www.yallakora.com Open in urlscan Pro
2606:4700:10::6814:1a43 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://yallakora.com/
Effective URL:
https://www.yallakora.com/
Submission: On October 17 via manual (October 17th 2022, 7:53:12 pm UTC) from EG — Scanned from DE

Summary HTTP 238 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 50 IPs in 5 countries across 27 domains to perform 238 HTTP transactions. The main IP is 2606:4700:10::6814:1a43, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.yallakora.com. The Cisco Umbrella rank of the primary domain is 391048.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 1st 2021. Valid for: a year.

This is the only time www.yallakora.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	2606:4700:10:... 2606:4700:10::6814:1a43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	65.9.66.122 65.9.66.122	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6812:d941	13335 (CLOUDFLAR...) (CLOUDFLARENET)
40	2606:4700:20:... 2606:4700:20::681a:4a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 9	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	52.30.246.43 52.30.246.43	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::6815:4ae4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3031::ac43:81b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:e2:... 2606:4700:e2::ac40:850b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.232.242.170 3.232.242.170	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1 15	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
7 9	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
6 10	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4 9	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
5	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4	3.120.29.79 3.120.29.79	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	3.126.58.88 3.126.58.88	16509 (AMAZON-02) (AMAZON-02)
3	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
26	18.66.112.43 18.66.112.43	16509 (AMAZON-02) (AMAZON-02)
1	142.250.13.156 142.250.13.156	15169 (GOOGLE) (GOOGLE)
6	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
4	3.124.253.38 3.124.253.38	16509 (AMAZON-02) (AMAZON-02)
2	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1	23.35.228.188 23.35.228.188	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:6b::7	15169 (GOOGLE) (GOOGLE)
5	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	52.51.237.189 52.51.237.189	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.130 142.250.186.130	() ()
238	50

15 2606:4700:10::6814:1a43 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

yallakora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.yallakora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.sk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:d941 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnimg.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2606:4700:20::681a:4a9 (United States)

ASN13335 (CLOUDFLARENET, US)

media.gemini.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.gemini.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.246.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-246-43.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.sk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

dashboard.ideanetwork.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:4ae4 (United States)

ASN13335 (CLOUDFLARENET, US)

agorahtag.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:81b0 (United States)

ASN13335 (CLOUDFLARENET, US)

aghtag.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e2::ac40:850b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.exitbee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.exitbee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.242.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-242-170.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.sk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.74.194 (Glen Cove, United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.80.39.216 (Canada) 6 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.252.172.249 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.120.29.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-29-79.eu-central-1.compute.amazonaws.com

ads.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.58.88 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-58-88.eu-central-1.compute.amazonaws.com

celtraidentity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 18.66.112.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-43.fra56.r.cloudfront.net

cache-ssl.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.13.156 (United States)

ASN15169 (GOOGLE, US)
PTR: we-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

fra1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.124.253.38 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-253-38.eu-central-1.compute.amazonaws.com

track.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-188.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:6b::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5ednss.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.237.189 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-237-189.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (None, )

ASN- ()

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com 1 redirects 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 147 pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 ade.googlesyndication.com — Cisco Umbrella Rank: 287	382 KB
40	gemini.media media.gemini.media — Cisco Umbrella Rank: 245919 ads.gemini.media — Cisco Umbrella Rank: 625240	939 KB
34	celtra.com ads.celtra.com — Cisco Umbrella Rank: 3194 cache-ssl.celtra.com — Cisco Umbrella Rank: 3930 track.celtra.com — Cisco Umbrella Rank: 3839	1 MB
29	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317 bid.g.doubleclick.net — Cisco Umbrella Rank: 444	265 KB
19	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 232 acdn.adnxs.com — Cisco Umbrella Rank: 618 fra1-ib.adnxs.com — Cisco Umbrella Rank: 7172 cdn.adnxs.com — Cisco Umbrella Rank: 1320	303 KB
15	yallakora.com 1 redirects yallakora.com — Cisco Umbrella Rank: 371913 www.yallakora.com — Cisco Umbrella Rank: 391048	418 KB
10	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542	8 KB
10	gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn2.gstatic.com fonts.gstatic.com csi.gstatic.com	128 KB
8	google.com adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	2 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	40 KB
4	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 273 gcdn.2mdn.net — Cisco Umbrella Rank: 933 r2---sn-4g5ednss.c.2mdn.net — Cisco Umbrella Rank: 488726	4 MB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44 imasdk.googleapis.com — Cisco Umbrella Rank: 435	365 KB
4	izooto.com cdn.izooto.com — Cisco Umbrella Rank: 16351 cdnimg.izooto.com — Cisco Umbrella Rank: 32453	61 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	140 KB
3	exitbee.com cdn.exitbee.com — Cisco Umbrella Rank: 26349 s.exitbee.com — Cisco Umbrella Rank: 28449	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	128 KB
3	google.sk adservice.google.sk — Cisco Umbrella Rank: 105603 www.google.sk — Cisco Umbrella Rank: 29728	1 KB
2	adnxs-simple.com acdn.adnxs-simple.com — Cisco Umbrella Rank: 2496	50 KB
2	celtraidentity.com celtraidentity.com — Cisco Umbrella Rank: 35115	674 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1160 bcp.crwdcntrl.net — Cisco Umbrella Rank: 818	16 KB
1	googleadservices.com partner.googleadservices.com	476 B
1	gumgum.com rtb.gumgum.com — Cisco Umbrella Rank: 1123	209 B
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 3082	216 B
1	aghtag.tech aghtag.tech — Cisco Umbrella Rank: 38110	86 KB
1	agorahtag.tech agorahtag.tech — Cisco Umbrella Rank: 101734	4 KB
1	ideanetwork.site dashboard.ideanetwork.site — Cisco Umbrella Rank: 484936	3 KB
1	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1773
238	27

