www.yallakora.com Open in urlscan Pro
2606:4700:10::6814:1a43 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://yallakora.com/
Effective URL:
https://www.yallakora.com/
Submission: On January 29 via manual (January 29th 2023, 11:09:36 am UTC) from EG — Scanned from DE

Summary HTTP 262 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 40 IPs in 5 countries across 24 domains to perform 262 HTTP transactions. The main IP is 2606:4700:10::6814:1a43, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.yallakora.com. The Cisco Umbrella rank of the primary domain is 260168.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 21st 2022. Valid for: a year.

This is the only time www.yallakora.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6814:1b43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2606:4700:10:... 2606:4700:10::6814:1a43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
1	13.225.78.97 13.225.78.97	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6812:d941	13335 (CLOUDFLAR...) (CLOUDFLARENET)
43	2606:4700:20:... 2606:4700:20::ac43:4ae0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:400d:803::200e	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:400d:807::2001	15169 (GOOGLE) (GOOGLE)
1	52.51.78.49 52.51.78.49	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::6815:4ae4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	64.185.227.155 64.185.227.155	18450 (WEBNX) (WEBNX)
1	2606:4700:303... 2606:4700:3030::6815:1b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::ac43:c1e6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3034::6815:4466	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
6 10	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
37	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:805::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
9 12	172.217.20.2 172.217.20.2	15169 (GOOGLE) (GOOGLE)
6 12	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 6	54.171.32.12 54.171.32.12	16509 (AMAZON-02) (AMAZON-02)
31	2a00:1450:400... 2a00:1450:400d:80a::2006	15169 (GOOGLE) (GOOGLE)
6	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	104.111.217.14 104.111.217.14	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2600:9000:214... 2600:9000:214f:8400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
18	2600:1f18:1ac... 2600:1f18:1aca:4282:830b:3b82:a95d:4376	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
262	40

1 2606:4700:10::6814:1b43 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

yallakora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:10::6814:1a43 (United States)

ASN13335 (CLOUDFLARENET, US)

www.yallakora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-97.fra2.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:d941 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnimg.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2606:4700:20::ac43:4ae0 (United States)

ASN13335 (CLOUDFLARENET, US)

media.gemini.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.78.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-78-49.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:802::2001 (Ireland)

ASN15169 (GOOGLE, US)

937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

dashboard.ideanetwork.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:4ae4 (United States)

ASN13335 (CLOUDFLARENET, US)

agorahtag.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.185.227.155 (United States)

ASN18450 (WEBNX, US)
PTR: 64-185-227-155.static.webnx.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:1b4 (United States)

ASN13335 (CLOUDFLARENET, US)

aghtag.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:c1e6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.exitbee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::6815:4466 (United States)

ASN13335 (CLOUDFLARENET, US)

s.exitbee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 37.252.171.53 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:805::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.20.2 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.80.39.216 (Canada) 6 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.171.32.12 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-32-12.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:400d:80a::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.217.14 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-14.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:214f:8400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2600:1f18:1aca:4282:830b:3b82:a95d:4376 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 Failed	463 KB
43	gemini.media media.gemini.media — Cisco Umbrella Rank: 271544	2 MB
31	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 283	336 KB
31	adsafeprotected.com 3 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 764 static.adsafeprotected.com — Cisco Umbrella Rank: 616 dt.adsafeprotected.com — Cisco Umbrella Rank: 557	296 KB
30	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 325	319 KB
24	yallakora.com 1 redirects yallakora.com — Cisco Umbrella Rank: 246903 www.yallakora.com — Cisco Umbrella Rank: 260168	487 KB
12	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524	9 KB
11	adnxs.com 6 redirects acdn.adnxs.com — Cisco Umbrella Rank: 534 ib.adnxs.com — Cisco Umbrella Rank: 203	44 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	21 KB
5	gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com	100 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	193 KB
4	izooto.com cdn.izooto.com — Cisco Umbrella Rank: 16608 cdnimg.izooto.com — Cisco Umbrella Rank: 54831	67 KB
3	exitbee.com cdn.exitbee.com — Cisco Umbrella Rank: 26069 s.exitbee.com — Cisco Umbrella Rank: 28896	21 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	91 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8741 www.google.de — Cisco Umbrella Rank: 5986	939 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1156 bcp.crwdcntrl.net — Cisco Umbrella Rank: 885	17 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	30 KB
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 545	578 B
1	aghtag.tech aghtag.tech — Cisco Umbrella Rank: 38868	89 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2828	137 B
1	agorahtag.tech agorahtag.tech — Cisco Umbrella Rank: 100624	4 KB
1	ideanetwork.site dashboard.ideanetwork.site — Cisco Umbrella Rank: 576480	4 KB
1	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1669
262	24

	Domain	Requested by
43	media.gemini.media	www.yallakora.com
37	pagead2.googlesyndication.com	cdn.exitbee.com securepubads.g.doubleclick.net 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com www.yallakora.com googleads.g.doubleclick.net www.googletagservices.com
31	s0.2mdn.net	www.yallakora.com s0.2mdn.net 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
23	www.yallakora.com	www.yallakora.com
21	tpc.googlesyndication.com	www.yallakora.com securepubads.g.doubleclick.net tpc.googlesyndication.com 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
18	dt.adsafeprotected.com	937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
12	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
10	ib.adnxs.com	6 redirects acdn.adnxs.com googleads.g.doubleclick.net
9	www.google-analytics.com	www.yallakora.com www.google-analytics.com
7	static.adsafeprotected.com	fw.adsafeprotected.com 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
6	googleads4.g.doubleclick.net	www.yallakora.com
6	fw.adsafeprotected.com	3 redirects www.yallakora.com
6	googleads.g.doubleclick.net	937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com pagead2.googlesyndication.com
5	937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	securepubads.g.doubleclick.net	www.yallakora.com securepubads.g.doubleclick.net
4	www.googletagservices.com	937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
3	cdn.izooto.com	www.yallakora.com cdn.izooto.com
2	encrypted-tbn2.gstatic.com	937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
2	encrypted-tbn0.gstatic.com	937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
2	s.exitbee.com	cdn.exitbee.com
2	www.google.com	www.yallakora.com tpc.googlesyndication.com
2	www.googletagmanager.com	www.yallakora.com dashboard.ideanetwork.site
1	fonts.googleapis.com	s0.2mdn.net
1	tags.bluekai.com	937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
1	www.gstatic.com	937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
1	acdn.adnxs.com	dashboard.ideanetwork.site
1	cdn.exitbee.com	aghtag.tech
1	aghtag.tech	agorahtag.tech
1	api.ipify.org	dashboard.ideanetwork.site
1	agorahtag.tech	www.yallakora.com
1	dashboard.ideanetwork.site	www.googletagmanager.com
1	www.google.de	www.yallakora.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdnimg.izooto.com	www.yallakora.com
1	script.crazyegg.com	www.yallakora.com
1	tags.crwdcntrl.net	www.yallakora.com
1	yallakora.com	1 redirects
262	41

This site contains links to these domains. Also see Links.

Domain
te.eg
competition.yallakora.com
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
gemini.media

Subject Issuer	Validity	Valid
www.yallakora.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-21` - `2023-11-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-13` - `2023-06-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2022-02-07` - `2023-03-10`	a year	crt.sh
*.exitbee.com E1	`2022-12-22` - `2023-03-22`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://www.yallakora.com/
Frame ID: 7804544EE97C9F8E8AB5CC1A5362BC71
Requests: 103 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: D1ABC7199EB1054702CFBCE2146C64F6
Requests: 1 HTTP requests in this frame

Frame: https://www.yallakora.com/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=79118402885e9944
Frame ID: 46E5B323D7220C81708E7FB1E8F6C6DC
Requests: 3 HTTP requests in this frame

Frame: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AD33354E47D06BEE74C4C573A7980F6A
Requests: 1 HTTP requests in this frame

Frame: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7554FF3B06E747DC1516F7F9ADDD2D79
Requests: 14 HTTP requests in this frame

Frame: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5A8D20DE0E7A800726272C6166848BF6
Requests: 31 HTTP requests in this frame

Frame: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E4C4736399599BF75818BF23342A00BD
Requests: 25 HTTP requests in this frame

Frame: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F4A0E6D8F45463CA06D588A401702676
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DAEA117B0D4393921F21A2A57FC02B04
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 32F5DBAD2E90E862F24CDA002FDE6656
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGNSlmN8BMAE&v=APEucNWGmIBNz7t55QCgjdT8piHNvvZBsNq84d5R522oZkG7-9ripak2kyUjpgxUhWidFOII5HRvUK91Qt5svFotJSVYH-our5shGI1AXLXGyk6TmE3481mkNoS9qekiqOa0Aw4RLuKrUKOHpla3fTWfAMbhNkP3tnr1hfQuY9eGTIMBRju5L_4
Frame ID: E92F24739DE821E4BE541102CD55761E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNU06BYeKP38vDTf0I_ARtT10Ij96v7knOZ4zmjjPqNx98artdG6U1QykdOQ3lWtd9urfOoc_65UjliVTHmQiIg2DTKVXYE3qjkd2sCJVd6jAeupAgUK3hrk9P5J12-Fby030AzBzMs66lMnhaaccPDzez7iEvhi-tGaTxKCODAI2P9lYVY
Frame ID: A3F866781E56B4153CDD524B93E79F87
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNVQC6Tfll4hCr4pLncHNNnWP6y6lDf57AGI7sDGX7M0yM-4j_Yc1VEURb75_xBPSUgeAL8KLeslOaZseK_2xkanrmZo_EWcpaco3rrwJD9eVZURsX_Utac0NHrZs806kVdBtc9GHLGIMmjLGUWR0nDmTzNii87rrsuKpzd5t_qrRJRLb50
Frame ID: 264BA8BF64AD65CDACA8FFA07B2F6B41
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js
Frame ID: 05A43549AEE7662CC136A0E0D5DABBE1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 50C7CE3B6162303973D3C1BA19A0C857
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FB7FD763835E38E315165EF0160F09EB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4038A96F901F4267AE9B9205412D3DFF
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18225678633910820894/300x250/index.html
Frame ID: 87724D30D7EB51AAB241151F39E6D293
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
Frame ID: 1D39BA11A704B2673AD0A19BE20E45F9
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html
Frame ID: 26504DFFE5DEC3B0262041E7FE82CB61
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: A9D6EF0465EEC452E746810543EF5936
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: D8D1A8437B3CBEFE19ACA259BB97796E
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: B57BAB0CBFD69F018A8DAB6BDDB3CB11
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

يلاكورة الموقع الرياضى الأول فى الشرق الأوسط

Page URL History Show full URLs

http://yallakora.com/ HTTP 301
https://www.yallakora.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Izooto (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.izooto\.\w+

Page Statistics

262
Requests

94 %
HTTPS

75 %
IPv6

24
Domains

41
Subdomains

40
IPs

5
Countries

4168 kB
Transfer

9404 kB
Size

27
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://te.eg/wps/portal/te/Personal/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zivQNdjAz93Q28_b39jA0cfS1dDJzdzAwNfM31wwkpiAJKG-AAjgZA_VFgJQgTLM0sgSZ4uhhYBpkbGVgYQRXgMaMgN8Ig01FREQA1DOZq/dz/d5/L0lDUmlTUSEhL3dHa0FKRnNBLzROV3FpQSEhL2Fy/?1dmy&urile=wcm%3apath%3a%2Fte%2Fresidential%2Fpromotions-revamp%2Fmobile%2Fprepaid%2F5%2Byears%2Banniversary%2Bprepaid%2Bpromo%2F5%2Byears%2Banniversary%2Bprepaid%2Bpromo

Search URL Search Domain Scan URL

URL: https://competition.yallakora.com/predictions/home#nav-menu
Title: مسابقة التوقعات

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Yallakora

Search URL Search Domain Scan URL

URL: https://twitter.com/yallakoranow

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC7N7DXktAhFpRpYb3B6Hnxg

Search URL Search Domain Scan URL

URL: https://www.instagram.com/yallakora/

Search URL Search Domain Scan URL

URL: https://competition.yallakora.com/predictions/home#nav-burgermenu
Title: مسابقة التوقعات

Search URL Search Domain Scan URL

URL: https://gemini.media/pricing#YallakoraF
Title: للإعلان معنا

Search URL Search Domain Scan URL

URL: http://gemini.media/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://yallakora.com/ HTTP 301
https://www.yallakora.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 151

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqQC97EHVnQtI_WOHnyasY&google_cver=1

Request Chain 152

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9ZT6c4JdjkAG36WInldUAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqQC97EHVnQtI_WOHnyasY&google_cver=1

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEqEcgiE1tFZpPTiPcYdXBk&google_cver=1

Request Chain 154

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgzNjM1ODQ1MDYyMjUzNTgxMg%3D%3D

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqQC97EHVnQtI_WOHnyasY&google_cver=1

Request Chain 156

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9ZT6c4JdjkAG36WInldUAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqQC97EHVnQtI_WOHnyasY&google_cver=1

Request Chain 157

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEqEcgiE1tFZpPTiPcYdXBk&google_cver=1

Request Chain 158

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1MzMyMjE1NzgxNTg0NDk4Nw%3D%3D

Request Chain 159

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqQC97EHVnQtI_WOHnyasY&google_cver=1

Request Chain 160

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9ZT6c4JdjkAG36WInldUAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqQC97EHVnQtI_WOHnyasY&google_cver=1

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEqEcgiE1tFZpPTiPcYdXBk&google_cver=1

Request Chain 162

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1MzMyMjE1NzgxNTg0NDk4Nw%3D%3D

Request Chain 203

https://fw.adsafeprotected.com/rfw/st/990511/61634096/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_6VPWY-K3NJHU3gOa_pWoAg&cbFunctionName=goog_wrapCb_6VPWY-K3NJHU3gOa_pWoAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.yallakora.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.yallakora.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:d997d45e-d32b-3c15-b8f4-f4242ed50498,c:2GrgyW,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-bb8697c85-7qz2v,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:2,mot:0,app:0,maw:0,fm:tukhJy4+11%7C12%7C13%7C14%7C15%7C161%7C171%7C172%7C173%7C18*.990511-61634096%7C181%7C1821%7C183%7C191%7C1921%7C193%7C1a%7C1b,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:18,oid:66d51ebf-9fc5-11ed-b28d-e6de52777487,v:19.8.385,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

Request Chain 205

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_6VPWY_enNPHQ7_UP-5KCsAU&cbFunctionName=goog_wrapCb_6VPWY_enNPHQ7_UP-5KCsAU&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.yallakora.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.yallakora.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:c866df2a-6ee3-f51e-95fd-3505eb4ccdbc,c:2Grgzv,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-bb8697c85-tm59l,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tukhJyE+11%7C12%7C13%7C14%7C15%7C161%7C171%7C172%7C173%7C181%7C1821%7C183%7C184%7C19*.990511-61634100%7C191%7C1921%7C193%7C1a%7C1b,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:17,oid:66d51e76-9fc5-11ed-89d5-5a82b56fe9cc,v:19.8.385,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

Request Chain 218

https://fw.adsafeprotected.com/rfw/st/1333191/69032163/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1010377851&ias_pubId=pub-3692164260958077&ias_chanId=1&ias_placementId=19604626700&bidurl=https://www.yallakora.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gx3CNR5X5zd6Ts9HwUrn74&adsafe_url=https%3A%2F%2Fwww.yallakora.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.yallakora.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:78cd6d8f-ace1-4fe7-9199-bc48bad8b8c0,c:2GrgCg,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-bb8697c85-54hvx,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:312,mot:0,app:0,maw:0,fm:tukhJwn+11%7C12%7C13%7C14%7C15%7C161%7C17*.1333191-69032163%7C171%7C172%7C173%7C181%7C1821%7C183%7C184%7C191%7C1921%7C193%7C194%7C1a%7C1b,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:330,oid:66d51eda-9fc5-11ed-b92d-1e0e2fb949ea,v:19.8.385,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}

262 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.yallakora.com/
Redirect Chain

http://yallakora.com/
https://www.yallakora.com/

196 KB
27 KB

269ms
203ms

Document
text/html

2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dfe58d897117bd042db3f4c339e35885ff8d2335c15cdfd8dfa7676a620d70f0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 79118402885e9944-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 29 Jan 2023 11:09:26 GMT
expires: -1
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

Redirect headers

CF-RAY: 79118401fc8d5b50-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 29 Jan 2023 11:09:26 GMT
Expires: Sun, 29 Jan 2023 12:09:26 GMT
Location: https://www.yallakora.com/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 Style.css
www.yallakora.com/Content/ 1 MB
159 KB 57ms
55ms Stylesheet
text/css 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/Content/Style.css?ver=61.82
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8d71fee7074531243c46fc84e1b8ec6ff44b173186e8efa4ac53adbcb867044c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 13:08:29 GMT
server: cloudflare
age: 424827
cf-polished: origSize=1535948
etag: W/"80c49ff3f42fd91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
content-type: text/css
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 79118403fb7a9944-FRA

GET
H2 200 Sponsor21.css
www.yallakora.com/Content/ 8 KB
1 KB 45ms
44ms Stylesheet
text/css 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/Content/Sponsor21.css?ver=2.4
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c7d05c4edea21160b1d58061d1f2ac8591332b3bd4326e4c8a3077515e17c176

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 10 Jan 2023 15:34:36 GMT
server: cloudflare
age: 1625403
cf-polished: origSize=10802
etag: W/"c999a7b925d91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
content-type: text/css
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 79118403fb7c9944-FRA

GET
H2 200 GutterStyle.css
www.yallakora.com/Content/ 5 KB
1 KB 38ms
37ms Stylesheet
text/css 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/Content/GutterStyle.css?ver=0.63
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 777cc2cc54a1db1c7113af0c171a2578f1145c612f273be3442421bbafe52f6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 09 Nov 2022 10:40:21 GMT
server: cloudflare
age: 2524416
cf-polished: origSize=6708
etag: W/"e0c4bfaa27f4d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
content-type: text/css
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 79118403fb7f9944-FRA

GET
H2 200 Layout Show response
www.yallakora.com/bundles/ 178 KB
51 KB 483ms
482ms Script
text/javascript 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/bundles/Layout?v=dhZKBGNoGw7GA_3vUdchWWLp8O8mnPAwjgK9ndLEUBE1
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bb7b5446264a723cd477dd25769e78c01dfab0307d8f238be827f141ff842d79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 29 Jan 2023 11:09:27 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: public
cf-ray: 79118403fb809944-FRA
expires: Mon, 29 Jan 2024 11:09:27 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 196ms
72ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42ce9ee9e51344dc1182f0d456164af3530858ff5ee4e53303d7982c04ed897b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27567
x-xss-protection: 0
server: sffe
etag: "1466 / 575 of 1000 / last-modified: 1674860937"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 29 Jan 2023 11:09:27 GMT

GET
H2 200 IP2Location.js Show response
www.yallakora.com/Scripts/ 3 KB
1 KB 43ms
42ms Script
application/javascript 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/Scripts/IP2Location.js?ver=0.2
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 72a61d669a235778168d161b444bd4e02f13379b006ab2385a1c2a41491c0945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 10:40:30 GMT
server: cloudflare
age: 71210
etag: W/"0e3eeaf27f4d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 79118403fb829944-FRA

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/15758/ 52 KB
16 KB 79ms
21ms Script
text/javascript 13.225.78.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/15758/lt.min.js
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-97.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a5a5740ef85b34bc2201e28d241ab2c3ea7f45355377a3100d5dab74dbc3c5e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 12:39:15 GMT
content-encoding: gzip
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 19:52:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 81012
x-amz-server-side-encryption: AES256
etag: W/"5d1a1417d65b5cc7f2f1f59643f0135e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: yVme0qkq9Jzub4mRX-TPXR7ZPkuXf0j89U0h81uuimJV1rVvAqFMyA==

GET
H2 200 a0e1f72be7d69fe7b47acade32a261ad5c080d74.js Show response
cdn.izooto.com/scripts/ 1 KB
904 B 99ms
37ms Script
application/javascript 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/a0e1f72be7d69fe7b47acade32a261ad5c080d74.js

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8b01e229063ec07610643752936624b6531e6561572deca1c7119d2bad05bd8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 14:29:12 GMT
server: cloudflare
age: 526865
etag: W/"63a07538-472"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 791184045e4d2baf-FRA
x-xss-protection: 1; mode=block
expires: Wed, 01 Mar 2023 11:09:27 GMT

GET
H2 200 yklogo.png
media.gemini.media/img/yallakora/staticimages/ 8 KB
9 KB 89ms
32ms Image
image/png 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/staticimages/yklogo.png
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6c34e9a64fd79b324b935ab3ecc8b513554ea5ef3cc1d11a7cbfefcb74c3d402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2491599
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8080
last-modified: Sun, 27 Feb 2022 11:03:21 GMT
server: cloudflare
etag: "4e8ec9a1c92bd81:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXtvL2NiqKb169v3rd3LsVhRVBU6cIoAwmRR9GUSX2paH27g7UhBm6%2B1yIKAWLepYSSxy%2Boo3pqifeNWl7o%2FdywDvA1UXnVNAMwjP2OPeZimaPVQmi7Jp3rNOyY8EcA8oCjevMHyFCL713CvjraZRg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 79118406fa3391fc-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 200 Egypt2021_1_13_16_3.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2021/1/13/ 1 KB
1 KB 38ms
38ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2021/1/13/Egypt2021_1_13_16_3.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: df3a868b4e6a1f84f7410307af667e63ee571325be9540e1853d74368d8ed90d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1084114
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1134
cf-bgj: h2pri
last-modified: Wed, 13 Jan 2021 14:03:06 GMT
server: cloudflare
etag: "3f33e7d0b4e9d61:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mn1xyG55LBVi2U5VehAzdgXnscmggKoVhm47lNRWaPOauRJrOgCMyCqRjOyPHbM3slUZ3qLi3%2Fa8jfxWPMOAAeeEaPZPJCAYN%2Fu9o2iDf7zc%2Br2r47BFZdA0p3jIAS%2FzGBLGBsqSyB1%2BUpcRDL7RDg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 791184072a8e91fc-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Hungary2021_1_13_16_5.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2021/1/13/ 512 B
1 KB 43ms
42ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2021/1/13/Hungary2021_1_13_16_5.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ed08a7b9f300904c27e2a65f619408c2e3ea1c2ee495e2da5c4dcbcdd2100d05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47310
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 512
cf-bgj: h2pri
last-modified: Wed, 13 Jan 2021 14:05:02 GMT
server: cloudflare
etag: "264bfa15b5e9d61:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BGy7q%2BQUvkiL6poi0Fuac4GpSVBW%2FLrYY9veIDeSe6Svt1rTKM090pp2gxNu08VSXPtYGmzcVvYtTNg85Xn86DoHG1g7RTZE7y8G9IfZ9ZQ0hrwAqgoSIh3%2FwPAp85DC4q8csN5Ih2L3D%2FX92U0QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 791184076c009ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Denmark2021_1_13_16_5.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2021/1/13/ 823 B
1 KB 34ms
33ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2021/1/13/Denmark2021_1_13_16_5.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e5bc93f06a7c27ae1db241bbebd3dd0548e70c17debfe4bf6ed5fcb93bb800a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1458243
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 823
cf-bgj: h2pri
last-modified: Wed, 13 Jan 2021 14:05:35 GMT
server: cloudflare
etag: "a4a3e2ab5e9d61:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twsKw%2BeqU3J%2Fty3%2BHt1%2FvS5TrADFVA47I64O0qt281Fx0iufKRz6iCJ3AMolTUB8SlYbqYQq%2FQkH9t6fn4mtXwGxSsN%2BcwKkk8qRJPEhWp0REV6CyZ8UMrRlgjThW2D5SY7rwz%2B1nD%2Bgf9rr77RFtg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 79118407bc9a9ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 France2021_1_13_16_2.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2021/1/13/ 612 B
1 KB 35ms
35ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2021/1/13/France2021_1_13_16_2.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d5ef793247a5bf5bed3024f7ec1900f4bf388de2b121aa35cd4f281d0e908288

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 224204
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 612
cf-bgj: h2pri
last-modified: Wed, 13 Jan 2021 14:02:11 GMT
server: cloudflare
etag: "74fb12b0b4e9d61:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KoJU7q%2BPBHpoDLeCN5gclSex%2F0HCqJQj6xJfsxBHLv%2BKc8sJG9wKsaM%2BfR9UCsi8OiIVaiDRQWsvQHBC4t3bB%2BMEUos0mvGugg9c4vuVnDZGlgJYzLQXzpTG6utTKtoNFtjMMQ6LY4Y1LPkjxZXpWg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 79118407ed1c9ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Zamalek2018_7_24_13_31.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/7/24/ 8 KB
8 KB 32ms
32ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2018/7/24/Zamalek2018_7_24_13_31.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4c5d9a2bb4c1a0f9661d19ef675c5646853154a3196260b6f25aa94b73e37f60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2490225
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7722
cf-bgj: h2pri
last-modified: Tue, 24 Jul 2018 11:33:12 GMT
server: cloudflare
etag: "3c15b91a4223d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IY6xR4v2PqIdIHn7stPrVqHeJIVrTnoO7QUapus2Eh6u5hZUOejcNEXq%2FEC7OLo3UaHRS5gCMxB%2FkW3zXoHno5SGUsvmWAoM42gwr1Srt%2FUACaI3pSrzaszXb4ft%2Bmvbs%2BIFzctjKznUuskyaoZKuA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 79118407ed209ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 future2022_5_29_15_56.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2022/5/29/ 9 KB
9 KB 86ms
85ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2022/5/29/future2022_5_29_15_56.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8c5db07ba4d9dd72f802baa532ff18979e4d2babae35466f7bf91970d6176be5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47310
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9105
cf-bgj: h2pri
last-modified: Sun, 29 May 2022 13:56:11 GMT
server: cloudflare
etag: "c075b9da6373d81:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XisuCSYM421d1L4r8Q3MDeH5mJyrGzz%2FdJnth3w%2FivamOLquxados8KKSBEbuJGWpb6HVVTnSwTYL%2FwXcUiX6GaYVpZcn1Yri9KxioKNE8feXbUfh%2F0hP7ZehA2KX1bTdRhWTVy%2F9UdceyNAeL102w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 791184080d539ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 RealMadrid2018_7_29_14_47.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/ 9 KB
9 KB 86ms
80ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/RealMadrid2018_7_29_14_47.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 15035a7946d82f74d04fb646f2f993572249e7b131e692696e61eccdb8d1199a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77693
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9081
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 12:49:21 GMT
server: cloudflare
etag: "21224d923a27d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4DejZ%2Fimss2JRuF8qEcnfKwh%2FQKRnaKLB3CknvmfBdFkvgqn0M02TcS5tnm8Sl9MWfPNnokJytDaXkAccT3nIOsJe9luQ6Fm5Jw7LjV0wrJRRhzMp9hO06S2MKFmZij9aabxrlz%2FX72LH3LAG6ND%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 791184080d5f9ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 RealSociedad2018_7_29_14_56.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/ 9 KB
10 KB 87ms
81ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/RealSociedad2018_7_29_14_56.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ee4c9c33ae1edbeff64edb74e9f094371b7cb506118c610099dc1c80db490add

