stad.yalla-shoot.io Open in urlscan Pro
2606:4700:20::681a:b15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://stad.yalla-shoot.io/channels/bein-sports-1a-live/%22
Effective URL:
https://stad.yalla-shoot.io/channels/bein-sports-1a-live/
Submission: On February 04 via manual (February 4th 2023, 6:44:36 pm UTC) from US — Scanned from DE

Summary HTTP 207 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 66 IPs in 12 countries across 48 domains to perform 207 HTTP transactions. The main IP is 2606:4700:20::681a:b15, located in United States and belongs to CLOUDFLARENET, US. The main domain is stad.yalla-shoot.io. The Cisco Umbrella rank of the primary domain is 597199.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 29th 2022. Valid for: a year.

This is the only time stad.yalla-shoot.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	2606:4700:20:... 2606:4700:20::681a:b15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700:303... 2606:4700:3038::6815:ea87	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:c::5c7b:680c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
4	104.21.17.122 104.21.17.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:c::5c7b:6837	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	52.203.73.229 52.203.73.229	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:80d::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::ac43:af62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1 2	2606:4700:10:... 2606:4700:10::6816:4aab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::ac43:a822	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5b06	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:400d:80d::2003	15169 (GOOGLE) (GOOGLE)
1	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
2	35.190.41.116 35.190.41.116	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
1	35.174.127.249 35.174.127.249	14618 (AMAZON-AES) (AMAZON-AES)
8	23.203.125.62 23.203.125.62	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a00:1450:400... 2a00:1450:400d:808::2004	15169 (GOOGLE) (GOOGLE)
2	23.35.229.181 23.35.229.181	16625 (AKAMAI-AS) (AKAMAI-AS)
2	199.232.18.132 199.232.18.132	54113 (FASTLY) (FASTLY)
21	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
2	23.203.124.192 23.203.124.192	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	52.59.132.152 52.59.132.152	16509 (AMAZON-02) (AMAZON-02)
4	54.152.20.34 54.152.20.34	14618 (AMAZON-AES) (AMAZON-AES)
1 1	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
1	2603:c020:400... 2603:c020:400d:3000:f50:982a:7877:65bd	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1 2	2.16.107.129 2.16.107.129	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.85.182.21 54.85.182.21	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 ^_^) (CDN77 ^_^)
1 1	104.96.145.246 104.96.145.246	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
2	3.120.17.109 3.120.17.109	16509 (AMAZON-02) (AMAZON-02)
2	70.42.32.223 70.42.32.223	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6 7	142.250.180.226 142.250.180.226	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.83.142.19 185.83.142.19	29990 (ASN-APPNEX) (ASN-APPNEX)
4	142.251.39.2 142.251.39.2	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1 4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
1 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	54.239.33.158 54.239.33.158	16509 (AMAZON-02) (AMAZON-02)
1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
1 1	34.235.231.136 34.235.231.136	14618 (AMAZON-AES) (AMAZON-AES)
2 2	162.19.80.92 162.19.80.92	16276 (OVH) (OVH)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1	37.157.4.41 37.157.4.41	198622 (ADFORM) (ADFORM)
1	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
2	2a02:26f0:e30... 2a02:26f0:e300::5f64:924a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
3	45.154.206.45 45.154.206.45	48357 (K4X) (K4X)
1	34.226.26.99 34.226.26.99	14618 (AMAZON-AES) (AMAZON-AES)
207	66

7 2606:4700:20::681a:b15 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

stad.yalla-shoot.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

jscdn.greeter.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3038::6815:ea87 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cup.yalla-shoot.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:c::5c7b:680c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tg1.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.17.122 (None, )

ASN13335 (CLOUDFLARENET, US)

strayindicate.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:c::5c7b:6837 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

feed.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content1.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.203.73.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-73-229.compute-1.amazonaws.com

servt.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80d::2001 (Ireland)

ASN15169 (GOOGLE, US)

fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:af62 (United States)

ASN13335 (CLOUDFLARENET, US)

swarm.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:4aab (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:a822 (United States)

ASN13335 (CLOUDFLARENET, US)

awstats.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5b06 (United States)

ASN13335 (CLOUDFLARENET, US)

celeritascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.41.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.41.190.35.bc.googleusercontent.com

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.174.127.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-127-249.compute-1.amazonaws.com

serv.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.203.125.62 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-62.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:808::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.229.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-181.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.18.132 (Vienna, Austria)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.203.124.192 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-124-192.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.132.152 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-132-152.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.152.20.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-20-34.compute-1.amazonaws.com

servs.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.44 (United Kingdom) 1 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:c020:400d:3000:f50:982a:7877:65bd (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.107.129 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-129.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.85.182.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-182-21.compute-1.amazonaws.com

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.145.246 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.17.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-17-109.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.180.226 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.83.142.19 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.39.2 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

vpaid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.239.33.158 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.235.231.136 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-231-136.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.80.92 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3011863.ip-162-19-80.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

rubicon-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:e300::5f64:924a (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.154.206.45 (United Kingdom)

ASN48357 (K4X, EE)

empxhnc8j2xacpe7.cdnexpress23.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.226.26.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-26-99.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	260 KB
33	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 325	292 KB
21	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 283	609 KB
12	rubiconproject.com 3 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 842 eus.rubiconproject.com — Cisco Umbrella Rank: 537 token.rubiconproject.com — Cisco Umbrella Rank: 548 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1079 pixel.rubiconproject.com — Cisco Umbrella Rank: 308	13 KB
12	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1279 widget-pixels.outbrain.com — Cisco Umbrella Rank: 3116 odb.outbrain.com — Cisco Umbrella Rank: 1529 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5415	160 KB
8	modoro360.com tg1.modoro360.com — Cisco Umbrella Rank: 159651 servt.modoro360.com — Cisco Umbrella Rank: 177184 serv.modoro360.com — Cisco Umbrella Rank: 193133 servs.modoro360.com — Cisco Umbrella Rank: 321678	13 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34 ajax.googleapis.com — Cisco Umbrella Rank: 295	19 KB
7	yalla-shoot.io 1 redirects stad.yalla-shoot.io — Cisco Umbrella Rank: 597199	110 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	268 KB
5	gstatic.com fonts.gstatic.com	93 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 484 tps.doubleverify.com — Cisco Umbrella Rank: 525 tpsc-eu3.doubleverify.com — Cisco Umbrella Rank: 9463	111 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524	3 KB
4	strayindicate.net strayindicate.net	47 KB
3	cdnexpress23.net empxhnc8j2xacpe7.cdnexpress23.net	4 KB
3	amazon-adsystem.com 2 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 902	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	3 KB
3	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 463 image6.pubmatic.com — Cisco Umbrella Rank: 733	6 KB
3	aniview.com player.aniview.com — Cisco Umbrella Rank: 1783 sync.aniview.com — Cisco Umbrella Rank: 2167 track1.aniview.com — Cisco Umbrella Rank: 1753	119 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	avplayer.com feed.avplayer.com — Cisco Umbrella Rank: 10800 player.avplayer.com — Cisco Umbrella Rank: 8915 content1.avplayer.com — Cisco Umbrella Rank: 12325	79 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21 region1.google-analytics.com — Cisco Umbrella Rank: 2456	20 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1232	344 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 417	418 B
2	dyntrk.com 2 redirects gu.dyntrk.com — Cisco Umbrella Rank: 1019	869 B
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 281	291 B
2	vidoomy.com vid.vidoomy.com — Cisco Umbrella Rank: 2287 vpaid.vidoomy.com — Cisco Umbrella Rank: 105073	19 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 629	1 KB
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 650	771 B
2	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 8853	926 B
2	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 36585	103 B
2	celeritascdn.com celeritascdn.com — Cisco Umbrella Rank: 444581	57 KB
2	amung.us 1 redirects whos.amung.us — Cisco Umbrella Rank: 15937 widgets.amung.us — Cisco Umbrella Rank: 15031	2 KB
2	yalla-shoot.video 1 redirects cup.yalla-shoot.video	12 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	120 KB
2	greeter.me jscdn.greeter.me — Cisco Umbrella Rank: 201946	9 KB
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 601	191 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1400	106 B
1	dotomi.com rubicon-match.dotomi.com — Cisco Umbrella Rank: 2923	104 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 852	493 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 831	44 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 522	666 B
1	technoratimedia.com sync.technoratimedia.com — Cisco Umbrella Rank: 1204
1	1rx.io 1 redirects sync.1rx.io — Cisco Umbrella Rank: 507	276 B
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 274
1	awstats.cloud awstats.cloud — Cisco Umbrella Rank: 659409
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 359	138 KB
1	swarm.video swarm.video — Cisco Umbrella Rank: 449479	128 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8741	531 B
207	48

	Domain	Requested by
25	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net stad.yalla-shoot.io www.googletagservices.com
21	s0.2mdn.net	fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com stad.yalla-shoot.io s0.2mdn.net
16	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com stad.yalla-shoot.io
15	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net stad.yalla-shoot.io
7	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
7	googleads.g.doubleclick.net	stad.yalla-shoot.io fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com pagead2.googlesyndication.com
7	stad.yalla-shoot.io	1 redirects stad.yalla-shoot.io
6	widgets.outbrain.com	securepubads.g.doubleclick.net widgets.outbrain.com
6	www.googletagservices.com	jscdn.greeter.me securepubads.g.doubleclick.net fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com stad.yalla-shoot.io
5	fonts.gstatic.com	fonts.googleapis.com
4	pixel.rubiconproject.com	1 redirects eus.rubiconproject.com
4	token.rubiconproject.com	1 redirects eus.rubiconproject.com
4	googleads4.g.doubleclick.net	stad.yalla-shoot.io
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	servs.modoro360.com	player.aniview.com vid.vidoomy.com
4	fonts.googleapis.com	strayindicate.net ajax.googleapis.com
4	fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	strayindicate.net	cup.yalla-shoot.video strayindicate.net
3	empxhnc8j2xacpe7.cdnexpress23.net	swarm.video
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	ajax.googleapis.com	s0.2mdn.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	cdn.doubleverify.com	s0.2mdn.net stad.yalla-shoot.io
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	gu.dyntrk.com	2 redirects
2	mcdp-nydc1.outbrain.com	widgets.outbrain.com
2	x.bidswitch.net
2	eus.rubiconproject.com	player.aniview.com eus.rubiconproject.com
2	ads.stickyadstv.com	1 redirects player.aniview.com
2	ad.360yield.com	2 redirects
2	ads.pubmatic.com	player.aniview.com
2	odb.outbrain.com	widgets.outbrain.com
2	widget-pixels.outbrain.com	stad.yalla-shoot.io
2	tcheck.outbrainimg.com	widgets.outbrain.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	youradexchange.com	celeritascdn.com
2	celeritascdn.com	strayindicate.net celeritascdn.com
2	servt.modoro360.com	stad.yalla-shoot.io
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cup.yalla-shoot.video	1 redirects stad.yalla-shoot.io
2	www.googletagmanager.com	stad.yalla-shoot.io www.googletagmanager.com
2	jscdn.greeter.me	stad.yalla-shoot.io
1	tpsc-eu3.doubleverify.com	cdn.doubleverify.com
1	track1.aniview.com	player.aniview.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	pixel-sync.sitescout.com
1	cm.adform.net
1	rubicon-match.dotomi.com	eus.rubiconproject.com
1	sync.ipredictive.com	1 redirects
1	match.deepintent.com	eus.rubiconproject.com
1	pixel-us-east.rubiconproject.com	eus.rubiconproject.com
1	vpaid.vidoomy.com	vid.vidoomy.com
1	image6.pubmatic.com	ads.pubmatic.com
1	secure-assets.rubiconproject.com	1 redirects
1	vid.vidoomy.com	player.aniview.com
1	sync.aniview.com	player.aniview.com
1	bh.contextweb.com	1 redirects
1	sync.technoratimedia.com	player.aniview.com
1	sync.1rx.io	1 redirects
1	ups.analytics.yahoo.com	player.aniview.com
1	serv.modoro360.com	player.aniview.com
1	player.aniview.com	player.avplayer.com
1	content1.avplayer.com	stad.yalla-shoot.io
1	awstats.cloud	strayindicate.net
1	widgets.amung.us	strayindicate.net
1	whos.amung.us	1 redirects
1	cdn.jsdelivr.net	strayindicate.net
1	swarm.video	strayindicate.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	player.avplayer.com	tg1.modoro360.com
1	feed.avplayer.com	tg1.modoro360.com
1	tg1.modoro360.com	jscdn.greeter.me
1	region1.google-analytics.com	www.googletagmanager.com
207	75

This site contains links to these domains. Also see Links.

Domain
fc.yalla-shoot.io
www.facebook.com
twitter.com
web.whatsapp.com
api.whatsapp.com
t.me
ultra.yalla-shoot.io

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-29` - `2023-05-29`	a year	crt.sh
greeter.me E1	`2023-01-15` - `2023-04-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
wl1.aniview.com R3	`2022-11-27` - `2023-02-25`	3 months	crt.sh
outstreamedia.com R3	`2022-12-04` - `2023-03-04`	3 months	crt.sh
*.avplayer.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-08-08` - `2023-09-08`	a year	crt.sh
*.adservrs.com Amazon	`2022-04-26` - `2023-05-25`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.aniview.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-07-14` - `2023-08-14`	a year	crt.sh
youradexchange.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-20` - `2023-06-20`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.outbrainimg.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-09-27` - `2023-03-22`	6 months	crt.sh
*.technoratimedia.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-15` - `2023-09-15`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-06-16`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-05-02` - `2023-06-03`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2023-01-20` - `2023-04-20`	3 months	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh
empxhnc8j2xacpe7.cdnexpress23.net R3	`2023-01-03` - `2023-04-03`	3 months	crt.sh

This page contains 34 frames:

Primary Page: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/
Frame ID: 51F1B5FE1507EAC1671D02B399D3B5DE
Requests: 48 HTTP requests in this frame

Frame: https://cup.yalla-shoot.video/albaplayer/bien-sports-1/
Frame ID: ABB8B5088F527650DD5610987508DE46
Requests: 1 HTTP requests in this frame

Frame: https://strayindicate.net/embed/i1b8m1za1k
Frame ID: D75D81818699131639214090E65EAD5B
Requests: 17 HTTP requests in this frame

Frame: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: ADCB075038295C8F19B49371F0B47C41
Requests: 1 HTTP requests in this frame

Frame: https://strayindicate.net/deb.html
Frame ID: F5245853BB6C791AC8C96BE8C800E19F
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Frame ID: E054C41D03E5181D629B47B2236857D4
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0Xu6IuJl0yyQWuesnym1X8FnQu8BOQ6okznxDr-oU-KhgmtyiJ78DstwJmCSmNdZUDpnXtjPVyNA_Upz_myUtdGAL-1OovXJ4q7jKWwYFUNjyyU86UI7UIu9_wICh9bCozNMdnnta_guGoOj7ETrtFmHtL-LheY8JoyoaeDfmPJXjXrsAQiRB_cowma8D9juHbwIZ01-dF3sVXyO_6aSL7wtiK9cR26aNBky9BCmjkYNOi7FQhunZ5Ro0G2owQioU7tGLDc94b-ccxdl4l4dvMqNHtfAEtgIkYOTpBoQXS-0TpGUk12d81uzbllGrd5PZEDrMrok&sai=AMfl-YRl1cx2R_iLucc-Op3CeN5UCcPeKs4XFgCBQvO5IhmJ7Dn_2zT1-3y3fjQmi0O5OVmsIo6r_39s3y_3ezcQme1fsoZfh3smD_UISQP-qkt1a8bf4FPXyW7OGuW53nTsIRQOUtM-HDfPYuXPQ3pp&sig=Cg0ArKJSzExAo1jTLQm5EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A70E8BDBD5F0E30180E9B51F71035B60
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 307A6BE611324972CC0D65FF5EA5E48E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EBCF428EB0409F13BAFA261AB6C92750
Requests: 2 HTTP requests in this frame

Frame: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E2C173ED3EBED9310E1D87B02E23E3D6
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1675536270047-976572372557-001158-002-009289%26key%3D
Frame ID: 1865C462776C1A365D1018697BAF7D92
Requests: 2 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: 2C3F24876B2B0C9F2F5948CBE28B7B03
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1675536270047-976572372557-001158-002-009289&key=f050a872-9b65-4e84-a1a5-ece39b1c0e60
Frame ID: 4EA10C9A1C18B9AD8E543BCC521CC613
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1675536270047-976572372557-001158-002-009289&key=OPTOUT
Frame ID: B20D0F8EE86BC74B9CBE09EEBED0AD9A
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1675536270047-976572372557-001158-002-009289&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D3%26auid%3D1675536270047-976572372557-001158-002-009289%26key%3D%5BUSER_ID%5D
Frame ID: EA79EC879B0C0FC6712E9C8D4A6F330B
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1675536270047-976572372557-001158-002-009289&key=C4tjv1bONzZY&ev=1&us_privacy=1---&pid=562704
Frame ID: CF5C9357D5537CFC518ED0E796502369
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=fd97afcc4bd2ccd43af740b7b24266d1&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: B466E5D4DB3EC024CF3BC2A09EAB5723
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: 992489F731D598D579EE361FC1B11B56
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=133&auid=1675536270047-976572372557-001158-002-009289&key=a6f37f0123013099a595be2217fc435a
Frame ID: DD2C836504CF44684052CA2EF7A4FA46
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: E484DBF233CA516E0BDC0CACDE2830F4
Requests: 12 HTTP requests in this frame

Frame: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 50C280A60C49D8B611265852BE592F20
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7BB0C244E2595406F9F77611643F7BA5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYw9PDmAEwAQ&v=APEucNWsr-TrVyhVZN-No4AMZWGLi8xRKqw2cLCv02lx3THq6RqWP2W8Q9gistAcsDiQ-Nas4KSj57f-oCsCyb_j_Qr9cAdGwDvm1X9p798eJX9taoIb9mw9Nh2xyeiC6weKBGq4XFJU6J963PiPs7T-i6Q4khe-Z2zX2-0zpdVYkvNDPSyhjR8
Frame ID: 79135812A5B74EE977B200C2B155FDB8
Requests: 5 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Frame ID: 68976166737F913D1548E7098CDA427B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSZ4OCb5wOca-jLKLCJlAGSNSOB7nCIUHCP-RSPV6ZeBTDpbUg8plkxICqwwiWk-hUKb3pN6ZBDy3gSaSA7VXiqSucVZ2kxnwUqE3tNEWUxPcIPGgGzqueYZ_LDoaPLz8sNbLq6GeZa2kcOiz2S1c_qxrsVCLEUNEp7G4e7PFYuHWpT4d-_AdM8s34TkxHs5l3cjnRy9d1Et1X8yTIi2CAow9-xdm23bHzApGGDDr51yA0xtVM4qU0Y8TjzQbRWhLn1NpDJOkL-LTOU3vlyf-YPKBN6oM8K-ndsFPK_RHedAbDzRdKQubnUV2TPeB7Y_EE7HWUb41bnjLB9Q&sai=AMfl-YRiSbj_Ybq08A2sKqQcz2GLp-nLU0aOq63hTniQJ4a3GrQqzmRyafo8KJgn40E2HeQRAuwJp_IApxiptNMX_QF-qZu72sZPCqiUwPOsP1pgFYUdgyxKDPvCVmT1moRr08FbLcJyb-1CSap5UtQ&sig=Cg0ArKJSzLvB06Ruga2xEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 153EDE49DF52FB6C9CE5E7DB0063C3BB
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5736021638724462345/index.html
Frame ID: 37D37FE53A0A915198A3305F6C290D3C
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F0F845DB01383D656728407A34841BFE
Requests: 3 HTTP requests in this frame

Frame: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 90BBD91737165F6D926A38330B09CA52
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Frame ID: BAABAC2932151DC4E71980C8946C3A11
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiwr4nfATAB&v=APEucNU1zy_hN6Am-ny3anvlze-oZsGZr2Cxps5M6fI7OzRhquqbk7_twApJ70BxTKCqHRJNkLytoLKqIz0lVzUINOBxH2fmPk7mkxNRHvWuS2l9aHniURyXp_I0DuHksCgcPqocRrjjQKwDqO2SqH2J1dSKrMl6Gs9gl8ZTy26fH279xq-NdTw
Frame ID: 36A4836A68E264770CC7ADADE2CF8CFE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: E782E9A34CFC80E25737DAE4896EADAD
Requests: 17 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17088696856278543927/1-IWE-IONIQ6Launch-Leaderboard-728x90-IONIQ6/index.html
Frame ID: 148167E3C5D0267BF7F8D9697F5EAC83
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 767DF4F10131AD26A2E49404FE582456
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3497.js
Frame ID: BF77D12A782A7A96CC878279C6494DBA
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

مشاهدة قناة بي ان سبورت 1 بث مباشر beIN Sports 1 HD بدون تقطيع لايف - يلا شوت الجديد الرسمي | Yalla Shoot New أهم مباريات اليوم بث مباشر جوال

Page URL History Show full URLs

https://stad.yalla-shoot.io/channels/bein-sports-1a-live/%22 HTTP 301
https://stad.yalla-shoot.io/channels/bein-sports-1a-live/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

207
Requests

94 %
HTTPS

42 %
IPv6

48
Domains

75
Subdomains

66
IPs

12
Countries

2714 kB
Transfer

7263 kB
Size

34
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://fc.yalla-shoot.io/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://stad.yalla-shoot.io/channels/bein-sports-1a-live/
Title: فيسبوك

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://stad.yalla-shoot.io/channels/bein-sports-1a-live/
Title: تويتر

Search URL Search Domain Scan URL

URL: https://web.whatsapp.com/send?text=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%82%D9%86%D8%A7%D8%A9%20%D8%A8%D9%8A%20%D8%A7%D9%86%20%D8%B3%D8%A8%D9%88%D8%B1%D8%AA%201%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20beIN%20Sports%201%20HD%20%D8%A8%D8%AF%D9%88%D9%86%20%D8%AA%D9%82%D8%B7%D9%8A%D8%B9%20%D9%84%D8%A7%D9%8A%D9%81%20|%20https://stad.yalla-shoot.io/channels/bein-sports-1a-live/
Title: واتساب

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%82%D9%86%D8%A7%D8%A9%20%D8%A8%D9%8A%20%D8%A7%D9%86%20%D8%B3%D8%A8%D9%88%D8%B1%D8%AA%201%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20beIN%20Sports%201%20HD%20%D8%A8%D8%AF%D9%88%D9%86%20%D8%AA%D9%82%D8%B7%D9%8A%D8%B9%20%D9%84%D8%A7%D9%8A%D9%81%20|%20https://stad.yalla-shoot.io/channels/bein-sports-1a-live/
Title: واتساب

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%82%D9%86%D8%A7%D8%A9%20%D8%A8%D9%8A%20%D8%A7%D9%86%20%D8%B3%D8%A8%D9%88%D8%B1%D8%AA%201%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20beIN%20Sports%201%20HD%20%D8%A8%D8%AF%D9%88%D9%86%20%D8%AA%D9%82%D8%B7%D9%8A%D8%B9%20%D9%84%D8%A7%D9%8A%D9%81%20|%20https://stad.yalla-shoot.io/channels/bein-sports-1a-live/
Title: تيليجرام

Search URL Search Domain Scan URL

URL: https://ultra.yalla-shoot.io/
Title: yalla shoot

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://stad.yalla-shoot.io/channels/bein-sports-1a-live/%22 HTTP 301
https://stad.yalla-shoot.io/channels/bein-sports-1a-live/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://cup.yalla-shoot.video/albaplayer/bien-sport-1/ HTTP 301
https://cup.yalla-shoot.video/albaplayer/bien-sports-1/

Request Chain 41

https://whos.amung.us/cwidget/gjcjr6acpk/000000ffffff.png HTTP 307
https://widgets.amung.us/draw/?w=colored&n=174900&c=000000ffffff&p=left

Request Chain 88

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1675536270047-976572372557-001158-002-009289%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1675536270047-976572372557-001158-002-009289%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1675536270047-976572372557-001158-002-009289&key=f050a872-9b65-4e84-a1a5-ece39b1c0e60

Request Chain 89

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1675536270047-976572372557-001158-002-009289%26key%3D%5BRX_UUID%5D HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1675536270047-976572372557-001158-002-009289&key=OPTOUT

Request Chain 91

https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1675536270047-976572372557-001158-002-009289%26key%3D%25%25VGUID%25%25 HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1675536270047-976572372557-001158-002-009289&key=C4tjv1bONzZY&ev=1&us_privacy=1---&pid=562704

Request Chain 92

https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent= HTTP 302
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=fd97afcc4bd2ccd43af740b7b24266d1&_fw_gdpr=1&_fw_gdpr_consent=

Request Chain 95

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

Request Chain 111

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 112

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFahNqQqohcw7kxznKXTQM&google_cver=1

Request Chain 113

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y96njh-SSkz0ZjSKNmx8SQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFahNqQqohcw7kxznKXTQM&google_cver=1

Request Chain 114

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGmPJulCkN_l9bsGz-vhADg&google_cver=1

Request Chain 115

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQyNTY5MDg0OTMyODE0Nzk1MQ%3D%3D

Request Chain 164

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFa_yOILOCOF-uPwmF_Zzhk&google_cver=1

Request Chain 165

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rRA0xxvdQtaM-afiRgw11A&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rRA0xxvdQtaM-afiRgw11A

Request Chain 169

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5b0b5565-07be-48ff-a69b-360482804c5c&expires=30

Request Chain 170

https://gu.dyntrk.com/adx/rbcn/us.php?dynk=r1b32c0n HTTP 302
https://gu.dyntrk.com/adx/rbcn/us.php?dynk=r1b32c0n&prevuid=&knw= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=&expires=365&gdpr=1&gdpr_consent=

Request Chain 171

https://token.rubiconproject.com/token?pid=2046&pt=n&a=1 HTTP 302
https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=TGu1BhRsVRzuxPvWMP51boXsnMZhMiGdLdsvN9R-tmQ

Request Chain 173

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBZG4PlAF_iffboWnnsRWkI&google_cver=1

Request Chain 175

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEMJqIHogVkJeiPw2OOTDyrM&google_cver=1