	Domain	Requested by
38	media.gemini.media	www.yallakora.com
26	cache-ssl.celtra.com	ads.celtra.com www.yallakora.com
22	pagead2.googlesyndication.com	5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com googleads.g.doubleclick.net cdn.exitbee.com www.yallakora.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com imasdk.googleapis.com pagead2.googlesyndication.com
15	tpc.googlesyndication.com	1 redirects 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com
14	www.yallakora.com	www.yallakora.com
10	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
9	ib.adnxs.com	4 redirects googleads.g.doubleclick.net acdn.adnxs.com
9	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	1 redirects 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com www.yallakora.com pagead2.googlesyndication.com
8	www.google-analytics.com	www.yallakora.com www.google-analytics.com www.googletagmanager.com
6	fra1-ib.adnxs.com	cdn.adnxs.com
5	ade.googlesyndication.com	www.yallakora.com
5	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
5	www.google.com	www.yallakora.com 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com tpc.googlesyndication.com
5	securepubads.g.doubleclick.net	www.yallakora.com securepubads.g.doubleclick.net
4	track.celtra.com
4	ads.celtra.com	5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com ads.celtra.com
4	5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	csi.gstatic.com	imasdk.googleapis.com
3	imasdk.googleapis.com	www.yallakora.com imasdk.googleapis.com
3	acdn.adnxs.com	dashboard.ideanetwork.site acdn.adnxs.com
3	www.googletagservices.com	5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
3	www.googletagmanager.com	www.yallakora.com dashboard.ideanetwork.site www.googletagmanager.com
3	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com pagead2.googlesyndication.com
3	cdn.izooto.com	www.yallakora.com cdn.izooto.com
2	s0.2mdn.net	imasdk.googleapis.com www.yallakora.com
2	acdn.adnxs-simple.com
2	celtraidentity.com	ads.celtra.com
2	s.exitbee.com	cdn.exitbee.com
2	encrypted-tbn1.gstatic.com	5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
2	encrypted-tbn0.gstatic.com	5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
2	adservice.google.sk	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	ads.gemini.media	www.yallakora.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	rtb.gumgum.com
1	r2---sn-4g5ednss.c.2mdn.net
1	gcdn.2mdn.net	1 redirects
1	cdn.adnxs.com	acdn.adnxs.com
1	bid.g.doubleclick.net	acdn.adnxs.com
1	fonts.gstatic.com	fonts.googleapis.com
1	encrypted-tbn2.gstatic.com	5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
1	www.gstatic.com	5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
1	fonts.googleapis.com	5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
1	api.ipify.org	dashboard.ideanetwork.site
1	cdn.exitbee.com	aghtag.tech
1	aghtag.tech	agorahtag.tech
1	agorahtag.tech	www.yallakora.com
1	dashboard.ideanetwork.site	www.googletagmanager.com
1	www.google.sk	www.yallakora.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdnimg.izooto.com	www.yallakora.com
1	script.crazyegg.com	www.yallakora.com
1	tags.crwdcntrl.net	www.yallakora.com
1	yallakora.com	1 redirects
238	55

This site contains links to these domains. Also see Links.

Domain
te.eg
competition.yallakora.com
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
gemini.media

Subject Issuer	Validity	Valid
www.yallakora.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-01` - `2022-11-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-13` - `2023-06-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.sk GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.exitbee.com E1	`2022-08-26` - `2022-11-24`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2022-02-07` - `2023-03-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
celtra.com Amazon	`2022-02-09` - `2023-03-10`	a year	crt.sh
celtraidentity.com Amazon	`2022-10-12` - `2023-11-10`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 24 frames:

Primary Page: https://www.yallakora.com/
Frame ID: 308B181A405B6AF7047E9AD458AF5A6D
Requests: 104 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: EF79E561C0553ECD0C9790C9D86D953D
Requests: 1 HTTP requests in this frame

Frame: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C3A87926A8DFB321469F5388D2FED847
Requests: 1 HTTP requests in this frame

Frame: https://www.yallakora.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1666022400
Frame ID: 6B50FC142114D6DFDC4757A372439C83
Requests: 3 HTTP requests in this frame

Frame: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FAA4A7C4D6E6693B5BD779F4F173C2EF
Requests: 21 HTTP requests in this frame

Frame: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 66953BCA6464BBDFE539EF1262F501FA
Requests: 21 HTTP requests in this frame

Frame: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 218547BBBCEE7B72887C44D766C890F2
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOlvQEQ5tnSARio5urUATAB&v=APEucNWMjrvrQ5oCdXC9ZUL3mxvMbw3SyOcsJR35v0kFsp3sNViS6GlQXuIdWZpvaoAYLC6GWzzipgYtafI220gPjVaH01HITbzDbr0JyhV5kAidu5BX--YOuVN479HJCs7PdWqZLnEfj6SY5E7UYUhGdz4smCeOY-eAcJ0Tg9CWzTfF9577Lds
Frame ID: E204DD30E7F685DEAC921AB52CED1E61
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOlvQEQ5tnSARiU5OrUATAB&v=APEucNVB6aQ_PqPuZxLvj7usoz0fDlF2XpBDcqNoTF3aJi3r4hBhtCn98KbqxxM6tVmiPtbQZSqFZlv1M2b9KcXOxwIC-y7li3koExOlbQ2isKmoibqcQH2E32B6taM-cfQGz38fJBuwZ5JWVlgjFZfsx-KQ5Rsn4qHppL_qN_YJX7Tsn7vCbNs
Frame ID: 446DCCDCE361556428AEC70B0210E409
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
Frame ID: 4DB8F1C7FD69E6DB628A39970C604353
Requests: 1 HTTP requests in this frame

Frame: https://cache-ssl.celtra.com/api/fonts/16bf8d7f/3_cb19957205cb8dd9b8c6a45e451a34a854cdff86c97628846dddfb1f39a9a519/adineuePROCond-Bold.woff?subset=%20AGIKLNORSY
Frame ID: 33F965872D04714F93EF13A166E37E95
Requests: 12 HTTP requests in this frame

Frame: https://cache-ssl.celtra.com/api/fonts/16bf8d7f/3_cb19957205cb8dd9b8c6a45e451a34a854cdff86c97628846dddfb1f39a9a519/adineuePROCond-Bold.woff?subset=%20AGIKLNORSY
Frame ID: 688E5A8433F0180891021C03BDCB1244
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D359E186928BE302ACE19D357F8D028C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F4611D08184D58DBF6F5DA3FB4C49E8C
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/video/static/res/av2.mp4
Frame ID: 32B3B8248B34139117ACB67CCBB04EFF
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/video/static/res/av2.mp4
Frame ID: 78DF4BCDF3F7C365DC029C19E887E129
Requests: 1 HTTP requests in this frame