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47362
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9457
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 12:58:16 GMT
server: cloudflare
etag: "e1e24d13b27d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZ6%2BJxojwFGLO0Sgr2%2BPrJOvx3AFQGyTT2MVd11eBH%2FjqEn%2Fp6JtJmFbKMSZH4S4GSG6X46pAH%2BCFgBRcXjwFZiSR5j2rBIOEUlpKBJjETosyulCllJn8zcfhNnFif4Yracw9H1zFU%2BL%2B28%2FJRf4OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 791184080d609ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Brighton2018_7_29_15_31.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/ 7 KB
8 KB 39ms
33ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/Brighton2018_7_29_15_31.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9a37d2fbc62dc17f9475c468d0867402cbc48d31cfd0398d74e930953a0c5c71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65801
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7306
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 13:32:58 GMT
server: cloudflare
etag: "1d5c9a94027d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GtNwua36vCHV2JouhUw3N3sHuW%2FOHbrXYoOvB5FYtiaREBiacw4XyJ%2BElI3cqvwjTgzBs%2F%2FpGTzi7RkywSatp6YAoaGJjwx1lYM3M8QXWXK5xQ6BtJB8FMpNtsoXXDwbE1pG%2ByDmrNsK2ldFozblkw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 791184080d629ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Liverpool2018_7_29_15_27.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/ 10 KB
11 KB 39ms
34ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/Liverpool2018_7_29_15_27.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c02bcd8e4d271be063b0624e639dd6fd9a5910189c6b0bb6f78dade70880a2b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65801
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10449
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 13:29:52 GMT
server: cloudflare
etag: "c186e53a4027d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DukBk8sKAkV%2F3FTAv8zjUkkBfp68I5txe%2BRGAq65v8BJMRm1dwliZSuWpQ9Ai7j6f6jjl4G2X7t21rAyimMiljPYdsYPlv%2FjK31SMJhDlg%2B5xGQwHDzS2cCU36crUAiU508bOjDb0WegSrylSaxvwA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 791184080d639ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 ACMilan2018_7_29_15_9.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/ 5 KB
6 KB 37ms
31ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/ACMilan2018_7_29_15_9.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: aa4abc8dc8d2cb1dad4216e16de49a15dba700e5778f450872a1b7939944e1d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47306
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5129
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 13:11:32 GMT
server: cloudflare
etag: "157c1ab3d27d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UgBumMMdUwK9LBMkk9XWU0dPsAOkls03yd7%2Fu2i826RqaizHzpJ%2FeXuuzh49%2BOlKrKZHE1%2BDxkv26zJJJ4MlyyV%2BlLH0w4cASId2JKmxqAIom3iNq7sJlZXUSZBjhuFuxMgWmzXcVZiL1HXmQCLDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 791184080d649ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Sassuolo2018_7_29_15_11.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/ 9 KB
9 KB 61ms
55ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/Sassuolo2018_7_29_15_11.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a7deb331cc8085ce5cbd4ee3d6cc8e740913837c6747df9e9b5a0b4a58aa751a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47310
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8907
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 13:13:51 GMT
server: cloudflare
etag: "617568fe3d27d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uWGTjfrQl8PypEJMLWIKZ%2FkrFvp%2BMTO8Bm1fghREJWYBOVyKOavEmcslNxzO6H6FwJt8ue91XmwUZlGJtvjle0nBPMmVlB4qeJRKdxC9sJjKY09rCpZ6AmRdgPZ08ngcrekBLamM8kP4uqeqcMoheA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 791184080d669ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Napoli2018_7_29_15_10.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/ 8 KB
9 KB 86ms
81ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/Napoli2018_7_29_15_10.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fd29505194e4e103b57fba45fe58963281e49d1ecda060e6be42d8b3014dfeed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47310
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8192
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 13:12:30 GMT
server: cloudflare
etag: "214a13ce3d27d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bzQ7HAiJl2MqWlAxJkqEoq%2BeT3YoHKjO0lvMzl%2Fq8lzcmNk0sCDIx4K7111N5C7gh4TAVwhvtVCnGwBbTwjWAWwVsEfuhf2waDdzTTzDomW4yHqyv6Vw1CryPrBezp%2ByY38ut1HeVv8w9mZmRKk5A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 791184080d679ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 ASRoma2018_7_29_15_7.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/ 7 KB
8 KB 89ms
83ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/ASRoma2018_7_29_15_7.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2f7bd0c73018f9c34a0a959f791da61431910dda0ef204b164ea1539255339db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47362
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7548
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 13:09:10 GMT
server: cloudflare
etag: "c1e699563d27d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sUHt%2B1zmOntK93V%2FP95oqu7%2FXmAKmliItXpamkwvU59zuYb8SO6U3dEO8RNzlu8zqwmMKSQaWHfcs%2FFqXm4upMse7unplwlN%2FTBILMYu4GrBfP5NVRezRe4RYYJI3WqARQbw1rsaqDh42UgTr2ibHA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 791184080d699ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Erwin115-1-2023-3-13-46.png
media.gemini.media/img/yallakora/Players//Players/ 93 KB
94 KB 89ms
84ms Image
image/png 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Players//Players/Erwin115-1-2023-3-13-46.png
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f11b766fe901626d16d18cda13b641204a1bb259f1b96df6eac06e7275f9587b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1240938
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95161
last-modified: Sun, 15 Jan 2023 01:13:46 GMT
server: cloudflare
etag: "c85fcb9d7e28d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U214Iaxvtp1poffzgTE5GcCU1fYfS4alG69SJIzrNFqjL6jMRuTvPubzq2juQpySrE3LnRzAnZIGvK11UruInrUxP2tJSK5nAzWeIP9k7w1BYgk4KxFiTYe%2BEEVFwWLq1ftU0g9i0sq4bEUytGGelw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 791184080d6a9ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Mathias-Gidsel116-1-2023-16-27-28.png
media.gemini.media/img/yallakora/Players//Players/ 119 KB
120 KB 106ms
101ms Image
image/png 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Players//Players/Mathias-Gidsel116-1-2023-16-27-28.png
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1da4b264078f93ea46279ccfe83306c19c2e362f536728755e62fa63ebdedd92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1110626
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 122156
last-modified: Mon, 16 Jan 2023 14:27:28 GMT
server: cloudflare
etag: "61377aa9b629d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n8wHqtljIbb5VDwV1d719UQk2j4yYHQvNOepU8SssD1gg9sOI2MNWkFDJW8tfhoyGpBXYI%2Fw419KCNYimLauGO3x4uuKGpssIlx1DcjymzQulg6i7%2BuxT7pKeXTxRvbnrZOv80GHiaaTCraCvPX2Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 791184080d6b9ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 ELiSSON15-1-2023-0-23-13.png
media.gemini.media/img/yallakora/Players//Players/ 50 KB
51 KB 125ms
120ms Image
image/png 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Players//Players/ELiSSON15-1-2023-0-23-13.png
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a0436fe2afb6ac2cd6c911e10b50b7f5a42c0273459f54b31f6173638f8752ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1255367
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51408
last-modified: Sat, 14 Jan 2023 22:23:14 GMT
server: cloudflare
etag: "f66f20cb6628d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9nzhRTrd%2Ff3QgNNv64hRjzHwwGokgNeraTrvtZw5YZU97MM6%2BEx2RDuJqj78TNEmGbXeJ6SGVJcGNLc85a8XPjqQhY%2FSCXkym8wi7YJRhg9SLzNE4Yaudp7KHM8TMLBzhG8Yw68ivTmImMQqeIxpXg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 791184080d6d9ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Tobias-Thulin121-1-2023-14-46-14.png
media.gemini.media/img/yallakora/Players//Players/ 47 KB
48 KB 57ms
52ms Image
image/png 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Players//Players/Tobias-Thulin121-1-2023-14-46-14.png
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 92010c38ae8a8a779ab12b1b16a5e23f5746d6c31caf6b083db05ac1bb14be84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 684540
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48179
last-modified: Sat, 21 Jan 2023 12:46:18 GMT
server: cloudflare
etag: "5cbd135b962dd91:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5EKJ1b8NEO%2BCOHrG0euBsgT3mYRdrlfmKVIafRPeQmuyl39WRhdM87WcJI%2BhBIlxancHKDuibERh%2FlO0tobSi3RiMtuaSeKGJRRsymYxSlbO%2FKZn75QcWBa3LScrusfxwUDQcwuVPx08x3pfUHYdA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 791184080d6f9ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 DESBONNET15-1-2023-4-0-3.png
media.gemini.media/img/yallakora/Players//Players/ 21 KB
22 KB 79ms
74ms Image
image/png 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Players//Players/DESBONNET15-1-2023-4-0-3.png
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: eca3a5c2729ed83c989816e0c31770f73d6e4bb876225dbbfa9876735c7eef26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1240938
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21720
last-modified: Sun, 15 Jan 2023 02:00:03 GMT
server: cloudflare
etag: "bc7272158528d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v548NozKJIBo3ED2F70TI%2F0%2FtWpwp8Usbyp%2Bw2dfUYuIQmeTlTc0CswWOVN%2BkqsFk1HqvJ6gY8SuczhQ3xPyqbOl6EPN%2B6N12SRFmYFGnX6pi50%2BkGu%2BxJiP%2FvCtx%2B0DU9rcKJptDVloIcNsn1QvoA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 791184080d709ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 PALICKA215-1-2023-4-7-20.png
media.gemini.media/img/yallakora/Players//Players/ 767 KB
767 KB 126ms
121ms Image
image/png 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Players//Players/PALICKA215-1-2023-4-7-20.png
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a12dcb1afdf887b3a63ed365db27502c2f8a4cb86f43b2a3c7096b850cfa943d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1240938
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 785014
last-modified: Sun, 15 Jan 2023 02:07:20 GMT
server: cloudflare
etag: "675ae2198628d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IT9hHpNiQur8TUY3VCmLsUiA60O4liBwvyO7jYEIaq%2FPOc%2FCJ1mk6QKfDWBREHXn%2BaryK5pM6r4GZTnkcMMhj0AUsDRMivM7NJ9JjmJ3kt3Bb9SLcrvnHKo5Uw4FScqJntqDRSkqOyxVpolB3fYXCg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 791184080d719ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Germany2021_1_13_16_2.jpg
media.gemini.media/img/yallakora/IOSTeams/40//2021/1/13/ 344 B
946 B 167ms
162ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams/40//2021/1/13/Germany2021_1_13_16_2.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9df586940ff4019f05da72f4a2c87df0a7476ab55fc5ec0fc104f9166b83d3e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47362
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 344
cf-bgj: h2pri
last-modified: Wed, 13 Jan 2021 14:02:49 GMT
server: cloudflare
etag: "7920fc7b4e9d61:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZZmVkGOCITT7gvREGK1NHhue1radATP3FRXrsiSQMPZjUrqLL7RI6JkMb2O1jwwobD5eoPGhZ8kLfxHEbeQJ%2FsVD%2BoYrpXtwQYYjtepSfR9p3ATU4O6bOREWNf%2Fu0xZx8r38tY1VWjAErdMopUjsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 791184080d729ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Norway2021_1_13_16_4.jpg
media.gemini.media/img/yallakora/IOSTeams/40//2021/1/13/ 762 B
1 KB 167ms
163ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams/40//2021/1/13/Norway2021_1_13_16_4.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 03fa6c8952eed29850d393b2e3ffc1069b9dc8e2a4b5f3c6d9b4352a05bc9424

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47304
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 762
cf-bgj: h2pri
last-modified: Wed, 13 Jan 2021 14:04:31 GMT
server: cloudflare
etag: "17568e3b5e9d61:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fjTOgvooM8TwqLmh8K1aILdFnocI%2By3R67UIkIjGaj7RHaOP5mAKVT343Z7Q%2FyJt0Os21XJlUs4RLmh0DYN0nIOZnpc5uttbWDJl0EIh1nran7RsTmqcvQDFZviEfFSeAJnHEz1Km1jRNWhYpaLPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 791184080d739ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Egypt2021_1_13_16_3.jpg
media.gemini.media/img/yallakora/IOSTeams/40//2021/1/13/ 603 B
1 KB 168ms
164ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams/40//2021/1/13/Egypt2021_1_13_16_3.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a2671a7a71764c73a85a1c61957ee5dee0609425de1f0546bd655edf7b6f1e4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 324453
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 603
cf-bgj: h2pri
last-modified: Wed, 13 Jan 2021 14:03:05 GMT
server: cloudflare
etag: "2acfafd0b4e9d61:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZXPcpITHkTKa2zMhGkREMWuBNw17ay9sJKy05vbAym2nHmeFQ0vz2Ac1G6zpQVRVU2y6TbTNWsyq9o2it26%2BKrkzFakfDHVvimenLjCeDIBpiHt6KzeEUZYoRDvoVhk9Dtzodmr22D7Ce%2BBXd2lMA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 791184080d769ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Hungary2021_1_13_16_5.jpg
media.gemini.media/img/yallakora/IOSTeams/40//2021/1/13/ 388 B
989 B 169ms
165ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams/40//2021/1/13/Hungary2021_1_13_16_5.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4b1ea304ef407f235a463e50f36b1497c7a8066e671f673d5cc4cda0f784f670

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47303
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 388
cf-bgj: h2pri
last-modified: Wed, 13 Jan 2021 14:05:02 GMT
server: cloudflare
etag: "c8e8f715b5e9d61:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTmpj780bWJzIeDnbXwtwOPAKcgGTYC1dYhn%2BNE7Q%2B0Sr59ATpy6wfCRNeCcoxQnFA0ta6mw5QFujSUUcp7Dq8iPNyYFpscH2JxxwX1azoczEFFYapKhmP6b%2FJrHaQJOFVi5Pd26VqKF9D3kcbnRhA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 791184080d779ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Spain2021_1_13_16_2.jpg
media.gemini.media/img/yallakora/IOSTeams/40//2021/1/13/ 873 B
1 KB 172ms
168ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams/40//2021/1/13/Spain2021_1_13_16_2.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1fe035b6e2b4150f22333863db0fc3494675a36287636db8707caea67a29b275

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47303
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 873
cf-bgj: h2pri
last-modified: Wed, 13 Jan 2021 14:02:30 GMT
server: cloudflare
etag: "9d81a3bbb4e9d61:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6BKRqX3R1twSCQaD%2BSmVG1zbbBLA1nrql8RGqVzXWUyQoJICke9kcAP972atZF73uH2IWL0KeVhuP0pp6fr9d5Oj5AHicb7mHJCALknjOy44%2Bbdqx1Y8i39zJgHRotpAkdySe95gb2Vo0w4viPd6gg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 791184080d7a9ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Sweden2021_1_13_16_6.jpg
media.gemini.media/img/yallakora/IOSTeams/40//2021/1/13/ 634 B
1 KB 172ms
169ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams/40//2021/1/13/Sweden2021_1_13_16_6.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 36381f4e1ecaf6042ae17621601cac3572959519960a8241696d55c5eda46def

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160700
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 634
cf-bgj: h2pri
last-modified: Wed, 13 Jan 2021 14:06:20 GMT
server: cloudflare
etag: "4edfea44b5e9d61:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aj6KqlM7FQj06%2BvtlpYTzLYu888rRWlHiWZVB6gXeansM4N76OVBc8h7vYant%2FX70l8zGZ0G2iKR%2Fzw%2BnXX9IzjtaU0cHtkfG8CH8%2F0YQlgAgNuFQazGtUg5KOkRvmDWFyfR0WZsqRq7WYXTcVA8ow%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 791184080d7b9ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 ykLogo.png
media.gemini.media/img/yallakora/staticimages/ 8 KB
8 KB 173ms
169ms Image
image/png 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/staticimages/ykLogo.png
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6c34e9a64fd79b324b935ab3ecc8b513554ea5ef3cc1d11a7cbfefcb74c3d402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2242220
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8080
last-modified: Sun, 27 Feb 2022 11:03:21 GMT
server: cloudflare
etag: "4e8ec9a1c92bd81:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQng0qCd8yPTv9Pldr5lpFHWNdpT%2Bp6z7PG7NoHHJ6H%2Fa6yIosnG1lhb2nbJ%2B70pttWhsaiujrzNxHtCcMTLk0mx1q6iMAeBOAuMPaU7MSgp8hbqadZVHkUzefDXRcop4fjSxEtkW6WWiG6f2OEpJg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 791184080d7c9ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 410 1078.js
script.crazyegg.com/pages/scripts/0069/ 0
0 168ms
69ms Script
application/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0069/1078.js
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
last-modified: Sat, 28 Jan 2023 19:22:22 GMT
server: cloudflare
age: 56825
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 79118408a9cc68ef-FRA
content-length: 0

GET
H2 200 bell-icon.png
cdnimg.izooto.com/icons/7/ 5 KB
5 KB 67ms
50ms Image
image/png 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnimg.izooto.com/icons/7/bell-icon.png

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b84c83d41cbea8ebbf8cb8228c635ea4d175deb0fb8f5d629cb57957b0fd4de2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 19 Jun 2020 07:32:02 GMT
server: cloudflare
age: 527283
cf-polished: origSize=5865
etag: W/"5eec69f2-16e9"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=16070400
cf-ray: 791184082e022baf-FRA
x-xss-protection: 1; mode=block
expires: Thu, 03 Aug 2023 11:09:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 128ms
35ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 29 Jan 2023 10:21:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2863
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 29 Jan 2023 12:21:44 GMT

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 249 KB
60 KB 43ms
40ms Script
application/javascript 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/a0e1f72be7d69fe7b47acade32a261ad5c080d74.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

477ea555adb1b0754b9bf6ba32b31b1ee3d5624fc3efbaefcc887b6467088dc2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 27 Jan 2023 12:49:27 GMT
server: cloudflare
age: 166735
etag: W/"63d3c857-3e2c7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 791184080de52baf-FRA
x-xss-protection: 1; mode=block
expires: Wed, 01 Mar 2023 11:09:27 GMT

GET
H2 200 8988300544706294486
tpc.googlesyndication.com/pimgad/ 59 KB
59 KB 171ms
78ms Image
image/jpeg 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pimgad/8988300544706294486?

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213524df3ef835c51227a7480161cd8868406b83be875ebeae8d75e10d0e3f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 06:48:36 GMT
x-content-type-options: nosniff
age: 15651
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59920
x-xss-protection: 0
last-modified: Sun, 15 Jan 2023 13:58:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 29 Jan 2024 06:48:36 GMT

GET
H2 200 13412711103713960883
tpc.googlesyndication.com/pimgad/ 63 KB
64 KB 126ms
39ms Image
image/jpeg 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pimgad/13412711103713960883?

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5e2362d1847a7b4cad6decf35cd771bcba3267296f0cc0a63cf4a5c59203d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 06:48:36 GMT
x-content-type-options: nosniff
age: 15651
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64550
x-xss-protection: 0
last-modified: Sun, 15 Jan 2023 13:56:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 29 Jan 2024 06:48:36 GMT

GET
H2 200 droidkufi-regular.woff
www.yallakora.com/fonts/ 42 KB
42 KB 39ms
39ms Font
application/font-woff 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/fonts/droidkufi-regular.woff
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.css?ver=61.82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 693dade10b46065ed48dbd1908c839ad28e666649be40350de16010e8abaf3f5

Request headers

Referer: https://www.yallakora.com/Content/Style.css?ver=61.82
Origin: https://www.yallakora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 10:40:51 GMT
server: cloudflare
age: 517005
etag: W/"e0a9f4bc27f4d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 791184082a9a9944-FRA

GET
H2 200 ykicons.woff
www.yallakora.com/fonts/ 8 KB
9 KB 57ms
57ms Font
application/font-woff 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/fonts/ykicons.woff?ref=5.2
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.css?ver=61.82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9f45b937729a1e8300905bb654e2fb9d29a4ee4e68e965805ff3983a5516e2fa

Request headers

Referer: https://www.yallakora.com/Content/Style.css?ver=61.82
Origin: https://www.yallakora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 10:41:33 GMT
server: cloudflare
age: 265577
etag: W/"4cda9d527f4d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 791184082a9d9944-FRA

GET
H2 200 pubads_impl_2023012401.js Show response
securepubads.g.doubleclick.net/gpt/ 385 KB
130 KB 37ms
36ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1529002ff0f1d31928a5090c1f28de571b19464dcd04540a5dcff9be9277dffe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 11:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 256577
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133217
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 09:35:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 26 Jan 2024 11:53:10 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1018 B
342 B 144ms
69ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.yallakora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d975a59a653cc912036936ae948d4b8ca2fe7c84ade44135b7bfcf4fd412efd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 317
x-xss-protection: 0
expires: Sun, 29 Jan 2023 11:09:27 GMT

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 60 B
336 B 163ms
50ms XHR
application/json 52.51.78.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15758/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.78.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-78-49.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: cf45cf13ec17431ac5d3877e18c45aa4ed069a464ab762d2a162299cd673a92b

Request headers

Referer: https://www.yallakora.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:27 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.yallakora.com
cache-control: no-cache
x-server: 10.45.2.116
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 droidkufi-bold.woff
www.yallakora.com/fonts/ 42 KB
42 KB 37ms
36ms Font
application/font-woff 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/fonts/droidkufi-bold.woff
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.css?ver=61.82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b5feee7a5d40a953995b630a5c85e83d3f173baa845310b5b4c66336cdd89cac

Request headers

Referer: https://www.yallakora.com/Content/Style.css?ver=61.82
Origin: https://www.yallakora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 10:41:04 GMT
server: cloudflare
age: 179727
etag: W/"95b82c427f4d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 791184084abe9944-FRA

GET
H2 200 YK-Regular.woff
www.yallakora.com/fonts/ 19 KB
19 KB 37ms
37ms Font
application/font-woff 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/fonts/YK-Regular.woff
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.css?ver=61.82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c99c618704e22e50f8afeed72a9af1b82a6751b99a95ba17f41c63bba6e5a954

Request headers

Referer: https://www.yallakora.com/Content/Style.css?ver=61.82
Origin: https://www.yallakora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 10:41:57 GMT
server: cloudflare
age: 330915
etag: W/"b0e1ede327f4d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 791184085ad09944-FRA

GET
H2 200 lazyLoadBG.svg
www.yallakora.com/images/ 644 B
510 B 35ms
34ms Image
image/svg+xml 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yallakora.com/images/lazyLoadBG.svg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.css?ver=61.82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 55e498ba25f356bd835c3232dd0d4614212cffeedec12bc234b215bc2a1fcac8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/Content/Style.css?ver=61.82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 10:42:14 GMT
server: cloudflare
age: 1641653
etag: W/"65cdf3ed27f4d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 791184087b079944-FRA

GET
H2 200 iz_setcid.html Show response
cdn.izooto.com/scripts/sak/ Frame D1AB 4 KB
1 KB 39ms
38ms Document
text/html 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cebfa75512f12a4d2f05cacae40f83ddc3e1efaf90aba3d5c9eabe0625a94858

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.yallakora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 527389
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 79118408bf212baf-FRA
content-encoding: br
content-type: text/html
date: Sun, 29 Jan 2023 11:09:27 GMT
expires: Wed, 01 Mar 2023 11:09:27 GMT
last-modified: Tue, 05 Apr 2022 12:00:20 GMT
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 wcHbHeader.jpg
www.yallakora.com/Images/ 1 KB
2 KB 53ms
51ms Image
image/jpeg 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yallakora.com/Images/wcHbHeader.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.css?ver=61.82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e032a3ab34f159d46fe4df5cb1294b428b6f34ead99a33683f36e76719364df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/Content/Style.css?ver=61.82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
age: 1442756
cf-polished: degrade=85, origSize=4241
x-powered-by: ASP.NET
content-length: 1430
cf-bgj: imgq:85,h2pri
last-modified: Tue, 10 Jan 2023 15:35:24 GMT
server: cloudflare
etag: "e42e5a28925d91:0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 79118408ebfa9944-FRA

GET
H2 200 wcHbHeaderPattern.png
www.yallakora.com/Images/ 4 KB
4 KB 42ms
39ms Image
image/png 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yallakora.com/Images/wcHbHeaderPattern.png
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.css?ver=61.82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 39a32304c81475bbaf9f6c735c76a92d12a2b365101dcdefd1edf5422d0b005c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/Content/Style.css?ver=61.82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
age: 1625401
cf-polished: origSize=8867
x-powered-by: ASP.NET
content-length: 4426
cf-bgj: imgq:85,h2pri
last-modified: Tue, 10 Jan 2023 15:35:18 GMT
server: cloudflare
etag: "809e424925d91:0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 79118408fc019944-FRA

GET
H2 200 hbPattern.png
www.yallakora.com/Images/ 1 KB
1 KB 51ms
48ms Image
image/png 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yallakora.com/Images/hbPattern.png
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.css?ver=61.82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7de6a891c6705906101acf9828f6cbfcd84898e34f0a422d65dcb8374ad4b140

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/Content/Style.css?ver=61.82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
age: 1625401
cf-polished: origSize=1553
x-powered-by: ASP.NET
content-length: 1085
cf-bgj: imgq:85,h2pri
last-modified: Tue, 10 Jan 2023 15:35:18 GMT
server: cloudflare
etag: "f4b9f424925d91:0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 79118408fc029944-FRA

GET
H2 200 wchbLogo.png
www.yallakora.com/Images/WC2022PredictionGame/ 10 KB
10 KB 42ms
40ms Image
image/png 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yallakora.com/Images/WC2022PredictionGame/wchbLogo.png
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.css?ver=61.82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e6eaacd4bd14e1643a33cd4ac5771a7f6855b296ab23fe50b5bcbbdf3cc0919a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/Content/Style.css?ver=61.82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
age: 514967
cf-polished: origSize=17100
x-powered-by: ASP.NET
content-length: 10200
cf-bgj: imgq:85,h2pri
last-modified: Mon, 23 Jan 2023 12:06:38 GMT
server: cloudflare
etag: W/"5d247925232fd91:0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 79118408fc039944-FRA

GET
H2 200 rightHbPlayers.png
www.yallakora.com/Images/ 40 KB
40 KB 43ms
41ms Image
image/png 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yallakora.com/Images/rightHbPlayers.png
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.css?ver=61.82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8bb74b4c204f5499b7d196b385ee080e1b398dcb86ca417d1b035981bdfe6b75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/Content/Style.css?ver=61.82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
age: 1625401
cf-polished: origSize=58507
x-powered-by: ASP.NET
content-length: 41079
cf-bgj: imgq:85,h2pri
last-modified: Tue, 10 Jan 2023 15:35:18 GMT
server: cloudflare
etag: "44f5ef24925d91:0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 79118408fc069944-FRA

GET
H2 200 leftHbPlayers.png
www.yallakora.com/Images/ 50 KB
50 KB 48ms
45ms Image
image/png 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yallakora.com/Images/leftHbPlayers.png
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.css?ver=61.82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0f54f4ab2a4a1297b37ee55277f3f2304fcfc4dc223b20c87c8c40b6c338e31e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/Content/Style.css?ver=61.82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
age: 1625401
cf-polished: origSize=52453
x-powered-by: ASP.NET
content-length: 51506
cf-bgj: imgq:85,h2pri
last-modified: Tue, 10 Jan 2023 15:35:18 GMT
server: cloudflare
etag: "e292ed24925d91:0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 79118408fc079944-FRA

GET
H3 200 geminiLogo.png
media.gemini.media/img/yallakora/staticimages/ 5 KB
6 KB 33ms
32ms Image
image/png 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/staticimages/geminiLogo.png
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.css?ver=61.82
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 20968a95e5a911a40d373861cd5ec8215c6c9148a45e4ce53f7bca46033e2e4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2240921
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5572
last-modified: Mon, 28 Feb 2022 13:31:16 GMT
server: cloudflare
etag: "5c2b4176a72cd81:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KbrarxrCW52nPBPyzpx2WLQePiJ9%2BeNDxX6tMFuVIfoHnSBzJnMFlNVVEyazQQ3oTjokxfCHK0YMvSU5qcWqkyZEDSTU8Nyezt%2BAmvdoX9Ehy3xlaqzpJgmGwWyk4mjUE3yU%2BIwSptGjMhSBaGbbsw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 79118408ff3f9ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 200 invisible.js Show response
www.yallakora.com/cdn-cgi/challenge-platform/h/g/scripts/cb/ Frame 46E5 39 KB
15 KB 35ms
35ms Script
application/javascript 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=79118402885e9944
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b043b024532636f0702a253a318758841a2d24f1e59a72dc75621e88db29329b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 791184093cae9944-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
149 B 56ms
55ms XHR
text/plain 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=830249864&t=pageview&_s=1&dl=https%3A%2F%2Fwww.yallakora.com%2F&dp=%2Fmainpage&ul=en-us&de=UTF-8&dt=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%89%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%20%D9%81%D9%89%20%D8%A7%D9%84%D8%B4%D8%B1%D9%82%20%D8%A7%D9%84%D8%A3%D9%88%D8%B3%D8%B7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=146042348&gjid=1341112300&cid=917374333.1674990568&tid=UA-53252402-1&_gid=1133082230.1674990568&_r=1&_slc=1&z=818862572

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.yallakora.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.yallakora.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 35ms
34ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=830249864&t=pageview&_s=2&dl=https%3A%2F%2Fwww.yallakora.com%2F&dp=Gutters%2FWE%20-%20Desktop%20-%20HP%20-%201546%20(15-1)&ul=en-us&de=UTF-8&dt=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%89%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%20%D9%81%D9%89%20%D8%A7%D9%84%D8%B4%D8%B1%D9%82%20%D8%A7%D9%84%D8%A3%D9%88%D8%B3%D8%B7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=&gjid=&cid=917374333.1674990568&tid=UA-53252402-1&_gid=1133082230.1674990568&cd2=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9&z=141027976

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Jan 2023 23:20:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42560
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 36ms
35ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=830249864&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.yallakora.com%2F&ul=en-us&de=UTF-8&dt=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%89%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%20%D9%81%D9%89%20%D8%A7%D9%84%D8%B4%D8%B1%D9%82%20%D8%A7%D9%84%D8%A3%D9%88%D8%B3%D8%B7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Hp%20Poll%20Impresion&ea=%D9%85%D8%A7-%D8%AA%D9%88%D9%82%D8%B9%D9%83-%D9%84%D9%85%D8%B1%D9%83%D8%B2-%D9%85%D8%B5%D8%B1-%D9%81%D9%8A-%D8%A8%D8%B7%D9%88%D9%84%D8%A9-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-%D9%84%D9%84%D9%8A%D8%AF-&el=HpPoll%20Impresion&_u=YEBAAEABAAAAACAAI~&jid=&gjid=&cid=917374333.1674990568&tid=UA-53252402-1&_gid=1133082230.1674990568&cd2=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9&z=221784194

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Jan 2023 23:20:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42560
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 36ms
36ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=830249864&t=event&ni=1&_s=4&dl=https%3A%2F%2Fwww.yallakora.com%2F&ul=en-us&de=UTF-8&dt=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%89%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%20%D9%81%D9%89%20%D8%A7%D9%84%D8%B4%D8%B1%D9%82%20%D8%A7%D9%84%D8%A3%D9%88%D8%B3%D8%B7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=world-cup&ea=Strip&el=StripShow&_u=YEBAAEABAAAAACAAI~&jid=&gjid=&cid=917374333.1674990568&tid=UA-53252402-1&_gid=1133082230.1674990568&cd2=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9&z=1432407386

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Jan 2023 23:20:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42560
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 164ms
57ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.yallakora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 100ms
33ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.yallakora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 151 KB
47 KB 1484ms
1484ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1194166740777318&correlator=2733556684046938&eid=31071826%2C31071830%2C31071868%2C31065517%2C31071578&output=ldjh&gdfp_req=1&vrg=2023012401&ptt=17&impl=fifs&iu_parts=96551095%2CV3_Yallakora%2CDesktop%2CLeaderBoard%2CMediumRectangle%2CLeaderBoard2%2CMediumRectangle2&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6&prev_iu_szs=728x250%7C728x90%7C970x250%7C970x150%2C300x600%7C300x250%2C728x250%7C728x90%7C970x250%7C970x150%2C300x250&ifi=1&adks=1757246092%2C654180131%2C1742389685%2C1208294007&didk=3859157626~3830870431~1548076650~1739956710&sfv=1-0-40&cust_params=Yallakora%3DHome&sc=1&cookie_enabled=1&abxe=1&dt=1674990567938&lmt=1674990567&dlt=1674990567007&idt=869&adxs=1324%2C562%2C1164%2C562&adys=746%2C226%2C1853%2C1903&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.yallakora.com%2F&frm=20&vis=1&psz=0x0%7C0x0%7C0x0%7C0x0&msz=0x0%7C0x0%7C0x0%7C0x0&fws=4%2C4%2C4%2C4&ohw=1600%2C300%2C1600%2C300&ga_vid=917374333.1674990568&ga_sid=1674990568&ga_hid=830249864&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b85b93dac58c18fb998074232a3b27d65bea628ebb0ab0c304827574ce5b9df1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47793
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.yallakora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AD33 6 KB
3 KB 204ms
67ms Document
text/html 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yallakora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 11:09:28 GMT
expires: Mon, 29 Jan 2024 11:09:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 GetLocation Show response
www.yallakora.com//General/ 204 B
357 B 107ms
106ms XHR
application/json 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com//General/GetLocation
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/bundles/Layout?v=dhZKBGNoGw7GA_3vUdchWWLp8O8mnPAwjgK9ndLEUBE1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4f27ba5334d2f8cb5590bbb434241748b59e62edcdfd6ceab82f23901118d140

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.yallakora.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sun, 29 Jan 2023 11:09:28 GMT
content-encoding: br
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: private
cf-ray: 79118409cda89944-FRA

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 34ms
34ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=830249864&t=event&ni=1&_s=5&dl=https%3A%2F%2Fwww.yallakora.com%2F&ul=en-us&de=UTF-8&dt=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%89%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%20%D9%81%D9%89%20%D8%A7%D9%84%D8%B4%D8%B1%D9%82%20%D8%A7%D9%84%D8%A3%D9%88%D8%B3%D8%B7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Location&ea=NotSavedInCookie&el=NoCountry&_u=aEBAAEABAAAAACAAI~&jid=&gjid=&cid=917374333.1674990568&tid=UA-53252402-1&_gid=1133082230.1674990568&cd2=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9&z=1330523202

