5nlksNMNYvgQbUDDh3V5IajcvjBmzo6Ag5Nj3mjZKLn7AAXbvlnM-cONsVdC0Y-YiXKILyV9r9rfK90ZFSwLfSosNqEuqA9mEUsIQS0qFcHnE3_qGT5Nr9Tad5BXvzj13y6_kdGCgctG5PNMZ0-rr_8iLMoc8i_nRp6gY3ggFnsCUPpZxzuz1fkWFrC-oeXYX3C7hvgTqhZggQp5DKHTl_MHnGxIl9yGXFvC3gJi_CXO54NAshphnE6X1wlQuao-2hN_7awcw2Adntjsq5kr6vzlt5QHikUilee9WtCuslZ4eJrHhMy9kk1PD_r74Km7C2Y7oimN7k_At0Gzf6dYk5QRwgBINXt6TTx0T1I5kMl6sWik4gOVkPdx4ypqPvYoKgXYj3VWEdERkoN3jA5YnUmWePt0Le8Z-RoDHCV6st10ShuCclQqv5MxliwBz6O-Jf_6Ylr7CWZHtSwvk0mbbyawtqBYX3jKIsEMgCP_jsitlh6uAMRYV-YT3MMyoPV-KVqbAzWgIve-BumA-znRXUbFZsoZPtxh5hzMP-z_ybzshItRJMmNOVFijsiEyX0oLb70zQ4lYNwla2Aw0I-o_BGrSV-Ea1CCAEr40ddAeScEiMGy_mtohGuAFw7EWO_XoCdTr3c6IYrn2fZyx-diFX1yFhX9PV9oCQjs_0IXmbDyCCQ2UwTIDc-KQV9r2C2SpXYJd3hS3N9VvzLAjqJ4VNyexAt2NmGvj-JPsQda4KoSClk1Uq8_r7NmzRfLYCf-6SyWFbBk-QSwiatj83mkhTGNCFIaSc8z7CmiI2GblAem04sohDumUwWp9RjxXP98O-Hob91lWZ9i_mm_M0DT8-mE1kXZpQ6NKXl1nXtkJEc6hVP4f9IrD1WxFG8uyz0hEXesIwKIs-sjbpSP7v2hfwHgDnW9T5gb0SUcUEYRbHdCcY5Vm_oCPicc67oMTeo9MauETmHelPCPDtUvXYoRDf5b5yQPN9UboUzad6sOSqKAEraZJpl3-Gb2l80pK8w6L0UMN0ylHKaQpnD_n_PlYl8YxAEbP_ZFAuqnEQDln19Zy5y0yl9nr_ZtCz-u-oUDWht6yix1B5WkiEFEUg2rRluQSUvMCqWeAFufosuG0sNJrCM1gALigHHEeDftLg761VtcDMIMZ85aoJahUniKMbtniYEM2Vlr-k39Sy5HFCKiitpCR78AAHjzLm2NVxNCUmwFpbOkjR7UgsPpxTlSSn6UAq290sKCfrGGyHkrW4sOmNETFugTmZugklSfWEmFytlb_Ol28u4ysh5bAODLQgTVVaDuzUz91psrRZ2eBuIjxYx6StsEgCscUFagS12zycoQaN4Kr6280dmij9EcmWqlcdvRR8D1yTpI2-FC16yfW0H-UTt1tlQEN4SajxLjsaz8G7cxK7oiSAI9GakxlH_Tm-6FjUVIW3to4iVgROrT2ACJ4qBDpR3vXRrSI_mpJYUy0a4CEWm9TDf0DUKZo5JFd-tM_REH0-AV3E6YiH-VxlFW3LeL-e5JXW0PnQjlBmmd49CP0wEr0FIrHIkqjiD9YbaEBSlDo6PWKe51DXKxwcSdYHsIyzhA3aFCZQV393jljqBdhcJ3ZlfaHjD2l5dowgR0G9hbNj4skV8ArB6CIVX4YWEsSn8deqqZ88B97yl5qQbzHH4KyTPtOE1U9BYWjf-iVg1LQeaUThai_v0IFTaUyZrqBpymWFpiepMI69f1ulPvG7TK3YfZvUqIryoRPdLdSZijFz31EgkOtLPByZCaYKrU-h7DUAKA4WDTjInrvK0nxbR2OYd3ASNYrva-yhipcPy6akfR6vxsVWqsik3TALrC5dvNGudkCXiqcOima9jurKajwUk_lbtNvsnDQCwSsFBQ2ocmOPlAWbKFUXSEipStGF6Fz5kud5p_2bDomGboV-9jvMkagIdSzSNXipqutjBXTZeeI-wcsF_bnawkH1fenY7w5q4xgFi1HeJ9NcBLGqriuGb9NdrJIEhFuIgFTdgP5pXW48J8ydFXAA&cid=CAQSPABygQiDsOdzYed0lRLJCLwAFUTc7E5QuY7Ct9t4Z1OtTxvWdRs_WBtnhCbqpV5cQlJNXr9bhSf9WrNEcxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=14917842135716012000&adk=3690638929&idt=142&cac=0&dtd=15
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
408e46e3b923094c27c0d74311b0a9054c05c9bcf449291781a1784bcdac80c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34847
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/ Frame 966C 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Akz87Km-nqvikfO0lh61t93vCVRBunyFlio8Rwclj64LDT5TzZlu47-LK7wZ9g27QIYmrmcNlYY3nO64pUbURZr5a0AQ&cry=1&dbm_d=AKAmf-CUjkxRa3jdUUllLjprlhbdmNAyM0Y17c2OXe6f7k1Sohheb4aUS4KXTjnwRb3hP5SCVUrQDKQM5U15gkzRAG99SeccAveQJtjO53YseUPOE4h5F43VnbAskz0lN-YUYtkQENtYQNM1GDE1aQcvloiWPzabAWcgqemW9ugr_6iFKxZF5qXbpasQVemwH_ZHWKYeyvHOtMWCtIlPVigQJSAUZ9aTtDulxGdMTBtCh1e966gwVzovXHv_mvKDLM8fx2GRIP1vYnvFmsElwLLhXLLO5PwJVisKlLD2JuTIKRSljLv_UKFD-YP7UtSaYntLHkT7ag36xfMuOLO4up84eYEWgyTW_gKsh5qolxdCqr2AISVJea6np3Kb0sPR9ncF4HYyUnyFpXz597xGh583nmncpA9A_YNJB0jE08CRuoF5K4TpK2bCCgMVvLm52W__KHQfO6GesDtUWqet9a4qEX1DUdFThWHYyoMq8xBq-jj0KOlMItdsv0ALbQUw-q2xwcTjdNsqVJYXhREPjszrVf1GpLxD5O8AH-xRHasLL-IN_Vus9kZn4VujT0CQxeT_-lR6NXdyuJPsXjuGRd0dlwTo68T-dNN32x4XV5fjr07KIG10WS4S9j3ZNiTJ5wUXkfhsIf4_BVPu6WxeJJOeFgLPpGV6uyxAvjESSOaPVhcqLS3aI-9xGlSljhQj40UaX1Kn15Md6fkQXGQYySmyTNW3rhRfRZXsxMa3v6KzKf50hSjmKlIE-f16slZJ9ukPpJohIZyAdr9lUAvd4RXxeeakIWRM-Yunwm5bfQoOhPpRjUVL4QoqcdjmVj0B32K9t82n6dM1ew6MiZ8y-qzyd7gIijK3haTxXKUCG9PPKsG0fgnJ-08-rFngRjIbW-J4Ehe_BdNOaKx7KZ37X1GPp-Z8g9vhTDlUflwP-ECKUQUhAX5JKptruFrmDjupLg1aP0d9K0hpWs7SSZftDhMXZgpOlFwvLoIESVYf9BnPEllE808nMMtEuSayLL7vUzDMKfXDpIPVorVOXFL3YsGAzwWj5KHgcZlDP4XtbolfW2c8skHg5KbxCL903kqshhz9wNyotXOdsaWB4VrNBAkWiBMjFi_qVH4Aiah5toynFGTXbVjvXXhHB26LP7gOSqlNrGiJwhZ-I_nS_MdjP_DTA8D4skoH2JrYqSDEr9s4PsunChvRbpfk0Yj-u_DYf4CHTY8Q7DrkH2-Zc7nw11BoFynyu-CxW59Dsn1zHe-WklHYmDxkxwTtmQYP_I0bP3L8YTJP0ZQeEq1ldT1Qv2_ZT_xBI-hC342H0h_5zZo0xO2wqmV6RBsuJX6tlhwSWhgdYKp4x0X6HZU5vEIdiXm45ZJYpCyLtCmqfViqCTU9farA-ZUTROK6V4A5UA2rzecnuE5qhmsVsxzEa9z6yihdS-tCzgY-dAlQCLFV1G4nKmu5yJabIMAxrywpp8GWM5Zyr24pvHH-8oZdjki45hWaEaKw8Ybxi6lTBUVWB2yOais8e3DP5irooODT8FJh995SV7dAMYTXQAwjgDjSBao-S6r81qiRTcypiI6ddaR06UrsIyg_sd3oVGJRVs9-JWlQn_6fdZCpJEoam6V85GiiOKnMhWtpgviVDBMwy_o8wMPUPRS2jnhH84eutz8Aqr98jpoBQvxD4faTHe_GDdMzAU8IRbmvK6POBXM8ttbnGoWS5gdf5nlksNMNYvgQbUDDh3V5IajcvjBmzo6Ag5Nj3mjZKLn7AAXbvlnM-cONsVdC0Y-YiXKILyV9r9rfK90ZFSwLfSosNqEuqA9mEUsIQS0qFcHnE3_qGT5Nr9Tad5BXvzj13y6_kdGCgctG5PNMZ0-rr_8iLMoc8i_nRp6gY3ggFnsCUPpZxzuz1fkWFrC-oeXYX3C7hvgTqhZggQp5DKHTl_MHnGxIl9yGXFvC3gJi_CXO54NAshphnE6X1wlQuao-2hN_7awcw2Adntjsq5kr6vzlt5QHikUilee9WtCuslZ4eJrHhMy9kk1PD_r74Km7C2Y7oimN7k_At0Gzf6dYk5QRwgBINXt6TTx0T1I5kMl6sWik4gOVkPdx4ypqPvYoKgXYj3VWEdERkoN3jA5YnUmWePt0Le8Z-RoDHCV6st10ShuCclQqv5MxliwBz6O-Jf_6Ylr7CWZHtSwvk0mbbyawtqBYX3jKIsEMgCP_jsitlh6uAMRYV-YT3MMyoPV-KVqbAzWgIve-BumA-znRXUbFZsoZPtxh5hzMP-z_ybzshItRJMmNOVFijsiEyX0oLb70zQ4lYNwla2Aw0I-o_BGrSV-Ea1CCAEr40ddAeScEiMGy_mtohGuAFw7EWO_XoCdTr3c6IYrn2fZyx-diFX1yFhX9PV9oCQjs_0IXmbDyCCQ2UwTIDc-KQV9r2C2SpXYJd3hS3N9VvzLAjqJ4VNyexAt2NmGvj-JPsQda4KoSClk1Uq8_r7NmzRfLYCf-6SyWFbBk-QSwiatj83mkhTGNCFIaSc8z7CmiI2GblAem04sohDumUwWp9RjxXP98O-Hob91lWZ9i_mm_M0DT8-mE1kXZpQ6NKXl1nXtkJEc6hVP4f9IrD1WxFG8uyz0hEXesIwKIs-sjbpSP7v2hfwHgDnW9T5gb0SUcUEYRbHdCcY5Vm_oCPicc67oMTeo9MauETmHelPCPDtUvXYoRDf5b5yQPN9UboUzad6sOSqKAEraZJpl3-Gb2l80pK8w6L0UMN0ylHKaQpnD_n_PlYl8YxAEbP_ZFAuqnEQDln19Zy5y0yl9nr_ZtCz-u-oUDWht6yix1B5WkiEFEUg2rRluQSUvMCqWeAFufosuG0sNJrCM1gALigHHEeDftLg761VtcDMIMZ85aoJahUniKMbtniYEM2Vlr-k39Sy5HFCKiitpCR78AAHjzLm2NVxNCUmwFpbOkjR7UgsPpxTlSSn6UAq290sKCfrGGyHkrW4sOmNETFugTmZugklSfWEmFytlb_Ol28u4ysh5bAODLQgTVVaDuzUz91psrRZ2eBuIjxYx6StsEgCscUFagS12zycoQaN4Kr6280dmij9EcmWqlcdvRR8D1yTpI2-FC16yfW0H-UTt1tlQEN4SajxLjsaz8G7cxK7oiSAI9GakxlH_Tm-6FjUVIW3to4iVgROrT2ACJ4qBDpR3vXRrSI_mpJYUy0a4CEWm9TDf0DUKZo5JFd-tM_REH0-AV3E6YiH-VxlFW3LeL-e5JXW0PnQjlBmmd49CP0wEr0FIrHIkqjiD9YbaEBSlDo6PWKe51DXKxwcSdYHsIyzhA3aFCZQV393jljqBdhcJ3ZlfaHjD2l5dowgR0G9hbNj4skV8ArB6CIVX4YWEsSn8deqqZ88B97yl5qQbzHH4KyTPtOE1U9BYWjf-iVg1LQeaUThai_v0IFTaUyZrqBpymWFpiepMI69f1ulPvG7TK3YfZvUqIryoRPdLdSZijFz31EgkOtLPByZCaYKrU-h7DUAKA4WDTjInrvK0nxbR2OYd3ASNYrva-yhipcPy6akfR6vxsVWqsik3TALrC5dvNGudkCXiqcOima9jurKajwUk_lbtNvsnDQCwSsFBQ2ocmOPlAWbKFUXSEipStGF6Fz5kud5p_2bDomGboV-9jvMkagIdSzSNXipqutjBXTZeeI-wcsF_bnawkH1fenY7w5q4xgFi1HeJ9NcBLGqriuGb9NdrJIEhFuIgFTdgP5pXW48J8ydFXAA&cid=CAQSPABygQiDsOdzYed0lRLJCLwAFUTc7E5QuY7Ct9t4Z1OtTxvWdRs_WBtnhCbqpV5cQlJNXr9bhSf9WrNEcxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=14917842135716012000&adk=3690638929&idt=142&cac=0&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 09:37:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
10026
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11027
x-xss-protection
0
server
cafe
etag