Frame: https://cdn.adnxs.com/v/omsdkvideo/229/trk.js
Frame ID: CAE7F263EF393E30DBEF5BA47EB0CF23
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9B6703C78987AC18D6B5F3AEDB23F6E1
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js
Frame ID: 3C444618ABBC90A6C7B285DE4B889B62
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.539.0_en.html
Frame ID: 506E66381A0198B81F650008764AAABB
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: FB1F50E1C3CA0FAD73CBB68593A66A09
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/zrt_lookup.html
Frame ID: 5DE36BBFFC5E789B51FB6EF534908D4B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4076396686996071&output=html&adk=1812271804&adf=3025194257&lmt=1666036389&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.yallakora.com%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666036389614&bpp=2&bdt=7413&idt=94&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9ff5d9d654014fe5-221129974ace0028%3AT%3D1666036383%3AS%3DALNI_MaxsM9RhG0tR0DgrOAdQOIR6YAxlg&gpic=UID%3D00000b7490353c30%3AT%3D1666036383%3ART%3D1666036383%3AS%3DALNI_MaOYDJErbkV8KMQEGyyiT1oONJVPg&nras=1&correlator=7562533800324&frm=20&pv=2&ga_vid=733115516.1666036383&ga_sid=1666036383&ga_hid=600219828&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070342&oid=2&pvsid=2490143105744881&tmod=720007158&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=113
Frame ID: 45980D66AEAF818108F5D4CE49331BA7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4076396686996071&output=html&h=250&slotname=7602326107&adk=602304427&adf=4134141899&pi=t.ma~as.7602326107&w=300&lmt=1666036389&format=300x250&url=https%3A%2F%2Fwww.yallakora.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666036389616&bpp=2&bdt=7415&idt=122&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9ff5d9d654014fe5-221129974ace0028%3AT%3D1666036383%3AS%3DALNI_MaxsM9RhG0tR0DgrOAdQOIR6YAxlg&gpic=UID%3D00000b7490353c30%3AT%3D1666036383%3ART%3D1666036383%3AS%3DALNI_MaOYDJErbkV8KMQEGyyiT1oONJVPg&prev_fmts=0x0&nras=1&correlator=7562533800324&frm=20&pv=1&ga_vid=733115516.1666036383&ga_sid=1666036383&ga_hid=600219828&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=262&ady=2256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070342&oid=2&pvsid=2490143105744881&tmod=720007158&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=hbTEfRCwaU&p=https%3A//www.yallakora.com&dtd=127
Frame ID: 9FE8ADE5FA2F21EB44D68B645555933D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

يلاكورة الموقع الرياضى الأول فى الشرق الأوسط

Page URL History Show full URLs

http://yallakora.com/ HTTP 301
https://www.yallakora.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

<(?:iframe|img)[^>]+adnxs\.(?:net|com)
adnxs\.(?:net|com)

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Izooto (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.izooto\.\w+

Page Statistics

238
Requests

94 %
HTTPS

61 %
IPv6

27
Domains

55
Subdomains

50
IPs

5
Countries

8552 kB
Transfer

14373 kB
Size

26
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://te.eg/wps/portal/te/Personal/Mobile/Control-WE-MIX/!ut/p/z1/jZDZCoJQEIafpQeIGY9bXrpramIu2bkJLTHJNFB8_myBIGmZu4HvZ775gUIKtMmGqsz6qm2yety3VNjxqBEbQ3RNxRYwSNxYMRKORZPA5g44gUYY30THlwQJZc_WUFqLBBcE6D_5L8Atjx9GxjFP306Epo6yofNuJEZEtcgTeCk6K3ZUlDRUDYFBT5wA0x9-WSyBlnWbPwo7ccd4kIF2fdYXkO7rtisOYCFcznGKlT2nOTe7AtmivLk!/dz/d5/L0lDUmlTUSEhL3dHa0FKRnNBLzROV3FpQSEhL2Fy/

Search URL Search Domain Scan URL

URL: https://competition.yallakora.com/Predictions/Home#nav-menu
Title: مسابقة التوقعات

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Yallakora

Search URL Search Domain Scan URL

URL: https://twitter.com/yallakoranow

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC7N7DXktAhFpRpYb3B6Hnxg

Search URL Search Domain Scan URL

URL: https://www.instagram.com/yallakora/

Search URL Search Domain Scan URL

URL: https://competition.yallakora.com/Predictions/Home#nav-burgermenu
Title: مسابقة التوقعات

Search URL Search Domain Scan URL

URL: http://gemini.media/

Search URL Search Domain Scan URL

URL: https://gemini.media/pricing#YallakoraF
Title: للإعلان معنا

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://yallakora.com/ HTTP 301
https://www.yallakora.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 100

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr09Wf2AEQsAkYrAIyCPp95elfbcrd HTTP 301
https://tpc.googlesyndication.com/simgad/16851322724340381604

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOqj_K35FdiYlsngbUpvfmc&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOqj_K35FdiYlsngbUpvfmc&google_cver=1&C=1

Request Chain 117

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y02yoAej0XFW47Wqhee6HAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTDOzmg4n9Z-9UaR-w-7aY&google_cver=1

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEK1czs5_AC9UHkTnzWFX6VE&google_cver=1

Request Chain 119

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAwMzI3Nzk4NDE2NjYzNDUxMw%3D%3D

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe_CUQkHbviRp4C2pedMxs&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe_CUQkHbviRp4C2pedMxs&google_cver=1&C=1

Request Chain 121

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y02yoAej0XFW47Wqhee6HAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTDOzmg4n9Z-9UaR-w-7aY&google_cver=1

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHxtv0ciTzUEN9tPcf_1I_c&google_cver=1

Request Chain 123

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQyNjU2MzA1MDQ5MDI3MTU2Mg%3D%3D

Request Chain 216

https://gcdn.2mdn.net/videoplayback/id/e5142e99b93c75bd/itag/692/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3803380793/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/6E761DF36C247D1496EDA61B11BD6607F528486C.7B8CA94607C410BCE0C38EDCDB742DC65B9FB84F/key/ck2/file/file.mp4?cpn=xYI4m3kXiqWnNNrz HTTP 302
https://r2---sn-4g5ednss.c.2mdn.net/videoplayback/id/e5142e99b93c75bd/itag/692/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3803380793/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7D1A80C185B1B901120BBF244D73D2F142F5EE39.03FF165F87735DFFEF35BC7618800A9F2B32FFFA/key/cms1/cms_redirect/yes/mh/CK/mip/2001:1b60:1010:3:1012:b8a4:c96e:b47b/mm/42/mn/sn-4g5ednss/ms/onc/mt/1666035906/mv/m/mvi/2/pl/48?cpn=xYI4m3kXiqWnNNrz&file=file.mp4