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Jan 2023 23:20:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42560
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4af4cdfb-d373-4e1e-a03a-126fac8abb1b2023_1_21_18_22.jpg
media.gemini.media/img/yallakora/normal//2023/1/21/ 57 KB
58 KB 34ms
34ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/normal//2023/1/21/4af4cdfb-d373-4e1e-a03a-126fac8abb1b2023_1_21_18_22.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f628294c13b4ff5cec6b38b11e063dc8feddbb0ce57a7fa037e68ad760559b69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 156170
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58623
cf-bgj: h2pri
last-modified: Sat, 21 Jan 2023 16:22:49 GMT
server: cloudflare
etag: "105c989ab42dd91:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHtGHNp2rS%2ByNzpetI88vWqVDMNNHwIsNbXD2S6F7y%2B6YSfXUcnDHOuBHZri9eDrYTZ0Rv6G5QE2pweHs1loWcWbHniiOtsODDVVoqIN1fXbfBM8s5Jh4pTsX%2BC2zkgrCgKsU4XCKdHquu8aAo1bPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 79118409d9439ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 1667398-02023_1_18_12_4.jpg
media.gemini.media/img/yallakora/Wide//2023/1/18/ 21 KB
22 KB 46ms
43ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Wide//2023/1/18/1667398-02023_1_18_12_4.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 735e285d96c87baeccd7e684cf5668c0c9586a1a07ef8bbeb44e414aecb54a32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59789
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21748
cf-bgj: h2pri
last-modified: Wed, 18 Jan 2023 10:04:20 GMT
server: cloudflare
etag: "b2a3e23b242bd91:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUzQA2vxqlICxXiIHDXoVb9YXOtwjPjICpOfA7kE%2BEZe8TJq8Q90ZRaQUoz9uPGWxkQWRJL2iIJgNam1nqwwq8LvoWjwIfhnPif3QZNffwWW%2Bsba%2BIX8Bam4i09C9Pu3osrg3lIMN3c92%2F44YZ%2B5Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 79118409d94e9ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 capture2023_1_28_13_58.jpg
media.gemini.media/img/yallakora/Wide//2023/1/28/ 24 KB
24 KB 35ms
32ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Wide//2023/1/28/capture2023_1_28_13_58.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1d05cfbea55865d9fe4adb123f51a6fab34f3234ae09cb06bea691d7684aa31a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82498
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24199
cf-bgj: h2pri
last-modified: Sat, 28 Jan 2023 11:58:53 GMT
server: cloudflare
etag: "38b5b6e4f33d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYz2kvb0JRJti5VtzC4s%2BSp8cxlvG8K3W2u%2B%2BkHRmBLfZ3hQ%2FI3vE9AMFkiYnOHOHWyqrm1e50HiA%2BWjUIz8ZrOKuxCOV5E%2BQI9F9x1UhihFbNFL4Oz6htUbRM%2FjScHhKbiyvAZ%2B8F7uu6CAb4UFNg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 79118409d9519ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 %D9%85%D9%86%D8%AA%D8%AE%D8%A8-%D9%85%D8%B5%D8%B1-%D9%84%D9%83%D8%B1%D8%A9-%D8%A7%D9%84%D9%8A%D8%AF2023_1_25_22_23.jpg
media.gemini.media/img/yallakora/Wide//2023/1/25/ 28 KB
28 KB 38ms
35ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Wide//2023/1/25/%D9%85%D9%86%D8%AA%D8%AE%D8%A8-%D9%85%D8%B5%D8%B1-%D9%84%D9%83%D8%B1%D8%A9-%D8%A7%D9%84%D9%8A%D8%AF2023_1_25_22_23.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 75161d9d0504fa623a7c1a7b76e737f8c428e3f0f370e8814ed0571f0d1f5722

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 309980
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28293
cf-bgj: h2pri
last-modified: Wed, 25 Jan 2023 20:23:38 GMT
server: cloudflare
etag: "48c4b1e8fa30d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8zJhcwWO6YnEzUin0W4J1At%2BUUVb%2BwoenEL5QPDTgMl1CLfSHBgyGgay%2FwJjy0LCTZ4PbpIgN5p32odSb5sseFdgf12BXgUjGRy1QvbUuSawWRiFAJB%2FVeMrHsJLfK7JfKNUWHHKIh5NghYNbngZg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 79118409d9529ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 %D9%83%D8%A3%D8%B3-%D8%A3%D9%85%D9%85-%D8%A3%D9%81%D8%B1%D9%8A%D9%82%D9%8A%D8%A72022_1_9_0_0.jpg
media.gemini.media/img/yallakora/Wide//2022/1/9/ 14 KB
15 KB 36ms
34ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Wide//2022/1/9/%D9%83%D8%A3%D8%B3-%D8%A3%D9%85%D9%85-%D8%A3%D9%81%D8%B1%D9%8A%D9%82%D9%8A%D8%A72022_1_9_0_0.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fd975a8b97372bfdf7d9d8126b401e91e7441d067c5a3b2dbc51c0044c6312a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2062
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14678
cf-bgj: h2pri
last-modified: Sat, 08 Jan 2022 22:00:19 GMT
server: cloudflare
etag: "91e48820db4d81:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDW0jAFed32Xfn4bRtoYrjqP3a0pJcxcMOa4S21G%2BZSWXBR7%2B3fI08aOrZOayPaqPCV2TmBaT2oyP%2F3kfJ6p%2B5%2FLZX8XehzVbspMV6D99Mu4ABXwl6%2Fd6t%2FTwfjTmVHiR8Ta%2FzKDHzTOnhas45jzYw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 79118409d9539ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 %D8%B5%D9%81%D9%82%D8%A7%D8%AA-%D8%A7%D9%84%D8%A3%D9%87%D9%84%D9%8A2020_9_17_10_42.jpg
media.gemini.media/img/yallakora/Wide//2020/9/17/ 14 KB
14 KB 41ms
38ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Wide//2020/9/17/%D8%B5%D9%81%D9%82%D8%A7%D8%AA-%D8%A7%D9%84%D8%A3%D9%87%D9%84%D9%8A2020_9_17_10_42.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 281821fa10dd3f1f9149ce2e21aa20a8392be37b241ca4b8c44bf51fd09a79e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 70134
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14150
cf-bgj: h2pri
last-modified: Thu, 17 Sep 2020 08:42:56 GMT
server: cloudflare
etag: "75cd48ace8cd61:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtCue51dX5gC2xw8TV8FwXDKVlke%2BrwV5dSb7am7G1tJM667ltg09t4V4d3vjSeNFBgvAqQFKDSBaQoLFvK9Z7dkOVa84i6n4x4DhnpN8b%2FJM%2BaXG2JauYiFiAFC6y9q6loYgFy2pgvwRXZRsHc1vA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 79118409d9549ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 328264211-716228660083037-1833231163016968837-n2023_1_29_10_4.jpg
media.gemini.media/img/yallakora/Wide//2023/1/29/ 24 KB
25 KB 38ms
35ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Wide//2023/1/29/328264211-716228660083037-1833231163016968837-n2023_1_29_10_4.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d6d175ebf2d68612d9f3da1f53a3a9c3471945df00e8b2fb6d5d43939218763c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10483
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24754
cf-bgj: h2pri
last-modified: Sun, 29 Jan 2023 08:04:43 GMT
server: cloudflare
etag: "ce26a258b833d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMut3ZvvAYz2uImbXBay0S%2FuocxGhmZ7F8oZ%2Fcga2XsaiGNefW1YjCQFYT9iaDcTe2iraXF6ukgs9rghNWA29oyt%2FEXQDtT6TeCFD6nRckUmuNiPE%2FXO%2FsEjwj0PKveYrtNHhI%2BijOQIwtyAu2cItg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 79118409d9569ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 thumbnail-thumb2023_1_28_16_51.jpg
media.gemini.media/img/yallakora/Wide//2023/1/28/ 12 KB
12 KB 39ms
37ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Wide//2023/1/28/thumbnail-thumb2023_1_28_16_51.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5270b01c2587098b580b8b6658568890e0ca894963c68ba91ab78b389c71ce7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71833
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12059
cf-bgj: h2pri
last-modified: Sat, 28 Jan 2023 14:51:29 GMT
server: cloudflare
etag: "5eb85212833d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8FItxdBfSRjl6VnXYtdjzpKiclrNjRZLTWqmCSnBycV5L0OifsjASrLR3iskNbgOB11WMCQFe3Q4%2FgxYZeScdBs6se2ni%2FYoMhHPjih%2ByFHEykbKOuViA9%2B%2FnYk7omw%2B8pgY4SynCny5pH9LJE1Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 79118409d9579ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 capture2023_1_29_11_55.jpg
media.gemini.media/img/yallakora/Wide//2023/1/29/ 22 KB
23 KB 36ms
34ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Wide//2023/1/29/capture2023_1_29_11_55.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5a88add55245f50db23c0023ebf1a0e46146d871020f0030f165abe3f07c1d17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4192
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22740
cf-bgj: h2pri
last-modified: Sun, 29 Jan 2023 09:55:12 GMT
server: cloudflare
etag: "e892e2c7c733d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7Vhqxe0TQokTo04riorztUEX6a7z3lGYNz8n4WaIbP1QUYG2ezsb6QIUAbf1fh8geIbe9FceLS2mNqVttEQHHoP2wTu5WqgV8jwyLgaFQSlKTs7gNaMJagK7j677ZnzhPHU7gd%2FO%2FtbnQ4nG6gt2g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 79118409d9589ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 rades-stadium2023_1_29_11_12.jpg
media.gemini.media/img/yallakora/Wide//2023/1/29/ 45 KB
45 KB 38ms
36ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Wide//2023/1/29/rades-stadium2023_1_29_11_12.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fb7bba92f538938a27403fba3ffe5d2212cc39a31a945a4aaf2921bde790c195

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6806
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45618
cf-bgj: h2pri
last-modified: Sun, 29 Jan 2023 09:12:09 GMT
server: cloudflare
etag: "938552c4c133d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xbmvlBRsX8yfkF%2B3br6USwmjC156ddEW3%2FbrJDdyv3%2BUF8BLSUXuF1awk6YsD6v3kw5ju5QBOaXKDgbsatu3cPK7NRd1514NigFuAbN45xtWpWeFGx2to%2FrgjRIeUGYHzpbhx7AaFMaq45MXa6gSiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 79118409d95a9ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 9912022_8_4_23_47.jpg
media.gemini.media/img/yallakora/Wide//2022/8/4/ 16 KB
17 KB 41ms
39ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Wide//2022/8/4/9912022_8_4_23_47.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4e01a37797acbfcf4cf909d3b0ba1478d2aaab430a555b3b2302882df1f3dec1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 234966
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16392
cf-bgj: h2pri
last-modified: Thu, 04 Aug 2022 21:47:27 GMT
server: cloudflare
etag: "eeb215ca4ba8d81:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2FFefV7BHDj0vFmdR50EhH%2FanSAm9Bm0y2u09Bk6YZQjZ2i1eIZVFIcIT21XqwbzTt1gK%2BppJktOR6j%2FNUtVMye3pNBgeJIVJluP%2BfsX8sOPdDoV9YcU2xKkKZnniMI4mTJlzkBg3xtKAilDM3gRnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 79118409d95b9ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 nbc-pl-liverpoolbrightoneh-2210012023_1_29_10_28.jpg
media.gemini.media/img/yallakora/Wide//2023/1/29/ 34 KB
34 KB 41ms
40ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Wide//2023/1/29/nbc-pl-liverpoolbrightoneh-2210012023_1_29_10_28.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8f66ac6b68d5a2e5ca06289cc02aef249617fc68ab65762f24f03df91da84c16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9337
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34396
cf-bgj: h2pri
last-modified: Sun, 29 Jan 2023 08:28:43 GMT
server: cloudflare
etag: "68caffb2bb33d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBhalAmBT5h%2B5XS1JyS0uNpmW6ZMoLcvIMp1EwPoKbLLKP3d4rlY2StGKIF%2Bq%2F44GLKja8WZFoRTib6LPv1zmB7bS%2BPTJRHkJgjr5fypkIy0G7utUWOfuFxABQI6IzBh%2BsecBbO8eW5RC5DvQ0SFgg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 79118409d95c9ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 000000052023_1_29_11_51.jpg
media.gemini.media/img/yallakora/Wide//2023/1/29/ 36 KB
37 KB 44ms
43ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Wide//2023/1/29/000000052023_1_29_11_51.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e44fec5a648b74e0d3ef336458bcfa9e015ddb81d9b50149ce9eb76dd20b7539

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3906
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36838
cf-bgj: h2pri
last-modified: Sun, 29 Jan 2023 09:51:22 GMT
server: cloudflare
etag: "24e9c33ec733d91:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwpskqkmKpnRAUAfJjxhzMGY5cGhCY3HIsZ%2BPZGyj2jwnTX3PEbQpQG1K7F8ffpq97vfTvRm6%2BNEYTFaWRU2mEERt%2FCLHATyvAw0UJGRW5xA9zHag85Q%2FYKeNCaCIFf7B7nI1QZ1CYt0f7bmCpcFnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 79118409d95e9ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 ewooyvbwuaeax1j2021_3_17_0_45.jpg
media.gemini.media/img/yallakora/Wide//2021/3/17/ 11 KB
12 KB 42ms
41ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Wide//2021/3/17/ewooyvbwuaeax1j2021_3_17_0_45.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 426a2a0d3ceb23e5fb8231d5d3e22ed54964beb48fa3bc05c6c789ec60ae5802

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11444
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11250
cf-bgj: h2pri
last-modified: Tue, 16 Mar 2021 22:45:46 GMT
server: cloudflare
etag: "3c41a51ab61ad71:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAr4zr6NsWBoSvRSw8ZWkRBJjoXcXDZr20qlMHGO14e2QKFjZDyyzCXeJdbo2ynyDg1qPD8vEoV8J827k6gCs%2B51fY88MeGinm5SiVUzd8DFqDWah%2Fhqe4UbayZHgqw2cqRDAgwiEdYkge8wsAa%2B7w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 79118409d9619ba4-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 200 GetLocation Show response
www.yallakora.com//General/ 204 B
280 B 104ms
104ms XHR
application/json 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com//General/GetLocation
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/bundles/Layout?v=dhZKBGNoGw7GA_3vUdchWWLp8O8mnPAwjgK9ndLEUBE1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4f27ba5334d2f8cb5590bbb434241748b59e62edcdfd6ceab82f23901118d140

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.yallakora.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sun, 29 Jan 2023 11:09:28 GMT
content-encoding: br
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: private
cf-ray: 79118409ddbe9944-FRA

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 37ms
36ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=830249864&t=event&ni=1&_s=6&dl=https%3A%2F%2Fwww.yallakora.com%2F&ul=en-us&de=UTF-8&dt=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%89%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%20%D9%81%D9%89%20%D8%A7%D9%84%D8%B4%D8%B1%D9%82%20%D8%A7%D9%84%D8%A3%D9%88%D8%B3%D8%B7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Location&ea=NotSavedInCookie&el=NoCountry&_u=aEBAAEABAAAAACAAI~&jid=&gjid=&cid=917374333.1674990568&tid=UA-53252402-1&_gid=1133082230.1674990568&cd2=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9&z=674618096

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Jan 2023 23:20:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42560
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 check-radio-img.png
www.yallakora.com/Images/ 789 B
911 B 37ms
37ms Image
image/png 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yallakora.com/Images/check-radio-img.png
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.css?ver=61.82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7e52e4fc73e5fbcbc16db9561e5d9c11f5f5b8daf3d15f3000e1eded523cfc8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/Content/Style.css?ver=61.82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:27 GMT
cf-cache-status: HIT
age: 2451531
cf-polished: origSize=1385
x-powered-by: ASP.NET
content-length: 789
cf-bgj: imgq:85,h2pri
last-modified: Wed, 26 Oct 2022 13:55:17 GMT
server: cloudflare
etag: "7f51b49442e9d81:0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 79118409edc49944-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 86ms
28ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-53252402-1&cid=917374333.1674990568&jid=146042348&gjid=1341112300&_gid=1133082230.1674990568&_u=IEBAAEAAAAAAACAAI~&z=769160917

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.yallakora.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 29 Jan 2023 11:09:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.yallakora.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pica.js
www.yallakora.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 46E5 20 KB
8 KB 28ms
28ms Other
application/javascript 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ae51b31bb04c2d6cd8165cf8685c6e9766292113a3b60a4c589a56572627ad8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:28 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7911840a0df99944-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 138 KB
51 KB 94ms
42ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NBQG46X

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/Scripts/IP2Location.js?ver=0.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e80d65f2977e9fc1eca5ec899e02b1cb626d068293df6aea6691076420223204

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52148
x-xss-protection: 0
last-modified: Sun, 29 Jan 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 29 Jan 2023 11:09:28 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 36ms
36ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=830249864&t=event&ni=1&_s=7&dl=https%3A%2F%2Fwww.yallakora.com%2F&ul=en-us&de=UTF-8&dt=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%89%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%20%D9%81%D9%89%20%D8%A7%D9%84%D8%B4%D8%B1%D9%82%20%D8%A7%D9%84%D8%A3%D9%88%D8%B3%D8%B7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Location&ea=GetLocation&el=Germany&_u=aEBAAEABAAAAACAAI~&jid=&gjid=&cid=917374333.1674990568&tid=UA-53252402-1&_gid=1133082230.1674990568&cd2=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9&z=1159413579

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 02:05:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 32612
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 283ms
229ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-53252402-1&cid=917374333.1674990568&jid=146042348&_u=IEBAAEAAAAAAACAAI~&z=554045062

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 283ms
230ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-53252402-1&cid=917374333.1674990568&jid=146042348&_u=IEBAAEAAAAAAACAAI~&z=554045062

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
37ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=830249864&t=event&ni=1&_s=8&dl=https%3A%2F%2Fwww.yallakora.com%2F&ul=en-us&de=UTF-8&dt=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%89%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%20%D9%81%D9%89%20%D8%A7%D9%84%D8%B4%D8%B1%D9%82%20%D8%A7%D9%84%D8%A3%D9%88%D8%B3%D8%B7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Location&ea=GetLocation&el=Germany&_u=aEBAAEABAAAAACAAI~&jid=&gjid=&cid=917374333.1674990568&tid=UA-53252402-1&_gid=1133082230.1674990568&cd2=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9&z=74835750

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 02:05:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 32612
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 79118402885e9944 Show response
www.yallakora.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 46E5 2 B
329 B 64ms
64ms XHR
text/plain 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/cdn-cgi/challenge-platform/h/g/cv/result/79118402885e9944
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=79118402885e9944
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 11:09:28 GMT
content-encoding: br
server: cloudflare
cf-ray: 7911840c19699944-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 Footer.js Show response
dashboard.ideanetwork.site/js/Footer/Yallakora/ 28 KB
4 KB 96ms
32ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dashboard.ideanetwork.site/js/Footer/Yallakora/Footer.js?ver=0.15
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBQG46X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52cd3bb46b6ee67d52144d3eb8bb68bcd3981aee02b4c119eaa7ae662e4207ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67971
cf-polished: origSize=37219
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 21 Jan 2023 16:14:02 GMT
server: cloudflare
etag: W/"63cc0f4a-9163"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iiUt9l7SUkfx%2BO952dz70o02Tuc7PYSWgSn6QlGLJqtEBQEirOoqHkZRsCb2zCv0KtjZmlP%2Fg103IbDiBfhxw8GwQqRrseP1TQ5b%2BVP4aojApYirVMz4CF7lHxjrAlOEhEnr%2F5Ow3Y6LAlmBO0g21y7ZGEpofv9pAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 7911840ca9c79150-FRA
expires: Sat, 04 Feb 2023 16:16:37 GMT

GET
H2 200 www.yallakora.com.js Show response
agorahtag.tech/c/ 38 KB
4 KB 92ms
30ms Script
application/javascript 2606:4700:3032::6815:4ae4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://agorahtag.tech/c/www.yallakora.com.js
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4ae4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 291c4346b397793f200b3143aa3d2223dbabe0cd2872433f54870c28342ee873

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:28 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: ZAK50AR6Y78KRMGY
age: 3505
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3409
x-amz-id-2: mgjc+IojNuTdZfe3fiS7I+9IdTcFWp3PsLUr6YjsvcjS/5gHSOnxHSbOx7T/Ja8HTRvrmy4YZqE=
last-modified: Fri, 18 Nov 2022 09:13:58 GMT
server: cloudflare
etag: "1c5ca6843bdf3a8a80930dd0f0ff2859"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1FEpaghpUfdXO6dIZetyjAIB0tFL2usz08kAlYC0rp%2FqkJqsNRXZOmDfI5%2F17tqUSDQgKvMdqXDcaHR%2Fil6RQzy2juAYvTngdvhI2jKkdQDusIzF5exGgZD75M5k7m415TnZ8v1n4qO5Q443gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7911840ca9ae92b9-FRA

GET
H2 200 / Show response
api.ipify.org/ 31 B
137 B 618ms
250ms Script
application/javascript 64.185.227.155
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp&callback=getIP
Requested by: Host: dashboard.ideanetwork.site
URL: https://dashboard.ideanetwork.site/js/Footer/Yallakora/Footer.js?ver=0.15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.185.227.155 , United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-227-155.static.webnx.com
Software: /
Resource Hash: de8f92ba83c2340d3ce444e77ce91b97671a64cf7267407b3f41dfb21f1ef73a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 29 Jan 2023 11:09:28 GMT
access-control-allow-credentials: true
content-length: 31
vary: Origin
content-type: application/javascript

GET
H2 200 projectagora.min.js Show response
aghtag.tech/libs/ 301 KB
89 KB 88ms
28ms Script
application/javascript 2606:4700:3030::6815:1b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aghtag.tech/libs/projectagora.min.js
Requested by: Host: agorahtag.tech
URL: https://agorahtag.tech/c/www.yallakora.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1554993bfd6558071bd0f007fbc97c32c540ad0339cdda7a274740b4b214ea7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:28 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 8K5NRXZW7WPDZT1E
age: 857
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 90328
x-amz-id-2: 5oHCeVGw57kO3b4Bjabw32n8AFfNIAoQ+iljn/AhVz2hYOC0/oMTgsW4xAt27cT98QqVBeo/voOd/Hl93ynk+w==
last-modified: Mon, 23 Jan 2023 12:53:55 GMT
server: cloudflare
etag: "2c3fecba794ee3a60bb8d2e93da739a4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjlQOfzFEwAkzos49jX8YCNiATrGrYSgy%2Fbp%2Fvrcr7MnyGP3t28pycfo5zN7P4AHDaRFNvy3bGCb%2FbWJD8JphxX%2BPnm%2BzMzve5sd9m%2FeidXSbEU0iZk%2BZkP5S2mrTIkajD7j0LpCxXMsEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7911840d49899213-FRA

GET
H2 200 xtb.min.js Show response
cdn.exitbee.com/ 58 KB
21 KB 101ms
34ms Script
application/javascript 2606:4700:3037::ac43:c1e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.exitbee.com/xtb.min.js
Requested by: Host: aghtag.tech
URL: https://aghtag.tech/libs/projectagora.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd3526ddba0514315d1dfabd7413c70fa2295b04c7c2b7764c7117803af3ea58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2741
x-guploader-uploadid: ADPycdvbUdwT4bT00V8vPpnaFZLNul4Xnc5dqFp1KEaYi5RJAfQIZr8RWkieGY7DoEH03MrYWaQcdcjd4zTcJ3OqpxOjNh4CuYZf
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 19 Oct 2022 12:26:43 GMT
server: cloudflare
etag: W/"903b1d44ea177befd6f3c248cf8208fd"
vary: Accept-Encoding
x-goog-hash: crc32c=iVmvWg==, md5=kDsdROoXe+/W88JIz4II/Q==
x-goog-generation: 1666182403691268
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2BIaCl0McRs96HS5ubA2JkjUcKfow9C2iB6LCBZ9Pt01qIpT5cMBpMMU1TXEh86dKc0%2F1DH3s2iGcueOkrz94Db1iH9OpewXnIa2UWWlELS7E%2BztIdAVBGiU6%2BGXkSgaOBt8gqccG6qGF2YjNvU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 59559
cf-ray: 7911840e3e40904c-FRA
expires: Sun, 29 Jan 2023 11:03:33 GMT

HEAD adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0

POST
H2 200 settings Show response
s.exitbee.com/8005/ 0
557 B 82ms
82ms XHR
text/plain 2606:4700:3034::6815:4466
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.exitbee.com/8005/settings

Requested by

Host: cdn.exitbee.com
URL: https://cdn.exitbee.com/xtb.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4466 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.yallakora.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 29 Jan 2023 11:09:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
xtb-visit-duration: 120
xtb-eb-response: 21
xtb-country: Germany
xtb-visit-id: 74abdc56-abc4-47a7-a7e8-5fd63936a1fb
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
xtb-zip-code: 99084
server: cloudflare
xtb-city: Erfurt
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WrANoxLMQcWDeBfuljFyG9C3WAdWWxWHIEKY2s0ugcjJ6hQvOPY1S4YUWOygJECybz014He%2FpIDhEt6TNmjywHttLkj2dcjpxv%2BGrYQFy3ZF9TN0dF2skBH5TdCCZLJ4t26zunrAw5slDRS3"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.yallakora.com
access-control-expose-headers: Xtb-Vid, Xtb-Visit-Id, Xtb-Visit-Duration, Xtb-Country, Xtb-City, Xtb-Zip-Code, Xtb-Pageviewid, Xtb-eb-response
xtb-pageviewid: c520a94f-36e5-44d4-8f64-6409f0a9a5d2
access-control-allow-credentials: false
cf-ray: 7911840f4deebbd1-FRA
xtb-vid: a5825316-70b9-4121-ac29-441e3b04a1d7

OPTIONS
H2 200 settings
s.exitbee.com/8005/ Frame 0
0 120ms
54ms Preflight 2606:4700:3034::6815:4466
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.exitbee.com/8005/settings

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4466 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.yallakora.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.yallakora.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7911840eed2cbbd1-FRA
content-length: 0
date: Sun, 29 Jan 2023 11:09:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qf9uduNipPKkHM6M0JZw5keKSyL2oB0w6ZnNlET84069KmJQwSfcg1XfE2FmGMNUZ%2BeVfrwTR5naCGgj9dDR27wordy2euC9jPLHhjL3ZSBATFb%2Fqz6icxZCvXHqHN9dgu2BhPu%2BMy2AzKhj"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 100 KB
39 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NDSNZ8M

Requested by

Host: dashboard.ideanetwork.site
URL: https://dashboard.ideanetwork.site/js/Footer/Yallakora/Footer.js?ver=0.15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4b7470180ed53b26412234d0cccd5d9803831e7f46f234893248c2aa6eba6a57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40061
x-xss-protection: 0
last-modified: Sun, 29 Jan 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 29 Jan 2023 11:09:29 GMT

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/ 95 KB
33 KB 106ms
20ms Script
application/javascript 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/ast.js
Requested by: Host: dashboard.ideanetwork.site
URL: https://dashboard.ideanetwork.site/js/Footer/Yallakora/Footer.js?ver=0.15
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: bf4aa8f1f339ab14bd142750fbd5d6aff7614187d1e2e0b491818fad0c7fb236

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Expires: Fri, 27 Jan 2023 02:17:51 GMT
Date: Sun, 29 Jan 2023 11:09:29 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 31894
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 33183
X-Served-By: cache-lga21942-LGA, cache-hhn-etou8220040-HHN
Last-Modified: Tue, 17 Jan 2023 17:19:51 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1674990569.257339,VS0,VE0
ETag: W/"63c6d8b7-17dc7"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 23, 10723

POST
H/1.1 200
OK v3 Show response
ib.adnxs.com/ut/ 160 B
972 B 103ms
22ms XHR
application/json 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

9d59cf0a39d2a47085497f76ab91a3db532900c3407c083a0e0c4c4080bff01d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.yallakora.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 29 Jan 2023 11:09:29 GMT
AN-X-Request-Uuid: a4bfaae4-c29d-439b-9e4f-2ab8d9cb1e02
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.yallakora.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 75ms
75ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7576742fc1b1994bcdf3a9df02e189e88140e6823154668e5c771a0fec50d22a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11126
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 84ms
83ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 Jan 2023 11:09:29 GMT

GET
H2 200 container.html Show response
937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7554 6 KB
3 KB 36ms
35ms Document
text/html 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yallakora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 11:09:28 GMT
expires: Mon, 29 Jan 2024 11:09:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5A8D 6 KB
3 KB 35ms
34ms Document
text/html 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yallakora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 11:09:28 GMT
expires: Mon, 29 Jan 2024 11:09:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E4C4 6 KB
3 KB 35ms
35ms Document
text/html 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yallakora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 11:09:28 GMT
expires: Mon, 29 Jan 2024 11:09:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F4A0 6 KB
3 KB 34ms
34ms Document
text/html 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yallakora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 11:09:28 GMT
expires: Mon, 29 Jan 2024 11:09:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DAEA 13 KB
5 KB 38ms
36ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yallakora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 180327
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Jan 2023 09:04:02 GMT
expires: Sat, 27 Jan 2024 09:04:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 32F5 783 B
967 B 33ms
32ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

306bce322ec17eacb680150f965a0c48ce5e873d06916304bdb9264751b175a5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YqovnkYdqlnTfRVWgfbCWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.yallakora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-YqovnkYdqlnTfRVWgfbCWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 11:09:29 GMT
expires: Sun, 29 Jan 2023 11:09:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 7554 2 KB
765 B 36ms
36ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:35:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5634
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:35:35 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7554 0
0 79ms
78ms Fetch
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CRiq36FPWY_W9Aa6y9u8PqsK2qAXos_3Hbu28h8iHEPS43Zi6MBABIIe-3j9glYKAgLQHoAG-vb_7A8gBCakC2FH_lG07sj7gAgCoAwHIA8sEqgThAU_QY_w80QviB7-H7dFpQEt-7unR6cVSdUq6FlWMUOr_9n96pYeN6mER-zNeXDUCLKpVg6wZfvsbQoLoatg1M7l7ytd3Sg6qBEjTu5KHsbkwyqStBddkQLTy1aNjMo27K4akZfcHKgKO0VhZApYlaNWnD6nh-Mwynq6sq9Bhdl_bXa_XH1XkW9krOY67tvgC92FmtQRxy9Z85PHQ3GM7cvYoiNDt_ehQPsHfD-nMqdS7ClO9c6dAuubvQwrQqVkhbw371ByrxFNdgbeEui3lBwpykjpQoYSml9A4LBau_9Ivs8AEuZaCrY0E4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB6rCwASoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQrd0c0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwzQFQGAFwGyFx4KHAgAEhRwdWItMzY5MjE2NDI2MDk1ODA3NxiPmSg&sigh=yTwiNG3-_yA&uach_m=[UACH]&cid=CAQSSwDUE5ymmeOgEY8v8sDqLLCtTfFNWSn2a-OUYjLhGoiQT3u8XwyW0J_1b1gf9NHnx21HL07WsxL9VNT3MBrbGdtpqpHK7WsMZ-J63xgBIBM&template_id=494
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/ Frame 7554 22 KB
9 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite_fy2021.js

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 10:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3309
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8871
x-xss-protection: 0
server: cafe
etag: 9510037503091481574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 10:14:20 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 7554 3 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:55:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 7554 18 KB
7 KB 37ms
36ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:55:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7554 156 KB
48 KB 106ms
38ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49065
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674650782302584"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 Jan 2023 11:09:29 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 7554 33 KB
14 KB 126ms
35ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 00:31:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 29 Apr 2023 09:35:35 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 7554 25 KB
26 KB 85ms
31ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSsSFayhFMukI1KYsqwQ9tIEU01qL-9LLWaoG0nY2uguKs0KNCZMhadqlFgUhw&usqp=CAI

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec66e5c012e4e56f1242b31faf24bf855acf336c821526ce64d7150d7a2355a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 03:14:23 GMT
x-content-type-options: nosniff
age: 201306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26028
x-xss-protection: 0
last-modified: Mon, 02 May 2022 02:12:42 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 27 Jan 2024 03:14:23 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 7554 21 KB
21 KB 144ms
36ms Image
image/jpeg 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ2Iaz7VpTj2lBltQKr8sCUpz78ipobhgl5uJWoD7kqkEP3qbVWHI30FtFuoWc&usqp=CAI