5492578185836041520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Jun 2023 09:37:27 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/elements/html/ Frame 966C 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230523/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Akz87Km-nqvikfO0lh61t93vCVRBunyFlio8Rwclj64LDT5TzZlu47-LK7wZ9g27QIYmrmcNlYY3nO64pUbURZr5a0AQ&cry=1&dbm_d=AKAmf-CUjkxRa3jdUUllLjprlhbdmNAyM0Y17c2OXe6f7k1Sohheb4aUS4KXTjnwRb3hP5SCVUrQDKQM5U15gkzRAG99SeccAveQJtjO53YseUPOE4h5F43VnbAskz0lN-YUYtkQENtYQNM1GDE1aQcvloiWPzabAWcgqemW9ugr_6iFKxZF5qXbpasQVemwH_ZHWKYeyvHOtMWCtIlPVigQJSAUZ9aTtDulxGdMTBtCh1e966gwVzovXHv_mvKDLM8fx2GRIP1vYnvFmsElwLLhXLLO5PwJVisKlLD2JuTIKRSljLv_UKFD-YP7UtSaYntLHkT7ag36xfMuOLO4up84eYEWgyTW_gKsh5qolxdCqr2AISVJea6np3Kb0sPR9ncF4HYyUnyFpXz597xGh583nmncpA9A_YNJB0jE08CRuoF5K4TpK2bCCgMVvLm52W__KHQfO6GesDtUWqet9a4qEX1DUdFThWHYyoMq8xBq-jj0KOlMItdsv0ALbQUw-q2xwcTjdNsqVJYXhREPjszrVf1GpLxD5O8AH-xRHasLL-IN_Vus9kZn4VujT0CQxeT_-lR6NXdyuJPsXjuGRd0dlwTo68T-dNN32x4XV5fjr07KIG10WS4S9j3ZNiTJ5wUXkfhsIf4_BVPu6WxeJJOeFgLPpGV6uyxAvjESSOaPVhcqLS3aI-9xGlSljhQj40UaX1Kn15Md6fkQXGQYySmyTNW3rhRfRZXsxMa3v6KzKf50hSjmKlIE-f16slZJ9ukPpJohIZyAdr9lUAvd4RXxeeakIWRM-Yunwm5bfQoOhPpRjUVL4QoqcdjmVj0B32K9t82n6dM1ew6MiZ8y-qzyd7gIijK3haTxXKUCG9PPKsG0fgnJ-08-rFngRjIbW-J4Ehe_BdNOaKx7KZ37X1GPp-Z8g9vhTDlUflwP-ECKUQUhAX5JKptruFrmDjupLg1aP0d9K0hpWs7SSZftDhMXZgpOlFwvLoIESVYf9BnPEllE808nMMtEuSayLL7vUzDMKfXDpIPVorVOXFL3YsGAzwWj5KHgcZlDP4XtbolfW2c8skHg5KbxCL903kqshhz9wNyotXOdsaWB4VrNBAkWiBMjFi_qVH4Aiah5toynFGTXbVjvXXhHB26LP7gOSqlNrGiJwhZ-I_nS_MdjP_DTA8D4skoH2JrYqSDEr9s4PsunChvRbpfk0Yj-u_DYf4CHTY8Q7DrkH2-Zc7nw11BoFynyu-CxW59Dsn1zHe-WklHYmDxkxwTtmQYP_I0bP3L8YTJP0ZQeEq1ldT1Qv2_ZT_xBI-hC342H0h_5zZo0xO2wqmV6RBsuJX6tlhwSWhgdYKp4x0X6HZU5vEIdiXm45ZJYpCyLtCmqfViqCTU9farA-ZUTROK6V4A5UA2rzecnuE5qhmsVsxzEa9z6yihdS-tCzgY-dAlQCLFV1G4nKmu5yJabIMAxrywpp8GWM5Zyr24pvHH-8oZdjki45hWaEaKw8Ybxi6lTBUVWB2yOais8e3DP5irooODT8FJh995SV7dAMYTXQAwjgDjSBao-S6r81qiRTcypiI6ddaR06UrsIyg_sd3oVGJRVs9-JWlQn_6fdZCpJEoam6V85GiiOKnMhWtpgviVDBMwy_o8wMPUPRS2jnhH84eutz8Aqr98jpoBQvxD4faTHe_GDdMzAU8IRbmvK6POBXM8ttbnGoWS5gdf5nlksNMNYvgQbUDDh3V5IajcvjBmzo6Ag5Nj3mjZKLn7AAXbvlnM-cONsVdC0Y-YiXKILyV9r9rfK90ZFSwLfSosNqEuqA9mEUsIQS0qFcHnE3_qGT5Nr9Tad5BXvzj13y6_kdGCgctG5PNMZ0-rr_8iLMoc8i_nRp6gY3ggFnsCUPpZxzuz1fkWFrC-oeXYX3C7hvgTqhZggQp5DKHTl_MHnGxIl9yGXFvC3gJi_CXO54NAshphnE6X1wlQuao-2hN_7awcw2Adntjsq5kr6vzlt5QHikUilee9WtCuslZ4eJrHhMy9kk1PD_r74Km7C2Y7oimN7k_At0Gzf6dYk5QRwgBINXt6TTx0T1I5kMl6sWik4gOVkPdx4ypqPvYoKgXYj3VWEdERkoN3jA5YnUmWePt0Le8Z-RoDHCV6st10ShuCclQqv5MxliwBz6O-Jf_6Ylr7CWZHtSwvk0mbbyawtqBYX3jKIsEMgCP_jsitlh6uAMRYV-YT3MMyoPV-KVqbAzWgIve-BumA-znRXUbFZsoZPtxh5hzMP-z_ybzshItRJMmNOVFijsiEyX0oLb70zQ4lYNwla2Aw0I-o_BGrSV-Ea1CCAEr40ddAeScEiMGy_mtohGuAFw7EWO_XoCdTr3c6IYrn2fZyx-diFX1yFhX9PV9oCQjs_0IXmbDyCCQ2UwTIDc-KQV9r2C2SpXYJd3hS3N9VvzLAjqJ4VNyexAt2NmGvj-JPsQda4KoSClk1Uq8_r7NmzRfLYCf-6SyWFbBk-QSwiatj83mkhTGNCFIaSc8z7CmiI2GblAem04sohDumUwWp9RjxXP98O-Hob91lWZ9i_mm_M0DT8-mE1kXZpQ6NKXl1nXtkJEc6hVP4f9IrD1WxFG8uyz0hEXesIwKIs-sjbpSP7v2hfwHgDnW9T5gb0SUcUEYRbHdCcY5Vm_oCPicc67oMTeo9MauETmHelPCPDtUvXYoRDf5b5yQPN9UboUzad6sOSqKAEraZJpl3-Gb2l80pK8w6L0UMN0ylHKaQpnD_n_PlYl8YxAEbP_ZFAuqnEQDln19Zy5y0yl9nr_ZtCz-u-oUDWht6yix1B5WkiEFEUg2rRluQSUvMCqWeAFufosuG0sNJrCM1gALigHHEeDftLg761VtcDMIMZ85aoJahUniKMbtniYEM2Vlr-k39Sy5HFCKiitpCR78AAHjzLm2NVxNCUmwFpbOkjR7UgsPpxTlSSn6UAq290sKCfrGGyHkrW4sOmNETFugTmZugklSfWEmFytlb_Ol28u4ysh5bAODLQgTVVaDuzUz91psrRZ2eBuIjxYx6StsEgCscUFagS12zycoQaN4Kr6280dmij9EcmWqlcdvRR8D1yTpI2-FC16yfW0H-UTt1tlQEN4SajxLjsaz8G7cxK7oiSAI9GakxlH_Tm-6FjUVIW3to4iVgROrT2ACJ4qBDpR3vXRrSI_mpJYUy0a4CEWm9TDf0DUKZo5JFd-tM_REH0-AV3E6YiH-VxlFW3LeL-e5JXW0PnQjlBmmd49CP0wEr0FIrHIkqjiD9YbaEBSlDo6PWKe51DXKxwcSdYHsIyzhA3aFCZQV393jljqBdhcJ3ZlfaHjD2l5dowgR0G9hbNj4skV8ArB6CIVX4YWEsSn8deqqZ88B97yl5qQbzHH4KyTPtOE1U9BYWjf-iVg1LQeaUThai_v0IFTaUyZrqBpymWFpiepMI69f1ulPvG7TK3YfZvUqIryoRPdLdSZijFz31EgkOtLPByZCaYKrU-h7DUAKA4WDTjInrvK0nxbR2OYd3ASNYrva-yhipcPy6akfR6vxsVWqsik3TALrC5dvNGudkCXiqcOima9jurKajwUk_lbtNvsnDQCwSsFBQ2ocmOPlAWbKFUXSEipStGF6Fz5kud5p_2bDomGboV-9jvMkagIdSzSNXipqutjBXTZeeI-wcsF_bnawkH1fenY7w5q4xgFi1HeJ9NcBLGqriuGb9NdrJIEhFuIgFTdgP5pXW48J8ydFXAA&cid=CAQSPABygQiDsOdzYed0lRLJCLwAFUTc7E5QuY7Ct9t4Z1OtTxvWdRs_WBtnhCbqpV5cQlJNXr9bhSf9WrNEcxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=14917842135716012000&adk=3690638929&idt=142&cac=0&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 09:37:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
10026
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Jun 2023 09:37:27 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 966C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss5iwJLy8KnUNYcIyDdLyhbXsxmDrAvs7qZH5caYHomTJyxuZUQA9ew4BvKut_grRPS3PpXDhU0zbCmmoq3FAZ1pPQjkX5DLyl2VFYbVsbo4gmxiCtEZr1DJIM7ej_ZkoWMlfRl__Pp-jJ4iMjvGH6PBkcKizPve4H2L7uWYQ05V4oxgLcYUH0vA1k_xqpScB9E2InRzW90gmPDu4wHNpedbsbfrTC6urGYd9hkNa5A5r2xbjPj2ZhEbZ-H9mrusxiv59P_T_91dCNj2BHR_KuajFkToL9TzXZZtlo_pdLhBy3zLVAZNw2GuQ0J8LBcf1C0Xe4vMzKoN0p-lh2887THQiLxnqG6iTK44pDGYg2lTEFwTtkocnJDxAlzkFWDun51K_q7w8n3HNCuljuevywcTVkbNEj5JFnpewaqoU5N_Gs7zfGJsUIbB-Rg0Z5p7ZgGh8HQ-PCNyRCBmENUmsLU4tqSeFF6hStRdUOu2TM7hrm7nDhwioiwsNfrlp8yJizmvJIp0haz_BRjmqhAncDaGegYZ1KlppCPuQcyLs2_oSC0FAsg3_q60MmIkL2OpCbAjR_0uPttplU1wkZ5HSQoVQ5G66QxKzUDzOkvgPd7JsnwYqCkAkIQ_aeQGcK4GjyfWSglT9unYjqeS0BBJfqWSQb5nlcVuTExCUKvmpto8xlg6Y4O2fHYjyVozyNGCK5PGL-X0_W6dOmK_GT-vlEeA_QUp0yz4i-xjJcV5gaYFU7mmWOY1d-SWQY-jMzT6DmfODj8MxcLEzIhHL5EtZ_ioR2sflB8RlmZ8gum2medfmyxGeW3VZFXRT03F0orJukRhDIcw1QSyJp-Etllqc7w0IavmvJTdvM67ohl-wK-o-ey9x4soW1ytDUdBF3qd2W_QU74eArN08CBpt8YW4RitrhzoobSHooAjDPWJLaeMxQGHIRONvHMocikZjcovRVSpGpOGMfgllBaH29IyxKIAtGQB3qM1HdFtemwy96tdD9AFjlP8fWwI5hJQIMQLjyq_iVzRK3nIQ9iiyQ4bxILeQnTCJw7MiLzl0JweoT2kJICl2_iaVVWo-KJB8oVOHpfkdJGqNH5csseytck2Ry6AiQg5_auO5GVsnTp6YVa5VJPnopyfCQEexHlffhgzeBXlMhoNM7AaQATTBUv2PtXkL6iUlfLtbeYKwTyYu-yo4WDJ7fSPONEynPFQF9fNE8Fo5i1pzGvsQgyLw4XyTG6KxGAk74NrzW10Ny0DbzbdBIXhglFVdrELSehOXEwSwu3CWSaLkxneCVVo8IuHsnxRhV0KM0u&sai=AMfl-YQwBYOdawkyDqxbwRboQKAEy0o7veZ-iavBxA6QRg4cMxV6QvFAk_L6vfmrgLyMVqNAWYF55SnOUtsMd2jJIS94TGBglkwTPd8esXnyA_cmx01Wa6TapDzZBBg0m-Vt8ZCr4uANgpBmW7q3hcspv53xXM-UFUffg87eBGb7foC5VHN7YJaUdAlFtCF5cHkhvrTGJDW9unjSsE-4uqCkN4pfHVP__MMXHgLl4SWJQdotBaaMd88XK2nYIHkFRdmdymvoTa0&sig=Cg0ArKJSzGsHqbod2lsZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230523.01897&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Akz87Km-nqvikfO0lh61t93vCVRBunyFlio8Rwclj64LDT5TzZlu47-LK7wZ9g27QIYmrmcNlYY3nO64pUbURZr5a0AQ&cry=1&dbm_d=AKAmf-CUjkxRa3jdUUllLjprlhbdmNAyM0Y17c2OXe6f7k1Sohheb4aUS4KXTjnwRb3hP5SCVUrQDKQM5U15gkzRAG99SeccAveQJtjO53YseUPOE4h5F43VnbAskz0lN-YUYtkQENtYQNM1GDE1aQcvloiWPzabAWcgqemW9ugr_6iFKxZF5qXbpasQVemwH_ZHWKYeyvHOtMWCtIlPVigQJSAUZ9aTtDulxGdMTBtCh1e966gwVzovXHv_mvKDLM8fx2GRIP1vYnvFmsElwLLhXLLO5PwJVisKlLD2JuTIKRSljLv_UKFD-YP7UtSaYntLHkT7ag36xfMuOLO4up84eYEWgyTW_gKsh5qolxdCqr2AISVJea6np3Kb0sPR9ncF4HYyUnyFpXz597xGh583nmncpA9A_YNJB0jE08CRuoF5K4TpK2bCCgMVvLm52W__KHQfO6GesDtUWqet9a4qEX1DUdFThWHYyoMq8xBq-jj0KOlMItdsv0ALbQUw-q2xwcTjdNsqVJYXhREPjszrVf1GpLxD5O8AH-xRHasLL-IN_Vus9kZn4VujT0CQxeT_-lR6NXdyuJPsXjuGRd0dlwTo68T-dNN32x4XV5fjr07KIG10WS4S9j3ZNiTJ5wUXkfhsIf4_BVPu6WxeJJOeFgLPpGV6uyxAvjESSOaPVhcqLS3aI-9xGlSljhQj40UaX1Kn15Md6fkQXGQYySmyTNW3rhRfRZXsxMa3v6KzKf50hSjmKlIE-f16slZJ9ukPpJohIZyAdr9lUAvd4RXxeeakIWRM-Yunwm5bfQoOhPpRjUVL4QoqcdjmVj0B32K9t82n6dM1ew6MiZ8y-qzyd7gIijK3haTxXKUCG9PPKsG0fgnJ-08-rFngRjIbW-J4Ehe_BdNOaKx7KZ37X1GPp-Z8g9vhTDlUflwP-ECKUQUhAX5JKptruFrmDjupLg1aP0d9K0hpWs7SSZftDhMXZgpOlFwvLoIESVYf9BnPEllE808nMMtEuSayLL7vUzDMKfXDpIPVorVOXFL3YsGAzwWj5KHgcZlDP4XtbolfW2c8skHg5KbxCL903kqshhz9wNyotXOdsaWB4VrNBAkWiBMjFi_qVH4Aiah5toynFGTXbVjvXXhHB26LP7gOSqlNrGiJwhZ-I_nS_MdjP_DTA8D4skoH2JrYqSDEr9s4PsunChvRbpfk0Yj-u_DYf4CHTY8Q7DrkH2-Zc7nw11BoFynyu-CxW59Dsn1zHe-WklHYmDxkxwTtmQYP_I0bP3L8YTJP0ZQeEq1ldT1Qv2_ZT_xBI-hC342H0h_5zZo0xO2wqmV6RBsuJX6tlhwSWhgdYKp4x0X6HZU5vEIdiXm45ZJYpCyLtCmqfViqCTU9farA-ZUTROK6V4A5UA2rzecnuE5qhmsVsxzEa9z6yihdS-tCzgY-dAlQCLFV1G4nKmu5yJabIMAxrywpp8GWM5Zyr24pvHH-8oZdjki45hWaEaKw8Ybxi6lTBUVWB2yOais8e3DP5irooODT8FJh995SV7dAMYTXQAwjgDjSBao-S6r81qiRTcypiI6ddaR06UrsIyg_sd3oVGJRVs9-JWlQn_6fdZCpJEoam6V85GiiOKnMhWtpgviVDBMwy_o8wMPUPRS2jnhH84eutz8Aqr98jpoBQvxD4faTHe_GDdMzAU8IRbmvK6POBXM8ttbnGoWS5gdf5nlksNMNYvgQbUDDh3V5IajcvjBmzo6Ag5Nj3mjZKLn7AAXbvlnM-cONsVdC0Y-YiXKILyV9r9rfK90ZFSwLfSosNqEuqA9mEUsIQS0qFcHnE3_qGT5Nr9Tad5BXvzj13y6_kdGCgctG5PNMZ0-rr_8iLMoc8i_nRp6gY3ggFnsCUPpZxzuz1fkWFrC-oeXYX3C7hvgTqhZggQp5DKHTl_MHnGxIl9yGXFvC3gJi_CXO54NAshphnE6X1wlQuao-2hN_7awcw2Adntjsq5kr6vzlt5QHikUilee9WtCuslZ4eJrHhMy9kk1PD_r74Km7C2Y7oimN7k_At0Gzf6dYk5QRwgBINXt6TTx0T1I5kMl6sWik4gOVkPdx4ypqPvYoKgXYj3VWEdERkoN3jA5YnUmWePt0Le8Z-RoDHCV6st10ShuCclQqv5MxliwBz6O-Jf_6Ylr7CWZHtSwvk0mbbyawtqBYX3jKIsEMgCP_jsitlh6uAMRYV-YT3MMyoPV-KVqbAzWgIve-BumA-znRXUbFZsoZPtxh5hzMP-z_ybzshItRJMmNOVFijsiEyX0oLb70zQ4lYNwla2Aw0I-o_BGrSV-Ea1CCAEr40ddAeScEiMGy_mtohGuAFw7EWO_XoCdTr3c6IYrn2fZyx-diFX1yFhX9PV9oCQjs_0IXmbDyCCQ2UwTIDc-KQV9r2C2SpXYJd3hS3N9VvzLAjqJ4VNyexAt2NmGvj-JPsQda4KoSClk1Uq8_r7NmzRfLYCf-6SyWFbBk-QSwiatj83mkhTGNCFIaSc8z7CmiI2GblAem04sohDumUwWp9RjxXP98O-Hob91lWZ9i_mm_M0DT8-mE1kXZpQ6NKXl1nXtkJEc6hVP4f9IrD1WxFG8uyz0hEXesIwKIs-sjbpSP7v2hfwHgDnW9T5gb0SUcUEYRbHdCcY5Vm_oCPicc67oMTeo9MauETmHelPCPDtUvXYoRDf5b5yQPN9UboUzad6sOSqKAEraZJpl3-Gb2l80pK8w6L0UMN0ylHKaQpnD_n_PlYl8YxAEbP_ZFAuqnEQDln19Zy5y0yl9nr_ZtCz-u-oUDWht6yix1B5WkiEFEUg2rRluQSUvMCqWeAFufosuG0sNJrCM1gALigHHEeDftLg761VtcDMIMZ85aoJahUniKMbtniYEM2Vlr-k39Sy5HFCKiitpCR78AAHjzLm2NVxNCUmwFpbOkjR7UgsPpxTlSSn6UAq290sKCfrGGyHkrW4sOmNETFugTmZugklSfWEmFytlb_Ol28u4ysh5bAODLQgTVVaDuzUz91psrRZ2eBuIjxYx6StsEgCscUFagS12zycoQaN4Kr6280dmij9EcmWqlcdvRR8D1yTpI2-FC16yfW0H-UTt1tlQEN4SajxLjsaz8G7cxK7oiSAI9GakxlH_Tm-6FjUVIW3to4iVgROrT2ACJ4qBDpR3vXRrSI_mpJYUy0a4CEWm9TDf0DUKZo5JFd-tM_REH0-AV3E6YiH-VxlFW3LeL-e5JXW0PnQjlBmmd49CP0wEr0FIrHIkqjiD9YbaEBSlDo6PWKe51DXKxwcSdYHsIyzhA3aFCZQV393jljqBdhcJ3ZlfaHjD2l5dowgR0G9hbNj4skV8ArB6CIVX4YWEsSn8deqqZ88B97yl5qQbzHH4KyTPtOE1U9BYWjf-iVg1LQeaUThai_v0IFTaUyZrqBpymWFpiepMI69f1ulPvG7TK3YfZvUqIryoRPdLdSZijFz31EgkOtLPByZCaYKrU-h7DUAKA4WDTjInrvK0nxbR2OYd3ASNYrva-yhipcPy6akfR6vxsVWqsik3TALrC5dvNGudkCXiqcOima9jurKajwUk_lbtNvsnDQCwSsFBQ2ocmOPlAWbKFUXSEipStGF6Fz5kud5p_2bDomGboV-9jvMkagIdSzSNXipqutjBXTZeeI-wcsF_bnawkH1fenY7w5q4xgFi1HeJ9NcBLGqriuGb9NdrJIEhFuIgFTdgP5pXW48J8ydFXAA&cid=CAQSPABygQiDsOdzYed0lRLJCLwAFUTc7E5QuY7Ct9t4Z1OtTxvWdRs_WBtnhCbqpV5cQlJNXr9bhSf9WrNEcxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=14917842135716012000&adk=3690638929&idt=142&cac=0&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 30 May 2023 12:24:33 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 30 May 2023 12:24:33 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 966C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Akz87Km-nqvikfO0lh61t93vCVRBunyFlio8Rwclj64LDT5TzZlu47-LK7wZ9g27QIYmrmcNlYY3nO64pUbURZr5a0AQ&cry=1&dbm_d=AKAmf-CUjkxRa3jdUUllLjprlhbdmNAyM0Y17c2OXe6f7k1Sohheb4aUS4KXTjnwRb3hP5SCVUrQDKQM5U15gkzRAG99SeccAveQJtjO53YseUPOE4h5F43VnbAskz0lN-YUYtkQENtYQNM1GDE1aQcvloiWPzabAWcgqemW9ugr_6iFKxZF5qXbpasQVemwH_ZHWKYeyvHOtMWCtIlPVigQJSAUZ9aTtDulxGdMTBtCh1e966gwVzovXHv_mvKDLM8fx2GRIP1vYnvFmsElwLLhXLLO5PwJVisKlLD2JuTIKRSljLv_UKFD-YP7UtSaYntLHkT7ag36xfMuOLO4up84eYEWgyTW_gKsh5qolxdCqr2AISVJea6np3Kb0sPR9ncF4HYyUnyFpXz597xGh583nmncpA9A_YNJB0jE08CRuoF5K4TpK2bCCgMVvLm52W__KHQfO6GesDtUWqet9a4qEX1DUdFThWHYyoMq8xBq-jj0KOlMItdsv0ALbQUw-q2xwcTjdNsqVJYXhREPjszrVf1GpLxD5O8AH-xRHasLL-IN_Vus9kZn4VujT0CQxeT_-lR6NXdyuJPsXjuGRd0dlwTo68T-dNN32x4XV5fjr07KIG10WS4S9j3ZNiTJ5wUXkfhsIf4_BVPu6WxeJJOeFgLPpGV6uyxAvjESSOaPVhcqLS3aI-9xGlSljhQj40UaX1Kn15Md6fkQXGQYySmyTNW3rhRfRZXsxMa3v6KzKf50hSjmKlIE-f16slZJ9ukPpJohIZyAdr9lUAvd4RXxeeakIWRM-Yunwm5bfQoOhPpRjUVL4QoqcdjmVj0B32K9t82n6dM1ew6MiZ8y-qzyd7gIijK3haTxXKUCG9PPKsG0fgnJ-08-rFngRjIbW-J4Ehe_BdNOaKx7KZ37X1GPp-Z8g9vhTDlUflwP-ECKUQUhAX5JKptruFrmDjupLg1aP0d9K0hpWs7SSZftDhMXZgpOlFwvLoIESVYf9BnPEllE808nMMtEuSayLL7vUzDMKfXDpIPVorVOXFL3YsGAzwWj5KHgcZlDP4XtbolfW2c8skHg5KbxCL903kqshhz9wNyotXOdsaWB4VrNBAkWiBMjFi_qVH4Aiah5toynFGTXbVjvXXhHB26LP7gOSqlNrGiJwhZ-I_nS_MdjP_DTA8D4skoH2JrYqSDEr9s4PsunChvRbpfk0Yj-u_DYf4CHTY8Q7DrkH2-Zc7nw11BoFynyu-CxW59Dsn1zHe-WklHYmDxkxwTtmQYP_I0bP3L8YTJP0ZQeEq1ldT1Qv2_ZT_xBI-hC342H0h_5zZo0xO2wqmV6RBsuJX6tlhwSWhgdYKp4x0X6HZU5vEIdiXm45ZJYpCyLtCmqfViqCTU9farA-ZUTROK6V4A5UA2rzecnuE5qhmsVsxzEa9z6yihdS-tCzgY-dAlQCLFV1G4nKmu5yJabIMAxrywpp8GWM5Zyr24pvHH-8oZdjki45hWaEaKw8Ybxi6lTBUVWB2yOais8e3DP5irooODT8FJh995SV7dAMYTXQAwjgDjSBao-S6r81qiRTcypiI6ddaR06UrsIyg_sd3oVGJRVs9-JWlQn_6fdZCpJEoam6V85GiiOKnMhWtpgviVDBMwy_o8wMPUPRS2jnhH84eutz8Aqr98jpoBQvxD4faTHe_GDdMzAU8IRbmvK6POBXM8ttbnGoWS5gdf5nlksNMNYvgQbUDDh3V5IajcvjBmzo6Ag5Nj3mjZKLn7AAXbvlnM-cONsVdC0Y-YiXKILyV9r9rfK90ZFSwLfSosNqEuqA9mEUsIQS0qFcHnE3_qGT5Nr9Tad5BXvzj13y6_kdGCgctG5PNMZ0-rr_8iLMoc8i_nRp6gY3ggFnsCUPpZxzuz1fkWFrC-oeXYX3C7hvgTqhZggQp5DKHTl_MHnGxIl9yGXFvC3gJi_CXO54NAshphnE6X1wlQuao-2hN_7awcw2Adntjsq5kr6vzlt5QHikUilee9WtCuslZ4eJrHhMy9kk1PD_r74Km7C2Y7oimN7k_At0Gzf6dYk5QRwgBINXt6TTx0T1I5kMl6sWik4gOVkPdx4ypqPvYoKgXYj3VWEdERkoN3jA5YnUmWePt0Le8Z-RoDHCV6st10ShuCclQqv5MxliwBz6O-Jf_6Ylr7CWZHtSwvk0mbbyawtqBYX3jKIsEMgCP_jsitlh6uAMRYV-YT3MMyoPV-KVqbAzWgIve-BumA-znRXUbFZsoZPtxh5hzMP-z_ybzshItRJMmNOVFijsiEyX0oLb70zQ4lYNwla2Aw0I-o_BGrSV-Ea1CCAEr40ddAeScEiMGy_mtohGuAFw7EWO_XoCdTr3c6IYrn2fZyx-diFX1yFhX9PV9oCQjs_0IXmbDyCCQ2UwTIDc-KQV9r2C2SpXYJd3hS3N9VvzLAjqJ4VNyexAt2NmGvj-JPsQda4KoSClk1Uq8_r7NmzRfLYCf-6SyWFbBk-QSwiatj83mkhTGNCFIaSc8z7CmiI2GblAem04sohDumUwWp9RjxXP98O-Hob91lWZ9i_mm_M0DT8-mE1kXZpQ6NKXl1nXtkJEc6hVP4f9IrD1WxFG8uyz0hEXesIwKIs-sjbpSP7v2hfwHgDnW9T5gb0SUcUEYRbHdCcY5Vm_oCPicc67oMTeo9MauETmHelPCPDtUvXYoRDf5b5yQPN9UboUzad6sOSqKAEraZJpl3-Gb2l80pK8w6L0UMN0ylHKaQpnD_n_PlYl8YxAEbP_ZFAuqnEQDln19Zy5y0yl9nr_ZtCz-u-oUDWht6yix1B5WkiEFEUg2rRluQSUvMCqWeAFufosuG0sNJrCM1gALigHHEeDftLg761VtcDMIMZ85aoJahUniKMbtniYEM2Vlr-k39Sy5HFCKiitpCR78AAHjzLm2NVxNCUmwFpbOkjR7UgsPpxTlSSn6UAq290sKCfrGGyHkrW4sOmNETFugTmZugklSfWEmFytlb_Ol28u4ysh5bAODLQgTVVaDuzUz91psrRZ2eBuIjxYx6StsEgCscUFagS12zycoQaN4Kr6280dmij9EcmWqlcdvRR8D1yTpI2-FC16yfW0H-UTt1tlQEN4SajxLjsaz8G7cxK7oiSAI9GakxlH_Tm-6FjUVIW3to4iVgROrT2ACJ4qBDpR3vXRrSI_mpJYUy0a4CEWm9TDf0DUKZo5JFd-tM_REH0-AV3E6YiH-VxlFW3LeL-e5JXW0PnQjlBmmd49CP0wEr0FIrHIkqjiD9YbaEBSlDo6PWKe51DXKxwcSdYHsIyzhA3aFCZQV393jljqBdhcJ3ZlfaHjD2l5dowgR0G9hbNj4skV8ArB6CIVX4YWEsSn8deqqZ88B97yl5qQbzHH4KyTPtOE1U9BYWjf-iVg1LQeaUThai_v0IFTaUyZrqBpymWFpiepMI69f1ulPvG7TK3YfZvUqIryoRPdLdSZijFz31EgkOtLPByZCaYKrU-h7DUAKA4WDTjInrvK0nxbR2OYd3ASNYrva-yhipcPy6akfR6vxsVWqsik3TALrC5dvNGudkCXiqcOima9jurKajwUk_lbtNvsnDQCwSsFBQ2ocmOPlAWbKFUXSEipStGF6Fz5kud5p_2bDomGboV-9jvMkagIdSzSNXipqutjBXTZeeI-wcsF_bnawkH1fenY7w5q4xgFi1HeJ9NcBLGqriuGb9NdrJIEhFuIgFTdgP5pXW48J8ydFXAA&cid=CAQSPABygQiDsOdzYed0lRLJCLwAFUTc7E5QuY7Ct9t4Z1OtTxvWdRs_WBtnhCbqpV5cQlJNXr9bhSf9WrNEcxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=14917842135716012000&adk=3690638929&idt=142&cac=0&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 07:39:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17100
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 May 2024 07:39:33 GMT
16197173137809898616
s0.2mdn.net/simgad/ Frame 966C 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/16197173137809898616
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44bdf92dbc7c6cc39fb36f82b48882e2ab6799f5417b8e40acf1c26355af2668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 22:02:59 GMT
x-content-type-options
nosniff
age
138094
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67966
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 12:30:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 27 May 2024 22:02:59 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 094A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
6657
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 May 2023 10:33:36 GMT
etag
48472445140208031
expires