Request Chain 226

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRCv-LquAhiqj5jQASABMAE&v=APEucNVDuchHPGlDDm1Oq5zOksRqIt48s-0s80e4mW00bKXm2qaRsCVNnD0UgmkwOOzO7k9e_6tFwyl4BzSm5RSqve-ft4KizA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_cm HTTP 302
https://rtb.gumgum.com/usersync?b=gdv&i=CAESEHB8ItFTqvJYvnEH6NvJ1ig&google_cver=1

238 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.yallakora.com/
Redirect Chain

http://yallakora.com/
https://www.yallakora.com/

181 KB
26 KB

481ms
399ms

Document
text/html

2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a1c575c2cd9a3718657556f21d121eabb76f835a341b94fc95bf4590d50375ec

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 75bb93fa58b3bb4f-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 17 Oct 2022 19:53:02 GMT
expires: -1
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

Redirect headers

CF-RAY: 75bb93f98e8f9a03-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 17 Oct 2022 19:53:01 GMT
Expires: Mon, 17 Oct 2022 20:53:01 GMT
Location: https://www.yallakora.com/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 Style.css
www.yallakora.com/Content/ 1 MB
156 KB 106ms
105ms Stylesheet
text/css 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/Content/Style.css?ver=57.40
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 481b14b5b14debb7986705407dae4a2a567756a87f4194e9257ffcd3b81323f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:02 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 27 Sep 2022 16:19:10 GMT
server: cloudflare
age: 1740805
cf-polished: origSize=1427791
etag: W/"093d5df8cd2d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
content-type: text/css
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 75bb93fcdd8abb4f-FRA

GET
H2 200 Sponsor21.css
www.yallakora.com/Content/ 8 KB
1 KB 148ms
147ms Stylesheet
text/css 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/Content/Sponsor21.css?ver=2.2
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6a1eb33c73e9d51134d31ee4bbe6c530b54004e2d65feb03fb285ea10709f428

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:02 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 09 Mar 2022 12:20:31 GMT
server: cloudflare
age: 709040
cf-polished: origSize=10757
etag: W/"c9dcbe11b033d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
content-type: text/css
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 75bb93fcdd8dbb4f-FRA

GET
H2 200 GutterStyle.css
www.yallakora.com/Content/ 5 KB
1 KB 128ms
127ms Stylesheet
text/css 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/Content/GutterStyle.css?ver=0.63
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 777cc2cc54a1db1c7113af0c171a2578f1145c612f273be3442421bbafe52f6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:02 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 10 Jan 2022 14:05:29 GMT
server: cloudflare
age: 1505172
cf-polished: origSize=6708
etag: W/"b6f6cf1f2b6d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
content-type: text/css
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 75bb93fcdd8fbb4f-FRA

GET
H2 200 Layout Show response
www.yallakora.com/bundles/ 178 KB
51 KB 556ms
556ms Script
text/javascript 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/bundles/Layout?v=ik3RNJNtkislbytZgVA2Vdcw0rnO1HQ_Jhil8agxBYw1
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b2f8c4ebd3654ffe2a9eb2136b648a1ce4b7323edb335553d7589324b231cea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 17 Oct 2022 19:53:03 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: public
cf-ray: 75bb93fcdd90bb4f-FRA
expires: Tue, 17 Oct 2023 19:53:03 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 107ms
35ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad46f0f41fedf27eab70fd152f61ec55a00235b7da945bc988a0b77319e5b83f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27708
x-xss-protection: 0
server: sffe
etag: "1367 / 74 of 1000 / last-modified: 1666004741"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 17 Oct 2022 19:53:02 GMT

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/15758/ 52 KB
16 KB 89ms
22ms Script
text/javascript 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/15758/lt.min.js
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b82665f6013dd05db5bbf5e6ce927083e41a888dab6d4db95d78bc522a3ea27a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 10:03:53 GMT
content-encoding: gzip
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
last-modified: Mon, 03 Oct 2022 20:34:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 35350
x-amz-server-side-encryption: AES256
etag: W/"e387aafd0b353bd2bccf42bc278b8a6f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: r5t7VFk7wmkLwwHy-O__lmIRS-ofH2-fXwj9kZNgk_SWVsnIGM_qyg==

GET
H2 200 a0e1f72be7d69fe7b47acade32a261ad5c080d74.js Show response
cdn.izooto.com/scripts/ 1 KB
845 B 104ms
41ms Script
application/javascript 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/a0e1f72be7d69fe7b47acade32a261ad5c080d74.js

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7de6917909912632a6ead10e864ea9b98b29047da4590d5b645a94d5d0cdbd69

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:02 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 26 May 2022 05:02:00 GMT
server: cloudflare
age: 1321774
etag: W/"628f09c8-40e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 75bb93fd3e71916a-FRA
x-xss-protection: 1; mode=block
expires: Thu, 17 Nov 2022 19:53:02 GMT

GET
H2 200 yklogo.png
media.gemini.media/img/yallakora/staticimages/ 8 KB
9 KB 110ms
46ms Image
image/png 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/staticimages/yklogo.png
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6c34e9a64fd79b324b935ab3ecc8b513554ea5ef3cc1d11a7cbfefcb74c3d402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 221740
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8080
last-modified: Sun, 27 Feb 2022 11:03:17 GMT
server: cloudflare
etag: "8273879fc92bd81:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGI%2BqftB26Fiiisv3xOawbeHehIzg6LwwQ2LTu%2BVnUjjqKnabfPaw0Ue6621g9Kt%2BDfy524R32vZSkaZ9KaFcSAfS5KSBJqoLjSAei0HmAQrm3OjQRAaylK9gmJ91jU0p9ZL8De%2BAJ%2BI5DQ8y%2FdZ3w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb93ff9d1f5c26-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 200 Villareal2018_7_29_14_53.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/ 9 KB
9 KB 71ms
70ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/Villareal2018_7_29_14_53.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f72aae04cff9595dc5dd9335e71257b3df1eebc78672f700ff83c3e863b3e3fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 99640
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8829
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 12:55:30 GMT
server: cloudflare
etag: "41554a6e3b27d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25FaFOCyrg%2ByTNJa5deZQLggUCWmb0wfM91bfMak5w47Re9jpLP0zhV6W%2BwdjMMZ90kgaksmuO2aNAwppu%2Fiivm4mVuiqgV8npzi%2B6UrSs1R9l4QVqIX4V8hFJD3qBU4TxYeTeRD8wto2iTHh8tZyg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb93ffedf85c26-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Osasuna2019_7_14_16_48.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2019/7/14/ 7 KB
7 KB 68ms
68ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2019/7/14/Osasuna2019_7_14_16_48.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 13cc628913dd7c9735028a0d829a31b219ed4854881343cf78f11b938009d33b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78764
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6960
cf-bgj: h2pri
last-modified: Sun, 14 Jul 2019 14:48:14 GMT
server: cloudflare
etag: "faa1602a533ad51:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPIsKJ3Ii2sOgEI92zGIOcyKKfwrzaUirclULCMMer6pkrPortvoQogJrIdS4Te6ESnc2A358JjHRY4TWBQU7PNubjVqUz6j81P7XdKmQFCeNpjAobPuYhjaJtTZFmO7d%2FZLiRtVMhucT9a1NHFHmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9400582392c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Sampdoria2018_7_29_15_7.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/ 5 KB
5 KB 37ms
36ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/Sampdoria2018_7_29_15_7.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 821b1cf475b9bb9c9a81d02c30c31ee3f4eb1dbc30e766541789150a03cdd987