207 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
stad.yalla-shoot.io/channels/bein-sports-1a-live/
Redirect Chain

https://stad.yalla-shoot.io/channels/bein-sports-1a-live/%22
https://stad.yalla-shoot.io/channels/bein-sports-1a-live/

54 KB
14 KB

50ms
50ms

Document
text/html

2606:4700:20::681a:b15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f140ab62c4d71f466ee9c0a910e09eb03b978059bb2c564700c0f856205a0287

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 79458eccdb373a9a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 04 Feb 2023 18:44:28 GMT
link: <https://stad.yalla-shoot.io/wp-json/>; rel="https://api.w.org/" <https://stad.yalla-shoot.io/?p=13977>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6sTWMAMDr8hJqYOkYi0fLjdisWAJQk%2FGJnFp%2BbOnfcWKVETlWZxdPouDkjCL%2BTwar6J7Pb9NuiesQ6jj8SRW0hVxEoaqU0gZxNY%2F4A39yBi8qF%2BpUMxT6ZrbQ5ctF51UmHH2FiRgwE4AlGTo%2BeQN2LY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-fastcgi-cache: BYPASS

Redirect headers

cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 79458ecb991d3a9a-FRA
content-type: text/html; charset=UTF-8
date: Sat, 04 Feb 2023 18:44:28 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXa8Er2b9%2FgfNUQFqAza4kOQSaKwc5qWKJdvQXFMrv3wXwR2NEVMKwHBcyMHd3fgF1z3IvajVedPI5jpX7kmO%2B8EueNscqK03IWxK8Ir6a3MSzv52jgpzuxRuYb7tXX%2FHqGOYaZMV%2Bq10386V%2B1syYc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-fastcgi-cache: BYPASS
x-redirect-by: WordPress

GET
H2 200 classic-themes.min.css
stad.yalla-shoot.io/wp-includes/css/ 217 B
502 B 16ms
15ms Stylesheet
text/css 2606:4700:20::681a:b15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stad.yalla-shoot.io/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Nov 2022 12:06:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3446
etag: W/"63625d62-d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRlngSJkVLF7EnzX8Jh0xhtQVjPvlfDPrka8GWNxe66vSY%2BNKSMKCM3NdxjtPPfZ5sJ0ycWi1rcreZ4k8IxBmjFLSLs5xDymr3baE2pgGaHZ%2B44qhTnbMLYV73Pd4rOI7zQxlt%2BoKQcbqeVQZKKNVZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 79458ecd2bdd3a9a-FRA

GET
H2 200 logo.png
stad.yalla-shoot.io/wp-content/themes/YallaShoot1/img/ 1 KB
2 KB 14ms
14ms Image
image/webp 2606:4700:20::681a:b15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoot.io/wp-content/themes/YallaShoot1/img/logo.png
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 550cb9add249cab0af5d81b7b7293170a9436d2f7fbece20ca02a52978d72a44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 638
cf-polished: origFmt=png, origSize=4095
content-disposition: inline; filename="logo.webp"
content-length: 1478
cf-bgj: imgq:100,h2pri
last-modified: Sat, 01 Jan 2022 19:02:44 GMT
server: cloudflare
etag: "61d0a554-fff"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfPzLgEqsfbr%2FwD9NUI%2FuJChJ1MK6P3e5awnKhR1QUOP0e%2FVourUWeAhVWF3l66T4rdlIk%2FLEF4g63CQ5hmAqQsuOc%2B5ojHxIUBzczQVREua%2BcJMvOr5ClimJ4LvYCD7SUbuSLX8LFSgbneCQk26t4g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79458ecd2bde3a9a-FRA

GET
H2 200 yalla-shootheadmatag.js Show response
jscdn.greeter.me/ 6 KB
7 KB 162ms
21ms Script
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/yalla-shootheadmatag.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

eb4b870cf80b832fe05bb43808c59787ea47d29ff3f0e3546ef05202120f1d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-sp-metadata: HS256.CJzr+p4GEokBCiQ1YTIxNjQ4Mi01NDc5LTQ4NTctOTM2My0wMzI3YzE4OTAwNjEQgN+fwe/E+wIaBgiMz/qeBiIOMTQ2LjcwLjExNy4xMTAovo4CMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaKwgBEiRkOWViNmVhMi1kM2ZhLTQ5ODQtYTdjMi1mZmM2ZjcwMDA1NGQYyjIiGAgCEhRjZHMwODAubG80Lmh3Y2RuLm5ldA==.yB6u28eqsH/C8gNBeEzsioh0s/o5GEei7KYI0WipeVA=
last-modified: Thu, 02 Feb 2023 20:07:17 GMT
x-amz-request-id: tx00000000000000661c922-0063de9fb1-852b5b97-fra1b
etag: "fce73e4181dd22000f64490c2957283f"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1675536268.dop232.lo4.t,1675536268.cds238.lo4.hn,1675536268.cds080.lo4.c
content-type: text/javascript
cache-control: max-age=1589
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 6474

GET
H2 200 yalla-shoot.io.video.js Show response
jscdn.greeter.me/ 1 KB
2 KB 164ms
23ms Script
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/yalla-shoot.io.video.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

2df957d141202a0ff7127f12d1df45b6c0e689872d63accc4d91f600b0056ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-sp-metadata: HS256.CJzr+p4GEokBCiQyNmRiM2I1Yi04YmE2LTRiNjQtYmJlMi02YTlhNWNiMmUyZWYQgN+fwe/E+wIaBgiMz/qeBiIOMTQ2LjcwLjExNy4xMTAovo4CMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaKwgBEiRhZjlkNTBjZS0yN2Y0LTQyYzctOWI1NC1mOTlkYzY1N2M4ZmEY7goiGAgCEhRjZHMzMDUubG80Lmh3Y2RuLm5ldA==.ile8F6Ncffu5sPE5JU/6Y1YbEypL4Ud23Znxyk1qElI=
last-modified: Wed, 15 Dec 2021 09:52:48 GMT
x-amz-request-id: tx00000000000000647b588-0063de9ad5-852b6119-fra1b
etag: "bdea9baff06ff01dd168099ecf27e5a6"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1675536268.dop232.lo4.t,1675536268.cds238.lo4.hn,1675536268.cds305.lo4.c
content-type: text/javascript
cache-control: max-age=345
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 1390

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 38ms
15ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-107335079-1

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

73947b4ad634a1a8024a0cafcf6f30570a019de15b75b61a897d45024a787816

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44905
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 04 Feb 2023 18:44:28 GMT

GET
H2 200 jquery.min.js Show response
stad.yalla-shoot.io/wp-content/themes/YallaShoot1/js/ 94 KB
34 KB 17ms
16ms Script
application/javascript 2606:4700:20::681a:b15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stad.yalla-shoot.io/wp-content/themes/YallaShoot1/js/jquery.min.js
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e30b4f5df3c9773448d5e9a2f8b772308ffc80db3a4e437bd1e409fce41ebfaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 02 Jan 2022 15:56:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5867
etag: W/"61d1cb26-179cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbamAx5g%2FjlSMqn4YJAJUq9vALg5QbJV6LWnPAP68%2FsU%2FtwKrUV6IpWQq3JU0%2FCx1FjtyEPkUt1m11XxHdWLlKnXOUV9e%2FzCP7unSAR6Qr3xs8Bx0ZkmtJM14I2v1jR02X3V8EDO%2Bh%2Bs1yJbe6M9EAo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 79458ecd5c203a9a-FRA

GET
H2 200 lazyload.js Show response
stad.yalla-shoot.io/wp-content/themes/YallaShoot1/js/ 7 KB
3 KB 19ms
19ms Script
application/javascript 2606:4700:20::681a:b15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stad.yalla-shoot.io/wp-content/themes/YallaShoot1/js/lazyload.js
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8150ac13ec014fb343f5a481c41e92eee8e1281c02e36b0c3ca7f7de8ad82fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:28 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 02 Jan 2022 15:54:22 GMT
server: cloudflare
age: 3445
cf-polished: origSize=7327
etag: W/"61d1caae-1c9f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bVB21ipewWXMI6OPUfsijEBg7h45bZBYkmqP0M4kUZbYiMpASJoa%2F9w964x%2Ff9JT4UajFAwj99p5PSfCnXUjnm0bl741yIcXDQz8dT8B0z0V%2FEzp6U2Gi23T4Nnx2moa0jf8Z%2FWnJ8EMXy3o1SaVfhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 79458ecd5c223a9a-FRA

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 401 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 944 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 248 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 460 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 NeoSansArabic.woff
stad.yalla-shoot.io/wp-content/themes/YallaShoot1/fonts/ 56 KB
56 KB 14ms
14ms Font
font/woff 2606:4700:20::681a:b15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stad.yalla-shoot.io/wp-content/themes/YallaShoot1/fonts/NeoSansArabic.woff
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6

Request headers

Referer: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/
Origin: https://stad.yalla-shoot.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:28 GMT
cf-cache-status: HIT
last-modified: Sat, 01 Jan 2022 19:02:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2469
etag: "61d0a554-e014"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCpgxYMu%2BBGU91aPS5RWiiRAGqn89oSkAx84i%2FdVfN10uC0J%2F%2BrQAjlkdH5wBmfKT2PLupr1DQjkSkn9y056GO05YD4FlKDcj%2FvJGBWpxr%2BaksmptVNjXSMkSdZnjfAIpt2dGc86bqI42iwAQzMzMZs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79458ecd6c433a9a-FRA
content-length: 57364

GET
H2

200

/ Show response
cup.yalla-shoot.video/albaplayer/bien-sports-1/ Frame ABB8
Redirect Chain

https://cup.yalla-shoot.video/albaplayer/bien-sport-1/
https://cup.yalla-shoot.video/albaplayer/bien-sports-1/

27 KB
11 KB

42ms
42ms

Document
text/html

2606:4700:3038::6815:ea87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cup.yalla-shoot.video/albaplayer/bien-sports-1/
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea87 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 505cdbf41c3131ee59caf5783fc2c6c3b9ab5364eef5b18239bc1293c51d47d4

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79458ecf08fc3821-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 04 Feb 2023 18:44:28 GMT
link: <https://cup.yalla-shoot.video/wp-json/>; rel="https://api.w.org/" <https://cup.yalla-shoot.video/?p=5746>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Apk27WwX%2F58%2FvvwLbJ05tb6Dg%2Fm46ldiW6KqaM2J%2Faiz9rZ9Y1SduXErxEc2FyKPqh%2BTzQPKWZbZZ16Gs1xZISk9PyOBXvHDs2iofCaxuDT90lE3A1OuS9GhKyxoZKKHJ1yw6AQeDYcbosWpZcabg19MHU8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 79458ecec89f3821-FRA
content-type: text/html; charset=UTF-8
date: Sat, 04 Feb 2023 18:44:28 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://cup.yalla-shoot.video/albaplayer/bien-sports-1/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bcMnPKL3PEcEH13OLJO4wBCFESWmdw7fZwDK71h4PIUeV5HiXSGk4QIG9JFzYnrr7VG3fxZzvGvSCOcZ3pLyRkGf64eoVEWxcTIMEZqK0Q%2BG1MzTnV7CMZeyktxgF5BTNaprJgyRjC%2FdGTvPKrd52fbCRKo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-redirect-by: WordPress

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
76 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2Y3HW36EKK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-107335079-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

74ed07379b4709fb70fe3a890ef7069bcff02122e2d92e74213015032c4fe2b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77612
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 04 Feb 2023 18:44:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 85ms
21ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-107335079-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 04 Feb 2023 17:12:08 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5540
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 04 Feb 2023 19:12:08 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 52ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2Y3HW36EKK&gtm=45je3210&_p=1131373841&cid=95219357.1675536269&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675536268&sct=1&seg=0&dl=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sports-1a-live%2F&dt=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%82%D9%86%D8%A7%D8%A9%20%D8%A8%D9%8A%20%D8%A7%D9%86%20%D8%B3%D8%A8%D9%88%D8%B1%D8%AA%201%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20beIN%20Sports%201%20HD%20%D8%A8%D8%AF%D9%88%D9%86%20%D8%AA%D9%82%D8%B7%D9%8A%D8%B9%20%D9%84%D8%A7%D9%8A%D9%81%20-%20%D9%8A%D9%84%D8%A7%20%D8%B4%D9%88%D8%AA%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%20%D8%A7%D9%84%D8%B1%D8%B3%D9%85%D9%8A%20%7C%20Yalla%20Shoot%20New%20%D8%A3%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%AC%D9%88%D8%A7%D9%84&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2Y3HW36EKK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 55ms
18ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shootheadmatag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6804a4926595a401fe4e48b3e8edd143b53668680ef9075b32d48dcda0f6ec26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27271
x-xss-protection: 0
server: sffe
etag: "1472 / 567 of 1000 / last-modified: 1675465921"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 04 Feb 2023 18:44:28 GMT

GET
H/1.1 200
OK spt Show response
tg1.modoro360.com/api/adserver/ 25 KB
7 KB 209ms
16ms Script
text/javascript 2a02:26f0:3500:c::5c7b:680c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=61829aec12a96609532b3fd9&AV_PUBLISHERID=6181354e7fb04045d1763610
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoot.io.video.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:680c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 04563aa3eae7dda2cf345a599fa0c835abc13950b0493bf6b223f6be00000452

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 18:44:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length: 6612
Expires: Sat, 04 Feb 2023 18:49:28 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 43ms
42ms XHR
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1131373841&t=pageview&_s=1&dl=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sports-1a-live%2F&ul=en-us&de=UTF-8&dt=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%82%D9%86%D8%A7%D8%A9%20%D8%A8%D9%8A%20%D8%A7%D9%86%20%D8%B3%D8%A8%D9%88%D8%B1%D8%AA%201%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20beIN%20Sports%201%20HD%20%D8%A8%D8%AF%D9%88%D9%86%20%D8%AA%D9%82%D8%B7%D9%8A%D8%B9%20%D9%84%D8%A7%D9%8A%D9%81%20-%20%D9%8A%D9%84%D8%A7%20%D8%B4%D9%88%D8%AA%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%20%D8%A7%D9%84%D8%B1%D8%B3%D9%85%D9%8A%20%7C%20Yalla%20Shoot%20New%20%D8%A3%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%AC%D9%88%D8%A7%D9%84&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2081099064&gjid=2082311750&cid=95219357.1675536269&tid=UA-107335079-1&_gid=690280017.1675536269&_r=1&_slc=1&gtm=457e3210&z=543676277

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://stad.yalla-shoot.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2023020101.js Show response
securepubads.g.doubleclick.net/gpt/ 383 KB
130 KB 140ms
20ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bcf382c861841335ec9ae5b803af26521b953cee0c2cc4fa291b5cd25f2311e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 07:01:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42158
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132509
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 09:37:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 04 Feb 2024 07:01:50 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
1 KB 172ms
52ms XHR
application/json 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=stad.yalla-shoot.io

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

762ae9c7d8c026ae798191a478c375640fd72aea8e8dcfffcc91295b2e48b868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 496
x-xss-protection: 0
expires: Sat, 04 Feb 2023 18:44:28 GMT

GET
H2 200 i1b8m1za1k Show response
strayindicate.net/embed/ Frame D75D 34 KB
10 KB 113ms
58ms Document
text/html 104.21.17.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://strayindicate.net/embed/i1b8m1za1k
Requested by: Host: cup.yalla-shoot.video
URL: https://cup.yalla-shoot.video/albaplayer/bien-sports-1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.17.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 965663b721ccabac18bb52d4bbbac92402cd49a855bab96a8762f01328b2f9fe

Request headers

Referer: https://cup.yalla-shoot.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79458ed19a7abb5b-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 04 Feb 2023 18:44:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQZMjTon0TZKFYiRE299ge1m7FbvWBH8ZqRIVCElepQOsBh4X36pn%2B2oW%2B7h096%2BU0P4kivg7%2F8wtFy1HLWCy3sNlrGLmOJCphiX2mUKE56fh5Z0QnJ3w9tAzJT7IY0IJ1wNLA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 get Show response
feed.avplayer.com/backend/ 4 KB
867 B 327ms
14ms XHR
application/json 2a02:26f0:3500:c::5c7b:6837
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://feed.avplayer.com/backend/get?cmsType=playlist&id=631a2480b3d08269680f4be2&AV_TAGID=61829aec12a96609532b3fd9&pid=6181354e7fb04045d1763610&cid=61829607b5bef343b31cc918&AV_TEMPID=635e40ee9cca104d830d91c4&AV_PUBLISHERID=6181354e7fb04045d1763610

Requested by

Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=61829aec12a96609532b3fd9&AV_PUBLISHERID=6181354e7fb04045d1763610

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c::5c7b:6837 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

istio-envoy / PHP/8.1.13

Resource Hash

cce1aee65b9f2093ba86119d6ef979fd5183c77b513a1f6c735e0cd56f951070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: istio-envoy
x-powered-by: PHP/8.1.13
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-envoy-upstream-service-time: 20
content-length: 608
expires: Sat, 04 Feb 2023 19:44:29 GMT

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/2/v/ 251 KB
60 KB 175ms
26ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/v/avcplayer.js
Requested by: Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=61829aec12a96609532b3fd9&AV_PUBLISHERID=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: 4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:29 GMT
content-encoding: gzip
x-sp-metadata: HS256.CJ3r+p4GEokBCiRmNzBlYjhhMi01MmYxLTQyMjEtOWIzNi1lYjE3ZTVjOGMyNjkQkNjW+Kvg/AIaBgiNz/qeBiIOMTQ2LjcwLjExNy4xMTAoyIYCMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiQ5NWViOWQ3Zi1kYjhlLTQ0OWEtOGNiOS1kMzJmZjMzODRlOGQYjt8DIhgIAhIUY2RzMDQzLmxvNC5od2Nkbi5uZXQ=.tquBBlCAPI8Ru9D++SkTsWCcisewMT6Xp0v7GhwZgUQ=
last-modified: Thu, 03 Mar 2022 17:18:44 GMT
etag: "1646327924"
vary: X-Goog-Allowed-Resources
x-hw: 1675536269.dop208.lo4.t,1675536269.cds323.lo4.hn,1675536269.cds043.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 61326

GET
H2 200 track
servt.modoro360.com/ 0
71 B 430ms
97ms Image
text/plain 52.203.73.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?pid=6181354e7fb04045d1763610&cid=61829607b5bef343b31cc918&cb=1675536269015&r=stad.yalla-shoot.io&stagid=61829aec12a96609532b3fd9&stplid=635e40ee9cca104d830d91c4&d35=&d65=Test1&d66=7&e=playerLoaded&cpid=631a2480b3d08269680f4be2&str=viewable
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.73.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-73-229.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:29 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 159ms
44ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=stad.yalla-shoot.io

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 56ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=stad.yalla-shoot.io

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 96 KB
36 KB 944ms
942ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1288167678413999&correlator=3952307750255459&eid=31072029%2C31072030%2C31072118%2C31072168%2C31072169&output=ldjh&gdfp_req=1&vrg=2023020101&ptt=17&impl=fif&iu_parts=7047%3A22819356563%2Capl%2Caplmcm7047%2Ccube&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=1&adks=3460147538&didk=2675907389&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1675536269114&lmt=1675536269&dlt=1675536268347&idt=697&adxs=650&adys=805&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sports-1a-live%2F&frm=20&vis=1&psz=976x0&msz=976x0&fws=4&ohw=1000&ga_vid=95219357.1675536269&ga_sid=1675536269&ga_hid=1131373841&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

467614256484250d001e0080142eeda27a88cf55cc9282a6107ac4890608df44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36998
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 1568ms
1565ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1288167678413999&correlator=3952307750255459&eid=31072029%2C31072030%2C31072118%2C31072168%2C31072169&output=ldjh&gdfp_req=1&vrg=2023020101&ptt=17&impl=fif&iu_parts=7047%3A22819356563%2Capl%2Caplmcm7047%2Ccube3&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=2&adks=1071523603&didk=2675907387&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1675536269126&lmt=1675536269&dlt=1675536268347&idt=697&adxs=650&adys=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sports-1a-live%2F&frm=20&vis=1&psz=976x0&msz=976x0&fws=4&ohw=1000&ga_vid=95219357.1675536269&ga_sid=1675536269&ga_hid=1131373841&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fa29b83df7c7a052a6fa5eaecd2e98b8b2b18143fa070395f6495d87460ecea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9651
x-xss-protection: 0
google-lineitem-id: 5818019657
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374037645
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 629ms
627ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1288167678413999&correlator=3952307750255459&eid=31072029%2C31072030%2C31072118%2C31072168%2C31072169&output=ldjh&gdfp_req=1&vrg=2023020101&ptt=17&impl=fif&iu_parts=7047%3A22819356563%2Capl%2Caplmcm7047%2Csky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=120x600%7C160x600%7C300x600&ifi=3&adks=915995914&didk=2675907384&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1675536269132&lmt=1675536269&dlt=1675536268347&idt=697&adxs=740&adys=985&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sports-1a-live%2F&frm=20&vis=1&psz=976x0&msz=976x0&fws=4&ohw=1000&ga_vid=95219357.1675536269&ga_sid=1675536269&ga_hid=1131373841&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

764398ad13fb5c0e7e92622c915224779ea9e3247273f390f1b2d1da55ecd086

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9978
x-xss-protection: 0
google-lineitem-id: 5850403633
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374029776
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 543 B
793 B 319ms
318ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1288167678413999&correlator=3952307750255459&eid=31072029%2C31072030%2C31072118%2C31072168%2C31072169&output=ldjh&gdfp_req=1&vrg=2023020101&ptt=17&impl=fif&iu_parts=7047%3A22819356563%2Capl%2Caplmcm7047%2Cresponsive&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250&ifi=4&adks=2198920283&didk=2675907335&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1675536269135&lmt=1675536269&dlt=1675536268347&idt=697&adxs=315&adys=110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sports-1a-live%2F&frm=20&vis=1&psz=1000x0&msz=1000x0&fws=0&ohw=0&ga_vid=95219357.1675536269&ga_sid=1675536269&ga_hid=1131373841&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f74422a172d39e6916bcc2d42bca9e746631712605cafaab5b2918c9667f6a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 282
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
7 KB 1239ms
1237ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1288167678413999&correlator=3952307750255459&eid=31072029%2C31072030%2C31072118%2C31072168%2C31072169&output=ldjh&gdfp_req=1&vrg=2023020101&ptt=17&impl=fif&iu_parts=7047%3A22819356563%2Capl%2Caplmcm7047%2Cresponsive3&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250&ifi=5&adks=2879423354&didk=2675907334&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1675536269137&lmt=1675536269&dlt=1675536268347&idt=697&adxs=315&adys=260&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sports-1a-live%2F&frm=20&vis=1&psz=976x0&msz=976x0&fws=4&ohw=1000&ga_vid=95219357.1675536269&ga_sid=1675536269&ga_hid=1131373841&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71e86c6267716fcf0bb3f1f405373c76987a952d51a1109cc61b04e091f2d0da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6703
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
742 B 1689ms
1688ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1288167678413999&correlator=3952307750255459&eid=31072029%2C31072030%2C31072118%2C31072168%2C31072169&output=ldjh&gdfp_req=1&vrg=2023020101&ptt=17&impl=fif&iu_parts=7047%3A22819356563%2Capl%2Cinter&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=6&adks=2993654867&didk=1983335425&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1675536269140&lmt=1675536269&dlt=1675536268347&idt=697&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sports-1a-live%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=95219357.1675536269&ga_sid=1675536269&ga_hid=1131373841&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91cab6202c5e7259eb967f2a83ba39ba6efaaf5378d40906ea9d3800d680fb66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 564
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
11 KB 1968ms
1967ms XHR
text/plain 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1288167678413999&correlator=3952307750255459&eid=31072029%2C31072030%2C31072118%2C31072168%2C31072169&output=ldjh&gdfp_req=1&vrg=2023020101&ptt=17&impl=fif&iu_parts=7047%3A22819356563%2Capl%2Canchor%2Canchortop&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=7&adks=2437707492&didk=1866877014&sfv=1-0-40&ists=1&fas=2&sc=1&cookie_enabled=1&abxe=1&dt=1675536269143&lmt=1675536269&dlt=1675536268347&idt=697&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sports-1a-live%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=95219357.1675536269&ga_sid=1675536269&ga_hid=1131373841&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c244a850498968407ef2b6018c4165d478b2bfa018b1b0adaaeaad4ad7b100d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11563
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ADCB 6 KB
3 KB 201ms
54ms Document
text/html 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 18:44:29 GMT
expires: Sun, 04 Feb 2024 18:44:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_page_level_ads_2023020101.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
14 KB 26ms
25ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023020101.js?cb=31072118

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91bfdc2f09cbd2a06e487fa2303b2b3a604bca87d8948ca0f2179d87b3801e2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 09:52:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31927
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13742
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 09:37:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 04 Feb 2024 09:52:22 GMT

GET
H2 200 embed.min.css
strayindicate.net/css/ Frame D75D 1 KB
875 B 15ms
14ms Stylesheet
text/css 104.21.17.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://strayindicate.net/css/embed.min.css?v=0.4
Requested by: Host: strayindicate.net
URL: https://strayindicate.net/embed/i1b8m1za1k
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.17.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0ef14fedf3d744271ed6d1fe3719536922c5e5ee3a4b1e0491f73d734ee8928

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://strayindicate.net/embed/i1b8m1za1k
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Jun 2022 14:07:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 238748
etag: W/"62b47394-509"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2XTqdVNo4mWbTRE2l9QAHLdgFV0uDjWCQvzhZZ84d17FoizswejW4%2ByuAeqoDus1CrAe5NH%2BT671tYCW%2FfUOX3vr0J49jQnaEKYOsnJyq5U5AX3%2F54EPuBhHHH%2BNfTMz%2FIvFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 79458ed25b90bb5b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
strayindicate.net/js/ Frame D75D 85 KB
31 KB 17ms
16ms Script
application/javascript 104.21.17.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://strayindicate.net/js/jquery.min.js
Requested by: Host: strayindicate.net
URL: https://strayindicate.net/embed/i1b8m1za1k
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.17.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://strayindicate.net/embed/i1b8m1za1k
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Jun 2022 12:06:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 473042
etag: W/"62ab1ccf-15283"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDNrlPfoaIQ7HW6YrsxYfhV0wMp5BAepzHKPNEXR8EjY3ncJ1JFR5qBxnpX4FHRpDtZHge8s%2F7Zk6KtAUxvFLSaZDdJFbmL0f8Z1utAhmlzaPrhZGEfYu4%2Fu9BUB%2BGgGgZ0WuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=608400
cf-ray: 79458ed25b91bb5b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 06 Feb 2023 08:20:27 GMT