Wed, 31 May 2023 10:33:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 966C 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a14feef249236b2febec93bf05e89bbfc47a7e7bfc844206f3168d60e0992189

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0157 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
576282
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 May 2023 20:19:51 GMT
expires
Wed, 22 May 2024 20:19:51 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 094A
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKy_zpN8RfBSk7Gl97LfBvU&google_cver=1&google_push=ATf1kGOINYnrJRX8H39yvSo2H624bZFzKwYvQMvWsggyAQ7JuFdXfpEZzQ...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOINYnrJRX8H39yvSo2H624bZFzKwYvQMvWsggyAQ7JuFdXfpEZzQRRypnm9ifnpQvkgpzD4x3zHldrUzg7sQOIgCFw-PrH&google_hm=YsEdq984WNPk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOINYnrJRX8H39yvSo2H624bZFzKwYvQMvWsggyAQ7JuFdXfpEZzQRRypnm9ifnpQvkgpzD4x3zHldrUzg7sQOIgCFw-PrH&google_hm=YsEdq984WNPkGBh7PMecPg
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGOINYnrJRX8H39yvSo2H624bZFzKwYvQMvWsggyAQ7JuFdXfpEZzQRRypnm9ifnpQvkgpzD4x3zHldrUzg7sQOIgCFw-PrH&google_hm=YsEdq984WNPkGBh7PMecPg
pragma
no-cache
date
Tue, 30 May 2023 12:24:33 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 094A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHtzPjJXQ6EGbVC3EDyHd78&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RGo1QTJHMnAxUTNZb1Q1&google_gid=CAESEHtzPjJXQ6EGbVC3EDyHd78&google_cver=1&google_push=ATf1kGNNOAUMHE0g4rlQ1gD2-gDRmQjxf8bcAEuHEIoutnQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RGo1QTJHMnAxUTNZb1Q1&google_gid=CAESEHtzPjJXQ6EGbVC3EDyHd78&google_cver=1&google_push=ATf1kGNNOAUMHE0g4rlQ1gD2-gDRmQjxf8bcAEuHEIoutnQt9j9aYaV7eIxgHAmL7ARTmRx6ohx8RjYs2U5m_RO69zPrZsQnv_v6
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 30 May 2023 12:24:33 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-0943143fd00beb9c6@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RGo1QTJHMnAxUTNZb1Q1&google_gid=CAESEHtzPjJXQ6EGbVC3EDyHd78&google_cver=1&google_push=ATf1kGNNOAUMHE0g4rlQ1gD2-gDRmQjxf8bcAEuHEIoutnQt9j9aYaV7eIxgHAmL7ARTmRx6ohx8RjYs2U5m_RO69zPrZsQnv_v6
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 094A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEN31wUs88wQXkXgk5L6-2Kg&google_cver=1&google_push=ATf1kGP_0k8a2z5ABK4iOvEpujGhZLyoDVDDw9Hzo_6fWd_klUwt2a6bETq7nmayvF7MN44vcM6yti5bzznddquP...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=vwdkder_QgCaem5m5h5R0A&google_push=ATf1kGP_0k8a2z5ABK4iOvEpujGhZLyoDVDDw9Hzo_6fWd_klUwt2a6bETq7nmayvF7MN44vcM6yti5bzznddquPNEWSU47q...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=vwdkder_QgCaem5m5h5R0A&google_push=ATf1kGP_0k8a2z5ABK4iOvEpujGhZLyoDVDDw9Hzo_6fWd_klUwt2a6bETq7nmayvF7MN44vcM6yti5bzznddquPNEWSU47qTvtX
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 30 May 2023 12:24:33 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x33 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=vwdkder_QgCaem5m5h5R0A&google_push=ATf1kGP_0k8a2z5ABK4iOvEpujGhZLyoDVDDw9Hzo_6fWd_klUwt2a6bETq7nmayvF7MN44vcM6yti5bzznddquPNEWSU47qTvtX
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 30 May 2023 12:24:32 GMT
pixel
cm.g.doubleclick.net/ Frame 094A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPcqaQxqxsMUJ5qq5jzzwHs&google_cver=1&google_push=ATf1kGOTLjYI6GdxvdDOFRYRZmM4Mmj9o15cJfWSCp11CxwU4C5z2QOP-adp8D6c5CxOZ66oPQWO13UVH5oLn1bu-IhUlx0...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOTLjYI6GdxvdDOFRYRZmM4Mmj9o15cJfWSCp11CxwU4C5z2QOP-adp8D6c5CxOZ66oPQWO13UVH5oLn1bu-IhUlx0hBpma&google_hm=eS1iV2pRVUJ0RTJwRnJpU3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOTLjYI6GdxvdDOFRYRZmM4Mmj9o15cJfWSCp11CxwU4C5z2QOP-adp8D6c5CxOZ66oPQWO13UVH5oLn1bu-IhUlx0hBpma&google_hm=eS1iV2pRVUJ0RTJwRnJpU3hEYTg3Mk5Wci5GVTN1UnZtSX5B
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 30 May 2023 12:24:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOTLjYI6GdxvdDOFRYRZmM4Mmj9o15cJfWSCp11CxwU4C5z2QOP-adp8D6c5CxOZ66oPQWO13UVH5oLn1bu-IhUlx0hBpma&google_hm=eS1iV2pRVUJ0RTJwRnJpU3hEYTg3Mk5Wci5GVTN1UnZtSX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 094A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN6G2a-dZReo2jQRokaU1gU&google_cver=1&google_push=ATf1kGOLD-332UjevTgVwOCn0EvwubDS-nDQjb2WKvGCuadv6trSQfE00touSMipw-c1mm7F_RgeP7qS...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA0NjUyOTY5OTk1MjA2NTk5Mg&google_push=ATf1kGOLD-332UjevTgVwOCn0EvwubDS-nDQjb2WKvGCuadv6trSQfE00touSMipw-c1mm7F_RgeP7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA0NjUyOTY5OTk1MjA2NTk5Mg&google_push=ATf1kGOLD-332UjevTgVwOCn0EvwubDS-nDQjb2WKvGCuadv6trSQfE00touSMipw-c1mm7F_RgeP7qSE-yVq4yaNQnk-up0gzk7
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTA0NjUyOTY5OTk1MjA2NTk5Mg&google_push=ATf1kGOLD-332UjevTgVwOCn0EvwubDS-nDQjb2WKvGCuadv6trSQfE00touSMipw-c1mm7F_RgeP7qSE-yVq4yaNQnk-up0gzk7
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 094A
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHQh3olHwJ70QyIMHq-Cr0Q&google_cver=1&google_push=ATf1kGOgrtcqO6PmZSpBMOYLaegpQO3YQK63bSpe6MObhcAAJpepHHDMb5midg0FXa7CU9E4IajcRBdvsQeLUAIc_...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOgrtcqO6PmZSpBMOYLaegpQO3YQK63bSpe6MObhcAAJpepHHDMb5midg0FXa7CU9E4IajcRBdvsQeLUAIc_kc4neswh5XX&google_hm=Gu2IqGZHYnFXcSmXSU67IRUe
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOgrtcqO6PmZSpBMOYLaegpQO3YQK63bSpe6MObhcAAJpepHHDMb5midg0FXa7CU9E4IajcRBdvsQeLUAIc_kc4neswh5XX&google_hm=Gu2IqGZHYnFXcSmXSU67IRUe
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 30 May 2023 12:24:33 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOgrtcqO6PmZSpBMOYLaegpQO3YQK63bSpe6MObhcAAJpepHHDMb5midg0FXa7CU9E4IajcRBdvsQeLUAIc_kc4neswh5XX&google_hm=Gu2IqGZHYnFXcSmXSU67IRUe
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
/
onetag-sys.com/match/ Frame 094A
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDogoB5G29Mm9eJ1syHj1wU&google_cver=1&google_push=ATf1kGNAILlFZ9ZmFvl9zNYuOzWoH-UWmQyGsgqKaMxsYZea3Qr-X-NKCkal-hqB3Yx8KiB1yUnHmu5Uy9w...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNAILlFZ9ZmFvl9zNYuOzWoH-UWmQyGsgqKaMxsYZea3Qr-X-NKCkal-hqB3Yx8KiB1yUnHmu5Uy9w6Z0pIzTKD-S1zt3YaPg
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 094A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KAOhOSzYXmYqKaQbi7vjzIkh5xqYAKFQHWPoKu-nO77VVXQSsngFUnuIErhQZvroy1peGHmg
Requested by
Host: a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:33 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
pagead2.googlesyndication.com/bg/ Frame 0157 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 09:37:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
10047
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14660
x-xss-protection
0
last-modified