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad19787d6918da31389c40e7a0f575d175511aef25ec1d6aa7339e091e0d00f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 16:32:47 GMT
x-content-type-options: nosniff
age: 153402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21035
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 01:31:20 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 27 Jan 2024 16:32:47 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 7554 20 KB
20 KB 177ms
70ms Image
image/jpeg 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSBbO8sEYE0p46K-2ygiJSolAwpD7mA13O7JwVjQGZeKNwTE8RhFZQBAEUwKA&usqp=CAI

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa1dedeb3fe5848da17a5d5aa5eb6b57f51955c4a3222a98c906672d34836bfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 00:45:23 GMT
x-content-type-options: nosniff
age: 555846
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20765
x-xss-protection: 0
last-modified: Sat, 02 Jul 2022 18:44:26 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 23 Jan 2024 00:45:23 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 7554 18 KB
18 KB 78ms
24ms Image
image/png 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRnOEYQ9zE9_p4CY4g2yFfbDeGGJPFciR5qWgbrQ85QCUNFU72R&usqp=CAI

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72f5c28a9dd9759817eca2838f7181aa1298dff4c323768182a7c6a3b81e4bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 10:05:24 GMT
x-content-type-options: nosniff
age: 176645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18274
x-xss-protection: 0
last-modified: Wed, 09 Sep 2020 14:09:38 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 27 Jan 2024 10:05:24 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E92F 624 B
505 B 165ms
71ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGNSlmN8BMAE&v=APEucNWGmIBNz7t55QCgjdT8piHNvvZBsNq84d5R522oZkG7-9ripak2kyUjpgxUhWidFOII5HRvUK91Qt5svFotJSVYH-our5shGI1AXLXGyk6TmE3481mkNoS9qekiqOa0Aw4RLuKrUKOHpla3fTWfAMbhNkP3tnr1hfQuY9eGTIMBRju5L_4

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 11:09:29 GMT
expires: Sun, 29 Jan 2023 11:09:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5A8D 76 KB
27 KB 120ms
70ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27384
x-xss-protection: 0
server: cafe
etag: 10506132538256102613
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 29 Jan 2023 11:09:29 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A8D 42 B
63 B 107ms
57ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DgCTkW-CqO5uCz5hLejTEa43K52Ivs1yUOfODPLLhgfHx2MCxEbVni9kBNX_r1mnDP7FPkpDHzBuONAW-Mwg69cbv_1J8Enw-kHhEPh60SOaHAAsY

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A8D 0
20 B 107ms
58ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10994737686017621284&x=1&ct=76

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 5A8D 3 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:55:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 5A8D 18 KB
7 KB 37ms
36ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:55:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5A8D 156 KB
48 KB 124ms
70ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49065
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674650782302584"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 Jan 2023 11:09:29 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A3F8 624 B
826 B 158ms
71ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNU06BYeKP38vDTf0I_ARtT10Ij96v7knOZ4zmjjPqNx98artdG6U1QykdOQ3lWtd9urfOoc_65UjliVTHmQiIg2DTKVXYE3qjkd2sCJVd6jAeupAgUK3hrk9P5J12-Fby030AzBzMs66lMnhaaccPDzez7iEvhi-tGaTxKCODAI2P9lYVY

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 11:09:29 GMT
expires: Sun, 29 Jan 2023 11:09:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E4C4 76 KB
27 KB 202ms
159ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27384
x-xss-protection: 0
server: cafe
etag: 10506132538256102613
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 29 Jan 2023 11:09:29 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E4C4 42 B
63 B 100ms
58ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BGDcv5iFEFW0DQEVkcOZLyLZix_hep_R8Bc8v7DT0SsqfYLsSC7KoriTBbb5cLhKoXxsf1gv0dbe0tb_2fI96jkP_NerGgR8G_5h9Qd0BbH6HEcwk

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E4C4 0
20 B 101ms
59ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10189657396799687799&x=1&ct=76

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame E4C4 3 KB
1 KB 38ms
37ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:55:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame E4C4 18 KB
7 KB 38ms
37ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:55:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E4C4 156 KB
48 KB 148ms
100ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49065
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674650782302584"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 Jan 2023 11:09:29 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 264B 624 B
504 B 156ms
71ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNVQC6Tfll4hCr4pLncHNNnWP6y6lDf57AGI7sDGX7M0yM-4j_Yc1VEURb75_xBPSUgeAL8KLeslOaZseK_2xkanrmZo_EWcpaco3rrwJD9eVZURsX_Utac0NHrZs806kVdBtc9GHLGIMmjLGUWR0nDmTzNii87rrsuKpzd5t_qrRJRLb50

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 11:09:29 GMT
expires: Sun, 29 Jan 2023 11:09:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F4A0 76 KB
27 KB 196ms
156ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27384
x-xss-protection: 0
server: cafe
etag: 10506132538256102613
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 29 Jan 2023 11:09:29 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F4A0 42 B
63 B 99ms
59ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DKbujJxGg6bmrsd4zR9s-R2R5QQfdVGIgIiyokNOrN71U8TQkKmTeUXLWhKy92BilJjU0Ur9AaFfSp33L-BMzniPqEmyItJ3dMY-OSg6FyNOdvbwQ

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F4A0 0
20 B 99ms
59ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=668308051455222088&x=1&ct=76

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame F4A0 3 KB
1 KB 47ms
46ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:55:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame F4A0 18 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:55:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F4A0 156 KB
48 KB 132ms
87ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49065
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674650782302584"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 Jan 2023 11:09:29 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 32F5 0
0 91ms
59ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023012401&jk=1194166740777318&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js Show response
pagead2.googlesyndication.com/bg/ Frame DAEA 36 KB
14 KB 55ms
25ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

095583da724d5336d2a1fb96959c013f1bd05dbf3dee3a4c693f0eab60abd4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 11:24:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Jan 2024 11:24:44 GMT

GET
DATA 200
OK truncated
/ Frame 7554 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5967d48fa0b6ce4fdf228a2454ee82b64d54a0257f218a6146a204fe9578cef7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A8D 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9484758095689&version=m202209210101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A8D 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9484758095689&version=m202209210101&ct=76&x=1&cor=10994737686017622000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5A8D 94 KB
37 KB 114ms
114ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DiedQjI38W_viqcKkqvhD9GWB9Z8vpLz3M6Vx5Hx-o73BCOlkaaCZCi6npkJEWQUM5N1TxYi6Kf809u0L5ZlgtpdKnx8GXaLwuydBnN1FWYT5a8SxcLN-Nc3WJsTFuSxsK1sJggi8RggwxWnWrnY45jvWWZgkdLRQ_UzyHekT7Sy8ZREk&dbm_d=AKAmf-C4cMpFrOpFP-oUOeKXjVoMKGCy3wr82qyu_SnH5DUdEmV-994PgmVR1q4xKpBilHugq_lUji6LNIbLN79s4UGrqbL7x777ZvuIW5K_SC4A7sVLY9ggSmIX2jX8XU82J5paNIypAiGdA11sL0FMRsyRGvSTz2QBlPOxs-fbSLuKwquMJoGe27I0Et6mfEG0E9SjCpbKIol8OyIQ-BQEqdDjzdBzuAf77zcE11vy3EQUvj9oFwov6SUBjRr1U_Ue2cXm8lFfgff39uRzQe0NiRdVlvejWvug3j_hFoihMPRbV8bpKhU3ouqvxDFAdjfz0e0OwvJ5rVfJb9FB5i93PeQhOy9--j77jbQLC3p-qBITha8MgVWvxDME2zAoj7MPYe5Zp8kOm9-VnbZDPeTF2irQAr5Imrts5R3Ad7o39MysKuMgZuaMDaZDQH8C2zBP4UpfO4ifUeXbel2zo3PMsRcCFNZlnE-elTHUqkUX_jLPuSHR4KK3Itevm9w_Up3bJR4tfgBWt-s9eeqjL6ASr0hr-BPZE3QwD171cCGQ1FSbZmCbj7rdu5qm2CyEp7OhnAuVHIR3ctLq2BPSTyn2Np3lkuWvSeYikpa2w38SuOaQ-LVrlpPyhZq355oMPjC5y2wQGO1ACNtWLLyAjFWxLsJDYu_5IZWLy859z2m-me5a15MfiVTESvlttFP5A3eW9V9YUl9Xv2_6xeySh0-E0M1w2Wnz10Gw7T-_hOO8VGgCcbTwM3ZeGqCv26tRI41lzq2LJYNs8r0Td9MXN_Z8aMOK_-tPNeIQ15_biXnL-Bq9C9uOk2MblHqq6jjTzYdmRXlwIxO9cX9o2EvCoB3Ded8qgmpQYDazPoQxTCGUKu7R2QIu1hDcfGQAhPJ7O1kxFsyGHMMTiXe5QgNq_nmkG8mnWX6-Nd1aq5tG1gcRsl7iBCJxa1BLzgCY4tnv6l4mR-lYsmy4mfO_INErkPj06WBWJF6be-jh5e6C6sfj6S_xO3yps7dXrwztzA4tAJvh0PMgsIG-NYIsJnsjESoWuvwJzmQkeW-6TOICoiHySm-pd6ZuEentCjYbc2LkW2dX6oZCVwJwGeTksy7aU8nDNq4CQ3XQLd6F3xlZbCITfj6K2siCu2pBfH4NRmVx_JCcSHgWSdWmg7To3WuU2sJBqbsaIGnkxJ_Ivag-kqL1myuESAYPCn9hz5BapA0rPclSesDvBtTfSr1TJaH5zhmRHz0c3SmSAIB4ZJOTYvdow4nRLkelIDQ7-TfGkE-m-44Ars-jojlmWUNYrUaQHILGB19TqoOQGm910cPMnpvygzqYTMgFVFe2SVtLGlxCY5FkhLZ9MDdjHeANbRCn6VWPTgK6FDO1Ka_OsbjSio2-bwVMVauI5NHjpI9AJvFs2hMZLwQOB60lBgSPo_Uj8IJdbtR2p7BUX_DvpxcBNLd5sBmWhfFFoEHvfPS4SoQLjt_7rj9vCgbh-h7clWHaMv5iuIQvTpLAvPwLPJZ4j8x6-GYST8XRvBrw_0bQWjv7V1gYi2mkzUHplb69DAOVGv7_ZzceobvGt2slJsbCk1k94xufdA8FQT1JcVTC3xM6Y8SiPqWVmyS_OCLnLZFtV10rsk4qq37X3P-RZzaEb5ERIdDtbZoMdvyJMw_ZpI7243m9rwFqJrtUyWCSv-VHVN4t-6f-LBWXc24rstYYuZrVjl1N6p-9A3WtKY57oAZl0Vbfp51Emp0_bqNyYfwh_KEAFvvwqqpZgs6qTbuhAjWHUDtXItXKWcN9wdgdytApn5-w8YKyhSrXeAj5RLM-RdBJ3uGB389wXEZrfGgniQ6qeQU7hxXGfG6-NrZa9qFMUOGq5pT8t3s9o_WJLqEmuaiWT16ttBZVhQQ_OUFvsn2W0lfbFuziMXyZzxZNUIjDG-DZI3pnNQHcxZBxAnrYSLW791a_MrZYjm1zRoUg27_lssjmvNJqofxd_fwsXYP8tWMKVq-GyMXy0dv5tN3iOHNTRtGmChHjKdUJMTQ2rQlAjsDNZDRmTZxEGl7m5y3Rz9V2jZHbxBeByegmrXAuVSW3UfqHq9LzK1xlxplZPG04tG-dD2I7uclzEt1k2sYdnMKiQJKLGTTJSEbZGxvhCCkuCGC9rcE2402cHVMyKeQxSHWE_tDLXJV43ONU9F4IZ6xMcsbdSfmSdiA0Z7fps9Z5WcNO7Z1hE2rYUdLhDhMtYuP1legtMIKwa54-19A7dvtGQCgg7LEBRk8i4fyIX8jNocg4XUBn5-gi1P3I2H2Br1DYsuALG6-KdVXXEziNf0pGgKp7Iv1vAZDTxoZpxTRtaKEJizuFC-ngZLZ1wpLyKM3C0IyLid8SNtQdtWEmYeGAbOPXOUCu9K9DvnHr0uMiyJBt8nAopy0sArha3W__De08N_QvhLuytrrmrvxRAUvlJG5FJ8pFjC70s56MJQ_IdZGhVQIncZB7FrI5nbwXtoLcPW5mrWEAFmdkkW0jf9A9YsXKHUegnfcDHP2AAdqEwA_PJc8j81ILE4mTKXTE9lvG8IR_wWfnp41yy9AOM93CtXdBAuFLLU5CuLv2iowv7-TwjrD0AZTnxyQRUZ5MTg4Ku8Q2qZJFknMKAdUp_tllKG5T7QhEai0hgETXMJ7pv1XqaIRmlXChm1vhsoIwB__rUGfildT1hridkM9j6VEedjuvKw-7Fvl7buUIou5DKuhGpoK-wF-DQyIDthATBrRGjswVx9TbB-GEG0UTKGF4rcTC2fTNXzRuH_E6roVUmZR7x7oQSZLNL2gSZEIkLn6EaOfViypZKKCAMDFne4N74vMkxxdbqHRZinERQ_GZ_mIpEE1DO24uG_3E-u5txRzjY9NjpBN3oXaP9y8KZQh_PDc-FwtjR0t7wBMxi49hpO1P2M4SCpiU3XUoZWj_gYq1YGSzn1WJMtj7QPvOZGyfSAN-vHQkVdZCDgnSEcAf3kgEoa2kySy3mc3EptoJ2YbTM25AAgndHnohqMV0CuFEYB5Mmjw0Gnx43M57ap3lfhKtKNxneLgFnDb24YgtCvjXYL6249m8A-K2zqp7pYZPzqT0NZwuLR6yKtHScbGtMl7c2JDGn_kJ-WZ7SH11G7rn-wi9MXpmkTb4WLqT-KqEp6aac1gzOpwUVL3MIEMf6G4Wtmu7zl6BEz1kb_o5cTjU0-JrPXf1PZCKV680kwwQF-wgQ40VwfI---X-K8b0KWKpg0CJWx7KboJZ6frzQea_ItogaaS5VOImYj9OeVyjDAm6MQxxCQOaCfyVFvFmuuWPjqUnL5Kqq8H7ky1tpeQPnHvO6sRcptxfkD9ToQhpBl2uWShciUuGvHlNgTnyXUxX-LHjHrM6BxuBGdo65tpULaKS8H7TOU6CqN2RIrvFc6WpI9WA&cid=CAQSSwDUE5ymmeOgEY8v8sDqLLCtTfFNWSn2a-OUYjLhGoiQT3u8XwyW0J_1b1gf9NHnx21HL07WsxL9VNT3MBrbGdtpqpHK7WsMZ-J63xgBIBM&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.yallakora.com%2F&ds=l&xdt=1&iif=1&cor=10994737686017622000&adk=3047537735&idt=137&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f81334b57e3fbf7fe16dae86a170d7e61addf79c7efb2ded3be1f1dc3feb266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37938
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A3F8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqQC97EHVnQtI_WOHnyasY&google_cver=1

43 B
766 B

38ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqQC97EHVnQtI_WOHnyasY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNU06BYeKP38vDTf0I_ARtT10Ij96v7knOZ4zmjjPqNx98artdG6U1QykdOQ3lWtd9urfOoc_65UjliVTHmQiIg2DTKVXYE3qjkd2sCJVd6jAeupAgUK3hrk9P5J12-Fby030AzBzMs66lMnhaaccPDzez7iEvhi-tGaTxKCODAI2P9lYVY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 Jan 2023 11:09:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqQC97EHVnQtI_WOHnyasY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A3F8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9ZT6c4JdjkAG36WInldUAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqQC97EHVnQtI_WOHnyasY&google_cver=1

43 B
766 B

25ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqQC97EHVnQtI_WOHnyasY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNU06BYeKP38vDTf0I_ARtT10Ij96v7knOZ4zmjjPqNx98artdG6U1QykdOQ3lWtd9urfOoc_65UjliVTHmQiIg2DTKVXYE3qjkd2sCJVd6jAeupAgUK3hrk9P5J12-Fby030AzBzMs66lMnhaaccPDzez7iEvhi-tGaTxKCODAI2P9lYVY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 Jan 2023 11:09:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqQC97EHVnQtI_WOHnyasY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A3F8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEqEcgiE1tFZpPTiPcYdXBk&google_cver=1

43 B
1 KB

24ms
21ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEqEcgiE1tFZpPTiPcYdXBk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNU06BYeKP38vDTf0I_ARtT10Ij96v7knOZ4zmjjPqNx98artdG6U1QykdOQ3lWtd9urfOoc_65UjliVTHmQiIg2DTKVXYE3qjkd2sCJVd6jAeupAgUK3hrk9P5J12-Fby030AzBzMs66lMnhaaccPDzez7iEvhi-tGaTxKCODAI2P9lYVY

Protocol

HTTP/1.1

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 Jan 2023 11:09:29 GMT
AN-X-Request-Uuid: 59bf8168-6e48-45e2-9b91-6ee783d88a82
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEqEcgiE1tFZpPTiPcYdXBk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A3F8
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgzNjM1ODQ1MDYyMjUzNTgxMg%3D%3D

170 B
243 B

60ms
60ms

Image
image/png

172.217.20.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgzNjM1ODQ1MDYyMjUzNTgxMg%3D%3D

Requested by

Protocol

Server

172.217.20.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 29 Jan 2023 11:09:29 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 4731989f-5902-4d0f-b962-c95f5926b1e1
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgzNjM1ODQ1MDYyMjUzNTgxMg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 264B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqQC97EHVnQtI_WOHnyasY&google_cver=1

43 B
632 B

38ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqQC97EHVnQtI_WOHnyasY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNVQC6Tfll4hCr4pLncHNNnWP6y6lDf57AGI7sDGX7M0yM-4j_Yc1VEURb75_xBPSUgeAL8KLeslOaZseK_2xkanrmZo_EWcpaco3rrwJD9eVZURsX_Utac0NHrZs806kVdBtc9GHLGIMmjLGUWR0nDmTzNii87rrsuKpzd5t_qrRJRLb50
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 Jan 2023 11:09:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqQC97EHVnQtI_WOHnyasY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 264B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9ZT6c4JdjkAG36WInldUAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqQC97EHVnQtI_WOHnyasY&google_cver=1

43 B
766 B

24ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqQC97EHVnQtI_WOHnyasY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNVQC6Tfll4hCr4pLncHNNnWP6y6lDf57AGI7sDGX7M0yM-4j_Yc1VEURb75_xBPSUgeAL8KLeslOaZseK_2xkanrmZo_EWcpaco3rrwJD9eVZURsX_Utac0NHrZs806kVdBtc9GHLGIMmjLGUWR0nDmTzNii87rrsuKpzd5t_qrRJRLb50
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 Jan 2023 11:09:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqQC97EHVnQtI_WOHnyasY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 264B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEqEcgiE1tFZpPTiPcYdXBk&google_cver=1

43 B
1 KB

26ms
24ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEqEcgiE1tFZpPTiPcYdXBk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNVQC6Tfll4hCr4pLncHNNnWP6y6lDf57AGI7sDGX7M0yM-4j_Yc1VEURb75_xBPSUgeAL8KLeslOaZseK_2xkanrmZo_EWcpaco3rrwJD9eVZURsX_Utac0NHrZs806kVdBtc9GHLGIMmjLGUWR0nDmTzNii87rrsuKpzd5t_qrRJRLb50

Protocol

HTTP/1.1

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 Jan 2023 11:09:29 GMT
AN-X-Request-Uuid: cc1fecd3-a9e9-42f8-8d0e-95d3282263f2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEqEcgiE1tFZpPTiPcYdXBk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 264B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1MzMyMjE1NzgxNTg0NDk4Nw%3D%3D

170 B
232 B

95ms
95ms

Image
image/png

172.217.20.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1MzMyMjE1NzgxNTg0NDk4Nw%3D%3D

Requested by

Protocol

Server

172.217.20.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 29 Jan 2023 11:09:29 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 186fd903-4cc2-4de0-b46d-25aebcc81714
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1MzMyMjE1NzgxNTg0NDk4Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E92F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqQC97EHVnQtI_WOHnyasY&google_cver=1

43 B
632 B

38ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqQC97EHVnQtI_WOHnyasY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGNSlmN8BMAE&v=APEucNWGmIBNz7t55QCgjdT8piHNvvZBsNq84d5R522oZkG7-9ripak2kyUjpgxUhWidFOII5HRvUK91Qt5svFotJSVYH-our5shGI1AXLXGyk6TmE3481mkNoS9qekiqOa0Aw4RLuKrUKOHpla3fTWfAMbhNkP3tnr1hfQuY9eGTIMBRju5L_4
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 Jan 2023 11:09:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqQC97EHVnQtI_WOHnyasY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E92F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9ZT6c4JdjkAG36WInldUAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqQC97EHVnQtI_WOHnyasY&google_cver=1

43 B
632 B

26ms
25ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqQC97EHVnQtI_WOHnyasY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGNSlmN8BMAE&v=APEucNWGmIBNz7t55QCgjdT8piHNvvZBsNq84d5R522oZkG7-9ripak2kyUjpgxUhWidFOII5HRvUK91Qt5svFotJSVYH-our5shGI1AXLXGyk6TmE3481mkNoS9qekiqOa0Aw4RLuKrUKOHpla3fTWfAMbhNkP3tnr1hfQuY9eGTIMBRju5L_4
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 Jan 2023 11:09:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMqQC97EHVnQtI_WOHnyasY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E92F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEqEcgiE1tFZpPTiPcYdXBk&google_cver=1

43 B
1 KB

23ms
21ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEqEcgiE1tFZpPTiPcYdXBk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGNSlmN8BMAE&v=APEucNWGmIBNz7t55QCgjdT8piHNvvZBsNq84d5R522oZkG7-9ripak2kyUjpgxUhWidFOII5HRvUK91Qt5svFotJSVYH-our5shGI1AXLXGyk6TmE3481mkNoS9qekiqOa0Aw4RLuKrUKOHpla3fTWfAMbhNkP3tnr1hfQuY9eGTIMBRju5L_4

Protocol

HTTP/1.1

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 Jan 2023 11:09:29 GMT
AN-X-Request-Uuid: 0ec66686-3805-4905-a4ab-74db4794030a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEqEcgiE1tFZpPTiPcYdXBk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E92F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1MzMyMjE1NzgxNTg0NDk4Nw%3D%3D

170 B
232 B

62ms
62ms

Image
image/png

172.217.20.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1MzMyMjE1NzgxNTg0NDk4Nw%3D%3D

Requested by

Protocol

Server

172.217.20.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 29 Jan 2023 11:09:29 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 74162c99-20de-4066-91be-068a50c6187f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1MzMyMjE1NzgxNTg0NDk4Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js Show response
pagead2.googlesyndication.com/bg/ Frame 05A4 36 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

095583da724d5336d2a1fb96959c013f1bd05dbf3dee3a4c693f0eab60abd4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 11:24:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Jan 2024 11:24:44 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DAEA 0
10 B 36ms
35ms Image
text/plain 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?eV_75w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F4A0 0
20 B 57ms
56ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7419571703674&version=m202209210101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F4A0 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7419571703674&version=m202209210101&ct=76&x=1&cor=668308051455222100