GET
H2 200 nsns.js Show response
swarm.video/ Frame D75D 506 KB
128 KB 118ms
28ms Script
application/javascript 2606:4700:3033::ac43:af62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://swarm.video/nsns.js
Requested by: Host: strayindicate.net
URL: https://strayindicate.net/embed/i1b8m1za1k
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:af62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3dfed3a9800cc7221ac336a2da595938d815edcbd90cd0d08a09f7b296e14db2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://strayindicate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2158619
cf-polished: origSize=519718
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 16 Oct 2022 16:04:21 GMT
server: cloudflare
etag: W/"7ee26-183e189fff7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0SnOkWovTwH1ud%2BTAmLkzTXLA%2BHM8UtR79sk2uh9kTm77WpBV6jX18sXUwRhSgsR1es7zMDZLDG79dBIVdKyum0vsE0FneCBF0kbQKMg%2BoU4EDw2k00InMDM6QHHxTN8n1Kmpx%2B9L9%2FS2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 79458ed2ec2c2be0-FRA

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame D75D 513 KB
138 KB 70ms
7ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: strayindicate.net
URL: https://strayindicate.net/embed/i1b8m1za1k

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://strayindicate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 04 Feb 2023 18:44:29 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 39481
x-jsd-version: 0.3.13
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 141142
x-served-by: cache-fra-eddf8230106-FRA, cache-hhn-etou8220095-HHN
x-jsd-version-type: version
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2

200

/
widgets.amung.us/draw/ Frame D75D
Redirect Chain

https://whos.amung.us/cwidget/gjcjr6acpk/000000ffffff.png
https://widgets.amung.us/draw/?w=colored&n=174900&c=000000ffffff&p=left

2 KB
2 KB

24ms
15ms

Image
image/png

2606:4700:10::6816:4aab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/draw/?w=colored&n=174900&c=000000ffffff&p=left
Requested by: Host: strayindicate.net
URL: https://strayindicate.net/embed/i1b8m1za1k
Protocol: H2
Server: 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fcc9c328fcea849a73f5ae01d8c8c367a9e610646ac9b14eb8f5d54c136e7f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://strayindicate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:29 GMT
cf-cache-status: HIT
last-modified: Sat, 04 Feb 2023 14:09:45 GMT
server: cloudflare
age: 16484
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2678400
content-disposition: filename=wau-widget.png
cf-ray: 79458ed3de049229-FRA
expires: Sun, 05 Feb 2023 14:09:45 GMT

Redirect headers

location: https://widgets.amung.us/draw/?w=colored&n=174900&c=000000ffffff&p=left
date: Sat, 04 Feb 2023 18:44:29 GMT
cache-control: max-age=295
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79458ed2acad9229-FRA
content-type: text/html; charset=UTF-8

GET
H2 502 plausible.js
awstats.cloud/js/ Frame D75D 0
0 133ms
68ms Script
text/html 2606:4700:3035::ac43:a822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://awstats.cloud/js/plausible.js
Requested by: Host: strayindicate.net
URL: https://strayindicate.net/embed/i1b8m1za1k
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a822 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://strayindicate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ Frame D75D 3 KB
971 B 109ms
42ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap

Requested by

Host: strayindicate.net
URL: https://strayindicate.net/css/embed.min.css?v=0.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

63e55165cb26efa3df20628f8c2dfc0b13e7d7e7629761fe9f43b34d5498ea46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://strayindicate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 04 Feb 2023 18:44:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 04 Feb 2023 18:43:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Feb 2023 18:44:29 GMT

GET
H2 200 vppdzdrw.js Show response
celeritascdn.com/script/ Frame D75D 98 KB
33 KB 61ms
17ms Script
application/javascript 2606:4700::6810:5b06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://celeritascdn.com/script/vppdzdrw.js
Requested by: Host: strayindicate.net
URL: https://strayindicate.net/embed/i1b8m1za1k
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:5b06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e65b43bf28b1141a6fb1d53a59a2584a18782d67f147f737ed15b58371e788cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://strayindicate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:29 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2352
x-guploader-uploadid: ADPycdulOrwMqvRscasJCQaqUgSZuivo9W5_5LrEidj83fn8aKYBTWLVQ8c9WnKFDlSntsaYNloUpizjRpdEe2Edy64IGw0ZTkbA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Thu, 02 Feb 2023 12:39:29 GMT
server: cloudflare
etag: W/"f11993b7d8c09976b81157bb7fa535d2"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1675341569553374
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=+rzzmw==, md5=8RmTt9jAmXa4EVe7f6U10g==
cache-control: public, max-age=14400
x-goog-stored-content-length: 100703
cf-ray: 79458ed3ffaf3669-FRA
expires: Sat, 04 Feb 2023 22:44:29 GMT

GET
H3 200 deb.html Show response
strayindicate.net/ Frame F524 25 KB
6 KB 45ms
45ms Document
text/html 104.21.17.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://strayindicate.net/deb.html
Requested by: Host: strayindicate.net
URL: https://strayindicate.net/embed/i1b8m1za1k
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.17.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b184888665b6cb9e154760bae131eaf01c140197506afd50abcbe98dc9d9438f

Request headers

Referer: https://strayindicate.net/embed/i1b8m1za1k
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79458ed3cd659bb0-FRA
content-encoding: br
content-type: text/html
date: Sat, 04 Feb 2023 18:44:29 GMT
last-modified: Thu, 08 Sep 2022 11:14:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IH1SaauH0uF89ipBSIT%2BK0kjhIi4lpHQp%2BsF8cj8tQ%2FwAE6s9cP65pNGF2O5wehjrDo4NO03pGI5tMX0HslKKbFOKoFCEjfGFf561v%2FuH1JQZA24gNnBGu1RDYCgdnBO2GHI%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame D75D 30 KB
31 KB 84ms
21ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://strayindicate.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 16:49:14 GMT
x-content-type-options: nosniff
age: 179715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 16:49:14 GMT

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 240 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 large-poster.jpg
content1.avplayer.com/60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/ 17 KB
17 KB 115ms
23ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content1.avplayer.com/60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/large-poster.jpg
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: UploadServer /
Resource Hash: 9f66145fbaf681859fb04fc4cdedf358806d85dd27355199545b97db90d48829

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:29 GMT
x-guploader-uploadid: ADPycduxw9e5tvI0FXlTkg7OPhm0eC4AxRRw_T9pwfy5eV8eKL9LD2AGl5p4PqjQdkMwcnFBTzq4QrV1Icmm5zd2NH1r-GS4VbgH
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 16959
x-sp-metadata: HS256.CJ3r+p4GEokBCiQzZmVkMTY5YS0yNmRiLTRiMmYtOTVjMi01MTExZTM3NDc1YmMQuNb12vfT/AIaBgiNz/qeBiIOMTQ2LjcwLjExNy4xMTAoyIYCMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiRjN2NlYzg0ZS0wOGVkLTQ1ZmUtOTYwMC1hYTg4YmRiZWMyMTUYv4QBIhgIAhIUY2RzMjE2LmxvNC5od2Nkbi5uZXQ=.0KHWwAV5mVkK/tnBNxVTDzPzEdgnDVipPowVaR1Bhqw=
last-modified: Thu, 08 Sep 2022 15:38:37 GMT
server: UploadServer
etag: "0ee97d2dcd219d582aee0cecbb70cafd"
x-goog-generation: 1662651517684609
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=SZ/7Cg==, md5=Dul9Lc0hnVgq7gzsu3DK/Q==
access-control-expose-headers: Content-Type, range
cache-control: public, max-age=2592000
x-hw: 1675536269.dop208.lo4.t,1675536269.cds323.lo4.hn,1675536269.cds216.lo4.c
x-goog-stored-content-length: 16959
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame E054 440 KB
119 KB 178ms
23ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/v/avcplayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 99e8be242d57a54072d21b9a2f84379a7f1a9e6fc4e1661e83e2cc80725e7cd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:29 GMT
content-encoding: gzip
x-sp-metadata: HS256.CJ3r+p4GEokBCiQ3YzhiMDU1Zi1lMjc0LTQ1ZDAtODQ5Ni04N2JlZjM0OGU3MGIQyIKixK/g/AIaBgiNz/qeBiIOMTQ2LjcwLjExNy4xMTAo3soDMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiRjNGNkYTQ0Ny1iZGQ1LTQyMGQtODc0ZC03MWEzNjJmZmQ2NzYYo7IHIhgIAhIUY2RzMjc0LmxvNC5od2Nkbi5uZXQ=.clAhUKW1xesvvbzOPDS5gFBTCOJOdbVxDiURFdrZuGM=
last-modified: Wed, 01 Feb 2023 11:19:40 GMT
etag: "1675250380"
x-hw: 1675536269.dop003.lo4.t,1675536269.cds300.lo4.hn,1675536269.cds274.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 121123

GET
H2 200 ut.js Show response
celeritascdn.com/script/ Frame D75D 70 KB
24 KB 16ms
16ms Script
application/javascript 2606:4700::6810:5b06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://celeritascdn.com/script/ut.js?cb=1675536269561
Requested by: Host: celeritascdn.com
URL: https://celeritascdn.com/script/vppdzdrw.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:5b06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2465d688f7473b25f4a67084bbf33eb1f4b31374656e33733f66ed1cb39d0b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://strayindicate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:29 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2141
x-guploader-uploadid: ADPycdsBegyi4HkZVuCNThAw4np83ph5NtLFwMBR_oE6iXLCpEnqgGjEU7ECUPE1Q_7_kdcA5kBFD1REo8FScg0mbJg8P4N2PXGY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Tue, 24 Jan 2023 10:13:06 GMT
server: cloudflare
etag: W/"32cbc0400462d7cfabd88795319e259b"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1674555186374348
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=WRmDUA==, md5=MsvAQARi18+r2IeVMZ4lmw==
cache-control: public, max-age=14400
x-goog-stored-content-length: 72138
cf-ray: 79458ed4c8ba3669-FRA
expires: Sat, 04 Feb 2023 22:44:29 GMT

GET
H2 204 suurl4.php
youradexchange.com/script/ Frame D75D 0
0 174ms
128ms Fetch 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/suurl4.php?r=6014650&chmob=%3F0&cbur=0.22127093072823478&cbiframe=1&cbWidth=952&cbHeight=440&cbtitle=&cbpage=https%3A%2F%2Fcup.yalla-shoot.video%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com&aggr=0
Requested by: Host: celeritascdn.com
URL: https://celeritascdn.com/script/vppdzdrw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://strayindicate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 04 Feb 2023 18:44:29 GMT
via: 1.1 google
server: openresty
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 hb.php
youradexchange.com/ut/ Frame D75D 0
103 B 140ms
124ms Ping
text/plain 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/ut/hb.php?cb=0.1843936276823097
Requested by: Host: celeritascdn.com
URL: https://celeritascdn.com/script/ut.js?cb=1675536269561
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://strayindicate.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

access-control-allow-origin: *
date: Sat, 04 Feb 2023 18:44:29 GMT
via: 1.1 google
server: openresty
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 91ms
55ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9ab5818886d057675c44d21a45f1890c22db6dba429ff144eca64b084a20a6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11213
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 146ms
70ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 18:44:29 GMT

GET
DATA 200
OK truncated
/ 577 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
serv.modoro360.com/api/adserver/tag/ 41 KB
5 KB 477ms
257ms XHR
application/json 35.174.127.249
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://serv.modoro360.com/api/adserver/tag/?AV_TAGID=61829aec12a96609532b3fd9&AV_PUBLISHERID=6181354e7fb04045d1763610&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sports-1a-live%2F&AV_CHANNELID=61829607b5bef343b31cc918&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=stad.yalla-shoot.io&AV_DADPOS=1&AV_TAG=61829aec12a96609532b3fd9&AV_TEMPLATE=635e40ee9cca104d830d91c4&d36=6.2.79&responsive=1&sver=4&avtoken=269745&omv=1.0.1&AV_D65=Test1&clsid=27e67f4c-25c6-4ad2-8b82-8e9a94f43923&rando=55&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1675536269748&AV_CGUID=01ftrvrvyj4bm5fq8f05&AV_CGUIDLIST=01ftrvrvyj4bm5fq8f05,01ftrvrvyj4bm5fq8f06,01ftrvrvyj4bm5fq8f04&wfc=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.127.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-127-249.compute-1.amazonaws.com
Software: /
Resource Hash: 7d09d6f8698c88a024276c26e9c62ac1b438e5ae0d4dca00c3c026da2890ce24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:30 GMT
x-bamboo-c-skst: 1
content-encoding: gzip
x-bamboo-c-skfe: 1
x-bamboo-c-s: BYPASS
access-control-max-age: 1728000
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin: https://stad.yalla-shoot.io
content-type: application/json
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires: Tue, 24 Jan 2023 04:57:50 GMT

GET
H2 200 track
servt.modoro360.com/ 0
70 B 98ms
97ms Image
text/plain 52.203.73.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?r=stad.yalla-shoot.io&sn=&ic=0&tgt=0&app=&wi=600&he=338&test=&d36=6.2.79&apppkg=&fv=1&proto=https&d65=Test1&clsid=27e67f4c-25c6-4ad2-8b82-8e9a94f43923&rando=55&pid=6181354e7fb04045d1763610&cid=61829607b5bef343b31cc918&stagid=61829aec12a96609532b3fd9&stplid=635e40ee9cca104d830d91c4&e=inventory&vi=100&cb=1675536269747
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.73.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-73-229.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:29 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A70E 0
0 56ms
55ms Fetch
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0Xu6IuJl0yyQWuesnym1X8FnQu8BOQ6okznxDr-oU-KhgmtyiJ78DstwJmCSmNdZUDpnXtjPVyNA_Upz_myUtdGAL-1OovXJ4q7jKWwYFUNjyyU86UI7UIu9_wICh9bCozNMdnnta_guGoOj7ETrtFmHtL-LheY8JoyoaeDfmPJXjXrsAQiRB_cowma8D9juHbwIZ01-dF3sVXyO_6aSL7wtiK9cR26aNBky9BCmjkYNOi7FQhunZ5Ro0G2owQioU7tGLDc94b-ccxdl4l4dvMqNHtfAEtgIkYOTpBoQXS-0TpGUk12d81uzbllGrd5PZEDrMrok&sai=AMfl-YRl1cx2R_iLucc-Op3CeN5UCcPeKs4XFgCBQvO5IhmJ7Dn_2zT1-3y3fjQmi0O5OVmsIo6r_39s3y_3ezcQme1fsoZfh3smD_UISQP-qkt1a8bf4FPXyW7OGuW53nTsIRQOUtM-HDfPYuXPQ3pp&sig=Cg0ArKJSzExAo1jTLQm5EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 04 Feb 2023 18:44:29 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ Frame A70E 216 KB
75 KB 140ms
49ms Script
application/x-javascript 23.203.125.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-62.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ca2f82fc102509bbb9d8998f38096d3bf9a3470f1c2c0b6df9d81972a41d875c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:29 GMT
content-encoding: gzip
last-modified: Fri, 03 Feb 2023 14:25:17 GMT
etag: "13-SovZBtWSgq1bgjgF5JBCQfe8QmY"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14400
access-control-allow-credentials: false
x-traceid: e1e9daaf95ee0cfa1b526fe4c6f20625
timing-allow-origin: *, *
content-length: 76161
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A70E 157 KB
48 KB 54ms
52ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 18:44:29 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 307A 13 KB
5 KB 23ms
20ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 29154
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 10:38:35 GMT
expires: Sun, 04 Feb 2024 10:38:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EBCF 783 B
1 KB 119ms
55ms Document
text/html 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a6e2d0c4b456a3162ea9cb74562298325c97ad55bac094a6d8146b6e46ed96a1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9iO37BDOEqzVLVxqzrq8Kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-9iO37BDOEqzVLVxqzrq8Kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 18:44:29 GMT
expires: Sat, 04 Feb 2023 18:44:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame A70E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84e4248b73b9a66bfbbd91b8272d21e97aac9cbcfcb9ecad498871fa3d322173

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 307A 36 KB
14 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 129012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Feb 2024 06:54:17 GMT

GET
H/1.1 200
OK c3RhZC55YWxsYS1zaG9vdC5pbw== Show response
tcheck.outbrainimg.com/tcheck/check/ Frame A70E 16 B
463 B 154ms
13ms XHR
application/json 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/c3RhZC55YWxsYS1zaG9vdC5pbw==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 18:44:30 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=5854
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: cdb17637aa0a03cff531c6a01479acfe
Content-Length: 16
Expires: Sat, 04 Feb 2023 20:22:04 GMT

GET
H2 200 notOutbrain.js Show response
widgets.outbrain.com/nanoWidget/2010138/module/ Frame A70E 1 B
388 B 88ms
29ms Fetch
application/x-javascript 23.203.125.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2010138/module/notOutbrain.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Sat, 04 Feb 2023 18:44:30 GMT
content-encoding: gzip
content-length: 21
last-modified: Fri, 03 Feb 2023 14:24:46 GMT
server: AkamaiNetStorage
etag: "68b329da9893e34099c7d8ad5cb9c940:1675438410.644836"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Sat, 11 Feb 2023 18:44:30 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ Frame A70E 43 B
380 B 31ms
30ms Image
image/gif 23.203.125.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Mon, 06 Mar 2023 18:44:30 GMT
date: Sat, 04 Feb 2023 18:44:30 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EBCF 0
0 41ms
40ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023020101&jk=1288167678413999&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame A70E 0
0 57ms
56ms Fetch
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstw_nAZUsaKZqg80JX4wVKDMoMJBM5PtW_wSH_9gswovIsw_MZib1vcXNbxyQKdqoDQMCm9I8k-FxgkBT5a0lFtiVTO4T9rRx8TupQNRCjtes2SfpXJEDBRqcOyIuCkSBj9u4Yul62PgxrHXvPZ7NuNwkuBZQoKO0AgMUOQ3CNIkTfAiWZPnbtU0_UPyjQ5Vlp7dkbnhcVF2WPkVCtYJtPm2NpTuVwFGs2bmO425qs0ChJfrC1B3PdczZxZ4MMFfcxiGYrC07uQZjL1j-Dd3fR70JVky2Fq4z7Hx_cXkyssqybBu27vq9JE-oiAb4hgb3Eat50GgQjZ1Q&sai=AMfl-YQpXtRwQ1NUUv8NWZqAw4L3hhkR1DnI-ILIffsHGv8fVxjIVNj7EtTPgEcyGITrxa-dpZE7BPZCvMLo7GOTZ9ZmsBVVYkFi4BuQyyNznFgK-lx7U2q1nF2IXjxvumYHXu9gWBauqSerdzRpSHfe&sig=Cg0ArKJSzDLtSMp0bEptEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 04 Feb 2023 18:44:30 GMT

GET
H2 200 container.html Show response
fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E2C1 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 18:44:29 GMT
expires: Sun, 04 Feb 2024 18:44:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 307A 0
10 B 21ms
20ms Image
text/plain 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?j0TFLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame E2C1 36 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com
URL: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1094eadb46901a39ead18f781a296d1b3372b6dae8e949c1be8fefe72d90ddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 20:17:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80838
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14338
x-xss-protection: 0
server: cafe
etag: 14252078138805870944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 20:17:12 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E2C1 24 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com
URL: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 22:44:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 03 Feb 2024 22:44:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E2C1 157 KB
48 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com
URL: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 18:44:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame E2C1 22 KB
9 KB 26ms
25ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Host: fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com
URL: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:49:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82494
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:49:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame E2C1 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com
URL: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:25:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame E2C1 18 KB
7 KB 29ms
28ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com
URL: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:25:32 GMT

GET
H2 200 platforms Show response
odb.outbrain.com/utils/ Frame A70E 4 KB
2 KB 219ms
153ms Script
text/javascript 199.232.18.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sports-1a-live%2F&idx=0&rand=14576&key=ADIPO26N995I7C97HCI1JF7FG&widgetJSId=AR_11&va=true&et=true&format=html&adblck=false&abwl=false&px=0&py=0&vpd=0&cw=300&activeTab=true&ab=0&wl=0&obRecsAbtestVars=1174:3820&settings=true&recs=true&version=2010138&sig=BZJseD9q&apv=false&&osLang=en-US&winW=300&winH=600&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&chs=1&ref=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sports-1a-live%2F&ogn=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sports-1a-live%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 978d4dc1d9970310dda5cb4d48592535b73d4127d639a8b1124b38246803cd61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sat, 04 Feb 2023 18:44:30 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, VIE, Europe1
x-timer: S1675536270.278794,VS0,VE136
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21935-LGA, cache-vie6327-VIE
x-traceid: 125497af1ea319e5065c3f427a01ac72
accept-ranges: bytes
content-length: 1780
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 10572336867262182555
s0.2mdn.net/simgad/ Frame E2C1 381 KB
382 KB 55ms
15ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/10572336867262182555

Requested by

Host: fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com
URL: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4911fb71075a0647665e13564f6ee72318b9477aba0db8b517e0f5fa41ebd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:45:16 GMT
x-content-type-options: nosniff
age: 82754
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 390518
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 14:21:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 03 Feb 2024 19:45:16 GMT

GET
H2 200 12320146367828493034
s0.2mdn.net/simgad/ Frame E2C1 22 KB
23 KB 48ms
9ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12320146367828493034

Requested by

Host: fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com
URL: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d23cebf25cc305e21aca8a1f3f40c1d129034958e9542c4129e0447f3b6bbe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 17:52:53 GMT
x-content-type-options: nosniff
age: 175897
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23018
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 14:21:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Feb 2024 17:52:53 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E2C1 42 B
440 B 138ms
58ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CIP5FRRyIqEXZGd8pP2em7qhcPJal3rqCLRQ7Lq97FY-TG-ByDKq6r02MQ_yHxAKAPHkkQi5520ZBkRNB7-lHGI8LE2jyUxsRbbP5SsQfnT1eOws2C2S1uUFhxZBjP2dK6auuZnxtnazxlU4Oup6m57xQOM-O5a5eXn8vcKhqp0XuTG14&cry=1&dbm_d=AKAmf-DjQVB45vKWXFGl6KBKFWzIQfSlQy1FpXeqmTB7CQehTd3lr4H5KT94RwxYJ2JA4UsbfjCD7vsOp9Kn_z6xDgqw1XHOg44e_HXnrrDBHfwlJJUuKlPK2TABOCbcYaCYyTFpCtE8nCppWD-s6-si6LRnqupTC0TjBpnhu4z_94AdMyKHHy-kqHHCsPWccLpwrCDH1Fi2YzUy5HrfbZa7USmnDDCZVjauhJ3WY4a8qjDLzj789dCJ9rTzGUryW6PM7HuMlj5BwqCIluzf-YE8D8VfT-3qxp-ikUUSKE7uFXFnZhimXKazgV53iqvS_2H-7tqFgf1tPGs-W1eHL3ok9__XG-kpAc7RFW-rGyCgZ55LArUWQLpgByCSQdfLDpgHqYFsXX-KlX3CK_nxJbQ3XZWy9lxJl1HWnCBf30tabDQHkRkRcMQxkgzNks9F0CJ5ov4Qrdf8VtNplZgWg9VflMwZpQo5Cmb5sEyHUHkd4mX_v9-pjnJ7hPfhDx_c60HcmFfMM0B8uXUECs33TRG_0qHxpmw0PBQUE1E-lYuqIt6ZI3OwHQwpNH5RiU255zZ0FDt2dCTW7R8Rj_elqom9g8LXryvZb1qBd4uTjBQvrvyMRS7iTGANkH1PFVzAFOvpY5nzpCMgHa6FqVEU8Xbce3rR3J-CMoxIjlSYlqwM1oi2-LHmNqBMthKzgPThpK50SVRS-YNdFs1nlKdN9rPCHR47ceyvu-gNFS3RYCn6Ws6Kj9qBfOu3uzkJnmYCtG50YscaU2uohOu1YnBIPjcbI24mGTG6WZbrZMFHdx3oyrogWNKv7696uQLqvAcZ2awJ9BVZAXahQMdPDaA9fkHrOEiBjQkh1KlxDfR0HjPjveEk5kLNHprsg7yRVCTSDf8CSMMdfCBlcmz06GhgAkE6UKV1S6BleD3QH1QYHrynrV3uA2-HEF5NV0oqqBnMNoLbAyNp7TFiaAb8hmnI0PyD7aBZTrKoPqSD-0nfKVzahSsX0GO_1uz1J_wUgx0Yg9lTOkholwuPI7TKCU6twWrjlEyqur7RBGSJe2wy58M9OGJkYdf8Tgirbk9GUkZdpruOcbt19e71Td3WXswVKOmAUBKplqEkXAeEHTm3PSgXhaERv_1gsGvpDdfHxUoJ91nrbx0eL7qjWMgT9vcU1aGssuRIhsvPjFrgj8ruSUhJOrpSbhexisdyc4JutV8UajENnZ7oCD6ddM4DB18_888e1Em2iSo-brWVqlM92iLtdkAnayXchwnL3t5i6MtgyuwarqCoV7nj_K4exBHRBFDTOnZRi0oPe4jU-iyhsS7zR_TnfeNVEs4XGbx0ash9x2dIBMCE7vCuJGpmo-UrLYtZQIRaAMFY2fTBcAREggYscDztyxOxGmR3etLj6toi7mmPaKgcfKdIfRLZvHb8OKjcCQMxjy_L2980WNJz9qxsptQIk4g2PoRDNLjapaln0ZSbm6wd4DuMtUdWwSb9xBk-c6Ed0dq1DeOOsOGpgebAH0KSpTL9xoKj_VFu5B4Uuda8GvQbdVmOg-r8f5j-dt6jRj_IZrx_MC_cZZ6aQTJ_dHZ8j4d8AzSB0z-jSuMtUZuvWbvmnJ3-1U19k1FfeAYRfCR3sVP1WzzUkTe1xbd2kQ7vUVy6X2WGjkhGQGsNsfU1HOR9Nyy5w8WOa7yssbTA-Jo8si1vfExb_FDL07SDtYdsArkSmYHua_Bx9Imv-gpgqz3wJSB7obcQqsfFGH0IU_1qiwaz-Tu0aQWB4XFLHGh3t74DcSrSwvpNmyvXaVA1WvQvgVD6adrNxafrF4iSCMf4K5kWB8RoNMzRDjIvANNnIsA75i6UOpiWi2o80tjGAYhTzU1gOlub-tfbpeVVopzZAcOT6rtViaux4V7Z5r8x36WXAhEnAx6fK-l2tfhFsIrL-zWEy-ujcjncl-r_a_YtCjHcDkPCY5t9xt_oXSE02rBUef8xD77EYij6aZnMUrBbDwfPsR_AaL7YmXIUEmVAk9YlzuWNTMnQonwPGek-1JM0ektbC0Vjp9naZa9EudKwFI2p_-ZmkWjyVAj9mUOaPejqgwRChtEWHFu3cFv60VgrB-UDrbzE4v7CxRnjWuhhAFlmSr6MKPzVOflk9ZVYKplyUAWNx5QhlWY0oH7Ugg4AydrqkvNjO8tP3DEApy8XTDIbFbRyl_JmMxD70Lxz0or-z-P-xU8WCeC60ooGQxz2543DxclzJscfSSrtLhaq57K6grdqSDDMs5bo_lPnPcLFxehqQkwTAP0yY2MvVxXqqCSQlpaVCG_KR3ots7hPg2TIudxSXFm9bf6BaWxXxHgOHoicPMGGTf98OmRsvdnE4dIN6XqHPSS7SFbCUoffMKg-t5IsiIPbZoNbNVqPa6aA_754VmS53qGPmEVPjaHWDaMLb4X945JYFQkwlo4LJy2i3zF0mWOgPSnQFDbh8iXDTgusCo9wnyIaAgxpJiwsHOPP28B7n8UxJFe8zB-I6QjXwKJDGh6KMYtjXSLaStozXXUAEwhFApwSZCieDth-Zf4P5WfgE7uCTAXsexVqeSf3o3ZHx-Bz8yw6I-1SgDHSPPtX3sXRmeyI9hzooOVP7-RTlJgqol6bGEI0x9TKtiap3aK-k1F-ZclJO4nUf76CsX4DWc3hidgXB6cEgvb-e4xMCRnnNl09hAcQ90yTPY_f3SaZ-DxobMZep9rG5b2sHsKh5tT9dHwSObuYw9R4ge5QO3ACIhrhtaNGXjbLhFiYCLlfEIdf3FHSzen7bRjW6rhpIlXe0THqzetX8HmSfkpmglc7Uo_Rf2beBg7lKgpfCCw2N5VyfGH7G_bVoUk4InmJQSjBMmPNnWEb4ZCbc_J4xt7UAjkG5j88ChjRg4a2nmJaYS5DEzNSZGpkb_YhZ034kBo9z5DSFGT-Lk8JEf3Zrh-Tz8UzpDtwHcAxHesPNWQ1dXcK83IWtrEg_7Y0EMb0wvynUsC4KZcyxD5-hylUNoxkCLDQ8YHEIIEW_s4NSAyWblGjbJ35mj10AzLYvbi8W39TIGlGHw5R59sO3hs6pvjxwbogz3wx5HEqOlWZCcZEIkbjPIydN47CIhLO33viAjyzVeOkeJpvA1ITvbEr6_rw52ySraVuwcMPYM8pjmTl9ss3udYZTWZTAm0956LAZbyPTxl-DBxIk5Dxz5sCYyoUInfE-dVeA10dvUMX6bXsZjEY9QHirsyS2vIrNRboaUfYAZ3H57vdMJydmZkGVdnSBJK3mxdZlXdy9BINvfQi2hgMBWuGXHWxScZ-TaIBQbZzAZk9_U5nfokUKA9V63DI6pKtKzGVWp4XRClqDj040_R49l33HNjeeFGrYVZd35bKAcHqSufB-CRe1iy8h81NiMMn5yXtg-AVnWV5B8AA8FAuJMsGRHMZegcDCohsnU0wLW_JxXklE9g8OZuQ4zHnHQKyta6E2KnwIbbxgs4rtDy01MFLGYgTh2TPZr-KKfYwFEE_SNEqg3b92c8&cid=CAQSSwDUE5ym13tu10lIL7V5APpfLlmV2TkBWFuw5MXqN4r4cpJ-7aXKcoPKU69X3kNOjXidaclWFS5aMzMqEtKTXqcykOnRfvT7ez7EsRgB&dc_exteid=1320515146356698141&dc_pubid=4