Mon, 22 May 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 May 2024 09:37:06 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 966C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss5iwJLy8KnUNYcIyDdLyhbXsxmDrAvs7qZH5caYHomTJyxuZUQA9ew4BvKut_grRPS3PpXDhU0zbCmmoq3FAZ1pPQjkX5DLyl2VFYbVsbo4gmxiCtEZr1DJIM7ej_ZkoWMlfRl__Pp-jJ4iMjvGH6PBkcKizPve4H2L7uWYQ05V4oxgLcYUH0vA1k_xqpScB9E2InRzW90gmPDu4wHNpedbsbfrTC6urGYd9hkNa5A5r2xbjPj2ZhEbZ-H9mrusxiv59P_T_91dCNj2BHR_KuajFkToL9TzXZZtlo_pdLhBy3zLVAZNw2GuQ0J8LBcf1C0Xe4vMzKoN0p-lh2887THQiLxnqG6iTK44pDGYg2lTEFwTtkocnJDxAlzkFWDun51K_q7w8n3HNCuljuevywcTVkbNEj5JFnpewaqoU5N_Gs7zfGJsUIbB-Rg0Z5p7ZgGh8HQ-PCNyRCBmENUmsLU4tqSeFF6hStRdUOu2TM7hrm7nDhwioiwsNfrlp8yJizmvJIp0haz_BRjmqhAncDaGegYZ1KlppCPuQcyLs2_oSC0FAsg3_q60MmIkL2OpCbAjR_0uPttplU1wkZ5HSQoVQ5G66QxKzUDzOkvgPd7JsnwYqCkAkIQ_aeQGcK4GjyfWSglT9unYjqeS0BBJfqWSQb5nlcVuTExCUKvmpto8xlg6Y4O2fHYjyVozyNGCK5PGL-X0_W6dOmK_GT-vlEeA_QUp0yz4i-xjJcV5gaYFU7mmWOY1d-SWQY-jMzT6DmfODj8MxcLEzIhHL5EtZ_ioR2sflB8RlmZ8gum2medfmyxGeW3VZFXRT03F0orJukRhDIcw1QSyJp-Etllqc7w0IavmvJTdvM67ohl-wK-o-ey9x4soW1ytDUdBF3qd2W_QU74eArN08CBpt8YW4RitrhzoobSHooAjDPWJLaeMxQGHIRONvHMocikZjcovRVSpGpOGMfgllBaH29IyxKIAtGQB3qM1HdFtemwy96tdD9AFjlP8fWwI5hJQIMQLjyq_iVzRK3nIQ9iiyQ4bxILeQnTCJw7MiLzl0JweoT2kJICl2_iaVVWo-KJB8oVOHpfkdJGqNH5csseytck2Ry6AiQg5_auO5GVsnTp6YVa5VJPnopyfCQEexHlffhgzeBXlMhoNM7AaQATTBUv2PtXkL6iUlfLtbeYKwTyYu-yo4WDJ7fSPONEynPFQF9fNE8Fo5i1pzGvsQgyLw4XyTG6KxGAk74NrzW10Ny0DbzbdBIXhglFVdrELSehOXEwSwu3CWSaLkxneCVVo8IuHsnxRhV0KM0u&sai=AMfl-YQwBYOdawkyDqxbwRboQKAEy0o7veZ-iavBxA6QRg4cMxV6QvFAk_L6vfmrgLyMVqNAWYF55SnOUtsMd2jJIS94TGBglkwTPd8esXnyA_cmx01Wa6TapDzZBBg0m-Vt8ZCr4uANgpBmW7q3hcspv53xXM-UFUffg87eBGb7foC5VHN7YJaUdAlFtCF5cHkhvrTGJDW9unjSsE-4uqCkN4pfHVP__MMXHgLl4SWJQdotBaaMd88XK2nYIHkFRdmdymvoTa0&sig=Cg0ArKJSzGsHqbod2lsZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=154&vt=11&dtpt=152&dett=2&cstd=0&cisv=r20230523.01897&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Akz87Km-nqvikfO0lh61t93vCVRBunyFlio8Rwclj64LDT5TzZlu47-LK7wZ9g27QIYmrmcNlYY3nO64pUbURZr5a0AQ&cry=1&dbm_d=AKAmf-CUjkxRa3jdUUllLjprlhbdmNAyM0Y17c2OXe6f7k1Sohheb4aUS4KXTjnwRb3hP5SCVUrQDKQM5U15gkzRAG99SeccAveQJtjO53YseUPOE4h5F43VnbAskz0lN-YUYtkQENtYQNM1GDE1aQcvloiWPzabAWcgqemW9ugr_6iFKxZF5qXbpasQVemwH_ZHWKYeyvHOtMWCtIlPVigQJSAUZ9aTtDulxGdMTBtCh1e966gwVzovXHv_mvKDLM8fx2GRIP1vYnvFmsElwLLhXLLO5PwJVisKlLD2JuTIKRSljLv_UKFD-YP7UtSaYntLHkT7ag36xfMuOLO4up84eYEWgyTW_gKsh5qolxdCqr2AISVJea6np3Kb0sPR9ncF4HYyUnyFpXz597xGh583nmncpA9A_YNJB0jE08CRuoF5K4TpK2bCCgMVvLm52W__KHQfO6GesDtUWqet9a4qEX1DUdFThWHYyoMq8xBq-jj0KOlMItdsv0ALbQUw-q2xwcTjdNsqVJYXhREPjszrVf1GpLxD5O8AH-xRHasLL-IN_Vus9kZn4VujT0CQxeT_-lR6NXdyuJPsXjuGRd0dlwTo68T-dNN32x4XV5fjr07KIG10WS4S9j3ZNiTJ5wUXkfhsIf4_BVPu6WxeJJOeFgLPpGV6uyxAvjESSOaPVhcqLS3aI-9xGlSljhQj40UaX1Kn15Md6fkQXGQYySmyTNW3rhRfRZXsxMa3v6KzKf50hSjmKlIE-f16slZJ9ukPpJohIZyAdr9lUAvd4RXxeeakIWRM-Yunwm5bfQoOhPpRjUVL4QoqcdjmVj0B32K9t82n6dM1ew6MiZ8y-qzyd7gIijK3haTxXKUCG9PPKsG0fgnJ-08-rFngRjIbW-J4Ehe_BdNOaKx7KZ37X1GPp-Z8g9vhTDlUflwP-ECKUQUhAX5JKptruFrmDjupLg1aP0d9K0hpWs7SSZftDhMXZgpOlFwvLoIESVYf9BnPEllE808nMMtEuSayLL7vUzDMKfXDpIPVorVOXFL3YsGAzwWj5KHgcZlDP4XtbolfW2c8skHg5KbxCL903kqshhz9wNyotXOdsaWB4VrNBAkWiBMjFi_qVH4Aiah5toynFGTXbVjvXXhHB26LP7gOSqlNrGiJwhZ-I_nS_MdjP_DTA8D4skoH2JrYqSDEr9s4PsunChvRbpfk0Yj-u_DYf4CHTY8Q7DrkH2-Zc7nw11BoFynyu-CxW59Dsn1zHe-WklHYmDxkxwTtmQYP_I0bP3L8YTJP0ZQeEq1ldT1Qv2_ZT_xBI-hC342H0h_5zZo0xO2wqmV6RBsuJX6tlhwSWhgdYKp4x0X6HZU5vEIdiXm45ZJYpCyLtCmqfViqCTU9farA-ZUTROK6V4A5UA2rzecnuE5qhmsVsxzEa9z6yihdS-tCzgY-dAlQCLFV1G4nKmu5yJabIMAxrywpp8GWM5Zyr24pvHH-8oZdjki45hWaEaKw8Ybxi6lTBUVWB2yOais8e3DP5irooODT8FJh995SV7dAMYTXQAwjgDjSBao-S6r81qiRTcypiI6ddaR06UrsIyg_sd3oVGJRVs9-JWlQn_6fdZCpJEoam6V85GiiOKnMhWtpgviVDBMwy_o8wMPUPRS2jnhH84eutz8Aqr98jpoBQvxD4faTHe_GDdMzAU8IRbmvK6POBXM8ttbnGoWS5gdf5nlksNMNYvgQbUDDh3V5IajcvjBmzo6Ag5Nj3mjZKLn7AAXbvlnM-cONsVdC0Y-YiXKILyV9r9rfK90ZFSwLfSosNqEuqA9mEUsIQS0qFcHnE3_qGT5Nr9Tad5BXvzj13y6_kdGCgctG5PNMZ0-rr_8iLMoc8i_nRp6gY3ggFnsCUPpZxzuz1fkWFrC-oeXYX3C7hvgTqhZggQp5DKHTl_MHnGxIl9yGXFvC3gJi_CXO54NAshphnE6X1wlQuao-2hN_7awcw2Adntjsq5kr6vzlt5QHikUilee9WtCuslZ4eJrHhMy9kk1PD_r74Km7C2Y7oimN7k_At0Gzf6dYk5QRwgBINXt6TTx0T1I5kMl6sWik4gOVkPdx4ypqPvYoKgXYj3VWEdERkoN3jA5YnUmWePt0Le8Z-RoDHCV6st10ShuCclQqv5MxliwBz6O-Jf_6Ylr7CWZHtSwvk0mbbyawtqBYX3jKIsEMgCP_jsitlh6uAMRYV-YT3MMyoPV-KVqbAzWgIve-BumA-znRXUbFZsoZPtxh5hzMP-z_ybzshItRJMmNOVFijsiEyX0oLb70zQ4lYNwla2Aw0I-o_BGrSV-Ea1CCAEr40ddAeScEiMGy_mtohGuAFw7EWO_XoCdTr3c6IYrn2fZyx-diFX1yFhX9PV9oCQjs_0IXmbDyCCQ2UwTIDc-KQV9r2C2SpXYJd3hS3N9VvzLAjqJ4VNyexAt2NmGvj-JPsQda4KoSClk1Uq8_r7NmzRfLYCf-6SyWFbBk-QSwiatj83mkhTGNCFIaSc8z7CmiI2GblAem04sohDumUwWp9RjxXP98O-Hob91lWZ9i_mm_M0DT8-mE1kXZpQ6NKXl1nXtkJEc6hVP4f9IrD1WxFG8uyz0hEXesIwKIs-sjbpSP7v2hfwHgDnW9T5gb0SUcUEYRbHdCcY5Vm_oCPicc67oMTeo9MauETmHelPCPDtUvXYoRDf5b5yQPN9UboUzad6sOSqKAEraZJpl3-Gb2l80pK8w6L0UMN0ylHKaQpnD_n_PlYl8YxAEbP_ZFAuqnEQDln19Zy5y0yl9nr_ZtCz-u-oUDWht6yix1B5WkiEFEUg2rRluQSUvMCqWeAFufosuG0sNJrCM1gALigHHEeDftLg761VtcDMIMZ85aoJahUniKMbtniYEM2Vlr-k39Sy5HFCKiitpCR78AAHjzLm2NVxNCUmwFpbOkjR7UgsPpxTlSSn6UAq290sKCfrGGyHkrW4sOmNETFugTmZugklSfWEmFytlb_Ol28u4ysh5bAODLQgTVVaDuzUz91psrRZ2eBuIjxYx6StsEgCscUFagS12zycoQaN4Kr6280dmij9EcmWqlcdvRR8D1yTpI2-FC16yfW0H-UTt1tlQEN4SajxLjsaz8G7cxK7oiSAI9GakxlH_Tm-6FjUVIW3to4iVgROrT2ACJ4qBDpR3vXRrSI_mpJYUy0a4CEWm9TDf0DUKZo5JFd-tM_REH0-AV3E6YiH-VxlFW3LeL-e5JXW0PnQjlBmmd49CP0wEr0FIrHIkqjiD9YbaEBSlDo6PWKe51DXKxwcSdYHsIyzhA3aFCZQV393jljqBdhcJ3ZlfaHjD2l5dowgR0G9hbNj4skV8ArB6CIVX4YWEsSn8deqqZ88B97yl5qQbzHH4KyTPtOE1U9BYWjf-iVg1LQeaUThai_v0IFTaUyZrqBpymWFpiepMI69f1ulPvG7TK3YfZvUqIryoRPdLdSZijFz31EgkOtLPByZCaYKrU-h7DUAKA4WDTjInrvK0nxbR2OYd3ASNYrva-yhipcPy6akfR6vxsVWqsik3TALrC5dvNGudkCXiqcOima9jurKajwUk_lbtNvsnDQCwSsFBQ2ocmOPlAWbKFUXSEipStGF6Fz5kud5p_2bDomGboV-9jvMkagIdSzSNXipqutjBXTZeeI-wcsF_bnawkH1fenY7w5q4xgFi1HeJ9NcBLGqriuGb9NdrJIEhFuIgFTdgP5pXW48J8ydFXAA&cid=CAQSPABygQiDsOdzYed0lRLJCLwAFUTc7E5QuY7Ct9t4Z1OtTxvWdRs_WBtnhCbqpV5cQlJNXr9bhSf9WrNEcxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fyalla-shoots.tv%2F&ds=l&xdt=1&iif=1&cor=14917842135716012000&adk=3690638929&idt=142&cac=0&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 30 May 2023 12:24:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0157 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlIHHAet1ZNX3Ke6LjuwPsaKVgA8AAAAAOAHgBAI&bg=!nJ-ln8vNAAZu7ficTu07ADkAdvg8WmwQIQd0N0bwJBpzpz2CD3Rs6jl6hE-dwNQc3Cq56HBoMdqmuidh8ysUgLyJUmvR22vTRYACAAAAXVIAAAABaAEHCgBsOVczpWz7B0nAc3SmC0K0Tzr3rKtb9bdhn2zQsGRvdFqUjAEl5qdCns6rPCpXNi-r4uji4uLhVlYgPWVXrJ4pbNSzQFux-mSfTqNcEmseMC3PRTCSe5S7e5wOLlD6DmFf0zEau4Lvz1-LqtGFmQL2t7CeaI21EtKx5lW8-CAydrLFTeyfi4gVDGwImyZgkBceDb_wzk8U-2yzPiUUlef7TvVVtsbDoxbESPmkElQMfjXSGZkHJ6plSzmmZWE9gBY6d8teiOebPibRvjhWJBteLYlnQRscgPmAIp6hlkPeVqnw-wWjLnBPodOQuWEi1fdRlo1lS0LhFKMCTKvQu1dyPGyiwX6UjsL-lR6J5f2C7_IRuoTuT_js4JyREcKbat1Elw9XcakjJ3ck-n-cjEuBd13KcSRIk9gl8Gc2XTNCJ1AezGsc8EydX1lrZ4Vquajtz29txLYeKHd_hnyhKUckHX21bRqdHUWQvI5VFz-KYPef1i-ntjU5-6tsWiCcy9Mzrdt1nF3AQBUC50ZfoV4RCm-PwyR8z6SIVcme7hLx91H7e9fUAZcDzwkvEOILEwft47Z-HQadYT9ZDWjXpxaR2CIzoYq-LT5pwyIv9fLrDJewFDjhjjLKZeUl9GnlaSrzhgZpEjtA8L1rNo2g04Oh0vL8JyznrM2Bnu883oKtWVTHlCZNwNxDN3ZDajKbtqMjL_Dlx8OMw4NtjHwm_l_lEeaNArJgzl-GgP02rt2eqy2WZw5h6tam0Bl5Xeyk5TQCraTYNdYD_rYmOeQfb9-1oLRciU2dCRzt6GfqCPt9W_13lnxA_JYpFq2t6BNXLRTdv05trV3K-CZLEAwu8z3QKxAY8s5OI3Htdbxn9osgcgSxYc1YTMBPUWYuBOgfsyJ3tZ_sBLajrEDm_j0mD2g3ekE68pBOGcvycLTbXTjzzF3teRnXQ-2YJslF5_Epane1inryPHo04Wq_UsrIfI2YJEwJW_j7AtHNJ_-osTe-lj3jXg7kITMA-2kEBczJwOZYFER3MA9y4WsHOuZAsyAxhtBNntYL2k6ci6MvPvrmh25qfVydiuxHq34uUPfDxI_WMIDx5N31TR897l-aIiIZ4KmbEympzQrdeLVDbxyteXki59sdYzuOPCqZPpKQvxLvrLqkP4c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fyalla-shoots.tv%2F&domain=yalla-shoots.tv&bundle=VdkrH19MSjdRSzAlMkIySjdmQXc2Rnh5TkdZWWpDNTg2QUlnaGpaVm5yS1VKYmVUQ09Ka2JFdHF4SVF0SndoZ0t0ejN0azBvc0d2YyUyRnQ5RXIxREklMkZrSjlHOUp0MkY0VFpuWVhucGpya3B0S0FhZnd0cktKSjNOSExVYnFkTFZBbjlBWENDemFTVVJVU09zWTJBQTRJSWxqNm5RWXclM0QlM0Q&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://yalla-shoots.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 30 May 2023 12:24:33 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
295531