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F4A0 92 KB
37 KB 101ms
101ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BmAFV6Gnn48u0b-pL1PVz9hRb_qMVllzOijMQvcaXmS401p3aU0ZB7m6wsX_LDlaCHs5G3qc6I2PPJPXbdDNwkEqcZrjWVasmDEPqIRCOLGugGU8hSJqZBebpSXDPXCb5g160bAEQVhJO9pMHGp3lmlO5JlZesFxs_6BIYfZoSA62XsYU&dbm_d=AKAmf-B6xsPyTSufehqVaVXJJTxOGDgeJeuMTMpXPXbhcfF94Igr44QXPRcI9V4esNIi8OlDgARG7DMSPuTWiSFg6DIsgxBKyygY6Xyv1w5dC-kCfqIa73wRcxy_M_sjb8yR521DI26eF0x1jDfFV9bI-JkNKUqoxpK0q5pE2n6U7h4Qw6BpPQe0IT7FYX7g3j3590NO_y6U6LpUh9QbqnjGvTpJwaShHmn_4OBGphvKTZGfCLNRjAoeogfWb3VBeBQCWPndVgj2YWLHzPw980xGhz_-4OfpqHMsQV3rJHYmkjJmfDypR4lvtugWKOESaWJ3Sgr1DnPUrEl5qZZyI9J7QzcG6L16pTnWZ7UycBvA4ZEJ0EVW60NAmhq4JjAXZdW8UopwFVNHSWm5Z9tf9i5pcKu7uryGpw1TMb2Qt0eWv0631eT_kHIgiZU2_1htfPogj35oUqeI5jt9fx61U7_d_Pwk0y1DtBAVE9FEHtI06EwTl2CdKLWcikhdbf1nIGrc8PZzxMaP2Ueyhn8gQFYao3W5jztzCQhf-b8LaFHmcL2ZLk0CPSxV9Vt5C8hWCCFpj5BYwL9trbLuPTGj2tYo7-l-ryV5QdleXdC-r1q_8OZqnX-05h66GEq7917-HmLliizJOCz0J7IBlReUbJbcGGycPVAoH-ELjBmtKTlSkFY450wFcQDPiomopUVYzCKgvseQ2G5rTApmdsitfWt0Sev6T8CXOT8Y371NL3VrOup2YfwnJq_fURvsI7sV1cyymwTuvGJXU-0DfEyL5Ka9YRwa0e7ugdmeDi0mbOhhpCBIi0P-anqgjYOOO79UdWdSEXkvMVrFTi1qB-zSt3dL88EZKI9z87qSGdo0loGatMY5OtyqnupDnjcW6qqoyqFQvyzF7JaHHH5kojSVbJbfRFy1LRkwzv13HBjhzLNW4H7k73I9b8JCZxhSxhdzCLcuhbTR7K-HYslb63Diklo7WV7W609BAo5lPIsvcU8B5oiT-qIa6JHct2gFfBM18iuGcQWjSiVChJLVf2UUTOIyfDI5WI2KfhntdG8oo0sMuuSJYGN9Zx0Q0p-oZOYkwMhnufudqjCpuAGXJ8IPPdqn0T5GBUAeFdF0cQPt0LP2pkOL1cWFP6IUl2zWVEGW1Xq8cP3iDUSdPjcxAjgSTld6EFz2UC5rqQEkf0oNf6CayZHE47u3Q6li7k949duB1XC9EmDykFR4SzDUYxLj4ywdAHEvEGGACrKvFQcWcyOVlIl4otxRmMt1BWYLpGVjfB5RPh2bPItOVqfT-L4UTQ9Hf9GM4r2mujc6azpyk_rllr1x9VnexZB81Oc69Q_ePt48Caz7GX2DJwHVSeHYAJ39epVExAutmF4W67xX0rMY4tGOJjBr59FhohjLinhbTMp7kJSryIHq1R7dvlchElxgm_-T4iHmWVDly9yQXCThbGviLciEy8IfvqpRqI5Em-aLdw9TFniiIw5AOsdtZVD7JmQG_GfnWvr2Yc1jGgMDMl4HR0NBv_mw3jkPJA9ZVMN761TCGa7NQUd4WQ-NO67miby1FxFMtSXF1oxQKM6MlhRK95OpUTXYBpT3UIuMtp3I9rQc0GNWSwAl6AxyY1q-3qK0ate8aqpnLpZ89ynMD1EHK7m7z8BPv_RMr4AVNHlovifFqPOaAEPURYxk4k92YAtUAztyhbwtZIfbVzRlxnLEjSyQuveLrvkR_UVhLwLRFRmHU7hAoEv82lQrpyRj7DI5kUzyGi_vTBipr5uZHBdrJVv3FJyWrzZsTzGZajxUKBsBP8om68UxDGv8vOpdKD3knkHqxRRG1HiMLcPWxwu2xeY5lsYBCx7c5AkmRb58PAHmumKTSx4npcab-LS41LFYCOQMsDhytwYdaWxO9d_I0PajtpHumfOrdjspP7vnWmORaBdmNdCjvQ2gmFgG0VYRbXfJxv3CF3sCWZCscebh0rhO50CO2v2bSsUL0p7YmBeeMrdra_6WmbFIaee1-AJA4NH4jhT7ipLAbX09l_lxxj7ZJe212I1DYq-Es4X3exauHuB4QoATYcoEbJfnYZTivWjNTVLEo0TNoUXYTVbAJC7OQ94uklNP1BHKYHpglLr6IIU3Z64Eto_Evylqagq-FvFN1na4k8CxokgpqGiBlqaBZvW5nc6GXYe7XaJD1jFnwcJjRaKbI3M3e6E3VX973QSqA-Fkt1v8dktsQ9U_c-xNuUAB0FUgmS8fmvANbnGhpkeUkdaUbIe_PFO3iE-e4oYjwBCWtvyfEONM6xTG2V5siY6trXUUkLPT-budH4sIEFr-0rwNvAnfi1I97B2JSN9aV3KvCKciQCHXvHokTf9TicTnn5OiXf2-X9mAuZJfzR8xRMpWfr_swjaYqqVXbhYwH1pm_QfhHTDHEzhiiPWMezerRvS3lCL4yauB-OtMLxcj_0teWayD8JNlhDGWBcdextQJKzCcprRhF4kaSpukFa4y3K050MW1oCGanWLM19J_o33VzQ_VhM9PUOvVfjjjaZqSrzT1LhHnMQZdaKaRu_jt2fkf23ZENKMNe_R4erRCVYyAzF0pcikcQhF7Wh47TzYj32KX7zw5nZFrad1Am6mt7S-Z81Pq3pLEFFAb2voo-d6YMnjpin1PRguEOYZc3nbDJJhqSJDtUsQSSvpy-h2MKL_tOKaD9Bvr3S_i_J514mOykS6O7RgS1EEbpSJVIHMHYZX0X0uiNZt7FRoL81JE4pQWE6bKwKemO9raXtntmm7xPo3kmbdve7f0aZ5m3jeCM5RexVNM9Dko5-HGSUkPo7cLZ4zbKCydfmTomYehjIY26bzR9yIRBGqDC9fA1uVrBC86QB8yUVjEI9kT3x9pjUjxU6OzdAqY4LVnswJUjPUdYX8iLXZ20hlzJqTSwC7QMtQYbFdIb43kqOdlibW4z5J10CkOJ0EqYsjcdvbIEGhkMqSQcwhFzIbA5-afpl7Xd7q968m632KX0me-VO7ejAqr5HcyxzLEoVXEfXKsquFfzvwfmV09NcOVZIwdFTntJbG4dr66nwRRSvCx084EILPWEiRk-zTN4hZWHH_41373BfWNk07zAXSyWekp1X5iKwX--Sms7RNfV5ANRuivOkZqN59A1XDDp6Hylv5fcK-xmPLXUWaqRXIwVSnqVizRJgyprVq-iNwdqLPsTiWvXdkjUu-u6-RVkeTfsv4SDiXd1SFCBPOiiRMNAn2oWgLfVFIQEIaFRPGDXX7ErjyVWsFa4C4azsI7rLCQ82XW1Kr1errm4RvnWcwCgC9cvTSZOeXcepkBVZ1qtDmpUq4&cid=CAQSSwDUE5ymmeOgEY8v8sDqLLCtTfFNWSn2a-OUYjLhGoiQT3u8XwyW0J_1b1gf9NHnx21HL07WsxL9VNT3MBrbGdtpqpHK7WsMZ-J63xgBIBM&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.yallakora.com%2F&ds=l&xdt=1&iif=1&cor=668308051455222100&adk=2086295851&idt=211&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ea5dadd9304720cf8b575e66865f73dbda63bba5b1b66778a55b064a0a37d1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37520
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E4C4 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7066022661660&version=m202209210101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E4C4 0
20 B 57ms
56ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7066022661660&version=m202209210101&ct=76&x=1&cor=10189657396799689000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E4C4 92 KB
37 KB 106ms
105ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CE-P3Q1anNRwlSCtoh69hCyTY84pfZDCOV4oWR7vt3kB7UkjHWx4YaioeR_MVCdXhYfnqX533s6-SfYgWmXvPAlgGWwBsgDOXdvTTzWFd5lWPz3FL1kK18DDrpeFBIhvQQznX2w0kq2Lx5OG_fveLsPJ8EuPY16lf5Aae3y6UkRi3cK5o&dbm_d=AKAmf-DtccRKABmzVUrovBptj8Mx-rhhPRw3rsSjP-ynULPQ3nPUcHZWJub9mUg_XBoShNq9BOJnS1Dc9yCWNkSv49mIBocuG-Z7IrsMXwo79VYEA6nGpNbiUdFJ3QrkoGW9AvZnoBG1xUkZV18KbfPPJ2uzooNwg-e8yQM0FvFtJ7aMrRnHQ6nKu7BWHz0_Zqfd7smdk2GkUIFhMMYLg24f74d8NOAYXEb3e2tEMwR7rHd5I8zVR_QUUFofA30RZ_UJpwgXtzEXTnTYzYjvoPE7RChchXjdgl2x0nraa-3WhSXAn8U9b8Du7aRm8kH08XTI7W6ptDgcipMrM37vz57gXoQZUFz3P2jL7-TBEoqSozAx9hqnFQl3T1wRT_2MTzdSO50Y34ONyLhwDeK-QHx1IVofS3Lfq6P9YXZC83axJr4UMRoRBsk0qYQdZlG0VZy-NAt8YHMT3qPMmP-9YrMSRYtkc7ZBa1JmG2lthn2oVIphyCgBopbnK6dQLNlWDHOJGkUilUvNQo3G5NzBGNLKrc5SObMGmSpPW2vkwwmjs4fKTNuxAAqDugaJmxA4Az5I-wADagxnjFADBdqKsxT1B0getmq6jzkoow4feSIL9MXRRmtI7y8vEXBQA635coCKgqR2Exs4JkOzFh0PzZXZa-7KpDnWgyRGgMqfnu1Bf_Ip3IwdoJVGDpyndp7QViPrSV30RRNUvs1WQKdqBljwn_DP4TIYDeOsgP1r8eE_nZSzM-KHcLn7ZR8Jxie6WxtJtduinGqjdoi9Doe1gIMPLnc2P9MbBqMi4DJxI72cO3OGujbFGK2qoglPA77pkJN27HQcYW-Mfc3K4F9RVOiKrBZAiTZprCtMDzZ6ewnTzb7ZYYcZOoRYzzLrcFDyqbleHxZwIJlH_ZhnWZSiH9XjnUj5ctvPQ72rinEWxy4YADRy6I6mYuzqBjZqMGcadn84JBTtsZpxOVHueCk93qmZ7dsh7dbE4ZGZfq50s8lvQDxtgOq6A3EpUt1JcEQkKITj06t1NzR5oJPI0Ph2w-jt11PCt23w3ZfpHJyffTOpUXXdK0H4XRsRL5bqD66TAV0CDwnFNeovzXEnB_6-bJeBk4yzOUb1tzofEVsBf9pjefFOTMU50fZ-8du2gHB-Zk3WYZE4WLdzPibJYFgadazor2FBX9MX-OwSjj0hP8MXzBKC3PgfIIAmajkAMxwDthfnJAONu0UR2kdF-oxokauGfj1O16WIwOj9mgOqSobM4520kcoB_Kf80tfdi4YppK9K5gVwm_jZS4H7H6YzdOQSXnnPW1me0SupTjhnbovl89KBcS4ugxfTPd5ouumEdWbWrSIMMsk3Ji9YUuxRjf3OcHjo2sdTrWQ9QiCg24xFtB0SFhhx2mTzbVbdbiegFO5zMdLEM-6vlww1FiH77ED0qHhl7QQXBT9iFSVvJlj7JBTQA_sBxu9K1Bx3ixhOI3DZImEIJT1IzydLAh8Nr_rs6HSqQJa8VxgsgmqMfxRKqr9Jd8oKtmv-0Fqu7271ktJeQOEyKKTDduIO02y6LuVxTUtPKgV9MGFPcRPuc8rs3vfAuadWi3F3ZCGO5pOsJ_gLkov2WO976z8VuqZUT4sKUjKl6PWL1tbMPlMIF8lGOgfcUChYrLJfDcLkOZicgyG8U-ytec-hXGFTmUeQUKvSAJj6BTxRW-8TtIjljpw74kaNTQrFtvg6qqjmZA8oyekghX6CSx1aIEG2pWN63ob39Cm4cFpCfs-Dngjw3a1UeoBUbc-kja_HOTSUI-PNmtOePGRBXqH8rsiInuWut6XsgVE-CgrhNtGOH_V-plMfau61En3BiUkOPWgR3Va-2E4sBfW4UCtrNT1fdtyDl2HchVXPfeLvEuNSVI2o2mhYJpmsMaPH-Avj8VP27ZcPDovpFCTF9cRrJQ-mSotYpRjkTf42YBANFcxDyDmXHv7rBZEt33kxIY4H_8alp0e_NBxrA9N63pPptvfmBCQA1AQjUqK9nOzzzl1iH2efjkietZeiIqJ06EBLOBHXqe73EJ8kEpmTAH6T-ZjbWPNBTTE_jAv6WcMXJeFftGVB-qhSYx_W-STkE7JZ86iL91igluzFmEeidl4ciA8OQnBA_TxQg_Dl1c-z_DNrgWIzpDNTk8-ogpYoC06YKug9HXqVaoML07TYrc16kBcM-Ddd5Fn7DLn1aIKTd8vCuISQ4h7o2WVmw42lWcmM-ECqW4o0_2G7FAoqEqDt2uqQgjEBTfKs4o86VneRU5uQFs_WYopDcdYGZsZxV21gdAfi1ZJmZlLUf7L20mki8IqcQxe7JloYUGS2N84eh-RYVPrCt2h3_whW3UZ9XnlVT1BI7cL-desIO_JcDHjaoy3PJ6V5L4rvQt6brWQFiKEuZRLOXFVo99T6Fs9Pa_OE2bZujemVnkLdNbICehACcZqIs0nBnzk-fm2g5cKRK1MP4BW4et4Gi2r3Kc1bEFtNRHI8V_UhPOMOQAKVGaHw3SqsU47wno7Sh-b602XezPzjmmKbJx2bjxufOuzIAmFb_v_ps2zG583v5fKw4dt_wIKODGgoy2L31HMlOKq4EcZD3RE4KIg8i4lY3n3u55dPzWDuHYaSKWYAySzSp5DGxCPNqLaP-K3Utc0bz9TtpHFyp8RNlldDfA5heB2n1XDivuJi9JFQeXcppbkKd2OhYHtyTAQC2pBSkNgnx_t9iVBx6VRLXB_mumW38R9pDeLzNuzsE5TV4KgQXi9nHCUa-wiG0KuiqrRgiS9t1tUCPVJFbFeyCnYQTaiIls5lFnL-UJHPU1GQvjLWEz4W0-HdiXWuiw1AX8YJK4CK5nSpgEoeJebCUpTl_eDBjmj0ijhzApUYuZHmncoTJdI5RC0heRPuaa17Lxh8NPcxSlj8mmx5Wv73dv6uCrrTWG3Pc8CswRGXr5AJ5xnwC3zspcQ6VL4UpRHoZmEvj-qZr2n1Bft00I-X_IX_FqrKHMeCO4mG0CJqK6nhRKTWTL7K6eQ4s31LR9jrPISjJl-f6f75zxp63evvLuRRR3j4S1M50xMDYgbatwv69OspykqG9VR4vOWPyUYxqw_YjAJDNKxjAu2lZpk9Sp6usfLS0WNZ1cDrl-83m4SaNa0bKUQUQzKHdib-qW5qaBXSfYxtteWPKLPn2Nj4NAN_ELu7Tm95ypVEKAPuwBc6pv6Oe8VY-9ZDgq6bt5wZfQc-D3IY9QRGSgkRk9ko8PgvF3ciX3rPaUCcGkq9yd-vFD8ha01n5jyp9tL8CJWiFuixpmAJ_jS3WFwkrhKnV8NemJXS_8xS1Cg&cid=CAQSSwDUE5ymmeOgEY8v8sDqLLCtTfFNWSn2a-OUYjLhGoiQT3u8XwyW0J_1b1gf9NHnx21HL07WsxL9VNT3MBrbGdtpqpHK7WsMZ-J63xgBIBM&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.yallakora.com%2F&ds=l&xdt=1&iif=1&cor=10189657396799689000&adk=2857193498&idt=215&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

747265ebccb549467dad1dfc5188a3001835816aa22f92471595216bd59e52f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37650
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1333191/69032163/ Frame 5A8D 46 KB
12 KB 217ms
46ms Script
application/javascript 54.171.32.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1333191/69032163/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1010377851&ias_pubId=pub-3692164260958077&ias_chanId=1&ias_placementId=19604626700&bidurl=https://www.yallakora.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gx3CNR5X5zd6Ts9HwUrn74
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.32.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-32-12.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 62a5ea6691591b096c2d4dd0b5b94d45ba6c7c2e5f5a3a08c2e9de7b852bfa22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:30 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 5A8D 106 KB
37 KB 145ms
36ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
Origin: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5634
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 Jan 2023 09:35:36 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/ Frame 5A8D 8 KB
3 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DiedQjI38W_viqcKkqvhD9GWB9Z8vpLz3M6Vx5Hx-o73BCOlkaaCZCi6npkJEWQUM5N1TxYi6Kf809u0L5ZlgtpdKnx8GXaLwuydBnN1FWYT5a8SxcLN-Nc3WJsTFuSxsK1sJggi8RggwxWnWrnY45jvWWZgkdLRQ_UzyHekT7Sy8ZREk&dbm_d=AKAmf-C4cMpFrOpFP-oUOeKXjVoMKGCy3wr82qyu_SnH5DUdEmV-994PgmVR1q4xKpBilHugq_lUji6LNIbLN79s4UGrqbL7x777ZvuIW5K_SC4A7sVLY9ggSmIX2jX8XU82J5paNIypAiGdA11sL0FMRsyRGvSTz2QBlPOxs-fbSLuKwquMJoGe27I0Et6mfEG0E9SjCpbKIol8OyIQ-BQEqdDjzdBzuAf77zcE11vy3EQUvj9oFwov6SUBjRr1U_Ue2cXm8lFfgff39uRzQe0NiRdVlvejWvug3j_hFoihMPRbV8bpKhU3ouqvxDFAdjfz0e0OwvJ5rVfJb9FB5i93PeQhOy9--j77jbQLC3p-qBITha8MgVWvxDME2zAoj7MPYe5Zp8kOm9-VnbZDPeTF2irQAr5Imrts5R3Ad7o39MysKuMgZuaMDaZDQH8C2zBP4UpfO4ifUeXbel2zo3PMsRcCFNZlnE-elTHUqkUX_jLPuSHR4KK3Itevm9w_Up3bJR4tfgBWt-s9eeqjL6ASr0hr-BPZE3QwD171cCGQ1FSbZmCbj7rdu5qm2CyEp7OhnAuVHIR3ctLq2BPSTyn2Np3lkuWvSeYikpa2w38SuOaQ-LVrlpPyhZq355oMPjC5y2wQGO1ACNtWLLyAjFWxLsJDYu_5IZWLy859z2m-me5a15MfiVTESvlttFP5A3eW9V9YUl9Xv2_6xeySh0-E0M1w2Wnz10Gw7T-_hOO8VGgCcbTwM3ZeGqCv26tRI41lzq2LJYNs8r0Td9MXN_Z8aMOK_-tPNeIQ15_biXnL-Bq9C9uOk2MblHqq6jjTzYdmRXlwIxO9cX9o2EvCoB3Ded8qgmpQYDazPoQxTCGUKu7R2QIu1hDcfGQAhPJ7O1kxFsyGHMMTiXe5QgNq_nmkG8mnWX6-Nd1aq5tG1gcRsl7iBCJxa1BLzgCY4tnv6l4mR-lYsmy4mfO_INErkPj06WBWJF6be-jh5e6C6sfj6S_xO3yps7dXrwztzA4tAJvh0PMgsIG-NYIsJnsjESoWuvwJzmQkeW-6TOICoiHySm-pd6ZuEentCjYbc2LkW2dX6oZCVwJwGeTksy7aU8nDNq4CQ3XQLd6F3xlZbCITfj6K2siCu2pBfH4NRmVx_JCcSHgWSdWmg7To3WuU2sJBqbsaIGnkxJ_Ivag-kqL1myuESAYPCn9hz5BapA0rPclSesDvBtTfSr1TJaH5zhmRHz0c3SmSAIB4ZJOTYvdow4nRLkelIDQ7-TfGkE-m-44Ars-jojlmWUNYrUaQHILGB19TqoOQGm910cPMnpvygzqYTMgFVFe2SVtLGlxCY5FkhLZ9MDdjHeANbRCn6VWPTgK6FDO1Ka_OsbjSio2-bwVMVauI5NHjpI9AJvFs2hMZLwQOB60lBgSPo_Uj8IJdbtR2p7BUX_DvpxcBNLd5sBmWhfFFoEHvfPS4SoQLjt_7rj9vCgbh-h7clWHaMv5iuIQvTpLAvPwLPJZ4j8x6-GYST8XRvBrw_0bQWjv7V1gYi2mkzUHplb69DAOVGv7_ZzceobvGt2slJsbCk1k94xufdA8FQT1JcVTC3xM6Y8SiPqWVmyS_OCLnLZFtV10rsk4qq37X3P-RZzaEb5ERIdDtbZoMdvyJMw_ZpI7243m9rwFqJrtUyWCSv-VHVN4t-6f-LBWXc24rstYYuZrVjl1N6p-9A3WtKY57oAZl0Vbfp51Emp0_bqNyYfwh_KEAFvvwqqpZgs6qTbuhAjWHUDtXItXKWcN9wdgdytApn5-w8YKyhSrXeAj5RLM-RdBJ3uGB389wXEZrfGgniQ6qeQU7hxXGfG6-NrZa9qFMUOGq5pT8t3s9o_WJLqEmuaiWT16ttBZVhQQ_OUFvsn2W0lfbFuziMXyZzxZNUIjDG-DZI3pnNQHcxZBxAnrYSLW791a_MrZYjm1zRoUg27_lssjmvNJqofxd_fwsXYP8tWMKVq-GyMXy0dv5tN3iOHNTRtGmChHjKdUJMTQ2rQlAjsDNZDRmTZxEGl7m5y3Rz9V2jZHbxBeByegmrXAuVSW3UfqHq9LzK1xlxplZPG04tG-dD2I7uclzEt1k2sYdnMKiQJKLGTTJSEbZGxvhCCkuCGC9rcE2402cHVMyKeQxSHWE_tDLXJV43ONU9F4IZ6xMcsbdSfmSdiA0Z7fps9Z5WcNO7Z1hE2rYUdLhDhMtYuP1legtMIKwa54-19A7dvtGQCgg7LEBRk8i4fyIX8jNocg4XUBn5-gi1P3I2H2Br1DYsuALG6-KdVXXEziNf0pGgKp7Iv1vAZDTxoZpxTRtaKEJizuFC-ngZLZ1wpLyKM3C0IyLid8SNtQdtWEmYeGAbOPXOUCu9K9DvnHr0uMiyJBt8nAopy0sArha3W__De08N_QvhLuytrrmrvxRAUvlJG5FJ8pFjC70s56MJQ_IdZGhVQIncZB7FrI5nbwXtoLcPW5mrWEAFmdkkW0jf9A9YsXKHUegnfcDHP2AAdqEwA_PJc8j81ILE4mTKXTE9lvG8IR_wWfnp41yy9AOM93CtXdBAuFLLU5CuLv2iowv7-TwjrD0AZTnxyQRUZ5MTg4Ku8Q2qZJFknMKAdUp_tllKG5T7QhEai0hgETXMJ7pv1XqaIRmlXChm1vhsoIwB__rUGfildT1hridkM9j6VEedjuvKw-7Fvl7buUIou5DKuhGpoK-wF-DQyIDthATBrRGjswVx9TbB-GEG0UTKGF4rcTC2fTNXzRuH_E6roVUmZR7x7oQSZLNL2gSZEIkLn6EaOfViypZKKCAMDFne4N74vMkxxdbqHRZinERQ_GZ_mIpEE1DO24uG_3E-u5txRzjY9NjpBN3oXaP9y8KZQh_PDc-FwtjR0t7wBMxi49hpO1P2M4SCpiU3XUoZWj_gYq1YGSzn1WJMtj7QPvOZGyfSAN-vHQkVdZCDgnSEcAf3kgEoa2kySy3mc3EptoJ2YbTM25AAgndHnohqMV0CuFEYB5Mmjw0Gnx43M57ap3lfhKtKNxneLgFnDb24YgtCvjXYL6249m8A-K2zqp7pYZPzqT0NZwuLR6yKtHScbGtMl7c2JDGn_kJ-WZ7SH11G7rn-wi9MXpmkTb4WLqT-KqEp6aac1gzOpwUVL3MIEMf6G4Wtmu7zl6BEz1kb_o5cTjU0-JrPXf1PZCKV680kwwQF-wgQ40VwfI---X-K8b0KWKpg0CJWx7KboJZ6frzQea_ItogaaS5VOImYj9OeVyjDAm6MQxxCQOaCfyVFvFmuuWPjqUnL5Kqq8H7ky1tpeQPnHvO6sRcptxfkD9ToQhpBl2uWShciUuGvHlNgTnyXUxX-LHjHrM6BxuBGdo65tpULaKS8H7TOU6CqN2RIrvFc6WpI9WA&cid=CAQSSwDUE5ymmeOgEY8v8sDqLLCtTfFNWSn2a-OUYjLhGoiQT3u8XwyW0J_1b1gf9NHnx21HL07WsxL9VNT3MBrbGdtpqpHK7WsMZ-J63xgBIBM&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.yallakora.com%2F&ds=l&xdt=1&iif=1&cor=10994737686017622000&adk=3047537735&idt=137&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 20:35:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Feb 2023 20:35:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/ Frame 5A8D 28 KB
11 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f9909775d48d612aae837f0153817e8addbfa082f901254471bced4d8c72691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 20:35:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10810
x-xss-protection: 0
server: cafe
etag: 8766511519597269738
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Feb 2023 20:35:33 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5A8D 41 KB
15 KB 37ms
36ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4759
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 09:50:10 GMT

GET
DATA 200
OK truncated
/ Frame 5A8D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 044b0bbcda074142f53551630be8da19ebf328b0d5e3b58e1765e0c6a4eae188

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634100/ Frame F4A0 242 KB
73 KB 201ms
85ms Script
application/javascript 54.171.32.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634100/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.32.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-32-12.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 033c133145e785ebb3bbe4d6416bdd2178c72665b20c48ee3d643cf5d0fb667b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:30 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame F4A0 106 KB
37 KB 131ms
79ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
Origin: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5634
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 Jan 2023 09:35:36 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/ Frame F4A0 8 KB
3 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BmAFV6Gnn48u0b-pL1PVz9hRb_qMVllzOijMQvcaXmS401p3aU0ZB7m6wsX_LDlaCHs5G3qc6I2PPJPXbdDNwkEqcZrjWVasmDEPqIRCOLGugGU8hSJqZBebpSXDPXCb5g160bAEQVhJO9pMHGp3lmlO5JlZesFxs_6BIYfZoSA62XsYU&dbm_d=AKAmf-B6xsPyTSufehqVaVXJJTxOGDgeJeuMTMpXPXbhcfF94Igr44QXPRcI9V4esNIi8OlDgARG7DMSPuTWiSFg6DIsgxBKyygY6Xyv1w5dC-kCfqIa73wRcxy_M_sjb8yR521DI26eF0x1jDfFV9bI-JkNKUqoxpK0q5pE2n6U7h4Qw6BpPQe0IT7FYX7g3j3590NO_y6U6LpUh9QbqnjGvTpJwaShHmn_4OBGphvKTZGfCLNRjAoeogfWb3VBeBQCWPndVgj2YWLHzPw980xGhz_-4OfpqHMsQV3rJHYmkjJmfDypR4lvtugWKOESaWJ3Sgr1DnPUrEl5qZZyI9J7QzcG6L16pTnWZ7UycBvA4ZEJ0EVW60NAmhq4JjAXZdW8UopwFVNHSWm5Z9tf9i5pcKu7uryGpw1TMb2Qt0eWv0631eT_kHIgiZU2_1htfPogj35oUqeI5jt9fx61U7_d_Pwk0y1DtBAVE9FEHtI06EwTl2CdKLWcikhdbf1nIGrc8PZzxMaP2Ueyhn8gQFYao3W5jztzCQhf-b8LaFHmcL2ZLk0CPSxV9Vt5C8hWCCFpj5BYwL9trbLuPTGj2tYo7-l-ryV5QdleXdC-r1q_8OZqnX-05h66GEq7917-HmLliizJOCz0J7IBlReUbJbcGGycPVAoH-ELjBmtKTlSkFY450wFcQDPiomopUVYzCKgvseQ2G5rTApmdsitfWt0Sev6T8CXOT8Y371NL3VrOup2YfwnJq_fURvsI7sV1cyymwTuvGJXU-0DfEyL5Ka9YRwa0e7ugdmeDi0mbOhhpCBIi0P-anqgjYOOO79UdWdSEXkvMVrFTi1qB-zSt3dL88EZKI9z87qSGdo0loGatMY5OtyqnupDnjcW6qqoyqFQvyzF7JaHHH5kojSVbJbfRFy1LRkwzv13HBjhzLNW4H7k73I9b8JCZxhSxhdzCLcuhbTR7K-HYslb63Diklo7WV7W609BAo5lPIsvcU8B5oiT-qIa6JHct2gFfBM18iuGcQWjSiVChJLVf2UUTOIyfDI5WI2KfhntdG8oo0sMuuSJYGN9Zx0Q0p-oZOYkwMhnufudqjCpuAGXJ8IPPdqn0T5GBUAeFdF0cQPt0LP2pkOL1cWFP6IUl2zWVEGW1Xq8cP3iDUSdPjcxAjgSTld6EFz2UC5rqQEkf0oNf6CayZHE47u3Q6li7k949duB1XC9EmDykFR4SzDUYxLj4ywdAHEvEGGACrKvFQcWcyOVlIl4otxRmMt1BWYLpGVjfB5RPh2bPItOVqfT-L4UTQ9Hf9GM4r2mujc6azpyk_rllr1x9VnexZB81Oc69Q_ePt48Caz7GX2DJwHVSeHYAJ39epVExAutmF4W67xX0rMY4tGOJjBr59FhohjLinhbTMp7kJSryIHq1R7dvlchElxgm_-T4iHmWVDly9yQXCThbGviLciEy8IfvqpRqI5Em-aLdw9TFniiIw5AOsdtZVD7JmQG_GfnWvr2Yc1jGgMDMl4HR0NBv_mw3jkPJA9ZVMN761TCGa7NQUd4WQ-NO67miby1FxFMtSXF1oxQKM6MlhRK95OpUTXYBpT3UIuMtp3I9rQc0GNWSwAl6AxyY1q-3qK0ate8aqpnLpZ89ynMD1EHK7m7z8BPv_RMr4AVNHlovifFqPOaAEPURYxk4k92YAtUAztyhbwtZIfbVzRlxnLEjSyQuveLrvkR_UVhLwLRFRmHU7hAoEv82lQrpyRj7DI5kUzyGi_vTBipr5uZHBdrJVv3FJyWrzZsTzGZajxUKBsBP8om68UxDGv8vOpdKD3knkHqxRRG1HiMLcPWxwu2xeY5lsYBCx7c5AkmRb58PAHmumKTSx4npcab-LS41LFYCOQMsDhytwYdaWxO9d_I0PajtpHumfOrdjspP7vnWmORaBdmNdCjvQ2gmFgG0VYRbXfJxv3CF3sCWZCscebh0rhO50CO2v2bSsUL0p7YmBeeMrdra_6WmbFIaee1-AJA4NH4jhT7ipLAbX09l_lxxj7ZJe212I1DYq-Es4X3exauHuB4QoATYcoEbJfnYZTivWjNTVLEo0TNoUXYTVbAJC7OQ94uklNP1BHKYHpglLr6IIU3Z64Eto_Evylqagq-FvFN1na4k8CxokgpqGiBlqaBZvW5nc6GXYe7XaJD1jFnwcJjRaKbI3M3e6E3VX973QSqA-Fkt1v8dktsQ9U_c-xNuUAB0FUgmS8fmvANbnGhpkeUkdaUbIe_PFO3iE-e4oYjwBCWtvyfEONM6xTG2V5siY6trXUUkLPT-budH4sIEFr-0rwNvAnfi1I97B2JSN9aV3KvCKciQCHXvHokTf9TicTnn5OiXf2-X9mAuZJfzR8xRMpWfr_swjaYqqVXbhYwH1pm_QfhHTDHEzhiiPWMezerRvS3lCL4yauB-OtMLxcj_0teWayD8JNlhDGWBcdextQJKzCcprRhF4kaSpukFa4y3K050MW1oCGanWLM19J_o33VzQ_VhM9PUOvVfjjjaZqSrzT1LhHnMQZdaKaRu_jt2fkf23ZENKMNe_R4erRCVYyAzF0pcikcQhF7Wh47TzYj32KX7zw5nZFrad1Am6mt7S-Z81Pq3pLEFFAb2voo-d6YMnjpin1PRguEOYZc3nbDJJhqSJDtUsQSSvpy-h2MKL_tOKaD9Bvr3S_i_J514mOykS6O7RgS1EEbpSJVIHMHYZX0X0uiNZt7FRoL81JE4pQWE6bKwKemO9raXtntmm7xPo3kmbdve7f0aZ5m3jeCM5RexVNM9Dko5-HGSUkPo7cLZ4zbKCydfmTomYehjIY26bzR9yIRBGqDC9fA1uVrBC86QB8yUVjEI9kT3x9pjUjxU6OzdAqY4LVnswJUjPUdYX8iLXZ20hlzJqTSwC7QMtQYbFdIb43kqOdlibW4z5J10CkOJ0EqYsjcdvbIEGhkMqSQcwhFzIbA5-afpl7Xd7q968m632KX0me-VO7ejAqr5HcyxzLEoVXEfXKsquFfzvwfmV09NcOVZIwdFTntJbG4dr66nwRRSvCx084EILPWEiRk-zTN4hZWHH_41373BfWNk07zAXSyWekp1X5iKwX--Sms7RNfV5ANRuivOkZqN59A1XDDp6Hylv5fcK-xmPLXUWaqRXIwVSnqVizRJgyprVq-iNwdqLPsTiWvXdkjUu-u6-RVkeTfsv4SDiXd1SFCBPOiiRMNAn2oWgLfVFIQEIaFRPGDXX7ErjyVWsFa4C4azsI7rLCQ82XW1Kr1errm4RvnWcwCgC9cvTSZOeXcepkBVZ1qtDmpUq4&cid=CAQSSwDUE5ymmeOgEY8v8sDqLLCtTfFNWSn2a-OUYjLhGoiQT3u8XwyW0J_1b1gf9NHnx21HL07WsxL9VNT3MBrbGdtpqpHK7WsMZ-J63xgBIBM&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.yallakora.com%2F&ds=l&xdt=1&iif=1&cor=668308051455222100&adk=2086295851&idt=211&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 20:35:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Feb 2023 20:35:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/ Frame F4A0 28 KB
11 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f9909775d48d612aae837f0153817e8addbfa082f901254471bced4d8c72691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 20:35:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10810
x-xss-protection: 0
server: cafe
etag: 8766511519597269738
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Feb 2023 20:35:33 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634096/ Frame E4C4 242 KB
73 KB 149ms
46ms Script
application/javascript 54.171.32.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634096/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.32.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-32-12.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3af22ccabf103ef8b38bc6a0c7d49fae5c9010f3ed25d758440ef052dca534ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:30 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame E4C4 106 KB
37 KB 153ms
113ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
Origin: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5634
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 Jan 2023 09:35:36 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/ Frame E4C4 8 KB
3 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CE-P3Q1anNRwlSCtoh69hCyTY84pfZDCOV4oWR7vt3kB7UkjHWx4YaioeR_MVCdXhYfnqX533s6-SfYgWmXvPAlgGWwBsgDOXdvTTzWFd5lWPz3FL1kK18DDrpeFBIhvQQznX2w0kq2Lx5OG_fveLsPJ8EuPY16lf5Aae3y6UkRi3cK5o&dbm_d=AKAmf-DtccRKABmzVUrovBptj8Mx-rhhPRw3rsSjP-ynULPQ3nPUcHZWJub9mUg_XBoShNq9BOJnS1Dc9yCWNkSv49mIBocuG-Z7IrsMXwo79VYEA6nGpNbiUdFJ3QrkoGW9AvZnoBG1xUkZV18KbfPPJ2uzooNwg-e8yQM0FvFtJ7aMrRnHQ6nKu7BWHz0_Zqfd7smdk2GkUIFhMMYLg24f74d8NOAYXEb3e2tEMwR7rHd5I8zVR_QUUFofA30RZ_UJpwgXtzEXTnTYzYjvoPE7RChchXjdgl2x0nraa-3WhSXAn8U9b8Du7aRm8kH08XTI7W6ptDgcipMrM37vz57gXoQZUFz3P2jL7-TBEoqSozAx9hqnFQl3T1wRT_2MTzdSO50Y34ONyLhwDeK-QHx1IVofS3Lfq6P9YXZC83axJr4UMRoRBsk0qYQdZlG0VZy-NAt8YHMT3qPMmP-9YrMSRYtkc7ZBa1JmG2lthn2oVIphyCgBopbnK6dQLNlWDHOJGkUilUvNQo3G5NzBGNLKrc5SObMGmSpPW2vkwwmjs4fKTNuxAAqDugaJmxA4Az5I-wADagxnjFADBdqKsxT1B0getmq6jzkoow4feSIL9MXRRmtI7y8vEXBQA635coCKgqR2Exs4JkOzFh0PzZXZa-7KpDnWgyRGgMqfnu1Bf_Ip3IwdoJVGDpyndp7QViPrSV30RRNUvs1WQKdqBljwn_DP4TIYDeOsgP1r8eE_nZSzM-KHcLn7ZR8Jxie6WxtJtduinGqjdoi9Doe1gIMPLnc2P9MbBqMi4DJxI72cO3OGujbFGK2qoglPA77pkJN27HQcYW-Mfc3K4F9RVOiKrBZAiTZprCtMDzZ6ewnTzb7ZYYcZOoRYzzLrcFDyqbleHxZwIJlH_ZhnWZSiH9XjnUj5ctvPQ72rinEWxy4YADRy6I6mYuzqBjZqMGcadn84JBTtsZpxOVHueCk93qmZ7dsh7dbE4ZGZfq50s8lvQDxtgOq6A3EpUt1JcEQkKITj06t1NzR5oJPI0Ph2w-jt11PCt23w3ZfpHJyffTOpUXXdK0H4XRsRL5bqD66TAV0CDwnFNeovzXEnB_6-bJeBk4yzOUb1tzofEVsBf9pjefFOTMU50fZ-8du2gHB-Zk3WYZE4WLdzPibJYFgadazor2FBX9MX-OwSjj0hP8MXzBKC3PgfIIAmajkAMxwDthfnJAONu0UR2kdF-oxokauGfj1O16WIwOj9mgOqSobM4520kcoB_Kf80tfdi4YppK9K5gVwm_jZS4H7H6YzdOQSXnnPW1me0SupTjhnbovl89KBcS4ugxfTPd5ouumEdWbWrSIMMsk3Ji9YUuxRjf3OcHjo2sdTrWQ9QiCg24xFtB0SFhhx2mTzbVbdbiegFO5zMdLEM-6vlww1FiH77ED0qHhl7QQXBT9iFSVvJlj7JBTQA_sBxu9K1Bx3ixhOI3DZImEIJT1IzydLAh8Nr_rs6HSqQJa8VxgsgmqMfxRKqr9Jd8oKtmv-0Fqu7271ktJeQOEyKKTDduIO02y6LuVxTUtPKgV9MGFPcRPuc8rs3vfAuadWi3F3ZCGO5pOsJ_gLkov2WO976z8VuqZUT4sKUjKl6PWL1tbMPlMIF8lGOgfcUChYrLJfDcLkOZicgyG8U-ytec-hXGFTmUeQUKvSAJj6BTxRW-8TtIjljpw74kaNTQrFtvg6qqjmZA8oyekghX6CSx1aIEG2pWN63ob39Cm4cFpCfs-Dngjw3a1UeoBUbc-kja_HOTSUI-PNmtOePGRBXqH8rsiInuWut6XsgVE-CgrhNtGOH_V-plMfau61En3BiUkOPWgR3Va-2E4sBfW4UCtrNT1fdtyDl2HchVXPfeLvEuNSVI2o2mhYJpmsMaPH-Avj8VP27ZcPDovpFCTF9cRrJQ-mSotYpRjkTf42YBANFcxDyDmXHv7rBZEt33kxIY4H_8alp0e_NBxrA9N63pPptvfmBCQA1AQjUqK9nOzzzl1iH2efjkietZeiIqJ06EBLOBHXqe73EJ8kEpmTAH6T-ZjbWPNBTTE_jAv6WcMXJeFftGVB-qhSYx_W-STkE7JZ86iL91igluzFmEeidl4ciA8OQnBA_TxQg_Dl1c-z_DNrgWIzpDNTk8-ogpYoC06YKug9HXqVaoML07TYrc16kBcM-Ddd5Fn7DLn1aIKTd8vCuISQ4h7o2WVmw42lWcmM-ECqW4o0_2G7FAoqEqDt2uqQgjEBTfKs4o86VneRU5uQFs_WYopDcdYGZsZxV21gdAfi1ZJmZlLUf7L20mki8IqcQxe7JloYUGS2N84eh-RYVPrCt2h3_whW3UZ9XnlVT1BI7cL-desIO_JcDHjaoy3PJ6V5L4rvQt6brWQFiKEuZRLOXFVo99T6Fs9Pa_OE2bZujemVnkLdNbICehACcZqIs0nBnzk-fm2g5cKRK1MP4BW4et4Gi2r3Kc1bEFtNRHI8V_UhPOMOQAKVGaHw3SqsU47wno7Sh-b602XezPzjmmKbJx2bjxufOuzIAmFb_v_ps2zG583v5fKw4dt_wIKODGgoy2L31HMlOKq4EcZD3RE4KIg8i4lY3n3u55dPzWDuHYaSKWYAySzSp5DGxCPNqLaP-K3Utc0bz9TtpHFyp8RNlldDfA5heB2n1XDivuJi9JFQeXcppbkKd2OhYHtyTAQC2pBSkNgnx_t9iVBx6VRLXB_mumW38R9pDeLzNuzsE5TV4KgQXi9nHCUa-wiG0KuiqrRgiS9t1tUCPVJFbFeyCnYQTaiIls5lFnL-UJHPU1GQvjLWEz4W0-HdiXWuiw1AX8YJK4CK5nSpgEoeJebCUpTl_eDBjmj0ijhzApUYuZHmncoTJdI5RC0heRPuaa17Lxh8NPcxSlj8mmx5Wv73dv6uCrrTWG3Pc8CswRGXr5AJ5xnwC3zspcQ6VL4UpRHoZmEvj-qZr2n1Bft00I-X_IX_FqrKHMeCO4mG0CJqK6nhRKTWTL7K6eQ4s31LR9jrPISjJl-f6f75zxp63evvLuRRR3j4S1M50xMDYgbatwv69OspykqG9VR4vOWPyUYxqw_YjAJDNKxjAu2lZpk9Sp6usfLS0WNZ1cDrl-83m4SaNa0bKUQUQzKHdib-qW5qaBXSfYxtteWPKLPn2Nj4NAN_ELu7Tm95ypVEKAPuwBc6pv6Oe8VY-9ZDgq6bt5wZfQc-D3IY9QRGSgkRk9ko8PgvF3ciX3rPaUCcGkq9yd-vFD8ha01n5jyp9tL8CJWiFuixpmAJ_jS3WFwkrhKnV8NemJXS_8xS1Cg&cid=CAQSSwDUE5ymmeOgEY8v8sDqLLCtTfFNWSn2a-OUYjLhGoiQT3u8XwyW0J_1b1gf9NHnx21HL07WsxL9VNT3MBrbGdtpqpHK7WsMZ-J63xgBIBM&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.yallakora.com%2F&ds=l&xdt=1&iif=1&cor=10189657396799689000&adk=2857193498&idt=215&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 20:35:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Feb 2023 20:35:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/ Frame E4C4 28 KB
11 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f9909775d48d612aae837f0153817e8addbfa082f901254471bced4d8c72691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 20:35:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10810
x-xss-protection: 0
server: cafe
etag: 8766511519597269738
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Feb 2023 20:35:33 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 50C7 22 KB
8 KB 39ms
38ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4760
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 09:50:10 GMT
expires: Mon, 29 Jan 2024 09:50:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F4A0 41 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4760
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 09:50:10 GMT