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E2C1 0
0 57ms
56ms Fetch
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBoJRjafeY_y8LfqFjuwP55SUwAnsmdi3bsaP5frxEJizlZhDEAEgudvzJmCV4pCCoAfIAQapAt5wzfFwHLI-qAMBqgT0AU_Qijpf_wj6CGisGmd4q4HXc3GSdJjQhXmrJqEsTxifdtXVsGjGqynQ8cEH0Am72jxtRt6CFfTnXNg1pEcabJCpGDFw4_pEXuXaeW-QnxCb5u8u0qnRFcGXkY53Tq-W7VJ78ndPA3iSae39_D_xCtOBefWrveB4p7MK21YfRfpGylx2FgSMBJSo2udfx_nmOd33MV28WjRIgQLgKpYIsAlLoZRR0d_5ifTUxP2aB72TxZOek1a4fgnPXhapfZd15D62dBCy1uJlASZFRga4_UY7DLUnvRFEpn_jSUIz37HU7l9UXqw76Ay8PdLKbCH2FAez-w7ABK-Ep8WXBOAEA4gF1JTg7EiSBQsIIhACGAFI9cXhAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AH557ozQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHChDaqRcY09733gHSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tMjE1MjI5NzE5OTc4NjY4NIAKA8gLAbATkeePEsgT5d3c4QPQEwDYEwrYFAHQFQGAFwGyFx4KHAgAEhRwdWItNDkwMzQ1Mzk3NDc0NTUzMBjkww4&sigh=X05VXG6YqzQ&uach_m=[UACH]&cid=CAQSSwDUE5ym13tu10lIL7V5APpfLlmV2TkBWFuw5MXqN4r4cpJ-7aXKcoPKU69X3kNOjXidaclWFS5aMzMqEtKTXqcykOnRfvT7ez7EsRgB&template_id=509&vt=10
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1865 16 KB
6 KB 242ms
31ms Document
text/html 23.203.124.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1675536270047-976572372557-001158-002-009289%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-124-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=124892
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sat, 04 Feb 2023 18:44:30 GMT
expires: Mon, 06 Feb 2023 05:26:02 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58543/ Frame 2C3F 0
0 325ms
11ms Document
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
date: Sat, 04 Feb 2023 18:44:30 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.25
strict-transport-security: max-age=31536000

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame 4EA1
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1675536270047-976572372557-...
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1675536270047-9765723...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1675536270047-976572372557-001158-002-009289&key=f050a872-9b65-4e84-a1a5-ece39b1c0e60

0
240 B

365ms
96ms

Document
text/plain

54.152.20.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1675536270047-976572372557-001158-002-009289&key=f050a872-9b65-4e84-a1a5-ece39b1c0e60
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.20.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-20-34.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sat, 04 Feb 2023 18:44:30 GMT

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Sat, 04 Feb 2023 18:44:30 GMT
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1675536270047-976572372557-001158-002-009289&key=f050a872-9b65-4e84-a1a5-ece39b1c0e60
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame B20D
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26au...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1675536270047-976572372557-001158-002-009289&key=OPTOUT

0
201 B

481ms
97ms

Document
text/plain

54.152.20.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1675536270047-976572372557-001158-002-009289&key=OPTOUT
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.20.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-20-34.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sat, 04 Feb 2023 18:44:30 GMT

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Sat, 04 Feb 2023 18:44:30 GMT
etag: OPTOUT
expires: 0
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1675536270047-976572372557-001158-002-009289&key=OPTOUT
pragma: no-cache

GET
H2 204 services
sync.technoratimedia.com/ Frame EA79 0
0 481ms
101ms Document
text/plain 2603:c020:400d:3000:f50:982a:7877:65bd
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1675536270047-976572372557-001158-002-009289&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D3%26auid%3D1675536270047-976572372557-001158-002-009289%26key%3D%5BUSER_ID%5D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: https://stad.yalla-shoot.io/
age: 0
date: Sat, 04 Feb 2023 18:44:30 GMT
server: nginx
via: 1.1 varnish
x-varnish: 1035250722

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame CF5C
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1675536270...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1675536270047-976572372557-001158-002-009289&key=C4tjv1bONzZY&ev=1&us_privacy=1---&pid=562704

0
209 B

124ms
101ms

Document
text/plain

54.152.20.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1675536270047-976572372557-001158-002-009289&key=C4tjv1bONzZY&ev=1&us_privacy=1---&pid=562704
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.20.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-20-34.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sat, 04 Feb 2023 18:44:30 GMT

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control: private, max-age=0, no-cache, no-store
content-language: de-DE
cw-server: bh-deployment-5ffd6ccc57-cpz9n
expires: -1
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1675536270047-976572372557-001158-002-009289&key=C4tjv1bONzZY&ev=1&us_privacy=1---&pid=562704
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame B466
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent=
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=fd97afcc4bd2ccd43af740b7b24266d1&_fw_gdpr=1&_fw_gdpr_consent=

0
233 B

353ms
98ms

Document
text/plain

54.85.182.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=fd97afcc4bd2ccd43af740b7b24266d1&_fw_gdpr=1&_fw_gdpr_consent=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.182.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-182-21.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sat, 04 Feb 2023 18:44:30 GMT

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Sat, 04 Feb 2023 18:44:30 GMT
Expires: Sat, 04 Feb 2023 18:44:30 GMT
Location: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=fd97afcc4bd2ccd43af740b7b24266d1&_fw_gdpr=1&_fw_gdpr_consent=
Pragma: no-cache
Server: nginx
x-sticky-vk: 1675536270340061-332

GET
H/1.1 200
OK auto-user-sync Show response
ads.stickyadstv.com/ Frame 9924 43 B
623 B 150ms
18ms Document
image/gif 2.16.107.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-129.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 18:44:30 GMT
Expires: Sat, 04 Feb 2023 18:44:30 GMT
Pragma: no-cache
Server: nginx
x-sticky-vk: 1675536270310093-371

GET
H2 200 sync Show response
vid.vidoomy.com/ Frame DD2C 50 KB
18 KB 538ms
414ms Document
text/html 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1675536270047-976572372557-001158-002-009289%26key%3D%7B%7BVID%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ba06001344fa3ca3873adeaccd0b1601d7e83900d51d6ec00897e7b6b8109621

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
date: Sat, 04 Feb 2023 18:44:30 GMT
etag: W/"6215ed10-c6b9"
last-modified: Wed, 23 Feb 2022 08:15:12 GMT
server: CDN77-Turbo
x-77-cache: MISS
x-77-nzt: AcO1qhEumLqh
x-77-nzt-ray: 4c156224425bb4c88ea7de63736cd417
x-77-pop: frankfurtDE
x-accel-expires: @1676573070
x-cache: MISS

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame E484
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

281 B
554 B

69ms
15ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 04 Feb 2023 18:44:30 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 04 Feb 2023 18:44:30 GMT
location: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server: AkamaiGHost

GET
H2 200 sync
x.bidswitch.net/ 43 B
145 B 343ms
7ms Image
image/gif 3.120.17.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=&user_id=1675536270047-976572372557-001158-002-009289&gdpr=1&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.17.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-17-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675536270047-976572372557-001158-002-009289%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ 43 B
146 B 342ms
7ms Image
image/gif 3.120.17.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1675536270047-976572372557-001158-002-009289%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.17.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-17-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 200 container.html Show response
fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 50C2 6 KB
3 KB 21ms
21ms Document
text/html 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 18:44:29 GMT
expires: Sun, 04 Feb 2024 18:44:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7BB0 143 B
247 B 22ms
21ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com
URL: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1951
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 18:11:59 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E2C1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f6a67963b584abc7673c3a007887ff2b12ac2e54193c6cf7de878ee93dda511

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7913 624 B
245 B 56ms
54ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYw9PDmAEwAQ&v=APEucNWsr-TrVyhVZN-No4AMZWGLi8xRKqw2cLCv02lx3THq6RqWP2W8Q9gistAcsDiQ-Nas4KSj57f-oCsCyb_j_Qr9cAdGwDvm1X9p798eJX9taoIb9mw9Nh2xyeiC6weKBGq4XFJU6J963PiPs7T-i6Q4khe-Z2zX2-0zpdVYkvNDPSyhjR8

Requested by

Host: fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com
URL: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 18:44:30 GMT
expires: Sat, 04 Feb 2023 18:44:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 50C2 78 KB
27 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com
URL: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 04 Feb 2023 18:44:30 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 50C2 42 B
63 B 42ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BTnLXvv2fT9fU3O1BjfCc5IYmtoOJWOFjne-XGF4_jixmBsYL-TqzoInsakYsGtf2H-BISBhexqquAoXGFrKEtfcB0qS4kq2zzKF37tv8rus3U9z8

Requested by

Host: fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com
URL: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 50C2 0
20 B 45ms
43ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12527015231745191252&x=1&ct=76

Requested by

Host: fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com
URL: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 50C2 3 KB
1 KB 23ms
21ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com
URL: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:25:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 50C2 18 KB
7 KB 23ms
22ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com
URL: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:25:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 50C2 157 KB
48 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com
URL: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 18:44:30 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ Frame A70E 2 B
330 B 382ms
85ms Fetch
text/plain 70.42.32.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=777a6218a00c2786d923c93a7e5e7f51_119225_1675536270362&tm=450&eT=6&wRV=2010138&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 04 Feb 2023 18:44:30 GMT
Access-Control-Expose-Headers: content-range
X-TraceId: c66ece7c7b23f2ea0245fd40f4f41382
Content-Length: 2
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8

GET
H2 200 monitor.html Show response
widgets.outbrain.com/widgetMonitor/ Frame 6897 4 KB
2 KB 32ms
31ms Document
text/html 23.203.125.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e74aad7eedeb94eab0fbb3d4435ff67c95dee259361fd21effd45bcd64424c24

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 1602
content-type: text/html
date: Sat, 04 Feb 2023 18:44:30 GMT
etag: "9e7d58ad34c85761770fc947d9bee792:1617096471.391057"
expires: Sat, 11 Feb 2023 18:44:30 GMT
last-modified: Tue, 30 Mar 2021 09:27:46 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 1865 0
42 B 114ms
20ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=46917458&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1675536270047-976572372557-001158-002-009289%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:29 GMT
content-length: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7BB0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

117ms
116ms

Document
text/html

2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com
URL: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 18:44:30 GMT
expires: Sat, 04 Feb 2023 18:44:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 18:44:30 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7913
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFahNqQqohcw7kxznKXTQM&google_cver=1

43 B
766 B

18ms
11ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFahNqQqohcw7kxznKXTQM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYw9PDmAEwAQ&v=APEucNWsr-TrVyhVZN-No4AMZWGLi8xRKqw2cLCv02lx3THq6RqWP2W8Q9gistAcsDiQ-Nas4KSj57f-oCsCyb_j_Qr9cAdGwDvm1X9p798eJX9taoIb9mw9Nh2xyeiC6weKBGq4XFJU6J963PiPs7T-i6Q4khe-Z2zX2-0zpdVYkvNDPSyhjR8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Feb 2023 18:44:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFahNqQqohcw7kxznKXTQM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7913
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y96njh-SSkz0ZjSKNmx8SQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFahNqQqohcw7kxznKXTQM&google_cver=1

43 B
766 B

11ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFahNqQqohcw7kxznKXTQM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYw9PDmAEwAQ&v=APEucNWsr-TrVyhVZN-No4AMZWGLi8xRKqw2cLCv02lx3THq6RqWP2W8Q9gistAcsDiQ-Nas4KSj57f-oCsCyb_j_Qr9cAdGwDvm1X9p798eJX9taoIb9mw9Nh2xyeiC6weKBGq4XFJU6J963PiPs7T-i6Q4khe-Z2zX2-0zpdVYkvNDPSyhjR8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Feb 2023 18:44:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFahNqQqohcw7kxznKXTQM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 7913
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGmPJulCkN_l9bsGz-vhADg&google_cver=1

43 B
1 KB

45ms
14ms

Image
image/gif

185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGmPJulCkN_l9bsGz-vhADg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYw9PDmAEwAQ&v=APEucNWsr-TrVyhVZN-No4AMZWGLi8xRKqw2cLCv02lx3THq6RqWP2W8Q9gistAcsDiQ-Nas4KSj57f-oCsCyb_j_Qr9cAdGwDvm1X9p798eJX9taoIb9mw9Nh2xyeiC6weKBGq4XFJU6J963PiPs7T-i6Q4khe-Z2zX2-0zpdVYkvNDPSyhjR8

Protocol

HTTP/1.1

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Feb 2023 18:44:30 GMT
AN-X-Request-Uuid: 59901e48-953d-4eb4-86c2-9d07466435c4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 146.70.117.110; 146.70.117.110; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGmPJulCkN_l9bsGz-vhADg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7913
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQyNTY5MDg0OTMyODE0Nzk1MQ%3D%3D

170 B
188 B

43ms
43ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQyNTY5MDg0OTMyODE0Nzk1MQ%3D%3D

Requested by

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 04 Feb 2023 18:44:30 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 146.70.117.110; 146.70.117.110; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9b58e745-aba0-4c2d-8d9e-3068c2a17b2f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQyNTY5MDg0OTMyODE0Nzk1MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 50C2 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9726494799833&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 50C2 0
20 B 40ms
39ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9726494799833&version=m202301230201&ct=76&x=1&cor=12527015231745192000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 50C2 82 KB
35 KB 72ms
72ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D03w_YgR0I0wOipXEG0ZyQpzOTP6FTWABKGEzNS6zd5bqxbOfl2c7UI1CywiZBOA4AgifaZVrO26yQ5FXvsE__jvbepA&cry=1&dbm_d=AKAmf-Ci_LppwRIrI1L6af4d5RQQtORKK5wmP8Wcx3-5ZwpN8Wd6dLlyW8F0fu1uuXXB_k3ZTlrNa6JeuxlUyMijglY1NJMY-CBcc6JQwZQLHT1zoQlTo3LijeTXkjxZhBUBSyjt4t_AL-vgnOSst1LXrCWSnCaD3q7iHV-WLidKHeQCVK7FReYwhR4oYM7kedxrG-JgLgg2QZaYI-rxchFfJQGldO7Fi-_FRIaRlJqBiIhsWugxBVRwQznQTdtUW89ICkXIF_Sp7hDNc80jN64-_vpH8BDksd3p1N68oXnw2D4CwVrReu1DwY8l4Fp1bT_UA1OYAbU2TdZnRlFwipwRaXOWK-dKhOi1JRplB5vckiK_VL_xvHILnI-5eBYE-VE6qmdzuvi3nzSMIlcsYSdYgYDrKIrw1zuz681bk3S9bcwly5wP5dJL3gnqfa7JSRL8tbUYVjNSPsIN8fcctV19awwivU06aYXSPKeuL2Tl1T-NKYwTRlpkjK8pEgJPTl_Cxff_G4JcIrXlIX3J_4ELCU-63oldMkOnfI9dnXjqWoITdnOn34NFHSHs5I4ECKn2xtBGhg8mTZp7t7KyoeKY6aB6jpaVoZWJo8DZW1TUeGR7FpUt2pcgYxZlOhmDFfD9Nhg-tX_4Oi2S3zxAc_pr9W4kcgYGxniZDJhDr4qG1AGOemMBvLkVNPTUIzF4uw1xbw--TicJ3rFcShnTr9m2SeRpVoNO7-HV7rDetcs5BoUpeU2YQgNTbyAMpkvKwY6K2SlGHoaqpWtusUz-6_ykV1p-V-Q8t1Jj993AikBkkPComaJK2IiffryiRSCvU_vkbIEVuDI19o4vmZTY5OBvevE5FnuzniDXFCBUM7r6gh6MmwqLCM3TNxqASIMkwbCrrcv7rFFIv9u96f9HoHpkwjtju1Tt2Z_hCBb-dRTDTPP_jSGkxLX8dEs5FrXAOayczTCynh2ldW--eg_LitklII9ZX0HaBuGWpLBOx2xZB2SmptsRI3dUR_MZ8PISPul5BpPIwyTrqeuMWzHoyCY95-ZtAuavzENwVir1rjWLxsN-esHGumYeZDPZUVKycqt9zRR0FZ2XRAfwv3xFn_TllJXx4YkjmdjlAIfTR56nnSEaGAgkmnNU8LLUvD_cupOr7q80nO5958QyUGqOdXu_1m4lU61Dtcv6VsaJ_GINtEm8FoeeuzJUMwN5Ha9BHjR_Vj0t5k02XOfOckefSd0b4bDxKop7R6qFhE9fWS60OnSr3_dxTb4LHwU8ulzk1QXjQUgV_9BdWm3ZKpDwc2H-SZcB7SXtJLAdz1HRF42d2_GasGP5yQ92zV0vhrE3nqJNG4iaMk3j9CL7zOHp55I6ygg64DouGqtbbGpr2wYZjkWhqm-tAECFzg_f4u9b9jyvEvzXp4-iP09aIiXppeVv0VX3yrPPPVCc_H6wNhbSV95TjhqiOb3Ngoyyh_QoyeiNwA5lHsGTRIknCUG43c6-8nhBgD93i8gEM6H8YdJoXx_H74rvX1mEpZr1SnGEQTJdV0d8moZcJtkhZZuWxH16EwJe4U4XIRi9HJH0SNm1kDo1B0sYzyKk22Q5rnCGkVwJeMShsdULgrZpqtYxDZuBd9PD1ES4mAZUXVmil22444vOkqdI7rVi2pfH3Eh4LIgODS9ZTJFvXbSi0mSV4t13RV540LExpDCxMMzPGjQB-uxmxhQo5-ZNDOhe3e6Nt9QCQgIBnWaJxJYSgPmtAF2Vv1stwQfHt7CPXEkFh_iyg4W8Nnsd4R8Sh3eJRbav_yZZhsVofjhhGn1v4RzY3ceajY-UOijH6xQmyqqgCIym8KvX_8hJd6NvTzIrgxnBcq5qH3GrxqW4JBOPrg2rjlsROdt7VZgfH__kjFCxlkgCdHn3FZm3THMgo3Q3jTFR8pdgn9RQhq70wn7L35_acXHjEAuCIUar2NrvLObSRYos7KlK1_CxO_VV7BmjKJkImHkNckQiTqwIZMKFJokQoOVFmDRMbiknoVpgAOC89y9f1mJllkPBTI4y2omeDvdecxRpYkB-9GXAowU3mFL4W4FZ_tpF7VESIToXG0cior_GCJdXnEtIyjvIx8tMFLgYYMpeKNR1HG95I6xXYHxQC-y0jhjg0g4JNgIcdOszygQA1ooCa9EvqzshRCvA3Y6D_B9DKihfBrCUms3SqbUdNjaCV1lENv1vdBUDWOvRgmzK878v8WI5ZlSsZbC48Y83_xnIsSra6qpd28W3FjNKZu7a5yD9oQh_r1w2YGynqnIy1G2ZDB32vreE1Up66u3cEjQMl4FKzGYEqE1i2qydo685VoF0StyyN5CVZwjO3LLeQo2DHDEJkSHkQO9TSxocfQSZ-WFhdojhFv_dSU1HjJ8rgW7lTkGP-QHptNcDMNSBnQhVXKkaI5M2-R5Wb7Pmn9UC4rF1qdH8hCnRXfnfaSDMMRi1lzFHj9Lzde_NjdMTrGYkd1-4d85Wp7Mg6wHJI9hj0qw3Zadm5aK9GlOtORJuQOnNurQn0WAUHzkD3D4L6NTOO_SXDe8gMTs7kMLNoi4WU-p9jdctQzyw-3Ya8B-W5iW6ypjUpX6bmlyvMxss_XBN6PHD8CUyoPAkwCZlHQYP0lKppVxScxvkI2evz7hWtOGaYdc_ZmzlvB5wO6qS6JUNZ7X-_X4MU4HYhz4uY_1Lvr-9D4uivO3jqHCQhZvVF-X8RK8cs9iOYRDeUD7ppNvurwdaxNxoNm_ki3W7uKy80lXPPzCGy4_GILBnNXwUdAivMJWSpNK_YJgBl_WPsgUCjoMsNH-1rN-5XbehKb-xbYgxeWIfYZ_4-09e0-jNADUJx7btDCVL8XU7IsSm_dRuAgniUjvcIXWolwf8YCghldB105zXLYrkkVm9qnGTGvUDPOaw1jYxZhY99ETrlI2bcHHmejAmICW8Bk9UIkHJ6QO4_FAxjDreUNfypuf3bLpECYMl0bPEtf27YnZUuLe8d1FAs9sDT8fQ8UoukHXqRyMlVtCVyWH_RzVpk3xWIY7qcO1Et7WV9hsQes6n95CebIkgYsaif0qLb_D6A5Ip6c3RIJav8Zf95DkDon37D_daxf0MlzBgazObHknCq0JUaTdWj0mwjoMS0uiriN9_uyo_8J-1FLr8BVyv0dfU0d0hs2cadA3bPaO0NKG7pVMoMLrs_4AC4IR1W2yErU-gw4QRkYbRzCr1sbwVE9cIG6lk1KtCqQwa-I_EFOWYf6FwMnZBwyYcR52LQucgdaKSzj4DGdVy-rv76SiLSui4MsYWXMj6uwItVCR8gOA61mIxQ7dFdlYTTE4Oymsd-xOYKYZz_kQs-H_TPRWKPIUjYzUKiUANfVmW5eGjkoQUQRSqt6ppVv0&cid=CAQSSwDUE5ymoxwUxmEwfkOvDBpyI13ORnOfXldBPY2as4ew-dlBV-BxXke6NQAABPatoB-DOFsUtX3gHLWkSEplPS_paTLgqXQptnuWsxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fstad.yalla-shoot.io%2F&ds=l&xdt=1&iif=1&cor=12527015231745192000&adk=1033480531&idt=84&cac=0&dtd=23