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fyalla-shoots.tv%2F&domain=yalla-shoots.tv&bundle=VdkrH19MSjdRSzAlMkIySjdmQXc2Rnh5TkdZWWpDNTg2QUlnaGpaVm5yS1VKYmVUQ09Ka2JFdHF4SVF0SndoZ0t0ejN0azBvc0d2YyUyRnQ5RXIxREklMkZrSjlHOUp0MkY0VFpuWVhucGpya3B0S0FhZnd0cktKSjNOSExVYnFkTFZBbjlBWENDemFTVVJVU09zWTJBQTRJSWxqNm5RWXclM0QlM0Q&cw=1&pbt=1&lsw=1
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:33 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
287577
expires
0
prebid
id5-sync.com/api/config/ 		135 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://yalla-shoots.tv
date
Tue, 30 May 2023 12:24:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
/
onetag-sys.com/usync/ Frame A284 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1685449472649&gdpr=0
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame 5710 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1685449471163
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
122a35a3a066e6ee8886104a5719d2efc5e0d9b0db1bd56b9a0517666e092d17
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://yalla-shoots.tv
date
Tue, 30 May 2023 12:24:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
692.json
id5-sync.com/g/v2/ 		241 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
dc91d8e1c3f092d7ea6cf1ffa3be844bc8bf9e0566934ac7e2d2b85bc8246b2e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://yalla-shoots.tv
date
Tue, 30 May 2023 12:24:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=77536120767
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
250c5eb6172573e6cc9db130889cd422decf08f6d0a9ccf64523b1362fba6923
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 May 2023 12:24:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
bid
ap.lijit.com/rtb/ 		25 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.4
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
4f459bdfed232d62dff8ae016b642c3ec68a64e3f0fe81ac3f906c518cdbfc5e

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 30 May 2023 12:24:34 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
c
prebid.a-mo.net/a/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Tue, 30 May 2023 12:24:33 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
mp.4dex.io/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:34 GMT
x-err
Parsing the Prebid Request. org/site not found
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7cf6f46f8ab1368b-FRA
expires
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		384 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1459908131487426&correlator=3776719474188032&eid=31074695%2C31074825&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=160x600&ifi=25&adks=2874340323&didk=2583336342&sfv=1-0-40&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-1685449474426-0%26hb_r_id%3D2634539e28541528%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.06%26hb_adid%3D279e358bd996913c%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F11082%252F0%252Froland-garros-vs-roland-garros%252F&sc=1&cookie=ID%3Da21db3fede674b59%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MbiJublblMJ28VmXwv_XsSJrah7zQ&gpic=UID%3D00000c295cbb895a%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MZBxudIro3CPAskob6wXAlh5DDrjA&abxe=1&dt=1685449474561&lmt=1685449420&dlt=1685449469390&idt=531&adxs=-160&adys=910&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=p&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=640&ohw=0&psts=ABHeCviXCgYd7ojjInzjsRLmpLydw19F0hiBYTzDskWy51_2K-E3GnG4cMQhL3ADGVzL0U9oIgLQvJ3QhXfci-PJpkAMZwA%2CABHeCvgpXoHOx9brv-GoU_AKqLjg2I_KjfwUZ3ETvrIHpB2XofKPVnqL4fzVUSpUyT38FySCftpfJy3BnAYoIGC7Xa5lGKo%2CABHeCvh79HfRToY0pu1fcjh4yK1qZ1uM3V6rzUzR-TAEQcJwKMI-F4MPvR-xtG9wjmTZe72QnYZNSDM743tzxYa4U__64uE%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCviRMbSVU44yZuKmW90qla3h1QmNMbZl3GjX7l3kNJ1B-LG0b3eTPtxsAg2wG3MeDaEKJpS7Vc68kOowxkM0s91N9CA%2CABHeCvimr8HLNlNsb7zriDB55bfqVUO6-T5pFu0nRgJ5LNyYuOY1P-yDdJ8XSENponQIaVubdMc4SYS-6l6WQhj_Gtwppv0%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1954965806.1685449470&ga_sid=1685449470&ga_hid=914313790&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuOD35IYxSABSAghkEhkKCnB1YmNpZC5vcmcYjeH35IYxSABSAghqEu4BCghydGJob3VzZRLYAVkrUE9MVU9tSkdCNUVrZElyRW9KUlJLWDlyZTRHVTZ1NUhyckp1R0xHc1dpNGhDakZicHlCQ0xYajJCYmF2NlBFd2JKbkJtUmVub2Qyc1NGL2p1S2d6aFlObzZ4bHlwQ1d2STJ1cnZjeTdJR0pDUm95YmhZai9HV1lYNExrQnRPT09FaUw1WFNuWVk2bnplNXFWcW1GcEQ2UWNzZ1djSGRyRmtsR0Ruc3NvRUhmT1ZDVXczMmlCKzRMR0ZTT1BLT3RCN2phMy9MUkxYVW1NRG5KR2xtT3c9PRid4vfkhjFIABIdCg5lc3AuY3JpdGVvLmNvbRi44PfkhjFIAFICCGQSGQoKdWlkYXBpLmNvbRi44PfkhjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGN7h9-SGMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33f9c6991cc67da7a17cd6db42f227f36c17c327277a5e73d0db925a37784034
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 966C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7937829289780&version=m202301230201&ct=76&x=1&cor=14917842135716012000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
awcg463b.m3u8
cakcwbsnurkh.cdnexpress59.net/hls/ Frame 94B0 		825 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cakcwbsnurkh.cdnexpress59.net:8443/hls/awcg463b.m3u8?s=OCSBNBmDdVZElvfhMC15fw&e=1685471071
Requested by
Host: swarm.video
URL: https://swarm.video/nsns.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.154.206.69 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
5588259a690baa791bc2b8e19f86199cadbbefcdcab997c4380c28dd3efc62c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8gr9m8yqc15wvk.opposepresent.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 30 May 2023 12:24:35 GMT
Last-Modified
Tue, 30 May 2023 12:24:29 GMT
Server
nginx/1.18.0
ETag
"6475eafd-339"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
825
multitracking
ghb.aplhb.adipolo.com/adunit/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/19507/hbw_master_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://yalla-shoots.tv
Date
Tue, 30 May 2023 12:24:35 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.4&cb=86494320428
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6abbf3652db8d4c8b439c7eaf1057b4c76b439e732ab687563b17c448e665ab4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 May 2023 12:24:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://yalla-shoots.tv
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
mp.4dex.io/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 May 2023 12:24:37 GMT
x-err
Parsing the Prebid Request. org/site not found
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7cf6f4806c5a368b-FRA
expires
0
c
prebid.a-mo.net/a/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Tue, 30 May 2023 12:24:36 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://yalla-shoots.tv
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
bid
ap.lijit.com/rtb/ 		24 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.4
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/468180/hb_739813_17175.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
fff1e349e959f709370accb5934c63938c7f5bb77c24fafd9fb0ee974d209b16

Request headers

Referer
https://yalla-shoots.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 30 May 2023 12:24:37 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://yalla-shoots.tv
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yalla-shoots.tv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		384 B