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78764
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4846
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 13:09:31 GMT
server: cloudflare
etag: "a13171633d27d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DH%2Bi39Gua2oE71lFeB9pgi81OkMIHkAGgRni0Dh9boimuppcUvcPeZ7KhUnqPBA1tlIVBoGPQHYp1UjoYg7WvRbxF8n44gfIConRcxqVvGXgX6GU%2BRU0690sCHH4zveXO7XNwbmINhZTwHZZ9zGXSg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9400c8ed92c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 ASRoma2018_7_29_15_7.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/ 7 KB
8 KB 35ms
35ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/ASRoma2018_7_29_15_7.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2f7bd0c73018f9c34a0a959f791da61431910dda0ef204b164ea1539255339db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78764
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7548
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 13:09:10 GMT
server: cloudflare
etag: "c1e699563d27d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1DW5NTNRlr9zaoN1Tm9ujGfWEcvRYyOFvsWsPc9tyIs2Ah2cR0ENksPcYAb9xNbgwMcf0IDGJ%2Fu2FrD8ALEYtmfmkPwZ0yto950mUKPqdCFTabyt2SHdM5rmhR3R8cbNl3%2FmF%2F2lDM9mq5k4l95Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9400f97992c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Lecce2019_7_14_16_55.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2019/7/14/ 8 KB
8 KB 57ms
57ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2019/7/14/Lecce2019_7_14_16_55.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 18452602462c179cc4f3cc1133318a00ddb0dc9b445411074d179c6f66811181

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78764
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7721
cf-bgj: h2pri
last-modified: Sun, 14 Jul 2019 14:55:18 GMT
server: cloudflare
etag: "b996fc26543ad51:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BN0JL81gdi7xhfezrdJrcWSEeYKrKtXKcM9pSO65H6YnxS4QhJZwsztlgIbT9emzC3oxnEzlqwTU67V%2BbDDXClzBO%2FxrbvnOX%2BT%2F8Vg7iufdN2jlhG3%2FLjPxxY9Ho%2Fw4PLe3FM%2BdAa7qwBfJnyTYYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb940139f392c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Fiorentina2018_7_29_15_7.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/ 5 KB
6 KB 60ms
60ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2018/7/29/Fiorentina2018_7_29_15_7.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 898ff2b1ce00f443c1e78502947912b42d9778f34b2ca10a6df59b56b8b0df5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78765
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5435
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 13:09:49 GMT
server: cloudflare
etag: "41164b6e3d27d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i79XjdynIyxFk7m97OGkJkB%2FWBJC%2FDD9fq5Iztb1OP3xUFebOlqZDl%2BIRA0PE2oSn%2BHwE7MZDEn7%2FrdV7jAZb2FakZQMVy6fgNHBIzqldP4Pxyh6qDd1%2F%2BEXbvCcfEq9UGEBqOMaj5z1fxAyf9SiMw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb94019abc92c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Ankaragucu2021_7_15_16_21.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2021/7/15/ 8 KB
9 KB 40ms
39ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2021/7/15/Ankaragucu2021_7_15_16_21.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7725139453ed3eeafd6e094c93cc589da71d5ce68419923b1d99032fdb637efb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78765
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8443
cf-bgj: h2pri
last-modified: Thu, 15 Jul 2021 14:21:25 GMT
server: cloudflare
etag: "9c1cf7b18479d71:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DkJc4CnEpaAhlgTewGa7JdAluEfGQkBpybE%2FUrexSOMHymoHppKbJGbKA0x2kvn7zc%2FdvDEWxSnsEGT%2FcE6gg1uidgCpA0X4jzliBF3IY4tQYvsEexsFOqj9%2BW5%2Fh%2BtOVVVzoQ2LR6Dm5JYPWGsHA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9401fb8f92c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Fenerbahce2018_8_12_13_1.jpg
media.gemini.media/img/yallakora/IOSTeams//80//2018/8/12/ 10 KB
11 KB 42ms
41ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//80//2018/8/12/Fenerbahce2018_8_12_13_1.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 94f416a5e2b0810bc1238c695ced3e7f0722e2e38385a4fbad2dbd36f73f64e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78765
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10617
cf-bgj: h2pri
last-modified: Sun, 12 Aug 2018 11:01:43 GMT
server: cloudflare
etag: "fb66c8da2b32d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APNH66H8WE4VzVzJ8Io7VEwsvpwMrzQkpeS4VjwW34biYgr5ewIUKKyZn3TB1sCiYETU8s9ve5GAwY3TZwbuQd4VqbN1YP%2BWeKe5jB1DYwiC0iOwWP%2BCLLkf2vpsdQ8JlefiH95jtOe6Vmu6nCozFw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb94023c3c92c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Untitled-15-9-2022-2-5-17.jpg
media.gemini.media/img/yallakora/Players//Players/ 53 KB
53 KB 41ms
40ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Players//Players/Untitled-15-9-2022-2-5-17.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 887cfc65d252ab6d32230aad1d4c0f719f94c6f7e5191fc5bf5ec5338e5bc0f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1107544
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54032
cf-bgj: h2pri
last-modified: Mon, 05 Sep 2022 00:05:17 GMT
server: cloudflare
etag: "8418442ebbc0d81:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5miZDf42wk4nP8gnF3lj0oERdB9XMKvDYqpBlaSenLnsoSw2iAm0wWhHri9cMI3uwdG%2Bk0iSoe5yFmSWLJuTJ1tLg%2BzD9i%2B6YM%2FGBRaw3fX5g3Ap23F2OlWZUF7r4I9S9mjlDq9btrDuBE%2BPB1jLuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb94027c9792c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Joselu_3013.png
media.gemini.media/img/yallakora/Players//Players/ 41 KB
41 KB 67ms
66ms Image
image/png 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Players//Players/Joselu_3013.png
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c9a8fa41004fc1508b4c4162d3b9832f3affb9a7815ae37c12e7a22bc7c43511