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7be8096cd8f1d5794fe3981b57e3170785367c1640f5d959f2df7953e803d9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35459
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 50C2 106 KB
37 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
Origin: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 23:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70422
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Feb 2023 23:10:48 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/ Frame 50C2 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D03w_YgR0I0wOipXEG0ZyQpzOTP6FTWABKGEzNS6zd5bqxbOfl2c7UI1CywiZBOA4AgifaZVrO26yQ5FXvsE__jvbepA&cry=1&dbm_d=AKAmf-Ci_LppwRIrI1L6af4d5RQQtORKK5wmP8Wcx3-5ZwpN8Wd6dLlyW8F0fu1uuXXB_k3ZTlrNa6JeuxlUyMijglY1NJMY-CBcc6JQwZQLHT1zoQlTo3LijeTXkjxZhBUBSyjt4t_AL-vgnOSst1LXrCWSnCaD3q7iHV-WLidKHeQCVK7FReYwhR4oYM7kedxrG-JgLgg2QZaYI-rxchFfJQGldO7Fi-_FRIaRlJqBiIhsWugxBVRwQznQTdtUW89ICkXIF_Sp7hDNc80jN64-_vpH8BDksd3p1N68oXnw2D4CwVrReu1DwY8l4Fp1bT_UA1OYAbU2TdZnRlFwipwRaXOWK-dKhOi1JRplB5vckiK_VL_xvHILnI-5eBYE-VE6qmdzuvi3nzSMIlcsYSdYgYDrKIrw1zuz681bk3S9bcwly5wP5dJL3gnqfa7JSRL8tbUYVjNSPsIN8fcctV19awwivU06aYXSPKeuL2Tl1T-NKYwTRlpkjK8pEgJPTl_Cxff_G4JcIrXlIX3J_4ELCU-63oldMkOnfI9dnXjqWoITdnOn34NFHSHs5I4ECKn2xtBGhg8mTZp7t7KyoeKY6aB6jpaVoZWJo8DZW1TUeGR7FpUt2pcgYxZlOhmDFfD9Nhg-tX_4Oi2S3zxAc_pr9W4kcgYGxniZDJhDr4qG1AGOemMBvLkVNPTUIzF4uw1xbw--TicJ3rFcShnTr9m2SeRpVoNO7-HV7rDetcs5BoUpeU2YQgNTbyAMpkvKwY6K2SlGHoaqpWtusUz-6_ykV1p-V-Q8t1Jj993AikBkkPComaJK2IiffryiRSCvU_vkbIEVuDI19o4vmZTY5OBvevE5FnuzniDXFCBUM7r6gh6MmwqLCM3TNxqASIMkwbCrrcv7rFFIv9u96f9HoHpkwjtju1Tt2Z_hCBb-dRTDTPP_jSGkxLX8dEs5FrXAOayczTCynh2ldW--eg_LitklII9ZX0HaBuGWpLBOx2xZB2SmptsRI3dUR_MZ8PISPul5BpPIwyTrqeuMWzHoyCY95-ZtAuavzENwVir1rjWLxsN-esHGumYeZDPZUVKycqt9zRR0FZ2XRAfwv3xFn_TllJXx4YkjmdjlAIfTR56nnSEaGAgkmnNU8LLUvD_cupOr7q80nO5958QyUGqOdXu_1m4lU61Dtcv6VsaJ_GINtEm8FoeeuzJUMwN5Ha9BHjR_Vj0t5k02XOfOckefSd0b4bDxKop7R6qFhE9fWS60OnSr3_dxTb4LHwU8ulzk1QXjQUgV_9BdWm3ZKpDwc2H-SZcB7SXtJLAdz1HRF42d2_GasGP5yQ92zV0vhrE3nqJNG4iaMk3j9CL7zOHp55I6ygg64DouGqtbbGpr2wYZjkWhqm-tAECFzg_f4u9b9jyvEvzXp4-iP09aIiXppeVv0VX3yrPPPVCc_H6wNhbSV95TjhqiOb3Ngoyyh_QoyeiNwA5lHsGTRIknCUG43c6-8nhBgD93i8gEM6H8YdJoXx_H74rvX1mEpZr1SnGEQTJdV0d8moZcJtkhZZuWxH16EwJe4U4XIRi9HJH0SNm1kDo1B0sYzyKk22Q5rnCGkVwJeMShsdULgrZpqtYxDZuBd9PD1ES4mAZUXVmil22444vOkqdI7rVi2pfH3Eh4LIgODS9ZTJFvXbSi0mSV4t13RV540LExpDCxMMzPGjQB-uxmxhQo5-ZNDOhe3e6Nt9QCQgIBnWaJxJYSgPmtAF2Vv1stwQfHt7CPXEkFh_iyg4W8Nnsd4R8Sh3eJRbav_yZZhsVofjhhGn1v4RzY3ceajY-UOijH6xQmyqqgCIym8KvX_8hJd6NvTzIrgxnBcq5qH3GrxqW4JBOPrg2rjlsROdt7VZgfH__kjFCxlkgCdHn3FZm3THMgo3Q3jTFR8pdgn9RQhq70wn7L35_acXHjEAuCIUar2NrvLObSRYos7KlK1_CxO_VV7BmjKJkImHkNckQiTqwIZMKFJokQoOVFmDRMbiknoVpgAOC89y9f1mJllkPBTI4y2omeDvdecxRpYkB-9GXAowU3mFL4W4FZ_tpF7VESIToXG0cior_GCJdXnEtIyjvIx8tMFLgYYMpeKNR1HG95I6xXYHxQC-y0jhjg0g4JNgIcdOszygQA1ooCa9EvqzshRCvA3Y6D_B9DKihfBrCUms3SqbUdNjaCV1lENv1vdBUDWOvRgmzK878v8WI5ZlSsZbC48Y83_xnIsSra6qpd28W3FjNKZu7a5yD9oQh_r1w2YGynqnIy1G2ZDB32vreE1Up66u3cEjQMl4FKzGYEqE1i2qydo685VoF0StyyN5CVZwjO3LLeQo2DHDEJkSHkQO9TSxocfQSZ-WFhdojhFv_dSU1HjJ8rgW7lTkGP-QHptNcDMNSBnQhVXKkaI5M2-R5Wb7Pmn9UC4rF1qdH8hCnRXfnfaSDMMRi1lzFHj9Lzde_NjdMTrGYkd1-4d85Wp7Mg6wHJI9hj0qw3Zadm5aK9GlOtORJuQOnNurQn0WAUHzkD3D4L6NTOO_SXDe8gMTs7kMLNoi4WU-p9jdctQzyw-3Ya8B-W5iW6ypjUpX6bmlyvMxss_XBN6PHD8CUyoPAkwCZlHQYP0lKppVxScxvkI2evz7hWtOGaYdc_ZmzlvB5wO6qS6JUNZ7X-_X4MU4HYhz4uY_1Lvr-9D4uivO3jqHCQhZvVF-X8RK8cs9iOYRDeUD7ppNvurwdaxNxoNm_ki3W7uKy80lXPPzCGy4_GILBnNXwUdAivMJWSpNK_YJgBl_WPsgUCjoMsNH-1rN-5XbehKb-xbYgxeWIfYZ_4-09e0-jNADUJx7btDCVL8XU7IsSm_dRuAgniUjvcIXWolwf8YCghldB105zXLYrkkVm9qnGTGvUDPOaw1jYxZhY99ETrlI2bcHHmejAmICW8Bk9UIkHJ6QO4_FAxjDreUNfypuf3bLpECYMl0bPEtf27YnZUuLe8d1FAs9sDT8fQ8UoukHXqRyMlVtCVyWH_RzVpk3xWIY7qcO1Et7WV9hsQes6n95CebIkgYsaif0qLb_D6A5Ip6c3RIJav8Zf95DkDon37D_daxf0MlzBgazObHknCq0JUaTdWj0mwjoMS0uiriN9_uyo_8J-1FLr8BVyv0dfU0d0hs2cadA3bPaO0NKG7pVMoMLrs_4AC4IR1W2yErU-gw4QRkYbRzCr1sbwVE9cIG6lk1KtCqQwa-I_EFOWYf6FwMnZBwyYcR52LQucgdaKSzj4DGdVy-rv76SiLSui4MsYWXMj6uwItVCR8gOA61mIxQ7dFdlYTTE4Oymsd-xOYKYZz_kQs-H_TPRWKPIUjYzUKiUANfVmW5eGjkoQUQRSqt6ppVv0&cid=CAQSSwDUE5ymoxwUxmEwfkOvDBpyI13ORnOfXldBPY2as4ew-dlBV-BxXke6NQAABPatoB-DOFsUtX3gHLWkSEplPS_paTLgqXQptnuWsxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fstad.yalla-shoot.io%2F&ds=l&xdt=1&iif=1&cor=12527015231745192000&adk=1033480531&idt=84&cac=0&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:17:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:17:54 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 50C2 28 KB
11 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb54d717149189d1547a246d2c709a8973f9b54140bb01a15d2947e78ed6cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:43:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10940
x-xss-protection: 0
server: cafe
etag: 260008737171085554
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:43:48 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 153E 0
0 60ms
59ms Fetch
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSZ4OCb5wOca-jLKLCJlAGSNSOB7nCIUHCP-RSPV6ZeBTDpbUg8plkxICqwwiWk-hUKb3pN6ZBDy3gSaSA7VXiqSucVZ2kxnwUqE3tNEWUxPcIPGgGzqueYZ_LDoaPLz8sNbLq6GeZa2kcOiz2S1c_qxrsVCLEUNEp7G4e7PFYuHWpT4d-_AdM8s34TkxHs5l3cjnRy9d1Et1X8yTIi2CAow9-xdm23bHzApGGDDr51yA0xtVM4qU0Y8TjzQbRWhLn1NpDJOkL-LTOU3vlyf-YPKBN6oM8K-ndsFPK_RHedAbDzRdKQubnUV2TPeB7Y_EE7HWUb41bnjLB9Q&sai=AMfl-YRiSbj_Ybq08A2sKqQcz2GLp-nLU0aOq63hTniQJ4a3GrQqzmRyafo8KJgn40E2HeQRAuwJp_IApxiptNMX_QF-qZu72sZPCqiUwPOsP1pgFYUdgyxKDPvCVmT1moRr08FbLcJyb-1CSap5UtQ&sig=Cg0ArKJSzLvB06Ruga2xEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ Frame 153E 216 KB
75 KB 32ms
31ms Script
application/x-javascript 23.203.125.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-62.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ca2f82fc102509bbb9d8998f38096d3bf9a3470f1c2c0b6df9d81972a41d875c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:30 GMT
content-encoding: gzip
last-modified: Fri, 03 Feb 2023 14:25:17 GMT
etag: "13-SovZBtWSgq1bgjgF5JBCQfe8QmY"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14400
access-control-allow-credentials: false
x-traceid: e1e9daaf95ee0cfa1b526fe4c6f20625
timing-allow-origin: *, *
content-length: 76161
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 153E 157 KB
48 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 18:44:30 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 50C2 41 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com
URL: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:54:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168622
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 19:54:08 GMT

GET
DATA 200
OK truncated
/ Frame 50C2 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db535eac3504ac45df1aa3ece7a73f13d541e051cb17ba285961d188d0698055

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/5736021638724462345/ Frame 37D3 24 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5736021638724462345/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f73bb0ae3bef8121c3715d8c3e3e0c9dbf36b3b963e18ef4fcce18fe70ade12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 534863
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5239
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 14:10:07 GMT
expires: Mon, 29 Jan 2024 14:10:07 GMT
last-modified: Thu, 05 Jan 2023 09:32:36 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 50C2 0
0 138ms
61ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu1gh5Hyy9m-BoWwUQsC8sSH5wW1Cw-ycJkgO70qNrZbj9ZZfMl6FidAbTkgJ6Y8P4hhhu49AiAJ0ukao2nmL_WcLwJmKBkHAqcjBmfiKtC7H-IL9mfAaDHhY5GIy-hl9NWwI6NT8ytvJugMFQoYBqk7T_KuAZ3nyeN9XxUaL9UA8xv93AYqIk6lGfJALRdcJn7XJFUm9jzk5Rg5b7Pv-kSkbbm5D0kENK1oDx9jkaTqvjxNeFe5AVzF5V_89T1hseGTzYSCCyxvah7F2F43PfG5Q9EIxrhOYGy1aDGtGnvVxbFo1eKJw1nWwWJIPC8vqLNekH4umXqKNM3kKhrbqP8aX8JPqHkqauzvZV0HY62FrofUZEZXoWv8dWAbInzaNJ6pwtjsfxuaSI_eG4dPg_LOqeS_XQEgwzEeoz2ntRCsEg0cQKL8H9RfjYBHI5AYBOCz7MxzHmooXy1EQ75DSmbSRoRFxRj3rZa0sPzF8Q3Cwrok50vSB42DTIHJWR-k-iIGWsHrrFVkbqYWDSviCztimOA-LhhWBPBr5gY1SXvUKgshyyVvxlgzX1HZpwgfWokKsD0xXwbsj_Aj57sl4FonK1Csze1-C7payqgZLlcShheAkUgjhZuMs4EmxgbxNsjK8KeifcPwNwbcZzK_AVjlHFNsQIF1YIhGQUXAM8O-db7s0iKEXPFSQY_FV6K69aI9UNUeu33Qs_IEHJQS8-I5VYN6UCtw-fPFiA66vEZbBs29MQJt3MTkryRYkTgDmCBw2VVYvZdzTchLDM5i0fT3Fno1v4i8BD52BcY3IPhoJ9L41rB5njns4aNvFrS-NIbQO3m10pGGIqwar8BzgdIZmYmqEqagqy_d5PpyX58oNRyY5tIuoyrMJNCoPnapF3MMIqYBYoqgz6xWwYuRREHxDDwTNOENYCiobWalOwMU9J1mD6PRbL1LOnwK1HIMRKTQJw0usQ7_xmd9wyHI83kWhW5fsNCv4X1-nFCcjDwqb3aViOAF9I-QrFCMz6OEL0v6NnMgDPHQKpba9-ODyHtZVVQI3FSbaJdPFjCfeX_T4ep7wRC07g6w3XlC9fMnwNAwhGvyTPseQeGl4lwscLV6lbZ3oFwd18cX6biZo_aoWbglFu4rfw9tHd7f0iGNhS4mUOTX4MQuHQPd4s2TuHkRz4Entf32TKtLGAj1vlG_nm1J5LK3BC9Qx6iyug7Jrq8ES_6gaOfXBJm_5J199AWJD-BX8czOx9dDmck7VYdYL_f6JD_KAj2YBfrNgRKDsAZXwLzb1Cddttq7CFex9-leuopR6Tuv9dyON1W&sai=AMfl-YStgRjy77H-LjxTtlKSqrnZnH2aeznFvteqZ4EK5YHuQ008pc3FERSw3LbLGy1QsYErkGv2_j2I5Rsap4sEZ3eF8c4nS-PKRTxWnR6p081wujXt4zL1hM89a74Y_qMTG0QQk4QoudhVtvSMd-Ys7mxUG4pyf7akyCWY2kaWxKRf2h0Ots27MSGhLXYk9NV8j3aR1Wb223bOlwTaeDS5-am8e_viIY7DT5wgtOY0CgwWjqoZM16pNtHJEuALWVAsnXb5MB5mYk6Q7NKLK05fn7Nn8b5tUGAdtSnWkZTqq_qoMINmqwle6Hk&sig=Cg0ArKJSzLtLy8F__zH6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=148&cbvp=1&cstd=115&cisv=r20230201.61831&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 04 Feb 2023 18:44:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 04 Feb 2023 18:44:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023020101&jk=1288167678413999&bg=!-fql-r7NAAaq5O5FiuQ7ACkAdvg8WgOkS3TkmPHBxbSjkivLTKUyop0Mg74nIwyTRCORxqy1DjMAHQIAAADgUgAAAARoAQeZAqLjJWzaBVxMrmk41OjEq2Y5rOc4cQXcv-lp_QMy0T6dP3aPGKrgYf-dslQynwfb7y4YEOZmirDAiOTJSbcnO7ahC_iU9BgMHWM-MIsP42kQoxEeyI1uLfqFgA2OTP0fGZNkMeCCQ2IVvzq1YFu7DH7gpFFh15FM4RllPj0BpazW9bcaaVT3Vc0_qYhcIs7TzU0zi9bCC0gK9kNgrHn8tSeuq3my0KtvsdtkHCQ91I1OZDI-3L3KUZ1VaDf_XclshfLlXqmtdw__zus_qnfWxqxk7okMhhq50ha75CSqLiMiJXHMCypGmKuH-iOqZ7JkrKQTblP-nIkR2l4URJqSZiKnM8_K-_Q13AgdMFVv1f2-Im1-H8d97ZpsXDAwAD1Nh-Wa-cnTb46OYoqCjArTKS_o7gAkwqisy51VlohB_U4j4pj2MImszZPnqvrxsedxTS8zKyoNelSNWhevG-yLDAMhv3AQJ4YZxh7b7P0X2AzO527FSolClR4LQzABPTkLUuI3g2A4FMBpoOY6QtYXpsJhS2MOZ4MHvBCkxvBlueevTD0EEZXy0sb-OaZeANCbaCMmqa2QL1q2pvdFJEe6Q7bieNncEbb3YfIAYqMOn5c-iMFQYAbrMIl2_1AlJrH7pBEGirUBuWhyTXa5iHqZPy5gxQoUulkIOx5HZLVCRol9cfZg9RkHCa6gmZSnfgtXOBcS46bj0eBI7_0x5uF98_1M7L7JorzyF2Rzs_5NXKDllCv1Gc4Gdffy-I03k5YndSgz9uS5jO8KxkUPUwyM9zQqb_kn0HX6woCih42RpBHR4n9PtJ-JKPgIWiCSbn-g_ShtOd0NCms7EK-VIqoQbJPz64Q3lbStflRcntxAZsG4ikAJqijZq93CjcMPSFgQ4amblw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F0F8 22 KB
8 KB 21ms
21ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 71563
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 22:51:47 GMT
expires: Sat, 03 Feb 2024 22:51:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 baf730f4acad38290c8b64d82f1fe8ea.js Show response
s0.2mdn.net/sadbundle/5736021638724462345/ Frame 37D3 97 KB
28 KB 8ms
7ms Script
application/x-javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5736021638724462345/baf730f4acad38290c8b64d82f1fe8ea.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5736021638724462345/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d97fb4b9c5d23402762f46c9708bfaf966e2e539a4db2bc16d7b7f4abeb7fb9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5736021638724462345/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 22:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 590637
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28315
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 09:32:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Jan 2024 22:40:33 GMT

GET
DATA 200
OK truncated
/ Frame 153E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9748da2ea3490f80f40e5a411678340b65235f11d4cebfd25a31000a4904604a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK c3RhZC55YWxsYS1zaG9vdC5pbw== Show response
tcheck.outbrainimg.com/tcheck/check/ Frame 153E 16 B
463 B 14ms
14ms XHR
application/json 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/c3RhZC55YWxsYS1zaG9vdC5pbw==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 18:44:30 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=5854
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: cdb17637aa0a03cff531c6a01479acfe
Content-Length: 16
Expires: Sat, 04 Feb 2023 20:22:04 GMT

GET
H2 200 notOutbrain.js Show response
widgets.outbrain.com/nanoWidget/2010138/module/ Frame 153E 1 B
388 B 30ms
29ms Fetch
application/x-javascript 23.203.125.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2010138/module/notOutbrain.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Sat, 04 Feb 2023 18:44:30 GMT
content-encoding: gzip
content-length: 21
last-modified: Fri, 03 Feb 2023 14:24:46 GMT
server: AkamaiNetStorage
etag: "68b329da9893e34099c7d8ad5cb9c940:1675438410.644836"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Sat, 11 Feb 2023 18:44:30 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ Frame 153E 43 B
380 B 31ms
30ms Image
image/gif 23.203.125.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Mon, 06 Mar 2023 18:44:30 GMT
date: Sat, 04 Feb 2023 18:44:30 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E484 33 KB
10 KB 26ms
26ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 853452a5635e800f0a5b4e08b23198a3e2e8c3c8fbe269c6a79e235da0270185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 18:44:30 GMT
Content-Encoding: gzip
Last-Modified: Sat, 04 Feb 2023 05:30:44 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=38768
Connection: keep-alive
Content-Length: 10010
Expires: Sun, 05 Feb 2023 05:30:38 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 37D3 13 KB
6 KB 47ms
10ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5736021638724462345/baf730f4acad38290c8b64d82f1fe8ea.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 11:22:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2024 11:22:20 GMT

GET
H3 200 edd36343f1f34b26ce09e52e20361d93.jpg
s0.2mdn.net/sadbundle/5736021638724462345/media/ Frame 37D3 18 KB
18 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5736021638724462345/media/edd36343f1f34b26ce09e52e20361d93.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5736021638724462345/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644e7041022a8c6abb5c5c6f1a9b5958327d5eeb3b256c13addaae45569fcfe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5736021638724462345/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 13:57:36 GMT
x-content-type-options: nosniff
age: 449214
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18324
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 09:32:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Jan 2024 13:57:36 GMT

GET
H3 200 06f91b438b5c0d7fe6dff4bf6c24cf00.svg
s0.2mdn.net/sadbundle/5736021638724462345/media/ Frame 37D3 5 KB
2 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5736021638724462345/media/06f91b438b5c0d7fe6dff4bf6c24cf00.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5736021638724462345/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb4a29554c161fc6298d26273c106770fbe6c66bff37bb0db2e7826a9f84cb4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5736021638724462345/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 22:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158058
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1998
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 09:32:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Feb 2024 22:50:12 GMT

GET
H2 200 platforms Show response
odb.outbrain.com/utils/ Frame 153E 4 KB
2 KB 147ms
147ms Script
text/javascript 199.232.18.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sports-1a-live%2F&idx=0&rand=33482&key=ADIPO26N995I7C97HCI1JF7FG&widgetJSId=AR_10&va=true&et=true&format=html&adblck=false&abwl=false&px=0&py=0&vpd=0&cw=300&activeTab=true&ab=0&wl=0&obRecsAbtestVars=1174:3820&settings=true&recs=true&version=2010138&sig=Ni4piP0G&apv=false&&osLang=en-US&winW=300&winH=250&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&chs=1&ref=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sports-1a-live%2F&ogn=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sports-1a-live%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 12534d71707154a339ccfe9bf055bf84344e94e122f4dc60cde1feb19c16f7c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sat, 04 Feb 2023 18:44:31 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, VIE, Europe1
x-timer: S1675536271.986266,VS0,VE130
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21938-LGA, cache-vie6327-VIE
x-traceid: cacf720d46646450034c07ea4ef03435
accept-ranges: bytes
content-length: 1784
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame F0F8 36 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 129013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Feb 2024 06:54:17 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame E484 284 B
536 B 84ms
10ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 css
fonts.googleapis.com/ Frame 37D3 4 KB
689 B 43ms
42ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700%7CRoboto:500

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f024141ccf910073696d2264ba468081a352ebacc30448a5b94d2790136bbbfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 04 Feb 2023 18:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 04 Feb 2023 18:40:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Feb 2023 18:44:31 GMT

GET
H2 200 urlsvid.json Show response
vpaid.vidoomy.com/sync/ Frame DD2C 761 B
694 B 143ms
13ms XHR
application/json 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1675536270047-976572372557-001158-002-009289%26key%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ba1b1a2825a89e6f8237340332fbf45c4b0aff9b8f5a1a35b5178a9680ac88c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 04 Feb 2023 18:44:31 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 111356
x-77-nzt: Abk73BD4Du3//LIBAA
x-accel-expires: @1676461715
last-modified: Fri, 03 Feb 2023 11:47:54 GMT
server: CDN77-Turbo
etag: W/"63dcf46a-2f9"
x-77-nzt-ray: 908339305c48bdea8fa7de6367f0520e
vary: Origin
content-type: application/json
access-control-allow-origin: https://vid.vidoomy.com
access-control-allow-credentials: true

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame E484 0
239 B 491ms
94ms Image
image/gif 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 2dd9fa24169fa04536d533da131679f8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 container.html Show response
fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 90BB 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:400d:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020101.js?cb=31072118