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1459908131487426&correlator=2861035453647461&eid=31074695%2C31074825&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fif&iu_parts=7047%3A22644495376%2Capl%2Caplmcm7047%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=160x600&ifi=26&adks=185692598&didk=950879218&sfv=1-0-40&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D6329294%26hb_buyer_id%3D17535%26hb_div_id%3Ddiv-gpt-ad-1685449477144-0%26hb_r_id%3D2894e353cd62ac62%26hb_site_id%3D17175%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.07%26hb_adid%3D3057a4d1298f69bc%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fyalla-shoots.tv%252Flive%252F11082%252F0%252Froland-garros-vs-roland-garros%252F&sc=1&cookie=ID%3Da21db3fede674b59%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MbiJublblMJ28VmXwv_XsSJrah7zQ&gpic=UID%3D00000c295cbb895a%3AT%3D1685449470%3ART%3D1685449470%3AS%3DALNI_MZBxudIro3CPAskob6wXAlh5DDrjA&abxe=1&dt=1685449477263&lmt=1685449420&dlt=1685449469390&idt=531&adxs=-160&adys=1510&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=q&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fyalla-shoots.tv%2Flive%2F11082%2F0%2Froland-garros-vs-roland-garros%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=640&ohw=0&psts=ABHeCviXCgYd7ojjInzjsRLmpLydw19F0hiBYTzDskWy51_2K-E3GnG4cMQhL3ADGVzL0U9oIgLQvJ3QhXfci-PJpkAMZwA%2CABHeCvgpXoHOx9brv-GoU_AKqLjg2I_KjfwUZ3ETvrIHpB2XofKPVnqL4fzVUSpUyT38FySCftpfJy3BnAYoIGC7Xa5lGKo%2CABHeCvh79HfRToY0pu1fcjh4yK1qZ1uM3V6rzUzR-TAEQcJwKMI-F4MPvR-xtG9wjmTZe72QnYZNSDM743tzxYa4U__64uE%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCviRMbSVU44yZuKmW90qla3h1QmNMbZl3GjX7l3kNJ1B-LG0b3eTPtxsAg2wG3MeDaEKJpS7Vc68kOowxkM0s91N9CA%2CABHeCvimr8HLNlNsb7zriDB55bfqVUO6-T5pFu0nRgJ5LNyYuOY1P-yDdJ8XSENponQIaVubdMc4SYS-6l6WQhj_Gtwppv0%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1954965806.1685449470&ga_sid=1685449470&ga_hid=914313790&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYuOD35IYxSABSAghkEhkKCnB1YmNpZC5vcmcYjeH35IYxSABSAghqEu4BCghydGJob3VzZRLYAVkrUE9MVU9tSkdCNUVrZElyRW9KUlJLWDlyZTRHVTZ1NUhyckp1R0xHc1dpNGhDakZicHlCQ0xYajJCYmF2NlBFd2JKbkJtUmVub2Qyc1NGL2p1S2d6aFlObzZ4bHlwQ1d2STJ1cnZjeTdJR0pDUm95YmhZai9HV1lYNExrQnRPT09FaUw1WFNuWVk2bnplNXFWcW1GcEQ2UWNzZ1djSGRyRmtsR0Ruc3NvRUhmT1ZDVXczMmlCKzRMR0ZTT1BLT3RCN2phMy9MUkxYVW1NRG5KR2xtT3c9PRid4vfkhjFIABIdCg5lc3AuY3JpdGVvLmNvbRi44PfkhjFIAFICCGQSGQoKdWlkYXBpLmNvbRi44PfkhjFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGN7h9-SGMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
30e8d8c8ba5992bd34491082b3a9a08e26dd7962f27fd6f21ba2f6e0cd92c3d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yalla-shoots.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 12:24:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://yalla-shoots.tv
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

218 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 boolean| credentialless object| __cfQR string| demandSupplySc string| demandSupplyCr number| demandSupplySr object| houseAdCampaigns string| demandSupplyTi object| demandSupplyTc object| demandSupplyTcI number| demandSupplyPDI number| demandSupplyDFSS object| demandSupply object| googletag object| zg object| dspbjs string| demandSupplyFS object| _app object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| signal_decrypted object| pbjs object| __uid2SecureSignalProvider object| __uid2 function| setImmediate function| clearImmediate function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_136 object| Criteo object| Criteo_identitytag_136 string| currentUrl string| mainURL function| _0x480a function| _0x47df function| decrypt function| $ function| jQuery function| removeCustomBanner undefined| customBannerCountdownInterval number| p object| matche string| u_key string| k_url function| update_frame function| _0x17035d function| _0x1bbb function| _0x144026 function| _0x516788 object| divChannels object| rowChannel function| _0xef9dd0 function| _0x12aaab object| channels function| _0x599d function| _0x19cc99 object| channel0 object| aniplayerPos function| rdmode function| HqyLazyload function| gtag object| dataLayer boolean| __cfRLUnblockHandlers object| google_tag_manager object| gptAdSlots undefined| interstitialSlot undefined| staticSlot object| anchorSlot object| vmpbjs object| vpb object| adipolo string| GoogleAnalyticsObject function| ga object| com function| _avcp object| GoogleGcLKhOms object| gaplugins object| gaData object| vmpbjsChunk object| ADAGIO object| sas object| apntag object| _ADAGIO object| google_image_requests object| ONFOCUS

36 Cookies

Domain/Path Name / Value
live.demand.supply/ Name: demandSupplyTi
Value: 836aca35-ff33-458c-a37a-74033abb37e7
.demand.supply/ Name: __cf_bm
Value: dAAgK.9YE1lVhPJ29TdaDRGTBZ3.1mPW_9oVbFUbgnA-1685449469-0-AeNbXai+FFLWgB5cRjkIDjPFn20xq76x+uuY+2xzDPjfZUw4OIJGSc2yv3VO2Pvefp2WsirKxNhXSpAcEV3dO3o=
.criteo.com/ Name: uid
Value: 7068971d-adbe-487c-a48b-cd3635f4a944
.yalla-shoots.tv/ Name: cto_bundle
Value: VdkrH19MSjdRSzAlMkIySjdmQXc2Rnh5TkdZWWpDNTg2QUlnaGpaVm5yS1VKYmVUQ09Ka2JFdHF4SVF0SndoZ0t0ejN0azBvc0d2YyUyRnQ5RXIxREklMkZrSjlHOUp0MkY0VFpuWVhucGpya3B0S0FhZnd0cktKSjNOSExVYnFkTFZBbjlBWENDemFTVVJVU09zWTJBQTRJSWxqNm5RWXclM0QlM0Q
.doubleclick.net/ Name: IDE
Value: AHWqTUkwOKlBgHa70idw6CMS1sya0pDwOz-ay-tKEJoicjU0JH0ZzFLDn97lqw87D-E
.yalla-shoots.tv/ Name: __gads
Value: ID=a21db3fede674b59:T=1685449470:RT=1685449470:S=ALNI_MbiJublblMJ28VmXwv_XsSJrah7zQ
.yalla-shoots.tv/ Name: __gpi
Value: UID=00000c295cbb895a:T=1685449470:RT=1685449470:S=ALNI_MZBxudIro3CPAskob6wXAlh5DDrjA
.yalla-shoots.tv/ Name: _ga
Value: GA1.2.1954965806.1685449470
.yalla-shoots.tv/ Name: _gid
Value: GA1.2.1537707820.1685449471
.yalla-shoots.tv/ Name: _gat_gtag_UA_230085360_1
Value: 1
yalla-shoots.tv/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.yalla-shoots.tv/ Name: _pubcid
Value: f67e99cd-1e91-4e4d-81ae-16c090d0c4bf
.lijit.com/ Name: ljt_reader
Value: Gu2IqGZHYnFXcSmXSU67IRUe
.casalemedia.com/ Name: CMID
Value: ZHXq-1LtxKQEPhms-iwrFAAA
.casalemedia.com/ Name: CMPS
Value: 5180
.casalemedia.com/ Name: CMPRO
Value: 5180
.adnxs.com/ Name: uuid2
Value: 1853713123707780193
.mathtag.com/ Name: uuid
Value: bf076475-eaff-4200-9a7a-6e66e61e51d0
.uuidksinc.net/ Name: jcsuuid
Value: u4BD6M93J6fS53xDWWxL
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%229211E11E-CC0C-4722-AEBC-7937B5879C71%22%7D
.w55c.net/ Name: wfivefivec
Value: Dj5A2G2p1Q3YoT5
.linkedin.com/ Name: bcookie
Value: "v=2&1298d59e-3be3-4a65-840f-a42db80e0c09"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODU0NDk0NzE7MjswMjH+fDg1skmSzB/AefEM8I3mx/YwIdBLtpyejf7b9bMOPQ==
.linkedin.com/ Name: lidc
Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2653:u=1:x=1:i=1685449471:t=1685535871:v=2:sig=AQFKJf3yo2bWSQFvBQLtuTS40WTq7KCz"
.de17a.com/ Name: guid
Value: 1.8877228338923707890
.w55c.net/ Name: matchgoogle
Value: 5
.zemanta.com/ Name: zuid
Value: rh47hZRVNuoc2CcPgnTK
8gr9m8yqc15wvk.opposepresent.net/ Name: hf3
Value: 1
.adform.net/ Name: C
Value: 1
.quantserve.com/ Name: d
Value: ED8BCQGOKYEA
.quantserve.com/ Name: mc
Value: 6475eaff-bbe1b-d7c09-e5b7f
.yahoo.com/ Name: A3
Value: d=AQABBP_qdWQCEEPoPxN_6seeiux1FK9AzRwFEgEBAQE8d2R_ZAAAAAAA_eMAAA&S=AQAAAtzL87XD3OeaZ4usGNqrlZ8
.adform.net/ Name: uid
Value: 5046529699952065992
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Hb:F+Ubo!@wnfH8K6pQK`!5=E<*L5?%K/jR*h/9J]NW4Af(y7`1RF3lD22@Q<r=tz4d`%nugO%v4VB%nm)_)rkta
.mathtag.com/ Name: mt_mop
Value: 4:1685449473
.adsby.bidtheatre.com/ Name: __kuid
Value: 320db78e-19bd-4838-ad5e-47c128115de9.454663474

8 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: microphone, camera, geolocation. Values defined in Permissions-Policy header will be used.