GET
DATA 200
OK truncated
/ Frame F4A0 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa5710e649205ce7dad0d22c2fb0f83228b3c46e09dbdaa09a9eaa01faa385ef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E4C4 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4760
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 09:50:10 GMT

GET
DATA 200
OK truncated
/ Frame E4C4 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a116a1635a2eb20d44260fd20d186166ca3fbc60ff7b6488c3a6efe44f770494

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FB7F 22 KB
8 KB 37ms
36ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4760
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 09:50:10 GMT
expires: Mon, 29 Jan 2024 09:50:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js Show response
pagead2.googlesyndication.com/bg/ Frame 50C7 36 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

095583da724d5336d2a1fb96959c013f1bd05dbf3dee3a4c693f0eab60abd4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 11:24:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Jan 2024 11:24:44 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4038 22 KB
8 KB 37ms
36ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4760
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 09:50:10 GMT
expires: Mon, 29 Jan 2024 09:50:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/18225678633910820894/300x250/ Frame 8772 148 KB
24 KB 210ms
41ms Document
text/html 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18225678633910820894/300x250/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e76f0273df876c534349d2b1efb00b52d15d36a631909bdd273c0a2e76b9189

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 77288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 24577
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 28 Jan 2023 13:41:22 GMT
expires: Sun, 28 Jan 2024 13:41:22 GMT
last-modified: Mon, 23 Jan 2023 10:05:12 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5A8D 0
0 239ms
66ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssQCViCPJF-HBTTlROLGt-usleLHTU6XAjLfBdBntsYMQaca__G_tYp67gnqJ4lgAPUvHrurb_AApgfWi1qB4YomfEO3fqIjYakBgu1Ru7qRJ0veJJagfmfF6jhdFAiJPUFzTo-fR2HSSCVefnikB2RFKc03ke5V-RtGTNDVkHYqoi_15r9NHFLvv9zTEszERY0-o2ZcL90a9LkKjYIpIKLYNuiXKuUUL_pNfKWugWG7UUAWcNSOMq8svVYOJtrUMzqjti8bzPPOJYSEeQDo76quPLHLo93_q4ey0eNhtMt0l90hjR4p03v-vf4UUzton9HE9Bqcn8tIWy5UCWt3UeLNM-yEp3ioiXsy14L3aaHVJxli5ZhHq1b7rwugySEa6_E0s6wSvh0sDDyg9xiQ3CfmdI6CMjQlrTmbf3YZ5xUGei3gdMEd2CO4t9NWZ6Qp_iize15KyxBKJuh12Nj6mllfEvlfVs5sg5nEn_-ncbYO6u5bMlkYHZbmwfy62bGmsLYmwf8MBC0lXOqtmbjElGyW3LWBPFTb7qxl0eMjeCs7L4C5wiVkQHs5gUzVbB9xpMNnK4tXpNy51_z3Y77E2BIPX22NaOjQsGwZt6NtEL0S3M7q_btEGlSyzBVg4r-aADXe5mdWI1vaVxaQ9phnmzIkXoMbSchIb3hAisLzY6ZlFH35CJdBJt4BdVeM5lSws1awIBF1RjD2t4dnD9T1j8v2Frwkacvgh1ayrF-kw05vezcGRuy8XjMaFe3rIYjMfA_xUpL4t9DLgVBY6mQ1hDnmJ6uL8j4Ujyd9DjQtHO0BTL4N5EcJ6CXGCOlpPB5fpGOYR3KY1tZnocS-ouPepfJGl2V51KG4jgOHAibQqtWNCDlz39ksa5wunEHPWTPXIDKq8ISzbuLK_ZXmb5mae1JjzbVBpBqry8TeCQAb0GPg4sA-uZAO9F7TtJ6ZSgY7wgZSGpDeE90JyWvkB4_bGR7LtffY6zMaYszUxc4q5bPHvfXCKEJm2TVwEGc9YwNzkhYnROKOmcwEuueffjyjooMkNWvzFKYl_j8WONPVAHf6SLD17r7mKgSiwH1nPCd1qeV6d512FUrlXuF6LD8kFYlN_fwF7nFLpX9yIVXsoh9n3olfzg1GFs2Xk6vZlhAd5Zkx6nyiezD3IvvfQivSPjXldN4o58IaH2j8Uyfw7uY7NRG48J436TxsnkBdJ7GFbR65cjXTOiLm0miJ2UwFzWQY-I&sai=AMfl-YRuqELaSiPQMJIk5pVptsZH-s1DgyZ_2DmtlbRBNqr3RlpCeAlbY32mUBoEWFvWBtpE9g8StcLZJGZT8v-KrrVO2feszOESjJE4S8LaPI5GO3dqI8-7jyIih8SqeDLMpvZYEKR9-oI0OYdhnJgy7KuJm6bRyKpzI35sB1uM-54HcGHE6o2KrXs8QIE8TD_A0-1QVTGDNAf-SrYhNIGmrUIuTrUYaOY79KJf3rqotaeh86iiZx4HPvDKtuXi7lekn105l04trL5jAWByKZhBkbN3dRze5RMJGszJcJM&sig=Cg0ArKJSzAuTBm547oFkEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=246&cbvp=1&cstd=244&cisv=r20230124.59852&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 29 Jan 2023 11:09:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Jan 2023 11:09:30 GMT

GET
H2 200 93656
tags.bluekai.com/site/ Frame 5A8D 62 B
578 B 415ms
182ms Image
image/gif 104.111.217.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/93656?limit=0&phint=event%3Dimp&phint=aid%3D6531095&phint=cid%3D29251655&phint=crid%3D185704949&phint=pid%3D357785750
Requested by: Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-14.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sun, 29 Jan 2023 11:09:30 GMT
content-length: 62
bk-server: e6a8
content-type: image/gif

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10079595500193011461/ Frame 1D39 138 KB
22 KB 198ms
37ms Document
text/html 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10079595500193011461/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f69cda4d346d1361e182ca51dfc0be0b484b548a8afd33fc4939dc63ff671f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 180499
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22835
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Jan 2023 09:01:11 GMT
expires: Sat, 27 Jan 2024 09:01:11 GMT
last-modified: Tue, 29 Nov 2022 11:19:19 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F4A0 0
0 231ms
67ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstq5Wf0kr8ewAV1f_cETXKAI3oLCBfUEHRCBJDmVM0A4c6gABVXepJO8x4IpFZS9jChGPKBsQvA3rR40BZmEv4Rgn4NvT5sXrBwqwLj52doSQ_FTIB8ubTHoO6505nbvSpb9oQJb_1z4mYfJalSs69l-WPN0sOpWI1DROJPzCRNYhUTmm-sXEYIG_iXm96mSGbHY6anCvCl5vYH2UEgzFjPdanRVsUakt38bCjs2_VTTo-4HdGwP1xwGaG6TPATXhIpPC7HzZkL9ipBHk1iATpfEl5171zGIa6rwCqu4JCiqE0LUrN84SdJLpK3SIpbAAncvBMFQf6-PZw0ZbQiYI4xj4LOLSbohhAdie9C73XgvJsHBAXy877zKuOdD2frK8tSZNviT6U_5p2lLmuZW2jVRTTLLkKeHN5Rx1tKNuSqcoClh2Y42hk1tODxjDzcfCchheB0Y6e9x-SlwLsnZuW8qAs5BYW7p790EoIycQIyNjbAZCd4vnL3SqJ2jfFO7ksjTRx4MFiu7qFgDRGq4O2dPsfT6EgqJUYb6TpkusvHqs1qG9sE9MZw6H4dP2bzC08GFUQ74TxzpVebfNdf9XBHJbm4RjinYTmGjgCmh6OkOLVyR1wXNH5sUoD1CrWleitt1Sh8LqFb8VIWYHbY9UeVQBvZvYPUbxejluLuN6vUKLSVsbCBkurB1hGAAGcauu8zxNdu3omS1FkHVaMXkNBi9jeTFiP64hCo2-pAlgZxnJpAVFaprYCzpiGpogUAXcQYhBv9jWPPvS0WgLWOgrhwW6jG9n-x0iPhYPQcIi1Y8DZhCZPjdoXdEVhbhHm9bG78N83gZ03JDjbNJqbieREAd4Cm8qnUvGNrBSMBsUKH5NbV32FYaFmoTVQvYYmIWBwZrzPsCZzH_-62LVn_8MCvUBOlcWDDO05M0cOtWMv9us10nehuSIZrnKCtIpjaXGmdzFrbUFmNTYk0QDtr6euPqA3JV5T34706FmmZjyCJW5686_xRh4qifL2_Xhuv5_hWoWngfO2F6QvzD4-N8dqAzkfufxsZOxf-S__H6kS41I9kYEv6DMR7RyXgBtvooPWsO2Cm9FK9PJ6ATPB9D82bA4sr3hgWk26i_qQP8sAzeogoAcWduNR37QeAY6JZuPhh3nhMMTM7o4TWp9La-DrVpFs4wfxtCvGSsdbB8gML653cVoCdpHw2XzbMmh04B6WrGwucI5B25H8KeypvllXXcjSOkraBWfFGdY_aiYg&sai=AMfl-YSRp32WKYpENesErdsU2NMkElhusFvMIBF3r_DKhGKwTsBcrk8vRBk_oOpqZ0Jtgv31Rm_d_asN67lQdePioWd3-Ylykw8X6cSUS8HqMhASQ8oS18sKrP8C_MfyTg3nO1Z79O9P84guid4zk1cL_wzD9B4-qQakY6X7CXBP5lPJMmWvRBtxipjCowzpNtf-s8V44_YDxQX36Wk7IPcrzhGp4vcJzeaDRZLt-pqIoks_d9XTGu29wsnWJ9Wut6MDGDevRaWYPRBqiPhhMeE9nTeAgSyxMxAhDmMlEgg&sig=Cg0ArKJSzNvhEvYUeQs1EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=196&cbvp=1&cstd=194&cisv=r20230124.07559&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 29 Jan 2023 11:09:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Jan 2023 11:09:30 GMT

GET
H3 200 CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js Show response
pagead2.googlesyndication.com/bg/ Frame FB7F 36 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

095583da724d5336d2a1fb96959c013f1bd05dbf3dee3a4c693f0eab60abd4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 11:24:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Jan 2024 11:24:44 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17990266662471768200/ Frame 2650 141 KB
22 KB 202ms
55ms Document
text/html 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17990266662471768200/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57c2b596262f49dfc85822938e3989a0345fcd5ddd698423283ca15f162f6b99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 172277
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22865
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Jan 2023 11:18:13 GMT
expires: Sat, 27 Jan 2024 11:18:13 GMT
last-modified: Wed, 09 Feb 2022 10:37:12 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E4C4 0
0 217ms
66ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuRbj8t8DienwWI4mH48vJ1TfdNbuYQT4tHC5IhczdoIVjZ-JtkP0DtycdDq67aKvQbX0G3UmayM6dzHJI49jV2DsvEdXZTUWFoqTBdapadWehf0M33soOmYoDN3781FakJhQiL_Y1TYRU4p0xa2SI3J-e84Zl4hocqUh2ylG4HNptKaeXzvYouviwidK8xdUMKxGe1obzwJ9Ph12wxVqRkqWbrrJdpZk-xqtUcJkd2UO3kilMRbYhBotC5s-UOLbqgmgPp7EX9_x7OdK6ZYkY8n9yNj0AhBv6SLp6r_QwMmAHfhhZbb5M403x3dOF1j0LAzaEc9C2NmtWIMVXhErO5dM6SL1IqcjNLbOGXGksRupCA4_YoZUEeH3WflJuruTJ56VUIGMU3qVO0dsTfTnPLJZOXuwHq_UfmP4BiDbXBoDFxhvlFtlj9B9QpzYqjvkUFoE4vGNTaRquZdpHqiOtxSNfW017CGg-eBa-kW_UbAPpDZ6lxXlvPprQaWJfUYYxkYQyVNMvoHcLHz_qD1oeY7TzhIkmBsMxwslu2ikUwB36c3Yod8sRvglVCqA-IWUPTzS19aV6HWrOIZb0VhiKnmzKp1qnbJypC8DKTwfK_CxF7JbV-Y3eNt9p6KP9lbPiY869G-0oMdmQXHHweEyTMhbi1Os-pRbDV1NHBZFVrR1R7761Poz6Uw7FWLLDDXlEbJ8wYHsnSoshNseswCo8XWO4Rh7naa5g9I_Pn87ED4dedcW8n1K3r4jd-son3iJNmqIbhlJx3C4rF8-8ZVjF5QS4fM4127k4wOwxqJqZHUuFRp9V8ZFw1whzjr6zjfkdhWqKW1-laPgFXrZzzJYmYdirvhak8LZ1H7z-lFOKHJ466wO_bep0pQH4zqKCA_C73MokD-vYgUPUb1Al164PkIWUpWOqfFE-bYtlnsf5-F5utw6JhpICe0avGhmX2OBq55if0IxFhw6CKMBeTVjhaocs_MhfenUMOoDWJmtZE77gNYfWw2_EZEypLnhRiU3VfOw17wXQgTN1hzGEncM4mfATd4fpCiiJUmHAy7OOmIucrGqEEXoC1zYRIct7DS2wdO3dP6m-ApbHsb1vRAS72mXmZkjk7NAWPM13Ns9CNoD01hIlRgDoDAWJPUzp5ntCuUYQ9xc8Xb-HEyGQJjjI_5FliW-adcwPin0ZMS-x1nHhEmCxKJD1-Ao7D8aBQTSF28YuTHHosEWVCNEn143Lo-7NcEDcSaMX9Gw&sai=AMfl-YRUJz72PJfv6QkJSksf_-Q7HHdX_xaj-hvNLR5EzU2fpNHR-E8OLkyY_f5z0CkkCtIXd0ZbgorNqc2u_Io8l6YhAs1n32HhFieJTNO7oAwCYxYpIuRWFxwrIHA2IFi5e55v6vmCpVenNuz3s3Q9n1xyclvsLMGMftwQAOt1sqQOkdzLsA8IAiCvyZYJC-UOsvERWQVHIkX9Fzj8aSt5q7FXGwdGLr36IKQotA5m7UnXNDp6CBlBg_Af1kBocHbZKieyOiIaT-Pn90ZDV_9czrLz0rB-HRA-_kXRUBo&sig=Cg0ArKJSzHVKqJHm1f-JEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=199&cbvp=1&cstd=198&cisv=r20230124.11776&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 29 Jan 2023 11:09:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Jan 2023 11:09:30 GMT

GET
H3 200 CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js Show response
pagead2.googlesyndication.com/bg/ Frame 4038 36 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

095583da724d5336d2a1fb96959c013f1bd05dbf3dee3a4c693f0eab60abd4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 11:24:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Jan 2024 11:24:44 GMT

GET
H2 200 main.19.8.385.js Show response
static.adsafeprotected.com/ Frame 5A8D 200 KB
62 KB 174ms
25ms Script
application/javascript 2600:9000:214f:8400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.385.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1333191/69032163/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1010377851&ias_pubId=pub-3692164260958077&ias_chanId=1&ias_placementId=19604626700&bidurl=https://www.yallakora.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gx3CNR5X5zd6Ts9HwUrn74
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e46fa7ee227000e5803c3317aecd58d5f4fa151e367a94f24e9e814b9dad6330

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 21:29:24 GMT
x-amz-version-id: VUpTdNSw556u8DTxBoj61VmLffpEPAG9
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 913207
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 18 Jan 2023 19:44:57 GMT
server: AmazonS3
etag: W/"d4db5e05b3c00fb6a3a262869af20f38"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: c5BlQEpSW40CQagLKUTqbM3c9DKKORnYw1FhFtwiikd1A1P32FGE5g==

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame E4C4
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634096/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_6VPWY-...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

22ms
21ms

Script
application/javascript

2600:9000:214f:8400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:214f:8400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: zY2JBCN4YW7W9FILnhc6dvLmbr8sZib9
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
date: Wed, 25 Jan 2023 19:44:45 GMT
x-amz-cf-pop: FRA53-C1
age: 464659
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 18 Jan 2023 19:44:35 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: 9_ZVqI_BtzaeEtyCSpwf_iRCgogvtrxZnyHAv4NXyoTZLhO3a2_vog==

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:30 GMT
server: nginx
x-server-name: app05.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame A9D6 91 KB
23 KB 64ms
52ms Script
application/javascript 2600:9000:214f:8400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 11215994
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: DFcEqbBgpgJu3vGHg8t1KYw_XQ9VOS4A_3Z_VSmVspf4PBYSZhOGNQ==

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame F4A0
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_6VPWY_...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

23ms
22ms

Script
application/javascript

2600:9000:214f:8400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:214f:8400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: zY2JBCN4YW7W9FILnhc6dvLmbr8sZib9
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
date: Wed, 25 Jan 2023 19:44:45 GMT
x-amz-cf-pop: FRA53-C1
age: 464659
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 18 Jan 2023 19:44:35 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: 07dGEUeHH1U_xMi9kkIYumOyazRQAHQxqFyDWj3lZFplwpGDI2XZ5Q==

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:30 GMT
server: nginx
x-server-name: app03.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame D8D1 91 KB
23 KB 40ms
40ms Script
application/javascript 2600:9000:214f:8400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 11215994
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: VlJCxORY1kLNgVjj9xrbOLzJq50zf-m0CB5VljXyQBnlZIv8dCnGkg==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E4C4 43 B
216 B 415ms
112ms Image
image/gif 2600:1f18:1aca:4282:830b:3b82:a95d:4376
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=d997d45e-d32b-3c15-b8f4-f4242ed50498&tv=%7Bc:2GrgzU,pingTime:-3,time:78,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:78,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B74~0%5D,as:%5B74~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tukhJy4+11%7C12%7C13%7C14%7C15%7C161%7C171%7C172%7C173%7C18*.990511-61634096%7C181%7C1821%7C183%7C191%7C1921%7C193%7C1a%7C1b,idMap:18*,rmeas:1,rend:0,renddet:DIV,siq:18%7D&br=c
Requested by: Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:830b:3b82:a95d:4376 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:30 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E4C4 43 B
215 B 413ms
114ms Image
image/gif 2600:1f18:1aca:4282:830b:3b82:a95d:4376
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=d997d45e-d32b-3c15-b8f4-f4242ed50498&tv=%7Bc:2GrgzV,pingTime:-6,time:79,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:79,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B75~0%5D,as:%5B75~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tukhJy4+11%7C12%7C13%7C14%7C15%7C161%7C171%7C172%7C173%7C18*.990511-61634096%7C181%7C1821%7C183%7C191%7C1921%7C193%7C1a%7C1b,idMap:18*,rmeas:1,rend:0,renddet:DIV,siq:18%7D&tpiLookup=ao:www.yallakora.com*&br=c
Requested by: Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:830b:3b82:a95d:4376 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:30 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F4A0 43 B
215 B 395ms
114ms Image
image/gif 2600:1f18:1aca:4282:830b:3b82:a95d:4376
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=c866df2a-6ee3-f51e-95fd-3505eb4ccdbc&tv=%7Bc:2GrgAf,pingTime:-3,time:63,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:63,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B58~0%5D,as:%5B58~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tukhJy4+11%7C12%7C13%7C14%7C15%7C161%7C171%7C172%7C173%7C18.990511-61634096%7C181%7C1821%7C183%7C184%7C19*.990511-61634100%7C191%7C1921%7C193%7C1a%7C1b,idMap:19*,rmeas:1,rend:0,renddet:DIV,siq:17%7D&br=c
Requested by: Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:830b:3b82:a95d:4376 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:30 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F4A0 43 B
215 B 392ms
113ms Image
image/gif 2600:1f18:1aca:4282:830b:3b82:a95d:4376
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=c866df2a-6ee3-f51e-95fd-3505eb4ccdbc&tv=%7Bc:2GrgAg,pingTime:-6,time:64,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:64,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B59~0%5D,as:%5B59~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tukhJy4+11%7C12%7C13%7C14%7C15%7C161%7C171%7C172%7C173%7C18.990511-61634096%7C181%7C1821%7C183%7C184%7C19*.990511-61634100%7C191%7C1921%7C193%7C1a%7C1b,idMap:19*,rmeas:1,rend:0,renddet:DIV,siq:17%7D&tpiLookup=ao:www.yallakora.com*&br=c
Requested by: Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:830b:3b82:a95d:4376 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:30 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 50C7 0
20 B 61ms
61ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BfWzx6VPWY8qjMIiN3gPPsryICQAAAAA4AeAEAg&bg=!c3ClcDTNAAZSrDxfcqw7ACkAdvg8Wivws-TskL-FkrGOv0804YyVbMwPigZxtXHHumT95mlQZCP0qAIAAACfUgAAAAJoAQcKABTkm8DSo670s_XNXlSldlWvLof6eZkC6XCD_BaG8BLsvb5O5DfyoD-yE2yEK-UEcFUavnu4IuzxRXWDxqtcoTgtKGede5wDRo4Aj5fvm0OdSC0EWaIHGGkok5DH0D5lIKKJ5ChRMilirFXI9VeLQqfTFCEYp29cU-qgoMT0NhlQSlCrI46I_HI_pd8TPER4zZQkapukDsoMiChsdPZVDMBEE6hxexAr3iB4fVmYDa7rGM6vW6ffH2HDpcwEIkk-gN_OpToBLvyQ4HHoCOWHppXudBKRar4ZfwClcEcVjCWS-BHPe7NuTD9xsB3Oxp5jCqGrxdCnx-2KWYqhxKeRXUX0DcolxUUxKGeeruBamsB22nqQUftVjKOcfOiwn9izWmUgOyIfkmwV08O1zA-jHVawhHhenbvBLL-aiBFRN9akioTCV4cjUqygeiSWsTJkncfhkmhR0v69I5Ehs1H8sNSGzKmTx0R2uD8CSWO11IQMxixDNc7mabhqcnlVz-N1K194bW6q-LoWYcULLgVWahfA9TqvN6hDk9zq2DfBHN8emdw-TmoEBmRfNv7pG_qaqZ6qmnre2rAPsjLhB1hWpy_kDYAiO8J8f247BvN1PrSBHSHn7F20k5iqzRNxHd3yNvCkqdCCfcmc8MY43AKO5QrRwvcX5xbmsxLQJQ-DtyQT0mKtAl16klbyLcvmkqCdXvO9V-8m7-CNZdfKXgQBp68MpFYZwgVv-7WxjY5Q8nzxu3sqLXG0HsWTRdUR9TWrbs-Iz5WsRKeRbOf4uqbsZ4T_-tXmqXM2RaZXu3fMUsj_9iY7WBsmsN0maopQ1ILzUU6bN5pglEGz5RKH0XYN3ddly9q2XN4KSIG-sVZPeU6kymfGakjluuhTbBwBg1KQIbP022whSMgIpG-dkhvKZTFNwScA-Ll8DfiVCBcZKsqEM2Qr2aIqPWOq3nGT99cEtYb_kOAnAYrRcqZDYSPbgc8ufQILMDvo14HgsUEp4I_OkiAQlV2phwclxEWkEnyqwxo

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E4C4 43 B
215 B 488ms
218ms Image
image/gif 2600:1f18:1aca:4282:830b:3b82:a95d:4376
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=d997d45e-d32b-3c15-b8f4-f4242ed50498&tv=%7Bc:2GrgAq,pingTime:-2,time:110,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:799,beZ:800,mfA:801,cmA:802,inA:802,inZ:805,prA:805,prZ:812,si:817,poA:818,poZ:834,cmZ:834,mfZ:834,loA:878,loZ:881,ltA:909,ltZ:910%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:110,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B106~0%5D,as:%5B106~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tukhJy4+11%7C12%7C13%7C14%7C15%7C161%7C171%7C172%7C173%7C18*.990511-61634096%7C181%7C1821%7C183%7C19.990511-61634100%7C191%7C1921%7C193%7C1a%7C1b,idMap:18*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV,siq:18,sinceFw:91,readyFired:true%7D&br=c
Requested by: Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:830b:3b82:a95d:4376 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:30 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 css
fonts.googleapis.com/ Frame 8772 109 KB
30 KB 87ms
35ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+JP:regular