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 18:44:29 GMT
expires: Sun, 04 Feb 2024 18:44:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 50C2 0
0 55ms
55ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu1gh5Hyy9m-BoWwUQsC8sSH5wW1Cw-ycJkgO70qNrZbj9ZZfMl6FidAbTkgJ6Y8P4hhhu49AiAJ0ukao2nmL_WcLwJmKBkHAqcjBmfiKtC7H-IL9mfAaDHhY5GIy-hl9NWwI6NT8ytvJugMFQoYBqk7T_KuAZ3nyeN9XxUaL9UA8xv93AYqIk6lGfJALRdcJn7XJFUm9jzk5Rg5b7Pv-kSkbbm5D0kENK1oDx9jkaTqvjxNeFe5AVzF5V_89T1hseGTzYSCCyxvah7F2F43PfG5Q9EIxrhOYGy1aDGtGnvVxbFo1eKJw1nWwWJIPC8vqLNekH4umXqKNM3kKhrbqP8aX8JPqHkqauzvZV0HY62FrofUZEZXoWv8dWAbInzaNJ6pwtjsfxuaSI_eG4dPg_LOqeS_XQEgwzEeoz2ntRCsEg0cQKL8H9RfjYBHI5AYBOCz7MxzHmooXy1EQ75DSmbSRoRFxRj3rZa0sPzF8Q3Cwrok50vSB42DTIHJWR-k-iIGWsHrrFVkbqYWDSviCztimOA-LhhWBPBr5gY1SXvUKgshyyVvxlgzX1HZpwgfWokKsD0xXwbsj_Aj57sl4FonK1Csze1-C7payqgZLlcShheAkUgjhZuMs4EmxgbxNsjK8KeifcPwNwbcZzK_AVjlHFNsQIF1YIhGQUXAM8O-db7s0iKEXPFSQY_FV6K69aI9UNUeu33Qs_IEHJQS8-I5VYN6UCtw-fPFiA66vEZbBs29MQJt3MTkryRYkTgDmCBw2VVYvZdzTchLDM5i0fT3Fno1v4i8BD52BcY3IPhoJ9L41rB5njns4aNvFrS-NIbQO3m10pGGIqwar8BzgdIZmYmqEqagqy_d5PpyX58oNRyY5tIuoyrMJNCoPnapF3MMIqYBYoqgz6xWwYuRREHxDDwTNOENYCiobWalOwMU9J1mD6PRbL1LOnwK1HIMRKTQJw0usQ7_xmd9wyHI83kWhW5fsNCv4X1-nFCcjDwqb3aViOAF9I-QrFCMz6OEL0v6NnMgDPHQKpba9-ODyHtZVVQI3FSbaJdPFjCfeX_T4ep7wRC07g6w3XlC9fMnwNAwhGvyTPseQeGl4lwscLV6lbZ3oFwd18cX6biZo_aoWbglFu4rfw9tHd7f0iGNhS4mUOTX4MQuHQPd4s2TuHkRz4Entf32TKtLGAj1vlG_nm1J5LK3BC9Qx6iyug7Jrq8ES_6gaOfXBJm_5J199AWJD-BX8czOx9dDmck7VYdYL_f6JD_KAj2YBfrNgRKDsAZXwLzb1Cddttq7CFex9-leuopR6Tuv9dyON1W&sai=AMfl-YStgRjy77H-LjxTtlKSqrnZnH2aeznFvteqZ4EK5YHuQ008pc3FERSw3LbLGy1QsYErkGv2_j2I5Rsap4sEZ3eF8c4nS-PKRTxWnR6p081wujXt4zL1hM89a74Y_qMTG0QQk4QoudhVtvSMd-Ys7mxUG4pyf7akyCWY2kaWxKRf2h0Ots27MSGhLXYk9NV8j3aR1Wb223bOlwTaeDS5-am8e_viIY7DT5wgtOY0CgwWjqoZM16pNtHJEuALWVAsnXb5MB5mYk6Q7NKLK05fn7Nn8b5tUGAdtSnWkZTqq_qoMINmqwle6Hk&sig=Cg0ArKJSzLtLy8F__zH6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=454&vt=11&dtpt=306&dett=3&cstd=115&cisv=r20230201.61831&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 04 Feb 2023 18:44:31 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 37D3 15 KB
16 KB 26ms
25ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700%7CRoboto:500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 22:49:45 GMT
x-content-type-options: nosniff
age: 330886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 22:49:45 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 37D3 16 KB
16 KB 21ms
20ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700%7CRoboto:500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 15:23:02 GMT
x-content-type-options: nosniff
age: 444089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:23:02 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ Frame 153E 2 B
330 B 85ms
85ms Fetch
text/plain 70.42.32.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=116d3983ea61fca6a12c70e28d379849_119225_1675536271051&tm=223&eT=6&wRV=2010138&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 04 Feb 2023 18:44:31 GMT
Access-Control-Expose-Headers: content-range
X-TraceId: 81d366d72a75979886801da928da0323
Content-Length: 2
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8

GET
H2 200 monitor.html Show response
widgets.outbrain.com/widgetMonitor/ Frame BAAB 4 KB
2 KB 31ms
31ms Document
text/html 23.203.125.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e74aad7eedeb94eab0fbb3d4435ff67c95dee259361fd21effd45bcd64424c24

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 1602
content-type: text/html
date: Sat, 04 Feb 2023 18:44:31 GMT
etag: "9e7d58ad34c85761770fc947d9bee792:1617096471.391057"
expires: Sat, 11 Feb 2023 18:44:31 GMT
last-modified: Tue, 30 Mar 2021 09:27:46 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 36A4 640 B
265 B 58ms
56ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiwr4nfATAB&v=APEucNU1zy_hN6Am-ny3anvlze-oZsGZr2Cxps5M6fI7OzRhquqbk7_twApJ70BxTKCqHRJNkLytoLKqIz0lVzUINOBxH2fmPk7mkxNRHvWuS2l9aHniURyXp_I0DuHksCgcPqocRrjjQKwDqO2SqH2J1dSKrMl6Gs9gl8ZTy26fH279xq-NdTw

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 18:44:31 GMT
expires: Sat, 04 Feb 2023 18:44:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E782 78 KB
27 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 04 Feb 2023 18:44:31 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame E782 3 KB
1 KB 22ms
20ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:25:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame E782 18 KB
7 KB 23ms
21ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:25:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E782 157 KB
48 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 18:44:31 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E782 42 B
63 B 44ms
43ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CZyOAmoPmqgnraFzl6pWAB6rpOE30-gfujEzL2DpEiI8DjF4c46k2NVqvoyCQczL0fCqmBq_rHe2t-hJ1zGR7RbA9gkd5Q44cBRDsnnmBg2q0DC68

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E782 0
20 B 45ms
43ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11685735353900866752&x=1&ct=76

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 06f91b438b5c0d7fe6dff4bf6c24cf00.svg
s0.2mdn.net/sadbundle/5736021638724462345/media/ Frame 37D3 5 KB
2 KB 7ms
7ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5736021638724462345/media/06f91b438b5c0d7fe6dff4bf6c24cf00.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5736021638724462345/baf730f4acad38290c8b64d82f1fe8ea.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb4a29554c161fc6298d26273c106770fbe6c66bff37bb0db2e7826a9f84cb4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5736021638724462345/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 22:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158059
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1998
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 09:32:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Feb 2024 22:50:12 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 37D3 13 KB
5 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5736021638724462345/baf730f4acad38290c8b64d82f1fe8ea.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 11:22:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2024 11:22:20 GMT

GET
H3 200 258fc971298fe59b0a210a2d976464f0.png
s0.2mdn.net/sadbundle/5736021638724462345/media/ Frame 37D3 4 KB
4 KB 13ms
9ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5736021638724462345/media/258fc971298fe59b0a210a2d976464f0.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fddb32fd87cc1b154ab516d6a07e4a3f371cb3d5ec1999025412361d4b881ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5736021638724462345/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 16:30:52 GMT
x-content-type-options: nosniff
age: 353619
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3851
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 09:32:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Jan 2024 16:30:52 GMT

GET
H3 200 6b4e4d6d5788eef0d2df6761e18aaf8f.png
s0.2mdn.net/sadbundle/5736021638724462345/media/ Frame 37D3 3 KB
3 KB 11ms
8ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5736021638724462345/media/6b4e4d6d5788eef0d2df6761e18aaf8f.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c1aa14f61547e7fe7dc150a4a0c582be9565fc1c0431fc0a262f3d770f7fbef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5736021638724462345/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 18:57:52 GMT
x-content-type-options: nosniff
age: 171999
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3241
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 09:32:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Feb 2024 18:57:52 GMT

GET
H3 200 edd36343f1f34b26ce09e52e20361d93.jpg
s0.2mdn.net/sadbundle/5736021638724462345/media/ Frame 37D3 18 KB
18 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5736021638724462345/media/edd36343f1f34b26ce09e52e20361d93.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644e7041022a8c6abb5c5c6f1a9b5958327d5eeb3b256c13addaae45569fcfe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5736021638724462345/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 13:57:36 GMT
x-content-type-options: nosniff
age: 449215
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18324
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 09:32:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Jan 2024 13:57:36 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E484
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFa_yOILOCOF-uPwmF_Zzhk&google_cver=1

0
239 B

157ms
8ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFa_yOILOCOF-uPwmF_Zzhk&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFa_yOILOCOF-uPwmF_Zzhk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame E484
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rRA0xxvdQtaM-afiRgw11A&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rRA0xxvdQtaM-afiRgw11A

43 B
479 B

35ms
35ms

Image
image/gif

54.239.33.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rRA0xxvdQtaM-afiRgw11A

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

Protocol

HTTP/1.1

Server

54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Feb 2023 18:44:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FA6WQAKASA4M5A533DPN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rRA0xxvdQtaM-afiRgw11A
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame E484 0
214 B 15ms
10ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=25470
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame E484 0
214 B 28ms
9ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 143
match.deepintent.com/usersync/ Frame E484 0
44 B 344ms
95ms Image
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/143
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:31 GMT
content-length: 0
server: a

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E484
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5b0b5565-07be-48ff-a69b-360482804c5c&expires=30

0
239 B

10ms
10ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5b0b5565-07be-48ff-a69b-360482804c5c&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5b0b5565-07be-48ff-a69b-360482804c5c&expires=30
Date: Sat, 04 Feb 2023 18:44:31 GMT
Connection: keep-alive
X-CI-RTID: 368c990b-c688-458e-ad38-21a16b4b5bef
Content-Length: 144
Content-Type: text/html; charset=utf-8

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E484
Redirect Chain

https://gu.dyntrk.com/adx/rbcn/us.php?dynk=r1b32c0n
https://gu.dyntrk.com/adx/rbcn/us.php?dynk=r1b32c0n&prevuid=&knw=
https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=&expires=365&gdpr=1&gdpr_consent=

0
239 B

90ms
9ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=&expires=365&gdpr=1&gdpr_consent=
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sat, 04 Feb 2023 18:44:31 GMT
server: nginx
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
access-control-allow-origin: *
location: https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=&expires=365&gdpr=1&gdpr_consent=
content-type: text/html; charset=UTF-8
cache-control: no-cache
keep-alive: timeout=10
access-control-allow-headers: Origin

GET
H2

204

current
rubicon-match.dotomi.com/match/bounce/ Frame E484
Redirect Chain

https://token.rubiconproject.com/token?pid=2046&pt=n&a=1
https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=TGu1BhRsVRzuxPvWMP51boXsnMZhMiGdLdsvN9R-tmQ

0
104 B

149ms
71ms

Image
text/plain

2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=TGu1BhRsVRzuxPvWMP51boXsnMZhMiGdLdsvN9R-tmQ
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: H2
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:31 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

Redirect headers

Location: https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=TGu1BhRsVRzuxPvWMP51boXsnMZhMiGdLdsvN9R-tmQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 153E 0
0 55ms
55ms Fetch
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssC-2K238NqkmbLe-m2KbrvuChq5fNwGp_EXDExempAb-VojN7p4Lzfx3yeps5ERZurOH3eSYKUNex6OK6VvEj76avdeQyGW2NvVhxBBhzeNLvWI84U8-mFgGduEn7SGLQUsf-DKcUL-ljRdbD-ezX_LxNhDSPT9aBunsZ9MmSrCe0nXW1OYQYF9WolJWYXYYEyNqbgy5K-OGXqmatM0PzyRRQ4uPZs7wu6bC-wjI4bjduBjp3_FfECghJdiRPerphs6bLU9sv-rUA6SMb4AmotRpw5iVR8MjwjkciyHzc_AsDFu5ziVjsorX5i9-riQWBCOORfMyTMxElDk1QM&sai=AMfl-YTBys4J8pA0E6Q32nxzBu5AihXQL6wL1j3mIibEb6b3zdrDBR7iNAY4ZscrAhdlSh5wrM7QyCott5m620ejewx4ng91NryhqxkwXoMRNWBV-dV1lbJVqaCgo4xN-2JcScNU6j2e2F50LoishfY&sig=Cg0ArKJSzBwpea5SWwodEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 04 Feb 2023 18:44:31 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 36A4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBZG4PlAF_iffboWnnsRWkI&google_cver=1

43 B
114 B

48ms
17ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBZG4PlAF_iffboWnnsRWkI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiwr4nfATAB&v=APEucNU1zy_hN6Am-ny3anvlze-oZsGZr2Cxps5M6fI7OzRhquqbk7_twApJ70BxTKCqHRJNkLytoLKqIz0lVzUINOBxH2fmPk7mkxNRHvWuS2l9aHniURyXp_I0DuHksCgcPqocRrjjQKwDqO2SqH2J1dSKrMl6Gs9gl8ZTy26fH279xq-NdTw
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:31 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBZG4PlAF_iffboWnnsRWkI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 36A4 43 B
304 B 96ms
16ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiwr4nfATAB&v=APEucNU1zy_hN6Am-ny3anvlze-oZsGZr2Cxps5M6fI7OzRhquqbk7_twApJ70BxTKCqHRJNkLytoLKqIz0lVzUINOBxH2fmPk7mkxNRHvWuS2l9aHniURyXp_I0DuHksCgcPqocRrjjQKwDqO2SqH2J1dSKrMl6Gs9gl8ZTy26fH279xq-NdTw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:31 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 36A4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEMJqIHogVkJeiPw2OOTDyrM&google_cver=1

23 B
172 B

136ms
55ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEMJqIHogVkJeiPw2OOTDyrM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiwr4nfATAB&v=APEucNU1zy_hN6Am-ny3anvlze-oZsGZr2Cxps5M6fI7OzRhquqbk7_twApJ70BxTKCqHRJNkLytoLKqIz0lVzUINOBxH2fmPk7mkxNRHvWuS2l9aHniURyXp_I0DuHksCgcPqocRrjjQKwDqO2SqH2J1dSKrMl6Gs9gl8ZTy26fH279xq-NdTw
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Sat, 04 Feb 2023 18:44:31 GMT
pragma: no-cache
date: Sat, 04 Feb 2023 18:44:31 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEMJqIHogVkJeiPw2OOTDyrM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 36A4 23 B
172 B 294ms
167ms Image
image/gif 104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiwr4nfATAB&v=APEucNU1zy_hN6Am-ny3anvlze-oZsGZr2Cxps5M6fI7OzRhquqbk7_twApJ70BxTKCqHRJNkLytoLKqIz0lVzUINOBxH2fmPk7mkxNRHvWuS2l9aHniURyXp_I0DuHksCgcPqocRrjjQKwDqO2SqH2J1dSKrMl6Gs9gl8ZTy26fH279xq-NdTw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Sat, 04 Feb 2023 18:44:31 GMT
pragma: no-cache
date: Sat, 04 Feb 2023 18:44:31 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 cookie
cm.adform.net/ Frame DD2C 43 B
106 B 125ms
29ms Image
image/gif 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dadf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:31 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DD2C 0
0 30ms
29ms Image
text/html 23.203.124.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dpubmatic
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-124-192.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame DD2C 0
191 B 99ms
18ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%7BuserId%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3DCEN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Sat, 04 Feb 2023 18:44:30 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 37D3 2 KB
539 B 43ms
43ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 04 Feb 2023 18:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 04 Feb 2023 18:32:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Feb 2023 18:44:31 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E782 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4977188741694&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E782 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4977188741694&version=m202301230201&ct=76&x=1&cor=11685735353900868000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E782 84 KB
35 KB 86ms
85ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A6IpTKJBIO3b0TAqJc-I_WfnAfZVVOu-HPTyl1UbMVecPPfD0EIhy5Z9jh1JbokVV2_n0mkjiA2bYiNxXEhFvhqasU_Q&cry=1&dbm_d=AKAmf-AMbGvC99X9D1eAFrlX3sGbl_av4qx-u5UEU5GP-apRo2tJSFMfVPr7XflDQkVD9WDwu7uOU615PccfMIT6p6M9OYrByFCfF0_CU-3qqiEB_g_qFS3nPgb_Z8FV4Od4NwdKGIrepEXOKNwU9xpOZmDijxMuzmZJ3Wi2Yc5pd7iatu2TSVZ-_qfhXedjiyjoJMITHAfwwHrUQiFR4aK1-LKk-mpFIM5q3dExeNAdCUgrss1mnnSikOiVaIDln0apTobCPGvnQXUQfvLMpFtVj2C7E4M2DbrguNqyqWR8Dx9VY1NkJOTMcpv6AEDnI54WI2Nbd-1WucBJBRsXFh4L8C-ka5xhbHZWfealRaoWz48CAessZX3GJM_lmEaEuqfX4v7S0a3eiZRLAkrvjSU0iJozRUcUoVhoNAoO-rg0Eh3bLE4ZsCjTIEpyZLsSwEVF2lR6DQqBPsd2_w6hoLBNsU_91sZ7FU_y5R5RhCwoNi3SVMkHw65AptVRbl6uSFlycbtyvBFfmlr2vkkVhXOEc96lcXdtLh82iY-Mq5fXk7GONw1AaXRDL5-Yt9Cq6w2XQvEbkG9V1BuDaw5DQ8IYLSZ3lrgq2o9GgUC2FxOLlBNtKtJtOUdrfRMZfrocrTeMqH1VWIFCaF_weNQhDSwBxdX1nzqZuikFcydUJOTFCUNN2w76J2sBW8HOs1-i_gvJNki9rh_M98cjUC-dXaE9cTiGhgLxL682vBds83f1pe9103_s_2lNqE32KBtGJBvlqhUIhyzinKw40cewPfpA8Xj2FDAFdf89zMQxSsP_HrROc7ke8HCjR5Eeo8HnCmtW9n6gOXb4FdrRIqnG9COf_eD7z1zJCEABANLKK45hQOOncTUnhPKCZQedLVbas_sTiVWCRggRE1k-eaVF2vTpoki79g771jcXlxO_U3I4CCFpNS5DbrCtXscUbcQ2YYlYT_nnRgL2xDgLaILn4AnOR0OINnp9C9-zMN0zEXyvPFDAeVC03MVF7WCguCgTBePwT777iXRWTFuauslM_c8OLWhemo9SKYAQJ8ohH0ytrvt4ppUeX0O1WOKFFyXRfV8TB8PRWlL_MoY9gNbba6ntzYq2t5A_7qo3-Af3RcYOU_I8GGWFsvbE3CIydY-Z3Qqd2MebwVNmAgHrhBNq6mecLG2lKp-SjoSQf1aw6JQBg9359fZOMP3FPFAySRXFoSnD20U85XKINK5ikZm433hdiUadKz6ZCv7kDVw2F5NBLwi-vCP4TZ1HFug5GYfDCSfv5etkCefyAnCfMuxmEkCWJdsYY6pAU0PMlhMU7Wh5o52jiNV-vpO5YTx9oL8NFqlwCsZ0i-UeK6xsbNjMHHIX22qsbtgURw1676Jae0NTJkDdg5X3-bWe2zoqZxITpIRT12_-8wfkIRYLSjH8GLjhO9CUxKc3jetcfetpjo6Nr1kMo-7CDgt1KCjDOlcAhI9YkUt-RmjJpqQ_wy0o2EwTvRL3WDlrM_SWivCufFEVtEWICR-Yy9PxYEXTIsM_60M9zoCFd1OpbX4hQqBETeTLAwkl_p7rjzNWvamw8rtIkO9fLq1JPw-tE1qhVVRSTKuGCKbszvp3VJ0EUe9LZREXQ3UHwWjg09RdEJHYd7dVxIvYTg8_dIufSvbfNrDwcoqOd9CmbHKFT3xcJJhSxCkyEHQB4sd1RBE7xOSbvsKfEE_Z2cfdegPXLCbm3gnuKfxQi2XiiscCzyN0CfNuafCNzbTDB0nPakJKO2t03olK1zo6GVohdSrQNVFAYAERhevo5w21DyPu-VPZ-7K7VjwF1Azs63fQoPB2cBpbNYAzkkV47gr2B-LJBPf-g-Lt4QteXpDERqwqslUC_PjucqEasbACHWB91c8dvz6JwByNFSEsSl5GfCsUlpnY7IPFPUFwa-wyyrl6qTYCHRNeLbeUEWLcFQSXGBRv1H2lonLEQtCJ9OcVhHyTCMHOWIhxbE7Tsp81AhRhCwHs48zADMu1Hy_WQjBt3sWVhel_fIKsJ6ZmjHA5MxEe3_Kr6AKRpx5PS1esYEMit0nLroKDV37ASJ55peinrTX85AgpHIBgYymiILCrTRYf0OeHjLPmIbbiOLMbi2gVPJYcoWswKbKzZqpqOz8eakHZtvEmh82Iz0vyqrJ5p8lpMpEqYUI4NtiHQ_QsAqqDJQFPgNh4FXE7Mhy_6p0OaBP6UfCT6VzvG5mylOV4ZHBmgaYbbriPMjXHjIdGJLBkGd6dAn5ZQXVa4-eZ7tAbvpEg6zSZSsYPgjc0xTukGuwgLJEa52lvY7V3TZBGAjEHriCC-3HpW2yQdGHp-9uWe_yqbdrZam9y4pi6JBCfL6SpVSPNPwKMTwXhkO5Sh0ewYE8ie_yXAtsNOD-UCqSBJVaHa52I8r2y4SM-fMDRc2M7x-T0LdHi2UEITJqF2HMvM9XWuyifEgYdM7jcFyVb3OmFIPb3HdVH3f1ARDMr47cfVjD_37e5asWUZh5_sG0s1uIrF3fx-gALX-ygpBx15dsxxYk3c5kT4Vvvo0KCiOWDb-SUS5aWdKhVOxB27e5NseBAS_ZH2Uy8FQs_bW9cHr4rXMhLNmHYvLEe12PcXL7pyoZK6E6sxwF_2mjOwvv4lbyoeNzppEVocNtMuwAAqhSR2Tq42YWs-W2kwSifthYvD598kuOzj6U_Q394jzc-g74Ejh5uidejFqcFD5BsyRom5cDZxAmf1F44K4Q9oMV81en1CIKGYxE3fTanmnaFc-yRXRR9DrvsNaRPeUCGt1qa2igMkL04ogFkvu72JN2UeLvtv9JnOm5UYAoGXMqU7K9S4e5nexy6aP3ZdMGugHAY9Lw1CJENJi6CNyuc61foRbvgQKcndwYyGcL8Xuh5aVNyR11acXh8OXWeUh5lNBQaBa-EQQ726o47gaoPwFTw4nHuwIkKJb2zgRu_PmEu2-lLChmbildU85t4EgxSZv8z73StwzgBiJm67oKuQdCnZLhhN1yWMeZzQtsdNVqJVUgKycjytM3yY8oibVl6fXwLbtOB9OxRsaQIxcEc63B5BzarWUyoOhSfb4nXUrYE3tCKj6SulN9hnI5B9nIQilUgjL0JDgkBYztOXya6df-bEnxTpJVXG3AwaIVKCQrBvJ-Grjye0HabiiU5Vn6DduRCZ5qVGLz_dqZFBfsGdOVGNJWy0WkQhAEale04T-7Xh1RaKM_BrLWYaP3FtNeKcuq0b3KJFa83UfA5mLvgf4rgwdJZDYpJtp6ArxJJMolQOQNShLoB4nzDJcVxmNat28xUKqswkgJxOxMScqBzxJHm436P34uh7cSjTsEBbf8Tbncsh3Ig55z6GqQ2Z63cgXzVFUhByzwnB3WzXSLH4BMz1Byt4028IWEtAmHzoGpxZdSRtZSOZWcJnrUdM37PyW_8-qfnzr10wX_qNNGKyenXsWFDovOnyon-OCzFVbuX4PExaACJFrF6Qt6rsAKrtD7UYofrNAZQ5JZSU9E6pHp24ZYDjLvijhrWXNgr1QcmDSeDONOblTQxyIdbYnrX3o62zTs7RIw-mYMmmAxrDIIauYGktirUDM8QSeCx7O1foOzPLUAj4Nms4EWCPIXjw1K1vJT5fKwM70MLDhm1tQzhODh822ExW7y7oLmNJ8qnZaKRrg6QGHMehOOUCsgMayF8XUwFmsbLOJJaqfdd-lQ&cid=CAQSTADUE5ymfHFvZNSdxc3bdNwrgnpvst8ZMloKIce1QqE3YLDZV5P7DiLeRs4VcYesYVjtqhdzmVrKVI5g2y97hwY4UuavOfHIS4Vt7owYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fstad.yalla-shoot.io%2F&ds=l&xdt=1&iif=1&cor=11685735353900868000&adk=1935140218&idt=66&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35dc4c9225ccfe72052e76fb259c293125ca7c97a07fefeccc3288c5e729ce87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35634
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F0F8 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBoTOjqfeY8fxJfyG9u8Pl7yq0A4AAAAAOAHgBAI&bg=!bG-lbyvNAAaq5O5FiuQ7ACkAdvg8WqsB7ZdDCkwLGEauTo4ZtURihgV5l7yH7gkFviC9wJoL7IWfoAIAAADrUgAAAANoAQcKAF-Ygq5fegOsG81J1wViu-sMebZe0qPEDYy0EhXlTG5I22LrX8WeIX_UC3cv6agYas05dWpkYGK5fi3ipGZFfxbIbmvBZYaFMF1YOXtXwkiBjhka05XuA3nx7B7rc5hDcpkC93H2h_6T1S4a7Y_E5XcA5nuzhnULzbKt5k8jaz9mVTc1px6RSe5rgnxBc-fJxuxlwx-YlDdY787iSw7SoqdIVAig6z00a6YttHQCpPF_Nx7rM57bkBfeOluQAQ6S9YAaIUQknOG5R8GFrmhwQm5FG9nySn2V-TWMXnN0PemAGeAhsrQ7YLuc4vTslB4wEM7bUSq7UmndUgYhPNmhM4erZVLgcj3H3NZcETWsO_S8LXjuSyiLXJkuEPXE0_GdYpIxpMv-szufzCayz_9KZRz_kvZYQYoHLQ3BPP6Bq83aqNrFd1Fp9EUHZ2P9_aJUEfiSxYVZiUHIAWBXsoHgCwnwelcsHFM6LWEwYi75z6ycHY8vAq1oq2HPgqW4F9wTXnw4A6ozbHOp5sYjRsv7Kril1-ONTHek_PCf3v4uRiRomTDek_aVhKnbrJl1QCU43dHn3TtSjjbSMQ3sZh9NZi1ebrQj9PUfYlTc9UozljtfgVAII54jQ8e55TPOAjxA7QDncAER_x9UhpQvhPkWY_UYLCla0wvJx9a8AtFFcdDV5uj-dgh7mDoLNx5SWagdH6pDn_Osp8DYksPa_qc2y-rtySiVZiL5jmF8VZcDYGZJ_yenf59sGVHMxon3IuXOy45uhrsHkNsL-5j3qCwakgDsUPxFl6ccYWGxKh3yXMKjD4vyxFBSiOhUQcYuN1WfBHmjOX8g2KoQt09vpIHhD9H-BNdf19t7mYzSXHFs0l-vH5ZDe35Js4QLGLCy43hg-BwTww69C_w6VT37O94Rnm4zC5Z3AAkjt_g6h_C4Wj19FBkLC7npImTdRR1cPEv32ca6HYlB5VeHy2dGNRB6kMTtkg7ZJ9GGAltzgzy5HzfsxWtKJsnTaBagvEMSR_EZN46LrafzsSIieoKbln2ucqfVz507UT1p1linkJ3ipDaoPOatU_936p93Sj5sBuDqQPTVK44zDI-MRv3vNK8NyAGTXigidYcSIOHyjTzTNZzjYhmz-IZKnGiBUQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookiesyncendpoint Show response
servs.modoro360.com/ Frame DD2C 0
235 B 98ms
97ms Document
text/plain 54.152.20.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=133&auid=1675536270047-976572372557-001158-002-009289&key=a6f37f0123013099a595be2217fc435a
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1675536270047-976572372557-001158-002-009289%26key%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.20.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-20-34.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vid.vidoomy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sat, 04 Feb 2023 18:44:31 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 37D3 15 KB
15 KB 20ms
20ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 11:48:56 GMT
x-content-type-options: nosniff
age: 456935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 11:48:56 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame E782 106 KB
37 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
Origin: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 23:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70423
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Feb 2023 23:10:48 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/ Frame E782 8 KB
3 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A6IpTKJBIO3b0TAqJc-I_WfnAfZVVOu-HPTyl1UbMVecPPfD0EIhy5Z9jh1JbokVV2_n0mkjiA2bYiNxXEhFvhqasU_Q&cry=1&dbm_d=AKAmf-AMbGvC99X9D1eAFrlX3sGbl_av4qx-u5UEU5GP-apRo2tJSFMfVPr7XflDQkVD9WDwu7uOU615PccfMIT6p6M9OYrByFCfF0_CU-3qqiEB_g_qFS3nPgb_Z8FV4Od4NwdKGIrepEXOKNwU9xpOZmDijxMuzmZJ3Wi2Yc5pd7iatu2TSVZ-_qfhXedjiyjoJMITHAfwwHrUQiFR4aK1-LKk-mpFIM5q3dExeNAdCUgrss1mnnSikOiVaIDln0apTobCPGvnQXUQfvLMpFtVj2C7E4M2DbrguNqyqWR8Dx9VY1NkJOTMcpv6AEDnI54WI2Nbd-1WucBJBRsXFh4L8C-ka5xhbHZWfealRaoWz48CAessZX3GJM_lmEaEuqfX4v7S0a3eiZRLAkrvjSU0iJozRUcUoVhoNAoO-rg0Eh3bLE4ZsCjTIEpyZLsSwEVF2lR6DQqBPsd2_w6hoLBNsU_91sZ7FU_y5R5RhCwoNi3SVMkHw65AptVRbl6uSFlycbtyvBFfmlr2vkkVhXOEc96lcXdtLh82iY-Mq5fXk7GONw1AaXRDL5-Yt9Cq6w2XQvEbkG9V1BuDaw5DQ8IYLSZ3lrgq2o9GgUC2FxOLlBNtKtJtOUdrfRMZfrocrTeMqH1VWIFCaF_weNQhDSwBxdX1nzqZuikFcydUJOTFCUNN2w76J2sBW8HOs1-i_gvJNki9rh_M98cjUC-dXaE9cTiGhgLxL682vBds83f1pe9103_s_2lNqE32KBtGJBvlqhUIhyzinKw40cewPfpA8Xj2FDAFdf89zMQxSsP_HrROc7ke8HCjR5Eeo8HnCmtW9n6gOXb4FdrRIqnG9COf_eD7z1zJCEABANLKK45hQOOncTUnhPKCZQedLVbas_sTiVWCRggRE1k-eaVF2vTpoki79g771jcXlxO_U3I4CCFpNS5DbrCtXscUbcQ2YYlYT_nnRgL2xDgLaILn4AnOR0OINnp9C9-zMN0zEXyvPFDAeVC03MVF7WCguCgTBePwT777iXRWTFuauslM_c8OLWhemo9SKYAQJ8ohH0ytrvt4ppUeX0O1WOKFFyXRfV8TB8PRWlL_MoY9gNbba6ntzYq2t5A_7qo3-Af3RcYOU_I8GGWFsvbE3CIydY-Z3Qqd2MebwVNmAgHrhBNq6mecLG2lKp-SjoSQf1aw6JQBg9359fZOMP3FPFAySRXFoSnD20U85XKINK5ikZm433hdiUadKz6ZCv7kDVw2F5NBLwi-vCP4TZ1HFug5GYfDCSfv5etkCefyAnCfMuxmEkCWJdsYY6pAU0PMlhMU7Wh5o52jiNV-vpO5YTx9oL8NFqlwCsZ0i-UeK6xsbNjMHHIX22qsbtgURw1676Jae0NTJkDdg5X3-bWe2zoqZxITpIRT12_-8wfkIRYLSjH8GLjhO9CUxKc3jetcfetpjo6Nr1kMo-7CDgt1KCjDOlcAhI9YkUt-RmjJpqQ_wy0o2EwTvRL3WDlrM_SWivCufFEVtEWICR-Yy9PxYEXTIsM_60M9zoCFd1OpbX4hQqBETeTLAwkl_p7rjzNWvamw8rtIkO9fLq1JPw-tE1qhVVRSTKuGCKbszvp3VJ0EUe9LZREXQ3UHwWjg09RdEJHYd7dVxIvYTg8_dIufSvbfNrDwcoqOd9CmbHKFT3xcJJhSxCkyEHQB4sd1RBE7xOSbvsKfEE_Z2cfdegPXLCbm3gnuKfxQi2XiiscCzyN0CfNuafCNzbTDB0nPakJKO2t03olK1zo6GVohdSrQNVFAYAERhevo5w21DyPu-VPZ-7K7VjwF1Azs63fQoPB2cBpbNYAzkkV47gr2B-LJBPf-g-Lt4QteXpDERqwqslUC_PjucqEasbACHWB91c8dvz6JwByNFSEsSl5GfCsUlpnY7IPFPUFwa-wyyrl6qTYCHRNeLbeUEWLcFQSXGBRv1H2lonLEQtCJ9OcVhHyTCMHOWIhxbE7Tsp81AhRhCwHs48zADMu1Hy_WQjBt3sWVhel_fIKsJ6ZmjHA5MxEe3_Kr6AKRpx5PS1esYEMit0nLroKDV37ASJ55peinrTX85AgpHIBgYymiILCrTRYf0OeHjLPmIbbiOLMbi2gVPJYcoWswKbKzZqpqOz8eakHZtvEmh82Iz0vyqrJ5p8lpMpEqYUI4NtiHQ_QsAqqDJQFPgNh4FXE7Mhy_6p0OaBP6UfCT6VzvG5mylOV4ZHBmgaYbbriPMjXHjIdGJLBkGd6dAn5ZQXVa4-eZ7tAbvpEg6zSZSsYPgjc0xTukGuwgLJEa52lvY7V3TZBGAjEHriCC-3HpW2yQdGHp-9uWe_yqbdrZam9y4pi6JBCfL6SpVSPNPwKMTwXhkO5Sh0ewYE8ie_yXAtsNOD-UCqSBJVaHa52I8r2y4SM-fMDRc2M7x-T0LdHi2UEITJqF2HMvM9XWuyifEgYdM7jcFyVb3OmFIPb3HdVH3f1ARDMr47cfVjD_37e5asWUZh5_sG0s1uIrF3fx-gALX-ygpBx15dsxxYk3c5kT4Vvvo0KCiOWDb-SUS5aWdKhVOxB27e5NseBAS_ZH2Uy8FQs_bW9cHr4rXMhLNmHYvLEe12PcXL7pyoZK6E6sxwF_2mjOwvv4lbyoeNzppEVocNtMuwAAqhSR2Tq42YWs-W2kwSifthYvD598kuOzj6U_Q394jzc-g74Ejh5uidejFqcFD5BsyRom5cDZxAmf1F44K4Q9oMV81en1CIKGYxE3fTanmnaFc-yRXRR9DrvsNaRPeUCGt1qa2igMkL04ogFkvu72JN2UeLvtv9JnOm5UYAoGXMqU7K9S4e5nexy6aP3ZdMGugHAY9Lw1CJENJi6CNyuc61foRbvgQKcndwYyGcL8Xuh5aVNyR11acXh8OXWeUh5lNBQaBa-EQQ726o47gaoPwFTw4nHuwIkKJb2zgRu_PmEu2-lLChmbildU85t4EgxSZv8z73StwzgBiJm67oKuQdCnZLhhN1yWMeZzQtsdNVqJVUgKycjytM3yY8oibVl6fXwLbtOB9OxRsaQIxcEc63B5BzarWUyoOhSfb4nXUrYE3tCKj6SulN9hnI5B9nIQilUgjL0JDgkBYztOXya6df-bEnxTpJVXG3AwaIVKCQrBvJ-Grjye0HabiiU5Vn6DduRCZ5qVGLz_dqZFBfsGdOVGNJWy0WkQhAEale04T-7Xh1RaKM_BrLWYaP3FtNeKcuq0b3KJFa83UfA5mLvgf4rgwdJZDYpJtp6ArxJJMolQOQNShLoB4nzDJcVxmNat28xUKqswkgJxOxMScqBzxJHm436P34uh7cSjTsEBbf8Tbncsh3Ig55z6GqQ2Z63cgXzVFUhByzwnB3WzXSLH4BMz1Byt4028IWEtAmHzoGpxZdSRtZSOZWcJnrUdM37PyW_8-qfnzr10wX_qNNGKyenXsWFDovOnyon-OCzFVbuX4PExaACJFrF6Qt6rsAKrtD7UYofrNAZQ5JZSU9E6pHp24ZYDjLvijhrWXNgr1QcmDSeDONOblTQxyIdbYnrX3o62zTs7RIw-mYMmmAxrDIIauYGktirUDM8QSeCx7O1foOzPLUAj4Nms4EWCPIXjw1K1vJT5fKwM70MLDhm1tQzhODh822ExW7y7oLmNJ8qnZaKRrg6QGHMehOOUCsgMayF8XUwFmsbLOJJaqfdd-lQ&cid=CAQSTADUE5ymfHFvZNSdxc3bdNwrgnpvst8ZMloKIce1QqE3YLDZV5P7DiLeRs4VcYesYVjtqhdzmVrKVI5g2y97hwY4UuavOfHIS4Vt7owYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fstad.yalla-shoot.io%2F&ds=l&xdt=1&iif=1&cor=11685735353900868000&adk=1935140218&idt=66&cac=0&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:17:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:17:54 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame E782 28 KB
11 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb54d717149189d1547a246d2c709a8973f9b54140bb01a15d2947e78ed6cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 19:43:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82843
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10940
x-xss-protection: 0
server: cafe
etag: 260008737171085554
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Feb 2023 19:43:48 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E782 41 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com
URL: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:54:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 19:54:08 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame E782 8 KB
4 KB 189ms
34ms Script
application/javascript 2a02:26f0:e300::5f64:924a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300::5f64:924a Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 623a76f831e21752e6ee97229166a854fb110de8b3275336504815e57b8b75d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 18:44:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 10:02:56 GMT
Server: Microsoft-IIS/10.0
ETag: "0c8245b2436d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3338