other warning URL: https://yalla-shoots.tv/live/11082/0/roland-garros-vs-roland-garros/(Line 412)
Message:
<link rel=preload> must have a valid `as` value
network error URL: https://dalbouh.xyz/api/matche?t=1685449421
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
rendering warning URL: https://8gr9m8yqc15wvk.opposepresent.net/embed/awcg463b(Line 5)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8gr9m8yqc15wvk.opposepresent.net
a854388a83c893101c87bcddea982c56.safeframe.googlesyndication.com
adipolo.com
ads.eu.criteo.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ap.lijit.com
awstats.cloud
b1sync.zemanta.com
bcp.crwdcntrl.net
bidder.criteo.com
c1.adform.net
cakcwbsnurkh.cdnexpress59.net
cat.fr3.eu.criteo.com
cat.nl3.eu.criteo.com
cdn-adipolo.urekamedia.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
csm.eu.criteo.net
d5p.de17a.com
dalbouh.xyz
dsum-sec.casalemedia.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
esp.rtbhouse.com
feed.avplayer.com
fonts.googleapis.com
fonts.gstatic.com
ghb.aplhb.adipolo.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
im.bluevoox.com
imageproxy.eu.criteo.net
invstatic101.creativecdn.com
jscdn.greeter.me
lb.eu-1-id5-sync.com
live.demand.supply
live.shoot-yalla.tv
lives.shoot-yalla.tv
match.adsby.bidtheatre.com
mp.4dex.io
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
player.adtelligent.com
player.aplhb.adipolo.com
player.avplayer.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
px.ads.linkedin.com
r5---sn-4g5lzned.gvt1.com
redirector.gvt1.com
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
s.uuidksinc.net
s0.2mdn.net
s10.histats.com
s4.histats.com
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
servt.modoro360.com
ssum-sec.casalemedia.com
static.criteo.net
storage.de.cloud.ovh.net
swarm.video
sync.mathtag.com
tags.crwdcntrl.net
tg1.modoro360.com
tpc.googlesyndication.com
v3.sportsonline.sx
velocitycdn.com
web-api.scorarab.com
whos.amung.us
widgets.amung.us
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
yalla-shoots.tv
youradexchange.com
100.25.186.91
104.21.233.172
104.21.235.80
104.21.70.33
141.95.4.196
141.95.98.64
142.250.181.226
142.250.185.162
147.75.84.158
149.56.240.131
162.19.138.82
172.67.141.250
178.250.1.11
178.250.1.6
178.250.7.9
18.66.192.120
185.29.134.244
185.80.39.216
185.83.142.19
185.89.210.122
188.114.97.3
2001:4860:4802:38::178
205.185.216.42
213.155.156.180
216.52.2.6
2404:6800:400a:804::2003
2600:9000:225b:7a00:a:e047:753:be1
2606:4700:10::6816:4bab
2606:4700:10::6816:4fe
2606:4700:10::ac43:266a
2606:4700:20::ac43:4bf1
2606:4700:3034::6815:1155
2606:4700:3035::6815:2e3f
2606:4700::6810:8616
2606:4700::6812:372
2606:4700:e2::ac40:8b25
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:21::14
2a00:1450:4001:13::a
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::2006
2a00:1450:4001:828::200a
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::9
2a02:2638:d::13
2a02:2638:d::c
2a02:2638:d::d
2a02:26f0:3500:c::5c7b:682a
2a02:6ea0:c700::11
2a04:4e42:600::485
2a05:d018:d29:3601:788a:d38b:87c1:5605
2a06:98c1:3120::3
2a06:98c1:3121::3
2a0c:5c81:5142::2
3.64.145.154
31.220.27.135
34.96.70.87
35.190.0.66
35.190.39.111
37.157.6.243
45.133.44.3
45.133.44.4
45.154.206.69
51.38.120.206
52.45.175.185
52.51.69.125
64.227.64.62
69.16.175.10
70.42.32.191
00a3a2285754aaafb6bd96042a59d7a9a8bfaf462977b514bc011620544206d9
0334441949b1749540cb71cdd3b29c6aab9f487b43b0fc7bd46d0afda2bac0d6
05f11e54d9bfbe14db49a28c5cf70dceb5ed516392e2a1f130edb6c4655d88d4
073efb0edb3ceba2aba8568196928e8295c45470ceed0e5f9221251dcd6c5409
0755abe4aa5ee2d1d9dfad4ac92ff239343b1d7a0cc46b52dda9a34627065309
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0e129a1d02af54d402629181c5a4ea2535dbbea1470a80da3c2f11f854818592
0e90789fcb748938325c8e19f648c5d873a88351db8b138d49723e9ecb781097
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
0fe00a83c1d70570487f1cf7e1931fbfaf512855eac0af99e7a659f7eb56e5b5
118417f9302bd9971a4e09f984d9797ede54f40c3e00d2908fcfce1dad34556e
122a35a3a066e6ee8886104a5719d2efc5e0d9b0db1bd56b9a0517666e092d17
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
138bbeec71d389fe5deb41a9a16918c06f5dfdd8b921cf01cc3dab84630f7029
144aa068060cf43481d52283d230998a413a56962a16790804a5c8382884ae09
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
1877f51abf80b10102b200e96c3b6a52fad9f9ca26b7897fc7500de9f0faa4cd
1a25c109fabd28f417063371b2d6e9819189f218a66747a51a8d28ae40af5d0d
1bc65fbbbf9681c2cb6284c6874a7dfe56bc9f227223a776f21ceca966e6c469
1d6bfe9afd10a2ca27a6d73cbd7c61f0d74e5c141282db9311982dba8e1c449d
1f9173abcb2218684b9c9a0b4339d5f07661b23eb0722138c348316c54bad709
2117dcbb0fe87d3653b726dd3cfc6082c9d43b8c08d534f847ce7d56f6a0db42
230db669b1d4ba704bb51facd5614acae4744853cc90e26f7051b2ef3ad2011d
250c5eb6172573e6cc9db130889cd422decf08f6d0a9ccf64523b1362fba6923
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27fdcff158fd7bcae8892ebdd7952e97f68f3d094222f3b2517bdacdee5d2fc5
286f1a5764a71a9ce32e9bdf6c43866b85d375632e506139c9442ed989a09b52
28ea2ed2dcd96500156b626a9b0c19d67a2d2a9960dad3e6693db228a302e1a5
296a00aecaff9ba80e3d631d2ecb2614231c1c1fb09dd50b6e1503f75be755a1
29ea687fcce3c207ee2e21eb2a10c0f3a5129e10b3b134134be26062cea0ccff
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
2c7cf941b4eb9254e850875107ded812b5cf2da9de46f85919561f2a73876257
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fc194c6bf65df7e6f2bceb5eccf395b368e6cc7a803429ad8086240c5c69fc6
30e8d8c8ba5992bd34491082b3a9a08e26dd7962f27fd6f21ba2f6e0cd92c3d3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
322ad3e051494b3a3d2d00a425cf618d436ded37ca8df073c87a785fb8c867cb
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
33f9c6991cc67da7a17cd6db42f227f36c17c327277a5e73d0db925a37784034
34604045879551d9e3dc0a6bfff8ccc4f5acc35f7d91edd7855937ef417a9736
35cf75de5d617b7a8e395dc30579c7245e3001a2b8227d55f3d3ddc2e773741d
36b808a258319847cbc8c3454e304bd3295ee377e65b30d8bf93903bd6a63f7d
37273ef94babc8cbdbe39b9aa8892ae8dd8fa7e083b859da603ca4aa3cfa848c
3790ed75687a3b6c3d71bcf4bd62c99f82a3dd738ae4b6b2639bd36e4f6bca29
38354e6a0119fe113356e1506a115ca148a6b9ea22cf88136baa9167d6fde794
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b35d449300be79f0dafcc67974bdad447f5c244e429ddbd6314952cf45305a5
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3dd92c489a8022b99f36c161be9649b0ceab8ce2749aa8d08d0ca628c07c8b6b
3e0b94cf96888a314b63218c371f8dbc49113b17436bdc392ec1f5c2a1f52290
3e0cbf855099cc859918084f04b9037947d957c0aa61dbfe03041c6205323988
3f9f532d9791610dfcc4f0902dcac54e5274eec29a675eae9612ad25c4512fbb
3face1b37e41abe0ef6095b7eb472fea47c3e0d991ee6aed7e7527683521f916
3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876
407f245424c71985ff71b2a920f2a1eb24e538756a53dac0d5613d16cf07b769
408e46e3b923094c27c0d74311b0a9054c05c9bcf449291781a1784bcdac80c1
4288e9ca22aed335ebbfe0b90d969604283f10bfb0a6f6befce0d303e3dc5689
435750f71fafd9776e554fd8c752c99f7a483edadbcc8185bba1164e598c784a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4475335b87a3456536775fd2dd0dd5bd5eba10e830b820cc122ba1e3cb0de1ce
44bdf92dbc7c6cc39fb36f82b48882e2ab6799f5417b8e40acf1c26355af2668
44ca64a9e8fe2cba0e19f10b5be4ad2556352a9783f2277d99133fc1ef81ea4d
45dd60aee8728ca8786226233d74694db5f4c0110647c8e48710c49cdd5bdf41
45eac8baca5730b7c137680022ef7a751eb13c730c66e764e4b391e160e08cb0
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf5b2004016e02950b3452cd44831480ea9603b2fa759ba4c4a9717cb6ae65e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f459bdfed232d62dff8ae016b642c3ec68a64e3f0fe81ac3f906c518cdbfc5e
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
5588259a690baa791bc2b8e19f86199cadbbefcdcab997c4380c28dd3efc62c0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5720bbc5886f9cae5475547e9b57068b45d4e4c0efc69b763714dd3aad11e25c
5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a
5e1ac455185c609811803c8fda5ff8f126ad8399b7a23111c8579f5fa86af3d5
5ffdc3ac4306a19c995a12935fcbebddba0d65dce9680443e84fb04541cf43f3
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
60a23ba9976ca655705031ac97edff6bb6d1c07eace4cd7131bae9abb9f4d21b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
677479b38b953fb5bf0de894444a188b45d659281d720350ec653013234c6720
683e5f1d6af38b278f6768fd3e940c12caa5b6a50d42818f2b17b9c8a496a698
69513486476f788c93edd1b16f09d7b67f812bb43b5402e3bb74adf402523c59
6971ca9515cc0a709fe12eba9547261df5770c55e807fb521fb5f027b6e81896
6a4cd4cc0611b7e185314511bdf771b4a928136d04b427562107bb50003b2415
6abbf3652db8d4c8b439c7eaf1057b4c76b439e732ab687563b17c448e665ab4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f9ef4853bfe665b34cf7a2c4b9ac3a0a29aee6a4c3524be5afeb941fce4bfaf
7048a34fdb63bdb513d4a25a939bb2b42515351292c3b263a7277ac60591a54f
717c8edc4966a38076d387c95b32caa0725ecd0d659479ec60be05d9b45d5c21
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
74fc1a72da63ce8893d1c626078dc84886590d182daf2309564d9396c5edc52a
77d38085ab22f6339cc27177313aca1f72f76c1e285749b3e895de70b9eaffca
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
7c260f5e1dcb04331e9fb5ea2c0a5b82552133dd170d219384ec76afb1ec9b3d
7eec3429c76cb48e5fd457c5afb71b7cf34bc4298d53023bae8aea715443b4a9
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
82fc44d47488df64278445c8fd1f9bbf3b97c98d19d9d4ae4976c7c28840f1d3
83bb47871b3895cd8f4bf5da67037710b6d9a9e1fab80d03b579cd83a448fe23
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88fdf8bfc504ff9bd5d7e729c0285027326da3c17b73dfd6858437eb6cb4ed3a
897d3edf994f111036c0fa780423af15d391088ed8cd919786025b59e695c560
8ab3c14a79fadc01f78e56ed88625b6741bcc1843238740de85c94935b65d2d9
8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de
8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7
8e5acea1f3347debe27edec7d78ed3864304ff935862a9d6f1dfdcde0b03c56b
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
913c2512b4fc9e93b54dcf6beb2ec187b1abf60a98d8b9a2fd222b13637c7276
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92321314668f4748e22349250e353caad0a27064783d9ca8e4f2a62bef831387
98d8f2bbd895433aa005561d4b8cee089fb0d88649db870427a5751e56d44e74
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
99f528eaef5135d0b984c1853c2f6848ccb0918367b3428b4d85baf3344b9177
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cc85fc172bceeb36905c517abe98d47ff02bc00e73189c5e5137d687bacbe78
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5
9f6cb5059e0cfa8aed6e6a7b7137bfe2eb19e43858032c4e4ba50a75027965cb
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a14feef249236b2febec93bf05e89bbfc47a7e7bfc844206f3168d60e0992189
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a31e81b5ee962da98d89c99da3f964c57755440e8b8e0c950b6cf63f4f29b7fa
a354da14f966bdf1fc9a766a4cc89af81ee90a22ee06b8909fc44b5ea9f5522d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5e56ffef36bcb5671235972d691c8b522e910d823e96092c3207472e0c44f04
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a79f239a978530eec45abf72e8f4e6a20776f8ff1f3305bebbac1c26a249e8db
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
aab126f4f2188558e1f9b7f8a9ab755dd5097ee63fbe25dec6aa89a670d51071
ae0433ac5d000ac03daf9059492d0390e427b7461332f0f488bbc6f44b5107a7
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b682cb1fee45d7f80c900aba4d8ddcb18ac1016dcf38ece495801ac65eb14f
b20f2ea2b92396fba5fa0a7a4e33727d81b423ab05fff6da9cf1889df5cbb730
b467039b95ce413c02ed45178615d2f41881181cab80b71249269d0c2ddde269
bc948ce9fd8111b4b396d24510aea3dab647723459e91fab9853d1ebdc88f91e
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c0883f3b1b0e7e616c54632fbdfbe938f3fecb3ce704695073acf41ef89b6030
c1a4f29f1536bd32a00691b8b339275d7232547c427e5edba7f5db709affa720
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c568f7495971a8e6b5347c63161fde1936923d9201e86b048342a4e4ef0d03d8
c61b268fb472e3e182ba3a561cd23c56b84f25f0202aaefc3e5b1f1191df2cc8
c73e7fcf76232d28a1760877bd3eccada211feb797fd25ba824df3bac45b46eb
c7e05b68eb47f0167793018bfc04a5fd640d8a9f406b6b2c1892a97f084f6769
c8291ff4fc609916e7ea8d4921cada460f2ce4f77b28067288aff17ce724df4b
cba78783503f962e24d09c78f38add0360021817317c6972d14e37e250b52e3b
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdeda8658c3f891c883f5a83c5f2b5e20a18c2fa65658d77a1522fe440b6d0e0
d27d3ce9124909a5ff44640d1a1556822d10db85c40fd45c9c574d52ff30fb1a
d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee
d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9
d8a5979e309bb544d8906a00e06d069296e3aeeb3a51127d0161f1bbcc965c3c
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
dc91d8e1c3f092d7ea6cf1ffa3be844bc8bf9e0566934ac7e2d2b85bc8246b2e
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
de15ae84e1cb9b0e9ef935dfb910395ac2e141cdbea3e927fe98f87c926b63db
df9f105132f597d241f2c8865eb746f0353bb880f19f67f1fcd36b03d8ee1a74
e0701156c044bdcd23404dab08a134e42f5510de8767ed16778a1b45f8ec23de
e19710390f24d6e6682ae4ead6829d24d47f8d4c93ac8ad2ef7f7cfa3132030e
e30d33de09a566251369aaab5f3b03ee854789a4dfbbe2db42454f6a9dfade97
e32200aac5ef452666f4340ca2a457ed95d3e534bbd9e1ac84fe97a7172d4219
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6cbf7d07ccd6e0a7f287a272b291e50eefdaace4c97acd5dde29818c0af4c0a
e6f9fc041d31f34f52fbf032e44d50717806c403cd7e276d5637870c7a2b0538
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e7fd313673e518ec15eeb82d0c37b3649e4a870ab258377629ed6e27a293aaa0
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
eeddffed9e8b89a1b0a474a838d92252b52c9b4265ab12f060f2a6a995cd66ed
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc
f48ddff7ac8a05910892b86dea9a1926e44ae04026acb4f5042b198a36d5042a
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6d6f9f14dbe6d337a4d6fdd7f2bbfcf7b3648c1b6030d6764485f106d632b0c
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f8aa9a880d6e487e7842722fbaee7c4c914803cef2baf4f92b76167b48df3bad
f94a0b25ed421e6643ca8ae21ccd63cf5630e8db8a3b64f63a669936d068c427
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8
fc0ac2d1dc80b20f3c4cef92ec47463bc44135de8c5ca21cd2c432998833662a
fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb
fd954b5d4d222efb1781a8cb6850acbf36132d0a9977301f15b09d1242fa8b24
fdaad798d774e2bfe82a6b76bfbebc01c68c9c630d8fce9c7f1e56814a32f686
ffc0fcd7df5c69a011e415aa73f66a59fae4c09686f7722eb585f53d60e5c7e2
fff1e349e959f709370accb5934c63938c7f5bb77c24fafd9fb0ee974d209b16