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18225678633910820894/300x250/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36d61675f8ddec293c102503a3ca133fb16ded951f3150d695eefda36dbd0b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 29 Jan 2023 11:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 29 Jan 2023 09:49:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 29 Jan 2023 11:09:30 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 8772 29 KB
10 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18225678633910820894/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18225678633910820894/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 10:42:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1639
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 Jan 2023 10:42:11 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 2650 29 KB
10 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 10:42:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1639
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 Jan 2023 10:42:11 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F4A0 43 B
215 B 451ms
219ms Image
image/gif 2600:1f18:1aca:4282:830b:3b82:a95d:4376
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=c866df2a-6ee3-f51e-95fd-3505eb4ccdbc&tv=%7Bc:2GrgB3,pingTime:-2,time:113,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:833,beZ:834,mfA:835,cmA:836,inA:836,inZ:839,prA:839,prZ:845,si:850,poA:851,poZ:867,cmZ:867,mfZ:867,loA:897,loZ:899,ltA:945,ltZ:945%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:113,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B108~0%5D,as:%5B108~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tukhJy4+11%7C12%7C13%7C14%7C15%7C161%7C171%7C172%7C173%7C18.990511-61634096%7C181%7C1821%7C183%7C184%7C19*.990511-61634100%7C191%7C1921%7C193%7C1a%7C1b,idMap:19*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV,siq:17,sinceFw:95,readyFired:true%7D&br=c
Requested by: Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:830b:3b82:a95d:4376 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:30 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 1D39 29 KB
10 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 10:42:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1639
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 Jan 2023 10:42:11 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 5A8D
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1333191/69032163/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1010377851&ias_pubId=pub-3692164260958077&ias_chanId=1&ias_placementId=19604626700&bi...
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}

17 B
464 B

22ms
21ms

Script
application/javascript

2600:9000:214f:8400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
Requested by: Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:214f:8400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 02:01:00 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 18349711
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: q42RLjalV8CUG8uKBucltepYepYL2Gte0tutv6VSA23XEKIgrOuBOg==

Redirect headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:30 GMT
server: nginx
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame B57B 91 KB
23 KB 22ms
22ms Script
application/javascript 2600:9000:214f:8400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 11215994
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: ra30O9QwrzQTjcxVoKsNvlybEi_SpByk6aXvfewaak-oFn_AIpwZoQ==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 61ms
61ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023012401&jk=1194166740777318&bg=!BwSlBEDNAAZSrDxfcqw7ACkAdvg8WotTTJXKnYA9X7PcsFpFoeG0KB4BmRMB4AEFO3uJXzo4tuQWIAIAAADCUgAAAANoAQeZAp_qWBmfPg4kwYe4Mkz62vEsm0TEMoYOec-HjnqkZRfa9tIH5iP1ZVPLgWE2vvHFEweoJaSnLw5YA3-dIbLAg54SZ65w_SVdp1dAIoj9NRf5xL_PwOQ2Wt6Pg_TbQPBHnQ9LgIz8z7JfByDTOrBi4smmES5H4YkH4N2OGS_rUrZlOE0YFlo4gVjJkA0cueBRfSOCuRajhGWJne20Uvk4bvdpyGg9EHcXoTZxFUsZIolEQSR2_u-J4Oq_-9Mzw4EOI8uWnIMbAD-re5SKqMqKGlNF7TG6m7vrW_1bHmBXl4_0xCO7wO8uFNlI-9TmL_y-LL6sspNXU6yeRz_-Qkfhy4PvBson8zVs8ne702CIxdq3M_tj0Vh87L9sxU1Fno38w0UgH9sSRU2Sib8k8XcZrUpCy9BN4rUn_X6TIJh7yOfjoYnNmgraDhE6z3kuI8H7YE_gojjtj0yD0WiyLaTf7niPrkJbvVNqpHYPRe4N_lk6ZiTdUcv0yAgsWJ86N0MKX7_wJ1dGeDTkFW0NvCsk_2q762JBycQRwQ7HItq0x0YqXg224GONgprHrafZkpXOYkVMgNhTE_REMbBjrb6KxLs-_fcd5cAgmDnFVOIi-tncQXms-UaSqNBH6HAPn3KcL_xM-tIv0Yp2gP_nUFxf7iYRxycnOoV8H4Ccwa_x70WnlyAQyJ8MJHu9hzk3gh89a1H0FnvuXpVsWSaJAB_VrMXCCzSdt8Z6qxBzLAJS50kS7XK2ZVTgqzHc-ee7Wb5tV_eq5irkNZj-Q1hPpcv630vtXat6M_lzsp1a574NdhkJmfP_VIutxih3vbVFHLDUxxUtfAgDxuQWOpBW1CXTzAT7s_hLl7WvWsrJvyFt0V-3dFanl59B9iYNlGPuLTQJiw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5A8D 43 B
215 B 323ms
218ms Image
image/gif 2600:1f18:1aca:4282:830b:3b82:a95d:4376
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1333191&asId=78cd6d8f-ace1-4fe7-9199-bc48bad8b8c0&tv=%7Bc:2GrgD5,pingTime:-3,time:380,type:v,im:%7BpBlk:342%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:329%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:380,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:329,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B65~0%5D,as:%5B65~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tukhJwn+11%7C12%7C13%7C14%7C15%7C161%7C17*.1333191-69032163%7C171%7C172%7C173%7C181%7C1821%7C183%7C184%7C191%7C1921%7C193%7C194%7C1a%7C1b,idMap:17*,rmeas:1,rend:0,renddet:na,siq:330%7D&br=c
Requested by: Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:830b:3b82:a95d:4376 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:30 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5A8D 43 B
215 B 323ms
220ms Image
image/gif 2600:1f18:1aca:4282:830b:3b82:a95d:4376
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1333191&asId=78cd6d8f-ace1-4fe7-9199-bc48bad8b8c0&tv=%7Bc:2GrgD6,pingTime:-6,time:381,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:381,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:329,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B66~0%5D,as:%5B66~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tukhJwn+11%7C12%7C13%7C14%7C15%7C161%7C17*.1333191-69032163%7C171%7C172%7C173%7C181%7C1821%7C183%7C184%7C191%7C1921%7C193%7C194%7C1a%7C1b,idMap:17*,rmeas:1,rend:0,renddet:na,siq:330%7D&tpiLookup=ao:www.yallakora.com*&br=c
Requested by: Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:830b:3b82:a95d:4376 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:30 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5A8D 43 B
215 B 304ms
222ms Image
image/gif 2600:1f18:1aca:4282:830b:3b82:a95d:4376
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1333191&asId=78cd6d8f-ace1-4fe7-9199-bc48bad8b8c0&tv=%7Bc:2GrgDs,pingTime:-2,time:403,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:698,beZ:699,mfA:1009,cmA:1010,inA:1011,inZ:1015,prA:1015,prZ:1022,si:1027,poA:1028,bl:1040,poZ:1040,cmZ:1040,mfZ:1040,loA:1078,loZ:1080,ltA:1100,ltZ:1100,mdA:699,mdZ:896%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:329%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:403,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:329,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B88~0%5D,as:%5B88~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tukhJwn+11%7C12%7C13%7C14%7C15%7C161%7C17*.1333191-69032163%7C171%7C172%7C173%7C18.990511-61634096%7C181%7C1821%7C183%7C184%7C19.990511-61634100%7C191%7C1921%7C193%7C194%7C1a%7C1b,idMap:17*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:330,sinceFw:72,readyFired:true%7D&br=c
Requested by: Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:830b:3b82:a95d:4376 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:30 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E4C4 0
0 62ms
62ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuRbj8t8DienwWI4mH48vJ1TfdNbuYQT4tHC5IhczdoIVjZ-JtkP0DtycdDq67aKvQbX0G3UmayM6dzHJI49jV2DsvEdXZTUWFoqTBdapadWehf0M33soOmYoDN3781FakJhQiL_Y1TYRU4p0xa2SI3J-e84Zl4hocqUh2ylG4HNptKaeXzvYouviwidK8xdUMKxGe1obzwJ9Ph12wxVqRkqWbrrJdpZk-xqtUcJkd2UO3kilMRbYhBotC5s-UOLbqgmgPp7EX9_x7OdK6ZYkY8n9yNj0AhBv6SLp6r_QwMmAHfhhZbb5M403x3dOF1j0LAzaEc9C2NmtWIMVXhErO5dM6SL1IqcjNLbOGXGksRupCA4_YoZUEeH3WflJuruTJ56VUIGMU3qVO0dsTfTnPLJZOXuwHq_UfmP4BiDbXBoDFxhvlFtlj9B9QpzYqjvkUFoE4vGNTaRquZdpHqiOtxSNfW017CGg-eBa-kW_UbAPpDZ6lxXlvPprQaWJfUYYxkYQyVNMvoHcLHz_qD1oeY7TzhIkmBsMxwslu2ikUwB36c3Yod8sRvglVCqA-IWUPTzS19aV6HWrOIZb0VhiKnmzKp1qnbJypC8DKTwfK_CxF7JbV-Y3eNt9p6KP9lbPiY869G-0oMdmQXHHweEyTMhbi1Os-pRbDV1NHBZFVrR1R7761Poz6Uw7FWLLDDXlEbJ8wYHsnSoshNseswCo8XWO4Rh7naa5g9I_Pn87ED4dedcW8n1K3r4jd-son3iJNmqIbhlJx3C4rF8-8ZVjF5QS4fM4127k4wOwxqJqZHUuFRp9V8ZFw1whzjr6zjfkdhWqKW1-laPgFXrZzzJYmYdirvhak8LZ1H7z-lFOKHJ466wO_bep0pQH4zqKCA_C73MokD-vYgUPUb1Al164PkIWUpWOqfFE-bYtlnsf5-F5utw6JhpICe0avGhmX2OBq55if0IxFhw6CKMBeTVjhaocs_MhfenUMOoDWJmtZE77gNYfWw2_EZEypLnhRiU3VfOw17wXQgTN1hzGEncM4mfATd4fpCiiJUmHAy7OOmIucrGqEEXoC1zYRIct7DS2wdO3dP6m-ApbHsb1vRAS72mXmZkjk7NAWPM13Ns9CNoD01hIlRgDoDAWJPUzp5ntCuUYQ9xc8Xb-HEyGQJjjI_5FliW-adcwPin0ZMS-x1nHhEmCxKJD1-Ao7D8aBQTSF28YuTHHosEWVCNEn143Lo-7NcEDcSaMX9Gw&sai=AMfl-YRUJz72PJfv6QkJSksf_-Q7HHdX_xaj-hvNLR5EzU2fpNHR-E8OLkyY_f5z0CkkCtIXd0ZbgorNqc2u_Io8l6YhAs1n32HhFieJTNO7oAwCYxYpIuRWFxwrIHA2IFi5e55v6vmCpVenNuz3s3Q9n1xyclvsLMGMftwQAOt1sqQOkdzLsA8IAiCvyZYJC-UOsvERWQVHIkX9Fzj8aSt5q7FXGwdGLr36IKQotA5m7UnXNDp6CBlBg_Af1kBocHbZKieyOiIaT-Pn90ZDV_9czrLz0rB-HRA-_kXRUBo&sig=Cg0ArKJSzHVKqJHm1f-JEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=619&vt=11&dtpt=420&dett=3&cstd=198&cisv=r20230124.11776&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Jan 2023 11:09:30 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5A8D 0
0 60ms
59ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssQCViCPJF-HBTTlROLGt-usleLHTU6XAjLfBdBntsYMQaca__G_tYp67gnqJ4lgAPUvHrurb_AApgfWi1qB4YomfEO3fqIjYakBgu1Ru7qRJ0veJJagfmfF6jhdFAiJPUFzTo-fR2HSSCVefnikB2RFKc03ke5V-RtGTNDVkHYqoi_15r9NHFLvv9zTEszERY0-o2ZcL90a9LkKjYIpIKLYNuiXKuUUL_pNfKWugWG7UUAWcNSOMq8svVYOJtrUMzqjti8bzPPOJYSEeQDo76quPLHLo93_q4ey0eNhtMt0l90hjR4p03v-vf4UUzton9HE9Bqcn8tIWy5UCWt3UeLNM-yEp3ioiXsy14L3aaHVJxli5ZhHq1b7rwugySEa6_E0s6wSvh0sDDyg9xiQ3CfmdI6CMjQlrTmbf3YZ5xUGei3gdMEd2CO4t9NWZ6Qp_iize15KyxBKJuh12Nj6mllfEvlfVs5sg5nEn_-ncbYO6u5bMlkYHZbmwfy62bGmsLYmwf8MBC0lXOqtmbjElGyW3LWBPFTb7qxl0eMjeCs7L4C5wiVkQHs5gUzVbB9xpMNnK4tXpNy51_z3Y77E2BIPX22NaOjQsGwZt6NtEL0S3M7q_btEGlSyzBVg4r-aADXe5mdWI1vaVxaQ9phnmzIkXoMbSchIb3hAisLzY6ZlFH35CJdBJt4BdVeM5lSws1awIBF1RjD2t4dnD9T1j8v2Frwkacvgh1ayrF-kw05vezcGRuy8XjMaFe3rIYjMfA_xUpL4t9DLgVBY6mQ1hDnmJ6uL8j4Ujyd9DjQtHO0BTL4N5EcJ6CXGCOlpPB5fpGOYR3KY1tZnocS-ouPepfJGl2V51KG4jgOHAibQqtWNCDlz39ksa5wunEHPWTPXIDKq8ISzbuLK_ZXmb5mae1JjzbVBpBqry8TeCQAb0GPg4sA-uZAO9F7TtJ6ZSgY7wgZSGpDeE90JyWvkB4_bGR7LtffY6zMaYszUxc4q5bPHvfXCKEJm2TVwEGc9YwNzkhYnROKOmcwEuueffjyjooMkNWvzFKYl_j8WONPVAHf6SLD17r7mKgSiwH1nPCd1qeV6d512FUrlXuF6LD8kFYlN_fwF7nFLpX9yIVXsoh9n3olfzg1GFs2Xk6vZlhAd5Zkx6nyiezD3IvvfQivSPjXldN4o58IaH2j8Uyfw7uY7NRG48J436TxsnkBdJ7GFbR65cjXTOiLm0miJ2UwFzWQY-I&sai=AMfl-YRuqELaSiPQMJIk5pVptsZH-s1DgyZ_2DmtlbRBNqr3RlpCeAlbY32mUBoEWFvWBtpE9g8StcLZJGZT8v-KrrVO2feszOESjJE4S8LaPI5GO3dqI8-7jyIih8SqeDLMpvZYEKR9-oI0OYdhnJgy7KuJm6bRyKpzI35sB1uM-54HcGHE6o2KrXs8QIE8TD_A0-1QVTGDNAf-SrYhNIGmrUIuTrUYaOY79KJf3rqotaeh86iiZx4HPvDKtuXi7lekn105l04trL5jAWByKZhBkbN3dRze5RMJGszJcJM&sig=Cg0ArKJSzAuTBm547oFkEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=700&vt=11&dtpt=454&dett=3&cstd=244&cisv=r20230124.59852&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Jan 2023 11:09:30 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FB7F 0
20 B 96ms
96ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bl9yz6VPWY_enNPHQ7_UP-5KCsAUAAAAAOAHgBAI&bg=!s7ClsPTNAAZSrDxfcqw7ACkAdvg8Wh9yr3XWJPc1eJzyZIzw2yFiJ616eewXt2M3xAQgVfxRX8U9QAIAAAFUUgAAAANoAQeZAvWkJWimjyDCTGGGTxggMlF_lg8cxVM7e605ifUrz_XsMAYRYVLTpRXVYjKFMPCci-XvMPuxgEjFpXFeyrkvOyuvefKRYfejj5BeXRckCBtNfxRErLFuHoY-hRFSkzU8tACjZxUZaywezxTlP4WQW54QEAlPa4a2xXcCvAHKD_LtELe92WzKMxjxGld9W6IU7HnJgHBfXepummBoJ4kgT3jW6byWcBhoZkc7ZZ83LEUUwdY9QCVeYBBANAHT-HcUpjhbpJWuwBveKV0oYLy0kUTfFxOWwUBtnqfryP-KovY6_mexIRHkyrbB3j2e-JrKJLb4zsnsuXerl5qWRi6Yj_MPmFDwrNr0XJl_vjd2K4-c-gGMtxY7nHAaonoTD_AtVRqjK8xPULVV3NSqZRu65rWQO9PS2qJ5KGXU3o1eVFsKo2Zb0XL7Jy_Y5AQ9646BVufU0t6z6eNCndx5dLzm5qd6sP0feW2D18pPXZdMVxdeOcQJ_RosFxuNcGAVizdD3ATu3juuaENFBpfSK43SSexfUwkgRQcBPLpaF5aDDO0t_5UeQKTCs4MlduGtUzz5AMcswr59g-aGGPluBAmQQY3hCPtYrtvvjjlXTxzYQixeG5jk28kIzXvKFZZ2YqdWP3kJknsuMnStQh8rCXsfrwnD2WPB4WoRQBCkD4CdZlsD22aGZ_9qoZctCIVkV3Bd8BDkW_F_MAuTs4l0TLBT5RDS_XqxViUJaS3_1k4elMSi8t_aOuV7cQNArYRq2TM7_CcOkZXA79Lm90X_oEBHN8yiLL6lMfmpVQhm_6L_fDCUiuupcTLNEpn9utRm71K1PWQjTQaRCCws6CHo7sAiNmnFYLdhNMF4x8RIO9DoXkXFyrGQQD-aHv-jWFoGsUJgznKLjo6A8Lrj0U6fAVLKEsEohy9XhIj64AKmpKiVrbvCEgwy9Qdm4qBUERpX6cqzWKV0K7dWQgIv182XdgNkEIzS8QN04I0BbAE_donFN1hbgX41r1hH

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F4A0 0
0 60ms
59ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstq5Wf0kr8ewAV1f_cETXKAI3oLCBfUEHRCBJDmVM0A4c6gABVXepJO8x4IpFZS9jChGPKBsQvA3rR40BZmEv4Rgn4NvT5sXrBwqwLj52doSQ_FTIB8ubTHoO6505nbvSpb9oQJb_1z4mYfJalSs69l-WPN0sOpWI1DROJPzCRNYhUTmm-sXEYIG_iXm96mSGbHY6anCvCl5vYH2UEgzFjPdanRVsUakt38bCjs2_VTTo-4HdGwP1xwGaG6TPATXhIpPC7HzZkL9ipBHk1iATpfEl5171zGIa6rwCqu4JCiqE0LUrN84SdJLpK3SIpbAAncvBMFQf6-PZw0ZbQiYI4xj4LOLSbohhAdie9C73XgvJsHBAXy877zKuOdD2frK8tSZNviT6U_5p2lLmuZW2jVRTTLLkKeHN5Rx1tKNuSqcoClh2Y42hk1tODxjDzcfCchheB0Y6e9x-SlwLsnZuW8qAs5BYW7p790EoIycQIyNjbAZCd4vnL3SqJ2jfFO7ksjTRx4MFiu7qFgDRGq4O2dPsfT6EgqJUYb6TpkusvHqs1qG9sE9MZw6H4dP2bzC08GFUQ74TxzpVebfNdf9XBHJbm4RjinYTmGjgCmh6OkOLVyR1wXNH5sUoD1CrWleitt1Sh8LqFb8VIWYHbY9UeVQBvZvYPUbxejluLuN6vUKLSVsbCBkurB1hGAAGcauu8zxNdu3omS1FkHVaMXkNBi9jeTFiP64hCo2-pAlgZxnJpAVFaprYCzpiGpogUAXcQYhBv9jWPPvS0WgLWOgrhwW6jG9n-x0iPhYPQcIi1Y8DZhCZPjdoXdEVhbhHm9bG78N83gZ03JDjbNJqbieREAd4Cm8qnUvGNrBSMBsUKH5NbV32FYaFmoTVQvYYmIWBwZrzPsCZzH_-62LVn_8MCvUBOlcWDDO05M0cOtWMv9us10nehuSIZrnKCtIpjaXGmdzFrbUFmNTYk0QDtr6euPqA3JV5T34706FmmZjyCJW5686_xRh4qifL2_Xhuv5_hWoWngfO2F6QvzD4-N8dqAzkfufxsZOxf-S__H6kS41I9kYEv6DMR7RyXgBtvooPWsO2Cm9FK9PJ6ATPB9D82bA4sr3hgWk26i_qQP8sAzeogoAcWduNR37QeAY6JZuPhh3nhMMTM7o4TWp9La-DrVpFs4wfxtCvGSsdbB8gML653cVoCdpHw2XzbMmh04B6WrGwucI5B25H8KeypvllXXcjSOkraBWfFGdY_aiYg&sai=AMfl-YSRp32WKYpENesErdsU2NMkElhusFvMIBF3r_DKhGKwTsBcrk8vRBk_oOpqZ0Jtgv31Rm_d_asN67lQdePioWd3-Ylykw8X6cSUS8HqMhASQ8oS18sKrP8C_MfyTg3nO1Z79O9P84guid4zk1cL_wzD9B4-qQakY6X7CXBP5lPJMmWvRBtxipjCowzpNtf-s8V44_YDxQX36Wk7IPcrzhGp4vcJzeaDRZLt-pqIoks_d9XTGu29wsnWJ9Wut6MDGDevRaWYPRBqiPhhMeE9nTeAgSyxMxAhDmMlEgg&sig=Cg0ArKJSzNvhEvYUeQs1EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=644&vt=11&dtpt=448&dett=3&cstd=194&cisv=r20230124.07559&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Jan 2023 11:09:30 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4038 0
20 B 90ms
90ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2OZ06VPWY-K3NJHU3gOa_pWoAgAAAAA4AeAEAg&bg=!sLOls_fNAAZSrDxfcqw7ACkAdvg8Wi99QT0BNUZbehpy3Q9txb7kJulU6IpqeJT_NTWfPwAKMxFMTAIAAAFHUgAAAAJoAQeZAvLaFg0T7YPPhlevKEM6LKnvbREjJZoh8FVm1ISL8R9IzxmTyEjSS2ohk-CJNfnXidDd241_E_2dUc4_M5JFpNyWSBRdjmec8NXSbJDfaSQyd9l8RWik1t8SmGbeS45tcwQGecQ0vzxG9ZNQBmw_88wrm2JEGGrjSoclFwkWeOuTyd8dyimAeiYlM1e1mCZiebCBX_9wejeq92r7BrsVcPWGYDmhbsqXY3TspYtgRvklvigqmPxidy7qQ7Wrg4WEMRhH8zoLqaSqm3UCLyGMOxbUDDaagGF1Kn2QuK8KIXCoRrreoQLmO2fmFThYfrCsfhYF8Zo2GsHB9AfOG1ogSCZrHki28dnlnF_Zmcu2t7fW1eQiw2T16b2TgHr3uvkrAH1d64wixw1rAtaDRbbtYA9vwfmcWRVV12n4thKmmNBLoSQLCTQJjx5n5Z6P-4Sk14DmXJE8ck6jlecxB4x6DQ6LVTd-GNVeNrRyWljkuoNOfXRJKTx-FFr9-N_IhUr7OkapR9qx_muApca6BqDWiuJ0meaJwJwtSEvGdZ7an8WDbH6bDrbOxMJl0je-xDi2BFMkazzbiGIqtdHRbd8WrvHYhbsmKoGA4Z7Vg-XaGXggRc7Z8Qz0PRc7dK59-SRvAdj9rLdsQKq8zsNYXlKc-PCYb9i7i_QloprnF2Rre3sjNGqhTrsgyi-h-YnFY_CWcNvYGVvdoVSn5eRD9XqggZwRup7CU3jKwDQ8NIdQ1vL11chj3QblL9wmgIYmMKhilFpNPKGTA5B8cT47sjpGzMI2-Bw3iRkhiJZiHFFT83UtoyQv3Eie0cd0QPsLZF53URcH_u0dp-1RyMK4ZYsjoWIi0jlaY-OrSt-Skvdr5SWGgRq9ZkSnEHBiRyoI8Y7ef579hfJwjnxPMV9dv8q6SZHwtDb9Fb5o0ROW-89G2j6LSEujmPsWAMulXKtGytrF5_81ShCqzeSsTwsN7Nj_aue7BlzNu3C9uHL2Mee9a2MqX7y7

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 2650 2 KB
1 KB 39ms
38ms Image
image/svg+xml 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 10:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 698
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Jan 2023 11:12:52 GMT

GET
H3 200 logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 2650 3 KB
1 KB 43ms
39ms Image
image/svg+xml 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:24:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Jan 2023 11:22:10 GMT

GET
H3 200 tui_live_happy_white.svg
s0.2mdn.net/creatives/assets/4426814/ Frame 2650 8 KB
3 KB 53ms
49ms Image
image/svg+xml 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4426814/tui_live_happy_white.svg

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c043552be6d98da422ec5c2946c7a6588600e29d9f2a871ba1ea1206d3db813b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 10:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 698
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2962
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 10:17:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Jan 2023 11:12:52 GMT

GET
H3 200 head2_2line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 2650 12 KB
3 KB 54ms
49ms Image
image/svg+xml 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_2line_paare.svg

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9711c16a64e8b4086724485013257f3ba812d103630ddd609e3bcc677a07a0bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 10:54:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 895
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3441
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Jan 2023 11:09:35 GMT

GET
H3 200 head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 2650 4 KB
2 KB 91ms
86ms Image
image/svg+xml 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1610
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Jan 2023 11:24:30 GMT

GET
H3 200 728x90_kv_paare.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 2650 36 KB
36 KB 56ms
52ms Image
image/jpeg 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/728x90_kv_paare.jpg

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15ddf64a1db0b06797a274e5975f2303bbfd68ca43e0539ddb4f5aac2bcaa456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 10:57:52 GMT
x-content-type-options: nosniff
age: 698
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37294
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Jan 2023 11:12:52 GMT

GET
H3 404 cta.png
s0.2mdn.net/sadbundle/18225678633910820894/300x250/ Frame 8772 43 B
69 B 252ms
248ms Image
image/gif 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18225678633910820894/300x250/cta.png

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18225678633910820894/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:09:30 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
expires: Sun, 29 Jan 2023 11:09:30 GMT

GET
H3 200 Prod1.png
s0.2mdn.net/sadbundle/18225678633910820894/300x250/ Frame 8772 7 KB
7 KB 47ms
43ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18225678633910820894/300x250/Prod1.png

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cfb9a768e9774d4af82e1b3c6ab17a99044292be05d3c8d754679e4c26fb218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18225678633910820894/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 19:00:23 GMT
x-content-type-options: nosniff
age: 403747
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7509
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 10:05:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 Jan 2024 19:00:23 GMT

GET
H3 200 Preis1.png
s0.2mdn.net/sadbundle/18225678633910820894/300x250/ Frame 8772 3 KB
3 KB 46ms
42ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18225678633910820894/300x250/Preis1.png

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c79f7431b7a23978681e37f32e4852aae3b651a49758a2ee96796189ba6fb35e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18225678633910820894/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 19:00:23 GMT
x-content-type-options: nosniff
age: 403747
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2870
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 10:05:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 Jan 2024 19:00:23 GMT

GET
H3 200 MM_Logo.png
s0.2mdn.net/sadbundle/18225678633910820894/300x250/ Frame 8772 1 KB
1 KB 53ms
49ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18225678633910820894/300x250/MM_Logo.png

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

873e54bd02647b1c767055bdd2b745e97ec2ad24fc08f22ebc25eab672df5a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18225678633910820894/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 19:00:23 GMT
x-content-type-options: nosniff
age: 403747
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1401
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 10:05:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 Jan 2024 19:00:23 GMT

GET
H3 200 SA_Logo.png
s0.2mdn.net/sadbundle/18225678633910820894/300x250/ Frame 8772 2 KB
2 KB 55ms
51ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18225678633910820894/300x250/SA_Logo.png

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c2cf8cd9d2f8242a4e19d439b6021c46cac6da9e703af81872d02931417d1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18225678633910820894/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 19:50:12 GMT
x-content-type-options: nosniff
age: 314358
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1571
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 10:05:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 25 Jan 2024 19:50:12 GMT

GET
H3 200 HL2.png
s0.2mdn.net/sadbundle/18225678633910820894/300x250/ Frame 8772 2 KB
2 KB 54ms
51ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18225678633910820894/300x250/HL2.png

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9eefe94a2073acf1e683d15811b684cd48ed82f91d26414d191ac5c4b152f85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18225678633910820894/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 19:00:23 GMT
x-content-type-options: nosniff
age: 403747
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1659
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 10:05:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 Jan 2024 19:00:23 GMT

GET
H3 200 Bild.jpg
s0.2mdn.net/sadbundle/18225678633910820894/300x250/ Frame 8772 10 KB
10 KB 50ms
46ms Image
image/jpeg 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18225678633910820894/300x250/Bild.jpg

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bfde796bd4b66555d295ab28a15117d6ab02af2b3bac2e706534776277b9d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18225678633910820894/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 02:40:11 GMT
x-content-type-options: nosniff
age: 30559
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9912
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 10:05:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 29 Jan 2024 02:40:11 GMT

GET
H3 200 Prozent.png
s0.2mdn.net/sadbundle/18225678633910820894/300x250/ Frame 8772 3 KB
3 KB 53ms
49ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18225678633910820894/300x250/Prozent.png

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aad20d32d0058ab447b3e2930902228801c0cec176f28b44aefb8310b72ac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18225678633910820894/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 19:00:23 GMT
x-content-type-options: nosniff
age: 403747
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3459
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 10:05:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 Jan 2024 19:00:23 GMT

GET
H3 200 LetsGo.svg
s0.2mdn.net/sadbundle/18225678633910820894/300x250/ Frame 8772 3 KB
605 B 49ms
45ms Image
image/svg+xml 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18225678633910820894/300x250/LetsGo.svg

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e3283ac8c8605de3f79211d3e07358e98402e059a1ce26d90afbefd09f8bb7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18225678633910820894/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 19:01:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403699
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 576
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 10:05:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 Jan 2024 19:01:11 GMT

GET
H3 200 cta_deals.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 1D39 5 KB
2 KB 52ms
49ms Image
image/svg+xml 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4722971/cta_deals.svg

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da933ef53458927e254187e40711b33abc36dafd95218f913db426cf3e676e20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:01:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 495
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1864
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 07:45:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Jan 2023 11:16:15 GMT

GET
H3 200 flextarif.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 1D39 4 KB
1 KB 65ms
62ms Image
image/svg+xml 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4722971/flextarif.svg

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc694511bff51871e9dc5ece4e9504015ad4810b9c78ab8b686a0f774d00eb7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:01:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 495
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1328
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 07:45:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Jan 2023 11:16:15 GMT

GET
H3 200 300x250_40_prozent.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 1D39 10 KB
3 KB 64ms
61ms Image
image/svg+xml 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4722971/300x250_40_prozent.svg

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

598a26c3e45c18d7c30ed10d4dcec143cc96f3b86873dd7956f3b928addb4808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2911
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 09:31:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Jan 2023 11:20:56 GMT

GET
H3 200 300x250_head_2.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 1D39 3 KB
1 KB 64ms
61ms Image
image/svg+xml 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4722971/300x250_head_2.svg

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ffd0d7eda36b8e9cca9c1a9e78d196dde0c1e1804e1bd58072f7449d521c3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:05:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1326
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 09:31:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Jan 2023 11:20:57 GMT