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1752069
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41673
last-modified: Sat, 23 Feb 2019 21:29:07 GMT
server: cloudflare
etag: "5c08cfbecbd41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKNkAJ6osSRe8oUV92TI30ygs3XqD2AoYclO4PVLqHMGZxf2xymeXyXdu4FMzFuelwlZBw8wFEgZo49MaetY6EgaaR8SLVzztA6nhSmnK2oX1%2B2IKUVfEjwn%2F%2BhnkYtEDTcDhyAzNO3hixiK%2F3dvdw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9402acfa92c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Untitled-15-9-2022-2-7-16.jpg
media.gemini.media/img/yallakora/Players//Players/ 69 KB
69 KB 81ms
78ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Players//Players/Untitled-15-9-2022-2-7-16.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5814798954486522a13b0047005b8f5db368ac7c3dd8c87642e710f47544e753

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 133244
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70277
cf-bgj: h2pri
last-modified: Mon, 05 Sep 2022 00:07:16 GMT
server: cloudflare
etag: "874e5175bbc0d81:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBmdMgRbJsWLlbibu5qJl7AmQlGwpj%2F4OyFFZRSXKYWki%2FvtVQ27bC7izuO%2FB4PCWlMHXyb8e2RjS0xJHAZDNVu6B0YmAFyJR1aLFG1KcYetJYIuHZEmq%2BYpe7%2BpDEqU6KHre8biaWG%2BHXPbJbbYpg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9402ad0992c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 RealMadrid2018_7_29_14_47.jpg
media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/ 16 KB
17 KB 95ms
91ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/RealMadrid2018_7_29_14_47.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 19b7681ad6b2f23f511744340fd8815409918f0a67ccf15edcae821c38bc3cab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2186246
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16404
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 12:49:21 GMT
server: cloudflare
etag: "e1e451923a27d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZ%2FUS1xAzQwUVrenQrnyI1FsSljZ1cPzWscdzVbaLx6i9sUU6qm3gwUQNeV54zeinK%2FCGYBlidsbJ6jhRoSm3Bv80HaAD5wvgA7oiOB6Xbd%2FcgWIE1XJrsZP%2FHx%2B6Lk22WLQP%2BDF9BPSPaDIb%2BLOOw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9402ad0d92c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Barcelona2018_7_29_14_44.jpg
media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/ 12 KB
12 KB 97ms
94ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/Barcelona2018_7_29_14_44.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9f0f48a2d2a64bc67024f0a3c8cc14d9b1c7ae15955181bd3311a1f54a57d024

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1034897
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11976
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 12:46:29 GMT
server: cloudflare
etag: "1c8c42b3a27d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PeTLyG7pGDhoPWpOKtWW%2BiY7luU8DjbABdzTpml8BxvuQo7D2ovGJiBqwoWRsONaMB0%2BBTKrYWnK4dsEoVF44WmFvcDHBgjgAIMOx1XiOyCE3QgcW4fFVKmgwQf%2Fz5HEqC6%2BIskSLENa1DYfxoJV%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9402ad1092c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 AtleticoMadrid2018_7_29_14_46.jpg
media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/ 7 KB
8 KB 102ms
99ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/AtleticoMadrid2018_7_29_14_46.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1bc184be377d70bbfdb7533905e9031817d52cfe8e978bc00a31893b49c23a11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1823165
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7508
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 12:48:30 GMT
server: cloudflare
etag: "a1dd8a733a27d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9sXGXgRcyFaxkKoLCZOlqEX5FDhRW8epOWUwNBhwctaEesHbLQAaPDURr98Rc7Px8jub74jeLtgfdBPuLkXm2TbxFcaIDoPtgKRHNjQlYQQtiEitfOkTywOKPMOHCWQ5sSugCcgjeJod0CEASxgsVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9402ad1392c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Sevilla2018_7_29_14_45.jpg
media.gemini.media/img/yallakora/IOSTeams/40//2018/7/29/ 3 KB
3 KB 106ms
103ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams/40//2018/7/29/Sevilla2018_7_29_14_45.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 59e2f489c540cb69ebadfe2bf3ffe3c1921b608c09d9e70d410a647ba21d09cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1126354
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2883
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 12:47:33 GMT
server: cloudflare
etag: "1b2b4513a27d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzY6jgJ71%2FWezVZOCnFaW4EpanbUdxqLtj%2Bf5WqPI5OYmfQkb3f9%2BM5XE%2FifsTy%2FbeQdoMFZxkDYxjt2xKocwAsRy3MoKEjCdtPLD%2F2VOfY372GapY41zCETXypxnNWi8tWhTlfQjCRnTNygGT6r1g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9402ad1992c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Valencia2018_7_29_14_44.jpg
media.gemini.media/img/yallakora/IOSTeams/40//2018/7/29/ 3 KB
3 KB 107ms
104ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams/40//2018/7/29/Valencia2018_7_29_14_44.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4ca0f96b69c1db1ae3b894e171a7bebd30619347b22feeddeb1e855b5f91175a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 98420
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2572
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 12:46:15 GMT
server: cloudflare
etag: "1c110233a27d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSy%2Bd2lwqz9bjI%2F0sQzn00yXweBLUiBS9WoAix3ofPVvI3OBTGetCrzj9SNYPEnb0ujqDszxA5Tg9HGOhLOJSNvhB7HljTsbXqgis%2FAFVuAKg4IEd%2F3PiFWB8IpSzQ9DLCRM%2B2nTE5sQfa27cpf2qA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9402ad1b92c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 Getafe2018_7_29_14_53.jpg
media.gemini.media/img/yallakora/IOSTeams/40//2018/7/29/ 4 KB
5 KB 107ms
104ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams/40//2018/7/29/Getafe2018_7_29_14_53.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8fb375863601548c8a58510189699ce2ef8b36940559eb5e605eced26019a636