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17088696856278543927/1-IWE-IONIQ6Launch-Leaderboard-728x90-IONIQ6/ Frame 1481 6 KB
2 KB 8ms
8ms Document
text/html 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17088696856278543927/1-IWE-IONIQ6Launch-Leaderboard-728x90-IONIQ6/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06e021801ecf145269c4d5b6d41886d09fdbd3c26611afb1a6a544f6e391547d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 510356
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1867
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 20:58:35 GMT
expires: Mon, 29 Jan 2024 20:58:35 GMT
last-modified: Fri, 20 Jan 2023 10:53:12 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E782 0
0 64ms
63ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssXr6B9OEv9eYOTPTmsTYP9DXqXNeTsz67YLwWHzid07rujD-ehd2vxm3ZONYr1m8dn3Mr8pslt7dzZeVMHPUfXSCyJk0r-EceZ0FIMfeRkoT3w1I7sHTm0qCyeSoN-g0gT-IntPXLu5DPOc4RF2rljwhUfy0dI9uyxlu_IkImRWbWyK4CO-o92Rjb43f-HvvVEYtkmcGdkUFQtfNJpT7xiILDKjNdn1SCNStvctpidNo5fvVq3wIjOI_6v1pyLDoZqxv4GS00m-L5yLkoL2sTpg6EIL0X9wkiV0DxHCpqpbByZJchZwrMIkY2tL58eqA88MdxhoMiEdxFWTFCpmTOrcsIax4Td0Oilj821NFPPQkA8sew1mwi0VrUpFDvdXjHyHTf8ziVCrNepDDX9Pj7T-dGhjpL_EiFakkQn-WGxtWMBQmgtMnBOBFCBCujehUcmWgh_zTSHdqJfJUz9cslKzKW79slnf8-luZH_y7MwWRdSICJ-2hRk4pd5pyOEQXFdXYynB9ReoW294sSK1FpsCKf0PJ4Mm1_Cbs0QMGjAdmS1l7v_eaxjowW20K9WN995bOckOCyPJTafhh9cyr33tcZtqH0Q1VDejV_-Mq6rgUnQPErjicVJGGMCLXfSDv_GaGzTS7IPISuISn-5nev91l4xFHe5aJ5PRHHuhQ3Q5SYvOn6IGpD-05r76CmpPT3tFbHrhDtnyVJWcgK1HGEN19yrhu6v266JUgqQOsxE33cSB_RNZu0tdR-uChmb3SRV9y083ABiXbmQCT3yNbLBwi3xB5N2V6EA4rhR3y2j-vajtcUtjCnjwy0BU22z_fdygJqu1XabAiIEJh8HRZCh9JDG6uDba1G5zYD1na66G5eapJvtJdQVdPuksXgO3vKfS7y61RoiX0LQjO3a8-pi6IFUk8K28Lw9Y0Um59TvOWYR9xRFHX4su13opLfI5s6bPeXsojEwsBfrt1iZzfelRtNWaGmiyz7x7CKex-UUlKpznkeWIWE_snUerP3YdAprpLoiLmJUDnAyqx3hB2NpqSDD3zRSPL9n30WMHy1o6B90BIQf3SKXc_BN9fWNMHpaAvN3FxrSzEf0zgGEs1HF26rUXTpmbW0MkYw8V0lYe50PrJ4p7yyfCNZ8R32b74HVjhDB0aXaJF30hRPGXFN5K29qhPRarU54raaXoE3tHHQM07NI7EE0vI8g5PLeVIQX58EOLY1FNHBndq11m-0JRVax45cPjhiyH1FOJycPIAtBNUr-8Tbhc8LoUsW2WLesVs0Fu78Ae0vUHlGOJTGD4hkhIGS-s3aZnifapHYCp5DDWXHWPrIhj7QN88I-u3U6IMUQhksV2m9j&sai=AMfl-YTU1A_0URqcQRIe1OBJhK_cmZp3oGE4fszCX6RJTqs67YsL6Q0HGEg7xxYjsknQqPLbFtHv7kyI9gWK5kboGpZH6Uiv-4DY97L77q0ymf0pJW-S2xFkWq5jVPZgdR-n8FE_Q6CAjYsV1wAfJ43unHDCKOjfuQO0aoqL83M1lIolvMWrbYl_-Zos6TDCU4DIdUKjIecCirMKgKBQUluyEnFNkwPK6uJ44oda_mTrCUMXEmIojc-55JLr-MerHxcfpG-4i6DZO4bVTTdn8PiyskmtnxpjY1TQ2eOc&sig=Cg0ArKJSzEea7CJ9z7LHEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=55&cbvp=1&cstd=53&cisv=r20230201.84427&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 04 Feb 2023 18:44:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 04 Feb 2023 18:44:31 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 767D 22 KB
8 KB 21ms
20ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 71564
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 22:51:47 GMT
expires: Sat, 03 Feb 2024 22:51:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 1481 60 KB
24 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17088696856278543927/1-IWE-IONIQ6Launch-Leaderboard-728x90-IONIQ6/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17088696856278543927/1-IWE-IONIQ6Launch-Leaderboard-728x90-IONIQ6/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Feb 2023 18:44:31 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/17088696856278543927/1-IWE-IONIQ6Launch-Leaderboard-728x90-IONIQ6/js/ Frame 1481 2 KB
771 B 7ms
7ms Script
application/x-javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17088696856278543927/1-IWE-IONIQ6Launch-Leaderboard-728x90-IONIQ6/js/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17088696856278543927/1-IWE-IONIQ6Launch-Leaderboard-728x90-IONIQ6/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c41fa1c38ff587935e8555ab6666bd1a10ae4b38ee2181bc204c269aa2d30736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17088696856278543927/1-IWE-IONIQ6Launch-Leaderboard-728x90-IONIQ6/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 20:58:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 510356
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 742
x-xss-protection: 0
last-modified: Fri, 20 Jan 2023 10:53:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Jan 2024 20:58:35 GMT

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 767D 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 129014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Feb 2024 06:54:17 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E782 0
0 56ms
55ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssXr6B9OEv9eYOTPTmsTYP9DXqXNeTsz67YLwWHzid07rujD-ehd2vxm3ZONYr1m8dn3Mr8pslt7dzZeVMHPUfXSCyJk0r-EceZ0FIMfeRkoT3w1I7sHTm0qCyeSoN-g0gT-IntPXLu5DPOc4RF2rljwhUfy0dI9uyxlu_IkImRWbWyK4CO-o92Rjb43f-HvvVEYtkmcGdkUFQtfNJpT7xiILDKjNdn1SCNStvctpidNo5fvVq3wIjOI_6v1pyLDoZqxv4GS00m-L5yLkoL2sTpg6EIL0X9wkiV0DxHCpqpbByZJchZwrMIkY2tL58eqA88MdxhoMiEdxFWTFCpmTOrcsIax4Td0Oilj821NFPPQkA8sew1mwi0VrUpFDvdXjHyHTf8ziVCrNepDDX9Pj7T-dGhjpL_EiFakkQn-WGxtWMBQmgtMnBOBFCBCujehUcmWgh_zTSHdqJfJUz9cslKzKW79slnf8-luZH_y7MwWRdSICJ-2hRk4pd5pyOEQXFdXYynB9ReoW294sSK1FpsCKf0PJ4Mm1_Cbs0QMGjAdmS1l7v_eaxjowW20K9WN995bOckOCyPJTafhh9cyr33tcZtqH0Q1VDejV_-Mq6rgUnQPErjicVJGGMCLXfSDv_GaGzTS7IPISuISn-5nev91l4xFHe5aJ5PRHHuhQ3Q5SYvOn6IGpD-05r76CmpPT3tFbHrhDtnyVJWcgK1HGEN19yrhu6v266JUgqQOsxE33cSB_RNZu0tdR-uChmb3SRV9y083ABiXbmQCT3yNbLBwi3xB5N2V6EA4rhR3y2j-vajtcUtjCnjwy0BU22z_fdygJqu1XabAiIEJh8HRZCh9JDG6uDba1G5zYD1na66G5eapJvtJdQVdPuksXgO3vKfS7y61RoiX0LQjO3a8-pi6IFUk8K28Lw9Y0Um59TvOWYR9xRFHX4su13opLfI5s6bPeXsojEwsBfrt1iZzfelRtNWaGmiyz7x7CKex-UUlKpznkeWIWE_snUerP3YdAprpLoiLmJUDnAyqx3hB2NpqSDD3zRSPL9n30WMHy1o6B90BIQf3SKXc_BN9fWNMHpaAvN3FxrSzEf0zgGEs1HF26rUXTpmbW0MkYw8V0lYe50PrJ4p7yyfCNZ8R32b74HVjhDB0aXaJF30hRPGXFN5K29qhPRarU54raaXoE3tHHQM07NI7EE0vI8g5PLeVIQX58EOLY1FNHBndq11m-0JRVax45cPjhiyH1FOJycPIAtBNUr-8Tbhc8LoUsW2WLesVs0Fu78Ae0vUHlGOJTGD4hkhIGS-s3aZnifapHYCp5DDWXHWPrIhj7QN88I-u3U6IMUQhksV2m9j&sai=AMfl-YTU1A_0URqcQRIe1OBJhK_cmZp3oGE4fszCX6RJTqs67YsL6Q0HGEg7xxYjsknQqPLbFtHv7kyI9gWK5kboGpZH6Uiv-4DY97L77q0ymf0pJW-S2xFkWq5jVPZgdR-n8FE_Q6CAjYsV1wAfJ43unHDCKOjfuQO0aoqL83M1lIolvMWrbYl_-Zos6TDCU4DIdUKjIecCirMKgKBQUluyEnFNkwPK6uJ44oda_mTrCUMXEmIojc-55JLr-MerHxcfpG-4i6DZO4bVTTdn8PiyskmtnxpjY1TQ2eOc&sig=Cg0ArKJSzEea7CJ9z7LHEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=166&vt=11&dtpt=111&dett=3&cstd=53&cisv=r20230201.84427&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 18:44:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 04 Feb 2023 18:44:31 GMT

GET
H/1.1 200
OK dv-measurements3497.js Show response
cdn.doubleverify.com/ Frame BF77 557 KB
107 KB 37ms
37ms Script
application/javascript 2a02:26f0:e300::5f64:924a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3497.js
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300::5f64:924a Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 86fd7bce89c71506dbb47aa86d222f7be6e03832fbd7ad600b20837183c6df3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 18:44:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 08:37:17 GMT
Server: Microsoft-IIS/10.0
ETag: "809cf641836d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 109099

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 767D 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNEd9j6feY4CuFOvC7_UPorG74AsAAAAAOAHgBAI&bg=!R0SlRADNAAaq5O5FiuQ7ACkAdvg8WvpzbBCM9mczVv1uKMOfYSrM13Xz67JMLBloRKoDZ05JVaDR_wIAAAB-UgAAAANoAQeZAy6nbyBVWmtokaxT1WOvNBro8CPI-C4lVBlL4gB_hdvscCBfHgPp3BEKvJI1aodTr7FrSGVKYE_uX9H-rx81Q4tNQzPYcQwUiN9U1ZxSYjPTwJDbwzqA9RcPZWHbGA4OjFJ-L97-SMTlQ6hLzrf9i40kHy7ZJY1HHQhzfgHX5PlXaXLYMzfANWERLdphA4ZMab1VFfoF3NQjZYWd4xw6gAgKDH_VaZZAtRMUaIg7ki0SENQ5QhPcPJ_XbRgPyhdk4GTFAOlck6pUbiQsw0Cv1NwsczFGBox0_a2TCpk3CYT1uJtaHsvsAUVCJ-T3U8yUIee9dFjhkokj37Szlq0Xj-Qx9QjCkRQB7q4mRbFa_EBFHpbu8jrkBe9RFeJo-3y0lOl5GhBhJYX0uIT8sCKcmjV7htt_1DjevDBq2LJWll_txDdonzIcsfIPd-n8qelaQTG14KnHeOp-nF0qrn6JLNaJD3VlcMwrrpkM2no0iuRbdNbpkpK_vf2AkGHWch1PFi-bLGKOQTNCfdbVHV3F57d-m39fVgJzyvqfZkFfcmj1MbySIJ6RIZKN9zYsAsYM_Rx8w0ku9v4UKVo74bF30zHcIx2btgz7HynoPonBCLpTgyvukOOcFaGHRe4_724SoDKK_iRihjts3Hx0gr-J7ioAt9-NHqNRdq2-9_K5Ic5EOi6oO-jVdw57RkXjF-5QVw7l8WHJI90HkNAkTshDC1-Q7LUQ-G6Z3mufNsMlTHN_3RXyMNsYryrRhyyjMi4OK6YRKImf78kF-Uv_Ypr-USkB-SfE4s21_sSt8Ir8Sv32hVv9bK3B9VGpuLoso8t74tjGQ_mWPBS7tch-_i5tLGBq5cqF_RD_MN9GcLhFv-gb3nD1YtfQhbUcpz79DsDq5aU1f6rH4jJlDdjNn45ApkvQFojbdKO00aY7krDJjVxiw6cq_43cFfOEGphcEJKnis_I3z8-i4FtXXcE8Jf6m_0PJEu6VZBRSTMrevfdIsLOKeZCzc6v_HL8OQr89ZcpLOoxtce-Oey__X9sWJgLr01156AlRbNJp5Ggc6ZoWgBgqgXS-Bi_IPKF6vq0dQPS

Requested by

Host: fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com
URL: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame BF77 724 B
720 B 159ms
20ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=104&ttfrms=41&brid=3&brver=109.0.5414.119&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauDE25%5DJ2%3D%3D2%5CD9%40%40E%5D%3A%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTauDE25%5DJ2%3D%3D2%5CD9%40%40E%5D%3A%40Tar9EEADTbpTauTau725c3aahb%60efa3_7ccc53b54dbfha66%60%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTau725c3aahb%60efa3_7ccc53b54dbfha66%60%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=286&ddur=190&uid=1675536271801268&jsCallback=dvCallback_1675536271801100&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.119%20Safari%2F537.36&htmlmsging=1&chro=1&hist=3&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3497&tgjsver=3497&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Ffad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=14&brh=3&sdf=2&dvp_epl=356&noc=4&nav_pltfrm=Win32&ctx=26387868&cmp=29276535&sid=5952739&plc=357676556&crt=186001806&btreg=548796120&btadsrv=doubleclick&adsrv=1&advid=9758366&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=8735929636.529562&dvp_tukv=30049098807.494663&dvp_strhd=0.2999992370605469&dvpx_strhd=0.2999992370605469&dvp_tuid=1285566811344&jurtd=3923484406
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3497.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: ede29186fdb9131a36a958e8ba7f303055c08924915bb1320f07bf378b36620f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Feb 2023 18:44:31 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Expires: 02/03/2023 18:44:31