GET
H3 200 300x250_head_1.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 1D39 5 KB
2 KB 63ms
60ms Image
image/svg+xml 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4722971/300x250_head_1.svg

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

505f3bfd3582a6fd8bf79ffc45ca2fbcd03ea35c54d42c7405fe757cb85e9549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:05:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2030
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 09:31:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Jan 2023 11:20:57 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 1D39 6 KB
2 KB 62ms
59ms Image
image/svg+xml 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Jan 2023 11:23:04 GMT

GET
H3 200 300x250_kv_fb.jpg
s0.2mdn.net/creatives/assets/4691997/ Frame 1D39 39 KB
39 KB 58ms
55ms Image
image/jpeg 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4691997/300x250_kv_fb.jpg

Requested by

Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfcfb8f7e492ecfc971cf8c903349eb9f5deaf66fe3ad2fabcb3fc95d38d32f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10079595500193011461/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 10:57:58 GMT
x-content-type-options: nosniff
age: 692
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39677
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 07:04:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 Jan 2023 11:12:58 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5A8D 43 B
215 B 233ms
223ms Image
image/gif 2600:1f18:1aca:4282:830b:3b82:a95d:4376
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1333191&asId=78cd6d8f-ace1-4fe7-9199-bc48bad8b8c0&tv=%7Bc:2GrgEC,time:475,type:e,im:%7Bpci:%7Btdr:108%7D,pWait:6%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:475,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:329,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B160~0%5D,as:%5B160~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tukhJwn+11%7C12%7C13%7C14%7C15%7C161%7C17*.1333191-69032163%7C171%7C172%7C173%7C18.990511-61634096%7C181%7C1821%7C183%7C184%7C19.990511-61634100%7C191%7C1921%7C193%7C194%7C1a%7C1b,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:330,sis:447%7D&br=c
Requested by: Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:830b:3b82:a95d:4376 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:30 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E4C4 43 B
215 B 133ms
133ms Image
image/gif 2600:1f18:1aca:4282:830b:3b82:a95d:4376
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=d997d45e-d32b-3c15-b8f4-f4242ed50498&tv=%7Bc:2GrgGc,pingTime:-10,time:468,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA5LjAuNTQxNC4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1674990570751%7C%7Ce924dd1c165deec93716d4c493e3eced%7C%7C2e8a6538fa2d69b650a00d23a95123ee%7C%7C5178608d105155abcf2e1c6aada2d666%7C%7Ce5110de1d25f52d96928e1a561815eff%7C%7C440286d6c3017524f3c4d2878c038ea4%7C%7C1e8a76919742e2bd2bc85d3e250b630d%7C%7Cc6707e1f82f733c89b86b6341913eea5%7C%7C1663701684%7D
Requested by: Host: 937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
URL: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:830b:3b82:a95d:4376 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:30 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7554 42 B
174 B 62ms
61ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6xSoebc-q-gZAUmclWyCULyjTz-6F8GuxGdpm04mGcqlgVYgadB_8q9p-FjUUyuPGmw5INw1idZWXsGekKEgez0h_XB2K2J0lEITv-QHL1yD37V6NKa_Is3P1NAnbTMwdsA50Ow&sai=AMfl-YQOtzHtzGRVjXYhe2s-cJ1TkyVANuvG-i_g1hjS4xHITUQ1L29nUMbloYebsKvT3cmAADu6-qO19V0M5e5kb5SRdru2VkyL25AaTKKaN3wiC1G78It47vaWag6FxSWXwjI_ZT7EHBLx6mMwm9A&sig=Cg0ArKJSzFTMF3XKmHK-EAE&cid=CAQSSwDUE5ymmeOgEY8v8sDqLLCtTfFNWSn2a-OUYjLhGoiQT3u8XwyW0J_1b1gf9NHnx21HL07WsxL9VNT3MBrbGdtpqpHK7WsMZ-J63xgBIBM&id=lidar2&mcvt=1001&p=746,596,996,1324&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230125&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1757246092&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674990569479&rpt=315&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5A8D 43 B
215 B 113ms
112ms Image
image/gif 2600:1f18:1aca:4282:830b:3b82:a95d:4376
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1333191&asId=78cd6d8f-ace1-4fe7-9199-bc48bad8b8c0&tv=%7Bc:2GrgJ3,time:750,type:e,im:%7BpLoad:715%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:750,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:329,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B435~0%5D,as:%5B435~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:311,fm:tukhJwn+11%7C12%7C13%7C14%7C15%7C161%7C17*.1333191-69032163%7C171%7C172%7C173%7C18.990511-61634096%7C181%7C1821%7C183%7C184%7C19.990511-61634100%7C191%7C1921%7C193%7C194%7C1a%7C1b,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:330,sis:447%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:830b:3b82:a95d:4376 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:30 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5A8D 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQ-RGhLNJd-ENjC4WAYGmjznVFc8zqwfYuyaokfE2MI9SbG65vAu0FR-njn6SfUFAjjytRUXTV4xYHv7jG2mX2_Mn339-bv5Wo1WP0f4jgpm8JFng93zQH7dFhfbibRorafSFjeg&sai=AMfl-YSDODrdfVzwDYClqaxhZscHf7k1THhrSPtpp3ewXLrAFd4D5oT3DdG9hu9YlG-0fizXjNociPl1QnMPGq7YYRJlKbT1YW_lx4TreELtzSvNunzRK_ZoxuwVcDqRvhRYYGtoRwU5oUQVM6ybaRI&sig=Cg0ArKJSzEXnk5zrRmMzEAE&cid=CAQSSwDUE5ymmeOgEY8v8sDqLLCtTfFNWSn2a-OUYjLhGoiQT3u8XwyW0J_1b1gf9NHnx21HL07WsxL9VNT3MBrbGdtpqpHK7WsMZ-J63xgBIBM&id=lidar2&mcvt=1000&p=226,262,476,562&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230125&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=654180131&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674990569482&rpt=472&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5A8D 43 B
215 B 113ms
113ms Image
image/gif 2600:1f18:1aca:4282:830b:3b82:a95d:4376
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1333191&asId=78cd6d8f-ace1-4fe7-9199-bc48bad8b8c0&tv=%7Bc:2GrgOk,pingTime:-10,time:1077,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA5LjAuNTQxNC4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1674990570751%7C%7Ce924dd1c165deec93716d4c493e3eced%7C%7C2e8a6538fa2d69b650a00d23a95123ee%7C%7C5178608d105155abcf2e1c6aada2d666%7C%7Ce5110de1d25f52d96928e1a561815eff%7C%7C440286d6c3017524f3c4d2878c038ea4%7C%7C1e8a76919742e2bd2bc85d3e250b630d%7C%7Cc6707e1f82f733c89b86b6341913eea5%7C%7C1663701684,sca:%7Bspg:d997d45e-d32b-3c15-b8f4-f4242ed50498%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:830b:3b82:a95d:4376 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:31 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F4A0 43 B
215 B 113ms
113ms Image
image/gif 2600:1f18:1aca:4282:830b:3b82:a95d:4376
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=c866df2a-6ee3-f51e-95fd-3505eb4ccdbc&tv=%7Bc:2GrgOy,pingTime:-10,time:950,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA5LjAuNTQxNC4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1674990570751%7C%7Ce924dd1c165deec93716d4c493e3eced%7C%7C2e8a6538fa2d69b650a00d23a95123ee%7C%7C5178608d105155abcf2e1c6aada2d666%7C%7Ce5110de1d25f52d96928e1a561815eff%7C%7C440286d6c3017524f3c4d2878c038ea4%7C%7C1e8a76919742e2bd2bc85d3e250b630d%7C%7Cc6707e1f82f733c89b86b6341913eea5%7C%7C1663701684,sca:%7Bspg:d997d45e-d32b-3c15-b8f4-f4242ed50498%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:830b:3b82:a95d:4376 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:31 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E4C4 43 B
215 B 113ms
113ms Image
image/gif 2600:1f18:1aca:4282:830b:3b82:a95d:4376
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=d997d45e-d32b-3c15-b8f4-f4242ed50498&tv=%7Bc:2GrgPE,time:1054,type:e,im:%7Bpci:%7Btdr:1005%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1054,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1050~0%5D,as:%5B1050~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:139,fm:tukhJwn+11%7C12%7C13%7C14%7C15%7C161%7C17.1333191-69032163%7C171%7C172%7C173%7C18*.990511-61634096%7C181%7C1821%7C183%7C19.990511-61634100%7C191%7C1921%7C193%7C1a%7C1b,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:18,sis:292%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:830b:3b82:a95d:4376 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:31 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F4A0 43 B
215 B 113ms
113ms Image
image/gif 2600:1f18:1aca:4282:830b:3b82:a95d:4376
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=c866df2a-6ee3-f51e-95fd-3505eb4ccdbc&tv=%7Bc:2GrgQf,time:1055,type:e,im:%7Bpci:%7Btdr:1007%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1055,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1050~0%5D,as:%5B1050~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:456,fm:tukhJwn+11%7C12%7C13%7C14%7C15%7C161%7C17.1333191-69032163%7C171%7C172%7C173%7C18.990511-61634096%7C181%7C1821%7C183%7C184%7C19*.990511-61634100%7C191%7C1921%7C193%7C1a%7C1b,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:17,sis:245%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:830b:3b82:a95d:4376 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:31 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F4A0 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7419571703674&version=m202209210101&ct=76&x=1&cor=668308051455222100

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E4C4 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7066022661660&version=m202209210101&ct=76&x=1&cor=10189657396799689000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A8D 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9484758095689&version=m202209210101&ct=76&x=1&cor=10994737686017622000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5A8D 43 B
215 B 113ms
112ms Image
image/gif 2600:1f18:1aca:4282:830b:3b82:a95d:4376
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1333191&asId=78cd6d8f-ace1-4fe7-9199-bc48bad8b8c0&tv=%7Bc:2Grh9L,pingTime:1,time:2406,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:329%7D,%7Bpiv:100,vs:i,r:,t:1406%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1406,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:329,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1091~0,0~100%5D,as:%5B1091~300.250%5D%7D%7D,%7Bsl:i,t:1406,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:116,fm:tukhJwn+11%7C12%7C13%7C14%7C15%7C161%7C17*.1333191-69032163%7C171%7C172%7C173%7C18.990511-61634096%7C181%7C1821%7C183%7C184%7C19.990511-61634100%7C191%7C1921%7C193%7C194%7C1a%7C1b,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:330,sis:447%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:830b:3b82:a95d:4376 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:32 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5A8D 43 B
215 B 114ms
113ms Image
image/gif 2600:1f18:1aca:4282:830b:3b82:a95d:4376
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1333191&asId=78cd6d8f-ace1-4fe7-9199-bc48bad8b8c0&tv=%7Bc:2Grh9M,pingTime:1,time:2407,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:329%7D,%7Bpiv:100,vs:i,r:,t:1406%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1406,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:329,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1091~0,0~100%5D,as:%5B1091~300.250%5D%7D%7D,%7Bsl:i,t:1406,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:116,fm:tukhJwn+11%7C12%7C13%7C14%7C15%7C161%7C17*.1333191-69032163%7C171%7C172%7C173%7C18.990511-61634096%7C181%7C1821%7C183%7C184%7C19.990511-61634100%7C191%7C1921%7C193%7C194%7C1a%7C1b,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:330,sis:447%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:830b:3b82:a95d:4376 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Jan 2023 11:09:32 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Verdicts & Comments Add Verdict or Comment

317 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.yallakora.com/	1970-01-20 09:16:34	Name: FGTServer Value: B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA43A1D2
.yallakora.com/	1970-01-20 09:16:30	Name: lotame_domain_check Value: yallakora.com
www.yallakora.com/	1970-01-20 09:16:52	Name: HbWorldCupStrip Value: true
.yallakora.com/	1970-01-20 18:52:30	Name: _ga Value: GA1.2.917374333.1674990568
.yallakora.com/	1970-01-20 09:17:56	Name: _gid Value: GA1.2.1133082230.1674990568
.yallakora.com/	1970-01-20 09:16:30	Name: _gat Value: 1
.izooto.com/	1970-01-20 18:52:30	Name: IZCID Value: 36fd2753-aceb-4a12-8823-27eda01b3d06
www.yallakora.com/	1970-01-20 09:26:35	Name: Location Value: Germany
www.yallakora.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: ftthwkwggpj2wp13dmszq4zl
.yallakora.com/	1970-01-20 11:26:06	Name: _gcl_au Value: 1.1.1983889366.1674990568
.yallakora.com/	1970-01-20 09:16:32	Name: __cf_bm Value: DFCfz5wNfVNZX5dX4E8lN16gN4ouzcopONFOhoMjUeU-1674990568-0-AWa6wX+Pz99uM4Mg0Tn5PmmKT9skKomft4WW6bf+SWPfcZrVmK20kAsfgUIswSUMK/cH5mVXTCM0oLoldmgPaT3DxL72pRqWdg0F04Pnh/Q+pTzmbXwvpRKyzIBT9hYuPFWMuaHE6E3YdkfkFA/ldOU=
www.yallakora.com/	1970-01-20 13:35:42	Name: Exitbee_vid Value: a5825316-70b9-4121-ac29-441e3b04a1d7
www.yallakora.com/	1970-01-20 13:35:42	Name: Exitbee_sessionCampaigns Value: []
www.yallakora.com/	1970-01-20 13:35:42	Name: Exitbee_nrPagesVisited Value: 0
www.yallakora.com/	1970-01-20 13:35:42	Name: Exitbee_visitsCount Value: 1
www.yallakora.com/	1970-01-20 13:35:42	Name: Exitbee_source Value:
.yallakora.com/	1970-01-20 18:38:06	Name: __gads Value: ID=4eeaa273f5e8affe:T=1674990567:S=ALNI_MZgWhNxmslULn2nkMxgWCHWP8nGMw
.yallakora.com/	1970-01-20 18:38:06	Name: __gpi Value: UID=00000babaa1b8f35:T=1674990567:RT=1674990567:S=ALNI_MZRdRY5o-gjUJpCvkGD5GT2lTAjpQ
.doubleclick.net/	1970-01-20 18:38:06	Name: IDE Value: AHWqTUmvDd5PPBeaPSuvcdWQzA2MpLVcpdpB8NZBYH3dWtwzg8dN6VCCztOn7YAa
.adnxs.com/	1970-01-20 11:26:06	Name: uuid2 Value: 6253322157815844987
.casalemedia.com/	1970-01-20 18:02:06	Name: CMID Value: Y9ZT6c4JdjkAG36WInldUAAA
.casalemedia.com/	1970-01-20 11:26:06	Name: CMPS Value: 1115
.casalemedia.com/	1970-01-20 11:26:06	Name: CMPRO Value: 1115
.adnxs.com/	1970-01-20 11:26:06	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?fw511n!]tbPl1M>e)ZlrFUfJ+tGXxoXXpj`uZU70cBC!rV<:p/0E7mQV`dY+N5x:K?3If)y3KL9D3I?+WsN>Us
.bluekai.com/	1970-01-20 13:35:42	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 13:35:42	Name: bkpa Value: KJy20DWvQY9xxBcENBjHst6V63SnH9ABoWQB7EXHS474Py2nPsx5rrUihOJQnY57Y4sBVxSfzio5BM83mfxSYnF+pxyjN98dFJF3sEN1Bac76+ui2lDQ4sDBJxA=
.bluekai.com/	1970-01-20 13:35:42	Name: bku Value: ts6O9moENZmCQ5D3

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://script.crazyegg.com/pages/scripts/0069/1078.js Message: Failed to load resource: the server responded with a status of 410 ()
network	error	URL: https://s0.2mdn.net/sadbundle/18225678633910820894/300x250/cta.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

937d5b6226a269ef4f5a51b15114c9a4.safeframe.googlesyndication.com
acdn.adnxs.com
adservice.google.com
adservice.google.de
aghtag.tech
agorahtag.tech
api.ipify.org
bcp.crwdcntrl.net
cdn.exitbee.com
cdn.izooto.com
cdnimg.izooto.com
cm.g.doubleclick.net
dashboard.ideanetwork.site
dsum-sec.casalemedia.com
dt.adsafeprotected.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
fonts.googleapis.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
media.gemini.media
pagead2.googlesyndication.com
s.exitbee.com
s0.2mdn.net
script.crazyegg.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
stats.g.doubleclick.net
tags.bluekai.com
tags.crwdcntrl.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.yallakora.com
yallakora.com
pagead2.googlesyndication.com
104.111.217.14
13.225.78.97
142.250.185.226
151.101.65.108
172.217.20.2
185.80.39.216
2600:1f18:1aca:4282:830b:3b82:a95d:4376
2600:9000:214f:8400:8:48e:53c0:93a1
2606:4700:10::6814:1a43
2606:4700:10::6814:1b43
2606:4700:20::ac43:4ae0
2606:4700:3030::6815:1b4
2606:4700:3032::6815:4ae4
2606:4700:3034::6815:4466
2606:4700:3037::ac43:c1e6
2606:4700::6812:d941
2606:4700::6813:9408
2a00:1450:4001:800::2003
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:400c:c04::9b
2a00:1450:400d:802::2001
2a00:1450:400d:802::2002
2a00:1450:400d:803::200e
2a00:1450:400d:805::2003
2a00:1450:400d:806::200e
2a00:1450:400d:807::2001
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2006
2a00:1450:400d:80d::2002
2a06:98c1:3121::3
37.252.171.53
52.51.78.49
54.171.32.12
64.185.227.155
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
033c133145e785ebb3bbe4d6416bdd2178c72665b20c48ee3d643cf5d0fb667b
03fa6c8952eed29850d393b2e3ffc1069b9dc8e2a4b5f3c6d9b4352a05bc9424
044b0bbcda074142f53551630be8da19ebf328b0d5e3b58e1765e0c6a4eae188
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
095583da724d5336d2a1fb96959c013f1bd05dbf3dee3a4c693f0eab60abd4d6
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f54f4ab2a4a1297b37ee55277f3f2304fcfc4dc223b20c87c8c40b6c338e31e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14c2cf8cd9d2f8242a4e19d439b6021c46cac6da9e703af81872d02931417d1d
15035a7946d82f74d04fb646f2f993572249e7b131e692696e61eccdb8d1199a
1529002ff0f1d31928a5090c1f28de571b19464dcd04540a5dcff9be9277dffe
1554993bfd6558071bd0f007fbc97c32c540ad0339cdda7a274740b4b214ea7f
15ddf64a1db0b06797a274e5975f2303bbfd68ca43e0539ddb4f5aac2bcaa456
1d05cfbea55865d9fe4adb123f51a6fab34f3234ae09cb06bea691d7684aa31a
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1da4b264078f93ea46279ccfe83306c19c2e362f536728755e62fa63ebdedd92
1f69cda4d346d1361e182ca51dfc0be0b484b548a8afd33fc4939dc63ff671f9
1fe035b6e2b4150f22333863db0fc3494675a36287636db8707caea67a29b275
20968a95e5a911a40d373861cd5ec8215c6c9148a45e4ce53f7bca46033e2e4c
213524df3ef835c51227a7480161cd8868406b83be875ebeae8d75e10d0e3f5d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
281821fa10dd3f1f9149ce2e21aa20a8392be37b241ca4b8c44bf51fd09a79e2
291c4346b397793f200b3143aa3d2223dbabe0cd2872433f54870c28342ee873
2e3283ac8c8605de3f79211d3e07358e98402e059a1ce26d90afbefd09f8bb7d
2f7bd0c73018f9c34a0a959f791da61431910dda0ef204b164ea1539255339db
306bce322ec17eacb680150f965a0c48ce5e873d06916304bdb9264751b175a5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36381f4e1ecaf6042ae17621601cac3572959519960a8241696d55c5eda46def
36d61675f8ddec293c102503a3ca133fb16ded951f3150d695eefda36dbd0b92
39a32304c81475bbaf9f6c735c76a92d12a2b365101dcdefd1edf5422d0b005c
3af22ccabf103ef8b38bc6a0c7d49fae5c9010f3ed25d758440ef052dca534ee
3cfb9a768e9774d4af82e1b3c6ab17a99044292be05d3c8d754679e4c26fb218
3f9909775d48d612aae837f0153817e8addbfa082f901254471bced4d8c72691
426a2a0d3ceb23e5fb8231d5d3e22ed54964beb48fa3bc05c6c789ec60ae5802
42ce9ee9e51344dc1182f0d456164af3530858ff5ee4e53303d7982c04ed897b
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
477ea555adb1b0754b9bf6ba32b31b1ee3d5624fc3efbaefcc887b6467088dc2
4ae51b31bb04c2d6cd8165cf8685c6e9766292113a3b60a4c589a56572627ad8
4b1ea304ef407f235a463e50f36b1497c7a8066e671f673d5cc4cda0f784f670
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7470180ed53b26412234d0cccd5d9803831e7f46f234893248c2aa6eba6a57
4c5d9a2bb4c1a0f9661d19ef675c5646853154a3196260b6f25aa94b73e37f60
4e01a37797acbfcf4cf909d3b0ba1478d2aaab430a555b3b2302882df1f3dec1
4f27ba5334d2f8cb5590bbb434241748b59e62edcdfd6ceab82f23901118d140
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
505f3bfd3582a6fd8bf79ffc45ca2fbcd03ea35c54d42c7405fe757cb85e9549
5270b01c2587098b580b8b6658568890e0ca894963c68ba91ab78b389c71ce7a
52cd3bb46b6ee67d52144d3eb8bb68bcd3981aee02b4c119eaa7ae662e4207ae
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e498ba25f356bd835c3232dd0d4614212cffeedec12bc234b215bc2a1fcac8
57c2b596262f49dfc85822938e3989a0345fcd5ddd698423283ca15f162f6b99
5967d48fa0b6ce4fdf228a2454ee82b64d54a0257f218a6146a204fe9578cef7
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
598a26c3e45c18d7c30ed10d4dcec143cc96f3b86873dd7956f3b928addb4808
5a88add55245f50db23c0023ebf1a0e46146d871020f0030f165abe3f07c1d17
5ea5dadd9304720cf8b575e66865f73dbda63bba5b1b66778a55b064a0a37d1d
5ffd0d7eda36b8e9cca9c1a9e78d196dde0c1e1804e1bd58072f7449d521c3fe
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a5ea6691591b096c2d4dd0b5b94d45ba6c7c2e5f5a3a08c2e9de7b852bfa22
682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2
693dade10b46065ed48dbd1908c839ad28e666649be40350de16010e8abaf3f5
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6bfde796bd4b66555d295ab28a15117d6ab02af2b3bac2e706534776277b9d79
6c34e9a64fd79b324b935ab3ecc8b513554ea5ef3cc1d11a7cbfefcb74c3d402
72a61d669a235778168d161b444bd4e02f13379b006ab2385a1c2a41491c0945
72f5c28a9dd9759817eca2838f7181aa1298dff4c323768182a7c6a3b81e4bec
735e285d96c87baeccd7e684cf5668c0c9586a1a07ef8bbeb44e414aecb54a32
747265ebccb549467dad1dfc5188a3001835816aa22f92471595216bd59e52f1
75161d9d0504fa623a7c1a7b76e737f8c428e3f0f370e8814ed0571f0d1f5722
7576742fc1b1994bcdf3a9df02e189e88140e6823154668e5c771a0fec50d22a
777cc2cc54a1db1c7113af0c171a2578f1145c612f273be3442421bbafe52f6b
7de6a891c6705906101acf9828f6cbfcd84898e34f0a422d65dcb8374ad4b140
7e52e4fc73e5fbcbc16db9561e5d9c11f5f5b8daf3d15f3000e1eded523cfc8b
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
873e54bd02647b1c767055bdd2b745e97ec2ad24fc08f22ebc25eab672df5a8e
8bb74b4c204f5499b7d196b385ee080e1b398dcb86ca417d1b035981bdfe6b75
8c5db07ba4d9dd72f802baa532ff18979e4d2babae35466f7bf91970d6176be5
8d71fee7074531243c46fc84e1b8ec6ff44b173186e8efa4ac53adbcb867044c
8e76f0273df876c534349d2b1efb00b52d15d36a631909bdd273c0a2e76b9189
8f66ac6b68d5a2e5ca06289cc02aef249617fc68ab65762f24f03df91da84c16
8f81334b57e3fbf7fe16dae86a170d7e61addf79c7efb2ded3be1f1dc3feb266
90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02
92010c38ae8a8a779ab12b1b16a5e23f5746d6c31caf6b083db05ac1bb14be84
948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62
94aad20d32d0058ab447b3e2930902228801c0cec176f28b44aefb8310b72ac0
9711c16a64e8b4086724485013257f3ba812d103630ddd609e3bcc677a07a0bb
9a37d2fbc62dc17f9475c468d0867402cbc48d31cfd0398d74e930953a0c5c71
9d59cf0a39d2a47085497f76ab91a3db532900c3407c083a0e0c4c4080bff01d
9df586940ff4019f05da72f4a2c87df0a7476ab55fc5ec0fc104f9166b83d3e2
9f45b937729a1e8300905bb654e2fb9d29a4ee4e68e965805ff3983a5516e2fa
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0436fe2afb6ac2cd6c911e10b50b7f5a42c0273459f54b31f6173638f8752ac
a116a1635a2eb20d44260fd20d186166ca3fbc60ff7b6488c3a6efe44f770494
a12dcb1afdf887b3a63ed365db27502c2f8a4cb86f43b2a3c7096b850cfa943d
a2671a7a71764c73a85a1c61957ee5dee0609425de1f0546bd655edf7b6f1e4a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5a5740ef85b34bc2201e28d241ab2c3ea7f45355377a3100d5dab74dbc3c5e4
a7deb331cc8085ce5cbd4ee3d6cc8e740913837c6747df9e9b5a0b4a58aa751a
a9eefe94a2073acf1e683d15811b684cd48ed82f91d26414d191ac5c4b152f85
aa1dedeb3fe5848da17a5d5aa5eb6b57f51955c4a3222a98c906672d34836bfb
aa4abc8dc8d2cb1dad4216e16de49a15dba700e5778f450872a1b7939944e1d3
ad19787d6918da31389c40e7a0f575d175511aef25ec1d6aa7339e091e0d00f5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b043b024532636f0702a253a318758841a2d24f1e59a72dc75621e88db29329b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5e2362d1847a7b4cad6decf35cd771bcba3267296f0cc0a63cf4a5c59203d2e
b5feee7a5d40a953995b630a5c85e83d3f173baa845310b5b4c66336cdd89cac
b84c83d41cbea8ebbf8cb8228c635ea4d175deb0fb8f5d629cb57957b0fd4de2
b85b93dac58c18fb998074232a3b27d65bea628ebb0ab0c304827574ce5b9df1
bb7b5446264a723cd477dd25769e78c01dfab0307d8f238be827f141ff842d79
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf4aa8f1f339ab14bd142750fbd5d6aff7614187d1e2e0b491818fad0c7fb236
bfcfb8f7e492ecfc971cf8c903349eb9f5deaf66fe3ad2fabcb3fc95d38d32f4
c02bcd8e4d271be063b0624e639dd6fd9a5910189c6b0bb6f78dade70880a2b7
c043552be6d98da422ec5c2946c7a6588600e29d9f2a871ba1ea1206d3db813b
c79f7431b7a23978681e37f32e4852aae3b651a49758a2ee96796189ba6fb35e
c7d05c4edea21160b1d58061d1f2ac8591332b3bd4326e4c8a3077515e17c176
c8b01e229063ec07610643752936624b6531e6561572deca1c7119d2bad05bd8
c99c618704e22e50f8afeed72a9af1b82a6751b99a95ba17f41c63bba6e5a954
cebfa75512f12a4d2f05cacae40f83ddc3e1efaf90aba3d5c9eabe0625a94858
cf45cf13ec17431ac5d3877e18c45aa4ed069a464ab762d2a162299cd673a92b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5ef793247a5bf5bed3024f7ec1900f4bf388de2b121aa35cd4f281d0e908288
d6d175ebf2d68612d9f3da1f53a3a9c3471945df00e8b2fb6d5d43939218763c
d975a59a653cc912036936ae948d4b8ca2fe7c84ade44135b7bfcf4fd412efd9
da933ef53458927e254187e40711b33abc36dafd95218f913db426cf3e676e20
dc694511bff51871e9dc5ece4e9504015ad4810b9c78ab8b686a0f774d00eb7a
dd3526ddba0514315d1dfabd7413c70fa2295b04c7c2b7764c7117803af3ea58
de8f92ba83c2340d3ce444e77ce91b97671a64cf7267407b3f41dfb21f1ef73a
df3a868b4e6a1f84f7410307af667e63ee571325be9540e1853d74368d8ed90d
dfe58d897117bd042db3f4c339e35885ff8d2335c15cdfd8dfa7676a620d70f0
e032a3ab34f159d46fe4df5cb1294b428b6f34ead99a33683f36e76719364df7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e44fec5a648b74e0d3ef336458bcfa9e015ddb81d9b50149ce9eb76dd20b7539
e46fa7ee227000e5803c3317aecd58d5f4fa151e367a94f24e9e814b9dad6330
e5bc93f06a7c27ae1db241bbebd3dd0548e70c17debfe4bf6ed5fcb93bb800a8
e6eaacd4bd14e1643a33cd4ac5771a7f6855b296ab23fe50b5bcbbdf3cc0919a
e80d65f2977e9fc1eca5ec899e02b1cb626d068293df6aea6691076420223204
ec66e5c012e4e56f1242b31faf24bf855acf336c821526ce64d7150d7a2355a6
eca3a5c2729ed83c989816e0c31770f73d6e4bb876225dbbfa9876735c7eef26
ed08a7b9f300904c27e2a65f619408c2e3ea1c2ee495e2da5c4dcbcdd2100d05
ee4c9c33ae1edbeff64edb74e9f094371b7cb506118c610099dc1c80db490add
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11b766fe901626d16d18cda13b641204a1bb259f1b96df6eac06e7275f9587b
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f628294c13b4ff5cec6b38b11e063dc8feddbb0ce57a7fa037e68ad760559b69
fa5710e649205ce7dad0d22c2fb0f83228b3c46e09dbdaa09a9eaa01faa385ef
fb7bba92f538938a27403fba3ffe5d2212cc39a31a945a4aaf2921bde790c195
fd29505194e4e103b57fba45fe58963281e49d1ecda060e6be42d8b3014dfeed
fd975a8b97372bfdf7d9d8126b401e91e7441d067c5a3b2dbc51c0044c6312a7

www.yallakora.com Open in urlscan Pro 2606:4700:10::6814:1a43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

262 Requests

94 %HTTPS

75 %IPv6

24 Domains

41 Subdomains

40 IPs

5 Countries

4168 kBTransfer

9404 kBSize

27 Cookies

9 Outgoing links

Page URL History

Redirected requests

262 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.yallakora.com Open in urlscan Pro
2606:4700:10::6814:1a43 Public Scan

Screenshot
Live screenshot

Full Image

262
Requests

94 %
HTTPS

75 %
IPv6

24
Domains

41
Subdomains

40
IPs

5
Countries

4168 kB
Transfer

9404 kB
Size

27
Cookies

262 HTTP transactions
4 data transactions