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89490
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4044
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 12:55:47 GMT
server: cloudflare
etag: "817576783b27d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URLfsnd7h%2Frp%2F4SKtfYwatiYvqWYObeHBNQjQeS1xSf1olmxydVuC%2FfbLIaSkad6AdoYK2930sfXi6JnNhuLz2azlzDDw5Jcxz0JMEUf9SCVZdyvAuaj8jqFGNb8aJpercGZuwgKnvWWZ79Rpy2%2FiA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9402ad2192c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 AthleticBilbao2018_7_29_14_44.jpg
media.gemini.media/img/yallakora/IOSTeams/40//2018/7/29/ 2 KB
3 KB 107ms
105ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams/40//2018/7/29/AthleticBilbao2018_7_29_14_44.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e2aebef5ce63ce72dd804a69aacc09e3da179e3dad35fe41bf6192fdfd87550f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 88892
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2534
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 12:45:57 GMT
server: cloudflare
etag: "812c8a183a27d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOQO0qu6aZe4hWwn9LD76D4dI9ksTDAjvTRsPErDxOjTm9IHe%2BPzTPB9O%2B1YHjSpyvplBGvWe3RUyb8o4jGZ7P53SKLuYEeCs57yT%2BsbwehLDLky7g%2FgRVOgQUx0JLa5SlXi16dV7BXfSCNmhvrRfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9402ad2492c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 AtleticoMadrid2018_7_29_14_46.jpg
media.gemini.media/img/yallakora/IOSTeams/40//2018/7/29/ 2 KB
3 KB 108ms
105ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams/40//2018/7/29/AtleticoMadrid2018_7_29_14_46.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fc3ffd6b75e50ac42c503a098ace35680047984f1c3515b681c3143f0251a11d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3151
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2267
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 12:48:30 GMT
server: cloudflare
etag: "81b983733a27d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZKKtgODfCkNpV6MzzSaCG%2Fc4zDAE190TXugn9A8ZiZcWxd6UtcUgzFyv79X00GbU7d%2FJwbLrglx8B31yCYYQT3eGwE%2F6FnjttQsXb6mEYYMm5SEN5ODXs83%2B7VkCOFZvhzDm2qc7Qc8sCs1tr0dWvA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9402ad2692c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 RayoVallecano2021_9_5_14_18.jpg
media.gemini.media/img/yallakora/IOSTeams/40//2021/9/5/ 3 KB
3 KB 108ms
106ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams/40//2021/9/5/RayoVallecano2021_9_5_14_18.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7716e73394e512a606736b944852ebcdd693eac6bb0dd7f0c9c8b320ea920868

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3176
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2967
cf-bgj: h2pri
last-modified: Sun, 05 Sep 2021 12:18:01 GMT
server: cloudflare
etag: "ff604a1250a2d71:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uC6iwSK9vgdmleJrzexj8k9jz0c7utpgmP%2BnBFfjBqzusyFzmJ7pWuwmd9SQRzvzf2PeiJLGBJklj1t%2FfvCk2d1svyqF2YdfUx8xJKr2EZQLMWAiV3T%2BA8Fs%2B8lvv3sOSUeXMXrpmTfoHIwxPsnhsA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9402ad2992c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 ykLogo.png
media.gemini.media/img/yallakora/staticimages/ 8 KB
8 KB 108ms
106ms Image
image/png 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/staticimages/ykLogo.png
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6c34e9a64fd79b324b935ab3ecc8b513554ea5ef3cc1d11a7cbfefcb74c3d402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1064086
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8080
last-modified: Sun, 27 Feb 2022 11:03:21 GMT
server: cloudflare
etag: "4e8ec9a1c92bd81:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1zX1Ok%2Fedgef6qav0vKJ90%2Bt5uqpiK7Gyun6EWgPi8r2HY1aMN3yGT%2FbBiFsauPuxvWBPJTSi4cvHyM%2FaoCJN10%2BLEr3A1mM4V5HpoU8T6flNH89nmnTi24faS6MFw%2BAKx4PBYLJi41yuOwUf4gUvw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9402ad2b92c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 410 1078.js
script.crazyegg.com/pages/scripts/0069/ 0
0 105ms
32ms Script
application/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0069/1078.js
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
last-modified: Mon, 17 Oct 2022 12:35:15 GMT
server: cloudflare
age: 26268
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 75bb940318bf5b32-FRA
content-length: 0

GET
H2 200 bell-icon.png
cdnimg.izooto.com/icons/7/ 5 KB
5 KB 69ms
57ms Image
image/png 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnimg.izooto.com/icons/7/bell-icon.png

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b84c83d41cbea8ebbf8cb8228c635ea4d175deb0fb8f5d629cb57957b0fd4de2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
age: 1324842
cf-polished: origSize=5865
content-length: 4646
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Fri, 19 Jun 2020 07:32:02 GMT
server: cloudflare
etag: "5eec69f2-16e9"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 75bb9402bbaf916a-FRA
expires: Fri, 21 Apr 2023 19:53:03 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 17 Oct 2022 19:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2226
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 17 Oct 2022 21:15:57 GMT

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 222 KB
54 KB 54ms
52ms Script
application/javascript 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/a0e1f72be7d69fe7b47acade32a261ad5c080d74.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39ef03d0aca8f63478b413d6b9326687b503dd7d6516faa6f446b346b03d8d8d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 17 Oct 2022 10:56:09 GMT
server: cloudflare
age: 32155
etag: W/"634d34c9-378cb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 75bb9402ab9a916a-FRA
x-xss-protection: 1; mode=block
expires: Thu, 17 Nov 2022 19:53:03 GMT

GET
H2 200 gutters-2.jpg
ads.gemini.media/2022/April/WE/Rims/Rims/ 169 KB
170 KB 250ms
89ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.gemini.media/2022/April/WE/Rims/Rims/gutters-2.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2975f9c21af6e85c80800759ca7ca780cbad9657ae8c1238eb3d6bb04f61656c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1174634
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 173456
cf-bgj: h2pri
last-modified: Sat, 30 Apr 2022 00:39:59 GMT
server: cloudflare
etag: "35df36d22a5cd81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m5C%2BFh%2FOOZ%2FVYe2pLeGfmhM4zVWplm9bs%2FRuX0g5PMohxotAaPel5WWl7Hki%2FbwsZv2bZkxHCtl8cnI8Ji4kSMMF4vkwA7cwRNW6SqbaldKnPfTH7XynVhDB%2FJdSJLeJWMTPCPgwg3XJehkQNXc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 75bb9403cdcb5c26-FRA