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 50C2 42 B
174 B 45ms
44ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvr_tRS-16LHwTbY2S57Wm_rInXBLIsIucMY1hEwyGzBZsIKFbTCWjtmtzpiPfBMe21GYFqMuvUjsQJ-Ymq5_KdKiXws7wZLC-ENSzkf_fZLtwyAz6IeRELFd1RXeyRAEWEjHVGNA&sai=AMfl-YR7IDvYNoR538AmB0m1zXqaTJEBRa0p3efZ7laa3bTCOZr_USE8RzFuSbxTh44FnUzpxUdsTObvm_5fb9TyOjmNFTcQPDv1XCXyMynLGxaOYn1FXHtZ86IoLuAjwhr33ZBjeCLGKR5kLN77&sig=Cg0ArKJSzGyFuECS__-7EAE&cid=CAQSSwDUE5ymoxwUxmEwfkOvDBpyI13ORnOfXldBPY2as4ew-dlBV-BxXke6NQAABPatoB-DOFsUtX3gHLWkSEplPS_paTLgqXQptnuWsxgB&id=lidar2&mcvt=1216&p=272,315,522,1285&mtos=1216,1216,1216,1216,1216&tos=1216,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2879423354&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675536270419&rpt=343&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 50C2 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9726494799833&version=m202301230201&ct=76&x=1&cor=12527015231745192000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK i1b8m1za1k.m3u8 Show response
empxhnc8j2xacpe7.cdnexpress23.net/hls/ Frame D75D 876 B
1 KB 54ms
12ms XHR
application/vnd.apple.mpegurl 45.154.206.45
K4X

General

Check archive.org

Show headers Download Go to

Full URL: https://empxhnc8j2xacpe7.cdnexpress23.net:8443/hls/i1b8m1za1k.m3u8?s=upSkEP2tBy3wVBTQRzhMRw&e=1675557869
Requested by: Host: swarm.video
URL: https://swarm.video/nsns.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.154.206.45 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: aaec5a4cbf3cf85600a4a1662f557b8002058b232d657b35be33abafb2fa7ab9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://strayindicate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 18:44:32 GMT
Last-Modified: Sat, 04 Feb 2023 18:44:24 GMT
Server: nginx/1.18.0
ETag: "63dea788-36c"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Range
Content-Length: 876

GET
H3 200 style.css
s0.2mdn.net/sadbundle/17088696856278543927/1-IWE-IONIQ6Launch-Leaderboard-728x90-IONIQ6/css/ Frame 1481 983 B
395 B 7ms
7ms Stylesheet
text/css 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17088696856278543927/1-IWE-IONIQ6Launch-Leaderboard-728x90-IONIQ6/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17088696856278543927/1-IWE-IONIQ6Launch-Leaderboard-728x90-IONIQ6/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30705dc7efdba93cbca53a61413994ebec7c80c8b28d0376ec5c822dfb049584

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17088696856278543927/1-IWE-IONIQ6Launch-Leaderboard-728x90-IONIQ6/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 20:58:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 510355
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 366
x-xss-protection: 0
last-modified: Fri, 20 Jan 2023 10:53:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Jan 2024 20:58:37 GMT

GET
H/1.1 200
OK i1b8m1za1k.m3u8 Show response
empxhnc8j2xacpe7.cdnexpress23.net/hls/ Frame D75D 876 B
1 KB 18ms
18ms XHR
application/vnd.apple.mpegurl 45.154.206.45
K4X

General

Check archive.org

Show headers Download Go to

Full URL: https://empxhnc8j2xacpe7.cdnexpress23.net:8443/hls/i1b8m1za1k.m3u8?s=upSkEP2tBy3wVBTQRzhMRw&e=1675557869
Requested by: Host: swarm.video
URL: https://swarm.video/nsns.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.154.206.45 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: aaec5a4cbf3cf85600a4a1662f557b8002058b232d657b35be33abafb2fa7ab9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://strayindicate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 18:44:32 GMT
Last-Modified: Sat, 04 Feb 2023 18:44:24 GMT
Server: nginx/1.18.0
ETag: "63dea788-36c"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Range
Content-Length: 876

GET
BLOB 200
OK d458a099-d17c-44ee-af63-450c89bf798b
https://strayindicate.net/ Frame D75D 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://strayindicate.net/d458a099-d17c-44ee-af63-450c89bf798b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 62280
Content-Type: text/javascript

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E782 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4977188741694&version=m202301230201&ct=76&x=1&cor=11685735353900868000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Feb 2023 18:44:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
track1.aniview.com/ Frame E054 0
94 B 397ms
111ms Ping
text/plain 34.226.26.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=stad.yalla-shoot.io&rs=stad.yalla-shoot.io&sid=97653&t=1675536270&cip=146.70.117.110&sn=&tgt=0&osv=10&bv=109.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=6181354e7fb04045d1763610&test=&d64=7e6b99902a55d13a466a52540e94bdcd&d63=7e6b99902a55d13a466a52540e94bdcd&aafaid=&proto=https&uid=1675536270047-976572372557-001158-002-009289&cha=0.7&stagid=61829aec12a96609532b3fd9&stplid=635e40ee9cca104d830d91c4&d35=&d36=6.2.79&cb=88391240267&d39=&d65=Test1&d66=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=600&AV_HEIGHT=338
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.26.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-26-99.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stad.yalla-shoot.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 04 Feb 2023 18:44:35 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content event.png
tpsc-eu3.doubleverify.com/ Frame BF77 0
234 B 25ms
8ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-eu3.doubleverify.com/event.png?impid=eef2fb9cc7fd4194bd1d70dfeda18f50&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=160&eoid=15&msrjs=3497&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=190&tetms=11&msltms=77&vltms=160&sei=290&vetms=35&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=264&msrcannum=2&ismms=56&isumms=56&nvr=2&elmtp=4&isbxdms=2257&b0=2393&dvp_vsosnmr=3&lftb=2393&sftb=2393&naral=256&vct=512&vphgt=1200&vpwdth=1600&chgt=0&cwdth=0&invcs=true&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=55&dvp_dpr=1&ee_dp_cvcmeeid=1&metp=1&meeid=1&dvp_itg=HEAD:1,SCRIPT:22,META:2,BODY:1,DIV:21,IMG:2,IFRAME:18,NOSCRIPT:1,STYLE:2,svg:3,path:2,A:1,circle:1,&ttfurm=3234&cbust=1675536274998697
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3497.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Sat, 04 Feb 2023 18:44:35 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 02/03/2023 18:44:35

GET
H/1.1 200
OK i1b8m1za1k.m3u8 Show response
empxhnc8j2xacpe7.cdnexpress23.net/hls/ Frame D75D 876 B
1 KB 13ms
12ms XHR
application/vnd.apple.mpegurl 45.154.206.45
K4X

General

Check archive.org

Show headers Download Go to

Full URL: https://empxhnc8j2xacpe7.cdnexpress23.net:8443/hls/i1b8m1za1k.m3u8?s=upSkEP2tBy3wVBTQRzhMRw&e=1675557869
Requested by: Host: swarm.video
URL: https://swarm.video/nsns.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.154.206.45 , United Kingdom, ASN48357 (K4X, EE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 83a33d829898b22cfa2eb57940c0de22240556f071cf133c340cae2f054aa4da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://strayindicate.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Sat, 04 Feb 2023 18:44:35 GMT
Last-Modified: Sat, 04 Feb 2023 18:44:33 GMT
Server: nginx/1.18.0
ETag: "63dea791-36c"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Range
Content-Length: 876

GET
H3 200 06f91b438b5c0d7fe6dff4bf6c24cf00.svg
s0.2mdn.net/sadbundle/5736021638724462345/media/ Frame 37D3 5 KB
2 KB 9ms
9ms Image
image/svg+xml 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5736021638724462345/media/06f91b438b5c0d7fe6dff4bf6c24cf00.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5736021638724462345/baf730f4acad38290c8b64d82f1fe8ea.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb4a29554c161fc6298d26273c106770fbe6c66bff37bb0db2e7826a9f84cb4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5736021638724462345/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 22:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158064
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1998
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 09:32:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Feb 2024 22:50:12 GMT

GET
H3 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 37D3 13 KB
5 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5736021638724462345/baf730f4acad38290c8b64d82f1fe8ea.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 11:22:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2024 11:22:20 GMT

GET
H3 200 5f2f7b5fdac095e21262fa015e760edc.png
s0.2mdn.net/sadbundle/5736021638724462345/media/ Frame 37D3 13 KB
13 KB 11ms
10ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5736021638724462345/media/5f2f7b5fdac095e21262fa015e760edc.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7bf65ef9fda6719e3de16b9de5b515fcec81311ff3ca9fe185f4defc1acc87c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5736021638724462345/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 19:37:32 GMT
x-content-type-options: nosniff
age: 515224
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13340
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 09:32:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Jan 2024 19:37:32 GMT

GET
H3 200 cb0d2ac3587d87e29bb76eba0b83a395.png
s0.2mdn.net/sadbundle/5736021638724462345/media/ Frame 37D3 2 KB
2 KB 11ms
10ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5736021638724462345/media/cb0d2ac3587d87e29bb76eba0b83a395.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14582dd5e8b2e1e1926ec2e7e3c238698525140bfb0769dac631bea09b2c62ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5736021638724462345/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 10:22:23 GMT
x-content-type-options: nosniff
age: 202933
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1706
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 09:32:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Feb 2024 10:22:23 GMT

GET
H3 200 258fc971298fe59b0a210a2d976464f0.png
s0.2mdn.net/sadbundle/5736021638724462345/media/ Frame 37D3 4 KB
4 KB 9ms
8ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5736021638724462345/media/258fc971298fe59b0a210a2d976464f0.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fddb32fd87cc1b154ab516d6a07e4a3f371cb3d5ec1999025412361d4b881ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5736021638724462345/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 16:30:52 GMT
x-content-type-options: nosniff
age: 353624
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3851
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 09:32:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Jan 2024 16:30:52 GMT

GET
H3 200 6b4e4d6d5788eef0d2df6761e18aaf8f.png
s0.2mdn.net/sadbundle/5736021638724462345/media/ Frame 37D3 3 KB
3 KB 12ms
8ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5736021638724462345/media/6b4e4d6d5788eef0d2df6761e18aaf8f.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c1aa14f61547e7fe7dc150a4a0c582be9565fc1c0431fc0a262f3d770f7fbef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5736021638724462345/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 18:57:52 GMT
x-content-type-options: nosniff
age: 172004
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3241
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 09:32:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Feb 2024 18:57:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 37D3 2 KB
540 B 47ms
46ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:900

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

75aa5fc5ab5ca68d3d60dc850c3b5c107f1c1217eacf71d60cb4b835460c04c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 04 Feb 2023 18:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 04 Feb 2023 18:23:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Feb 2023 18:44:36 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 37D3 15 KB
15 KB 22ms
21ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 15:47:07 GMT
x-content-type-options: nosniff
age: 10649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Feb 2024 15:47:07 GMT

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yalla-shoot.io/	1970-01-20 19:01:36	Name: _ga_2Y3HW36EKK Value: GS1.1.1675536268.1.0.1675536268.0.0.0
.yalla-shoot.io/	1970-01-20 19:01:36	Name: _ga Value: GA1.2.95219357.1675536269
.yalla-shoot.io/	1970-01-20 09:27:02	Name: _gid Value: GA1.2.690280017.1675536269
.yalla-shoot.io/	1970-01-20 09:25:36	Name: _gat_gtag_UA_107335079_1 Value: 1
strayindicate.net/	1970-01-20 09:26:19	Name: hf3 Value: 1
.doubleclick.net/	1970-01-20 18:47:12	Name: IDE Value: AHWqTUlbNCB3JyiC0qVK7adiDGZcMfXlbYRfug4VpM-TuvFgcZ9XUNomwhjf1G72HoI
.modoro360.com/	1970-01-20 09:54:24	Name: aniC Value:
.360yield.com/	1970-01-20 11:35:12	Name: tuuid Value: f050a872-9b65-4e84-a1a5-ece39b1c0e60
.360yield.com/	1970-01-20 11:35:12	Name: tuuid_lu Value: 1675536270
.ads.stickyadstv.com/	1970-01-20 10:08:48	Name: UID Value: 63d8da33579a35ff6e6f559fa79f873
.ads.stickyadstv.com/	1969-12-31 23:59:59	Name: pxId Value: 1953
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: b4627e3500355cd5
.doubleclick.net/	1970-01-20 09:25:39	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 11:35:12	Name: uuid2 Value: 3425690849328147951
.casalemedia.com/	1970-01-20 18:11:12	Name: CMID Value: Y96njh-SSkz0ZjSKNmx8SQAA
.casalemedia.com/	1970-01-20 11:35:12	Name: CMPS Value: 5171
.casalemedia.com/	1970-01-20 11:35:12	Name: CMPRO Value: 5171
.technoratimedia.com/	1970-01-20 19:01:36	Name: tads_uid Value: GDPR
.adnxs.com/	1970-01-20 11:35:12	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$MmYkK)!]tbPl1M>e)ZlrFUfJ+tGXxoiHPgk(RhZ]=M$dh=_%ZfVAgeaIao83OCm?svbpRzqF1`b`?*<m07
.aniview.com/	1970-01-20 09:40:00	Name: 1_C_9 Value: fd97afcc4bd2ccd43af740b7b24266d1
sync.aniview.com/	1970-01-20 09:40:00	Name: 1_C_9 Value: fd97afcc4bd2ccd43af740b7b24266d1
.modoro360.com/	1970-01-20 09:40:00	Name: 1_C_22 Value: f050a872-9b65-4e84-a1a5-ece39b1c0e60
servs.modoro360.com/	1970-01-20 09:40:00	Name: 1_C_22 Value: f050a872-9b65-4e84-a1a5-ece39b1c0e60
.modoro360.com/	1970-01-20 09:40:00	Name: 1_C_200 Value: OPTOUT
servs.modoro360.com/	1970-01-20 09:40:00	Name: 1_C_200 Value: OPTOUT
.modoro360.com/	1970-01-20 09:40:00	Name: 1_C_10 Value: C4tjv1bONzZY
servs.modoro360.com/	1970-01-20 09:40:00	Name: 1_C_10 Value: C4tjv1bONzZY
.yalla-shoot.io/	1970-01-20 18:47:12	Name: __gads Value: ID=d8b7ac0cc7225a49:T=1675536269:S=ALNI_MYC8nWIVuOHaBsIu3xbukq2l5B7Nw
.yalla-shoot.io/	1970-01-20 18:47:12	Name: __gpi Value: UID=00000bafa3952e86:T=1675536269:RT=1675536269:S=ALNI_MZ-PfvIqarbNP3YqywrVejiz5tDuw
.modoro360.com/	1970-01-20 09:40:00	Name: 1_C_133 Value: a6f37f0123013099a595be2217fc435a
servs.modoro360.com/	1970-01-20 09:40:00	Name: 1_C_133 Value: a6f37f0123013099a595be2217fc435a
.amazon-adsystem.com/	1970-01-20 15:09:45	Name: ad-id Value: Aw9khDlLg0BpuIhKzD7pqA4
.amazon-adsystem.com/	1970-01-20 19:01:36	Name: ad-privacy Value: 0
.ipredictive.com/	1970-01-20 18:11:12	Name: cu Value: 5b0b5565-07be-48ff-a69b-360482804c5c\|1675536271673

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://stad.yalla-shoot.io/channels/bein-sports-1a-live/(Line 306) Message: <link rel=preload> must have a valid `as` value
rendering	warning	URL: https://strayindicate.net/embed/i1b8m1za1k(Line 5) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
network	error	URL: https://awstats.cloud/js/plausible.js Message: Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
ad.360yield.com
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
awstats.cloud
bh.contextweb.com
cdn.doubleverify.com
cdn.jsdelivr.net
celeritascdn.com
cm.adform.net
cm.g.doubleclick.net
content1.avplayer.com
cup.yalla-shoot.video
dsum-sec.casalemedia.com
empxhnc8j2xacpe7.cdnexpress23.net
eus.rubiconproject.com
fad4b22931672b0f444db3dc53792ee1.safeframe.googlesyndication.com
feed.avplayer.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
ib.adnxs.com
image6.pubmatic.com
jscdn.greeter.me
match.deepintent.com
mcdp-nydc1.outbrain.com
odb.outbrain.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
player.aniview.com
player.avplayer.com
region1.google-analytics.com
rubicon-match.dotomi.com
s0.2mdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
serv.modoro360.com
servs.modoro360.com
servt.modoro360.com
stad.yalla-shoot.io
strayindicate.net
swarm.video
sync.1rx.io
sync.aniview.com
sync.ipredictive.com
sync.teads.tv
sync.technoratimedia.com
tcheck.outbrainimg.com
tg1.modoro360.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-eu3.doubleverify.com
track1.aniview.com
ups.analytics.yahoo.com
us-u.openx.net
vid.vidoomy.com
vpaid.vidoomy.com
whos.amung.us
widget-pixels.outbrain.com
widgets.amung.us
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
youradexchange.com
104.111.217.42
104.21.17.122
104.96.145.246
142.250.180.226
142.251.39.2
162.19.80.92
169.197.150.7
185.64.190.78
185.80.39.216
185.83.142.19
198.148.27.140
199.232.18.132
2.16.107.129
2001:4860:4802:34::36
205.185.216.10
213.19.147.44
23.203.124.192
23.203.125.62
23.35.229.181
23.37.42.132
2603:c020:400d:3000:f50:982a:7877:65bd
2606:4700:10::6816:4aab
2606:4700:20::681a:b15
2606:4700:3033::ac43:af62
2606:4700:3035::ac43:a822
2606:4700:3038::6815:ea87
2606:4700::6810:5b06
2a00:1450:4001:801::2006
2a00:1450:4001:809::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::2008
2a00:1450:4001:830::2002
2a00:1450:400d:802::2002
2a00:1450:400d:806::2002
2a00:1450:400d:808::2004
2a00:1450:400d:80a::2001
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::200a
2a00:1450:400d:80d::2001
2a00:1450:400d:80d::2003
2a02:26f0:3500:c::5c7b:680c
2a02:26f0:3500:c::5c7b:6837
2a02:26f0:e300::5f64:924a
2a02:6ea0:c700::10
2a02:6ea0:c700::19
2a02:fa8:8806:13::1400
2a04:4e42:600::485
3.120.17.109
3.126.56.137
34.149.12.213
34.226.26.99
34.235.231.136
35.174.127.249
35.190.41.116
35.244.159.8
37.157.4.41
45.154.206.45
52.203.73.229
52.59.132.152
54.152.20.34
54.239.33.158
54.85.182.21
69.16.175.10
69.16.175.42
69.173.144.138
69.173.144.165
70.42.32.223
8.43.72.97
98.98.134.243
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
04563aa3eae7dda2cf345a599fa0c835abc13950b0493bf6b223f6be00000452
06e021801ecf145269c4d5b6d41886d09fdbd3c26611afb1a6a544f6e391547d
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb54d717149189d1547a246d2c709a8973f9b54140bb01a15d2947e78ed6cee
0fa29b83df7c7a052a6fa5eaecd2e98b8b2b18143fa070395f6495d87460ecea
1094eadb46901a39ead18f781a296d1b3372b6dae8e949c1be8fefe72d90ddc7
12534d71707154a339ccfe9bf055bf84344e94e122f4dc60cde1feb19c16f7c1
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14582dd5e8b2e1e1926ec2e7e3c238698525140bfb0769dac631bea09b2c62ff
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
1bcf382c861841335ec9ae5b803af26521b953cee0c2cc4fa291b5cd25f2311e
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1f4911fb71075a0647665e13564f6ee72318b9477aba0db8b517e0f5fa41ebd4
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
2d23cebf25cc305e21aca8a1f3f40c1d129034958e9542c4129e0447f3b6bbe7
2df957d141202a0ff7127f12d1df45b6c0e689872d63accc4d91f600b0056ab2
2f74422a172d39e6916bcc2d42bca9e746631712605cafaab5b2918c9667f6a1
2fcc9c328fcea849a73f5ae01d8c8c367a9e610646ac9b14eb8f5d54c136e7f2
30705dc7efdba93cbca53a61413994ebec7c80c8b28d0376ec5c822dfb049584
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
35dc4c9225ccfe72052e76fb259c293125ca7c97a07fefeccc3288c5e729ce87
3dfed3a9800cc7221ac336a2da595938d815edcbd90cd0d08a09f7b296e14db2
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
467614256484250d001e0080142eeda27a88cf55cc9282a6107ac4890608df44
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1
4fddb32fd87cc1b154ab516d6a07e4a3f371cb3d5ec1999025412361d4b881ac
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
505cdbf41c3131ee59caf5783fc2c6c3b9ab5364eef5b18239bc1293c51d47d4
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550cb9add249cab0af5d81b7b7293170a9436d2f7fbece20ca02a52978d72a44
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5c1aa14f61547e7fe7dc150a4a0c582be9565fc1c0431fc0a262f3d770f7fbef
5f6a67963b584abc7673c3a007887ff2b12ac2e54193c6cf7de878ee93dda511
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623a76f831e21752e6ee97229166a854fb110de8b3275336504815e57b8b75d8
63e55165cb26efa3df20628f8c2dfc0b13e7d7e7629761fe9f43b34d5498ea46
644e7041022a8c6abb5c5c6f1a9b5958327d5eeb3b256c13addaae45569fcfe7
6804a4926595a401fe4e48b3e8edd143b53668680ef9075b32d48dcda0f6ec26
71e86c6267716fcf0bb3f1f405373c76987a952d51a1109cc61b04e091f2d0da
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
73947b4ad634a1a8024a0cafcf6f30570a019de15b75b61a897d45024a787816
74ed07379b4709fb70fe3a890ef7069bcff02122e2d92e74213015032c4fe2b5
75aa5fc5ab5ca68d3d60dc850c3b5c107f1c1217eacf71d60cb4b835460c04c7
762ae9c7d8c026ae798191a478c375640fd72aea8e8dcfffcc91295b2e48b868
764398ad13fb5c0e7e92622c915224779ea9e3247273f390f1b2d1da55ecd086
7be8096cd8f1d5794fe3981b57e3170785367c1640f5d959f2df7953e803d9db
7d09d6f8698c88a024276c26e9c62ac1b438e5ae0d4dca00c3c026da2890ce24
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
83a33d829898b22cfa2eb57940c0de22240556f071cf133c340cae2f054aa4da
84e4248b73b9a66bfbbd91b8272d21e97aac9cbcfcb9ecad498871fa3d322173
853452a5635e800f0a5b4e08b23198a3e2e8c3c8fbe269c6a79e235da0270185
86fd7bce89c71506dbb47aa86d222f7be6e03832fbd7ad600b20837183c6df3d
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
91bfdc2f09cbd2a06e487fa2303b2b3a604bca87d8948ca0f2179d87b3801e2b
91cab6202c5e7259eb967f2a83ba39ba6efaaf5378d40906ea9d3800d680fb66
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
965663b721ccabac18bb52d4bbbac92402cd49a855bab96a8762f01328b2f9fe
9748da2ea3490f80f40e5a411678340b65235f11d4cebfd25a31000a4904604a
978d4dc1d9970310dda5cb4d48592535b73d4127d639a8b1124b38246803cd61
99e8be242d57a54072d21b9a2f84379a7f1a9e6fc4e1661e83e2cc80725e7cd1
9f66145fbaf681859fb04fc4cdedf358806d85dd27355199545b97db90d48829
9f73bb0ae3bef8121c3715d8c3e3e0c9dbf36b3b963e18ef4fcce18fe70ade12
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6e2d0c4b456a3162ea9cb74562298325c97ad55bac094a6d8146b6e46ed96a1
aaec5a4cbf3cf85600a4a1662f557b8002058b232d657b35be33abafb2fa7ab9
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0ef14fedf3d744271ed6d1fe3719536922c5e5ee3a4b1e0491f73d734ee8928
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b184888665b6cb9e154760bae131eaf01c140197506afd50abcbe98dc9d9438f
b2465d688f7473b25f4a67084bbf33eb1f4b31374656e33733f66ed1cb39d0b5
ba06001344fa3ca3873adeaccd0b1601d7e83900d51d6ec00897e7b6b8109621
ba1b1a2825a89e6f8237340332fbf45c4b0aff9b8f5a1a35b5178a9680ac88c9
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c244a850498968407ef2b6018c4165d478b2bfa018b1b0adaaeaad4ad7b100d9
c41fa1c38ff587935e8555ab6666bd1a10ae4b38ee2181bc204c269aa2d30736
c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
ca2f82fc102509bbb9d8998f38096d3bf9a3470f1c2c0b6df9d81972a41d875c
cce1aee65b9f2093ba86119d6ef979fd5183c77b513a1f6c735e0cd56f951070
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d8150ac13ec014fb343f5a481c41e92eee8e1281c02e36b0c3ca7f7de8ad82fc
d97fb4b9c5d23402762f46c9708bfaf966e2e539a4db2bc16d7b7f4abeb7fb9b
db535eac3504ac45df1aa3ece7a73f13d541e051cb17ba285961d188d0698055
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
e30b4f5df3c9773448d5e9a2f8b772308ffc80db3a4e437bd1e409fce41ebfaf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e65b43bf28b1141a6fb1d53a59a2584a18782d67f147f737ed15b58371e788cd
e74aad7eedeb94eab0fbb3d4435ff67c95dee259361fd21effd45bcd64424c24
e9ab5818886d057675c44d21a45f1890c22db6dba429ff144eca64b084a20a6d
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
eb4a29554c161fc6298d26273c106770fbe6c66bff37bb0db2e7826a9f84cb4d
eb4b870cf80b832fe05bb43808c59787ea47d29ff3f0e3546ef05202120f1d45
ede29186fdb9131a36a958e8ba7f303055c08924915bb1320f07bf378b36620f
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f024141ccf910073696d2264ba468081a352ebacc30448a5b94d2790136bbbfc
f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2
f140ab62c4d71f466ee9c0a910e09eb03b978059bb2c564700c0f856205a0287
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7bf65ef9fda6719e3de16b9de5b515fcec81311ff3ca9fe185f4defc1acc87c

stad.yalla-shoot.io Open in urlscan Pro 2606:4700:20::681a:b15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

207 Requests

94 %HTTPS

42 %IPv6

48 Domains

75 Subdomains

66 IPs

12 Countries

2714 kBTransfer

7263 kBSize

34 Cookies

7 Outgoing links

Page URL History

Redirected requests

207 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

stad.yalla-shoot.io Open in urlscan Pro
2606:4700:20::681a:b15 Public Scan

Screenshot
Live screenshot

Full Image

207
Requests

94 %
HTTPS

42 %
IPv6

48
Domains

75
Subdomains

66
IPs

12
Countries

2714 kB
Transfer

7263 kB
Size

34
Cookies

207 HTTP transactions
14 data transactions