GET
H2 200 gutters-1.jpg
ads.gemini.media/2022/April/WE/Rims/Rims/ 150 KB
151 KB 219ms
65ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.gemini.media/2022/April/WE/Rims/Rims/gutters-1.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5ae0fa8e75fae52d2a4cdfe986dbfd1469f7add01d3e4324f763db70d9f2aa80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 765546
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 154027
cf-bgj: h2pri
last-modified: Sat, 30 Apr 2022 00:39:38 GMT
server: cloudflare
etag: "6324b0c52a5cd81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9IDzcx0bukba%2B3vT8nJylyMACmGa7ygNEV%2BiAiMni7t%2BC3vql9sDA%2BcOnS2qNVCDfdBizH798EuV92P4iVo8uJXtXh3f1fMdH%2FWuk0sWXOGnlKNeT6FSl%2BF6hnaKEjp1akQTt25wbloBQ4D16E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 75bb9403cdcf5c26-FRA

GET
H2 200 droidkufi-regular.woff
www.yallakora.com/fonts/ 42 KB
42 KB 56ms
55ms Font
application/font-woff 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/fonts/droidkufi-regular.woff
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.css?ver=57.40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 693dade10b46065ed48dbd1908c839ad28e666649be40350de16010e8abaf3f5

Request headers

Referer: https://www.yallakora.com/Content/Style.css?ver=57.40
Origin: https://www.yallakora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Jun 2021 15:42:11 GMT
server: cloudflare
age: 541974
etag: W/"8a68d92df5ed71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 75bb9402db15bb4f-FRA

GET
H2 200 ykicons.woff
www.yallakora.com/fonts/ 8 KB
8 KB 50ms
50ms Font
application/font-woff 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/fonts/ykicons.woff?ref=5.1
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.css?ver=57.40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f7f17076ad2c067e34c60268f264719870616baa86fa6d372d9daaa2eb89498b

Request headers

Referer: https://www.yallakora.com/Content/Style.css?ver=57.40
Origin: https://www.yallakora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Mar 2022 16:41:42 GMT
server: cloudflare
age: 384145
etag: W/"ddf7d4b5b3ed81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 75bb9402db18bb4f-FRA

GET
H3 200 pubads_impl_2022101301.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
128 KB 66ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1af2148d7bd5e2a0c9ddc1c5b9ff072996852f4f11ebc19695ba4ee08ddb9c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:20:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5528
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131264
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 15:30:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 17 Oct 2023 18:20:55 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 762 B
302 B 74ms
30ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.yallakora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d51235d2c0cab04859f1df2458d94ee7db7eaa4a956dde8f9cfcebe7aeb3bbc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 277
x-xss-protection: 0
expires: Mon, 17 Oct 2022 19:53:03 GMT

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 24 B
314 B 168ms
59ms XHR
application/json 52.30.246.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15758/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.246.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-246-43.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 3499c2bfdc525e4672c8a2d78d7fb89e7cadd4b4c84a58daf8c30f3a2c7cee59

Request headers

Referer: https://www.yallakora.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

expires: 0
pragma: no-cache
date: Mon, 17 Oct 2022 19:53:03 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.yallakora.com
cache-control: no-cache
x-server: 10.45.8.155
access-control-allow-credentials: true
content-length: 24
x-consent: absent

GET
H2 200 droidkufi-bold.woff
www.yallakora.com/fonts/ 42 KB
42 KB 55ms
54ms Font
application/font-woff 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/fonts/droidkufi-bold.woff
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.css?ver=57.40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b5feee7a5d40a953995b630a5c85e83d3f173baa845310b5b4c66336cdd89cac

Request headers

Referer: https://www.yallakora.com/Content/Style.css?ver=57.40
Origin: https://www.yallakora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Jun 2021 15:42:11 GMT
server: cloudflare
age: 469739
etag: W/"76f3c32df5ed71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 75bb94030b58bb4f-FRA

GET
H2 200 CenturyGothicLight.woff
www.yallakora.com/fonts/ 68 KB
69 KB 51ms
50ms Font
application/font-woff 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/fonts/CenturyGothicLight.woff
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.css?ver=57.40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e5a3e7a5241d076d56fd7f0accbcc20a89bd047eea36c1eebeca9b10ea1018b2

Request headers

Referer: https://www.yallakora.com/Content/Style.css?ver=57.40
Origin: https://www.yallakora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Jun 2021 15:42:11 GMT
server: cloudflare
age: 492692
etag: W/"e4f1e22df5ed71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
cf-ray: 75bb94030b75bb4f-FRA

GET
H3 200 lazyLoadBG.jpg
media.gemini.media/img/yallakora/staticimages/ 8 KB
9 KB 48ms
48ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/staticimages/lazyLoadBG.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.css?ver=57.40
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 86fe7f6d887d87d1339f3a295124ba67c17527154144fc6171c3ddaf54d29be3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1063369
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8459
cf-bgj: h2pri
last-modified: Mon, 28 Feb 2022 13:03:54 GMT
server: cloudflare
etag: "698996a3a32cd81:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vj1Z3p7kvAZ6JOF5FOAP1Gr6R6qKWFafNJV7MLe8krL7ppnZKxMWVvvKRLU7gUwtwbtvcLRmI8Eo3eU6awFa%2BJ80azejYDzl%2BmVtDNNexn9EeGKhoDvdRBMoFKtHkziHfIKv8ZBz5LIRLtHa13QWjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb94032e0392c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 200 iz_setcid.html Show response
cdn.izooto.com/scripts/sak/ Frame EF79 4 KB
1 KB 42ms
41ms Document
text/html 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cebfa75512f12a4d2f05cacae40f83ddc3e1efaf90aba3d5c9eabe0625a94858

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.yallakora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 1321827
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 75bb94034d2f916a-FRA
content-encoding: br
content-type: text/html
date: Mon, 17 Oct 2022 19:53:03 GMT
expires: Thu, 17 Nov 2022 19:53:03 GMT
last-modified: Tue, 05 Apr 2022 12:00:20 GMT
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 70ms
27ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=600219828&t=pageview&_s=1&dl=https%3A%2F%2Fwww.yallakora.com%2F&dp=%2Fmainpage&ul=en-us&de=UTF-8&dt=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%89%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%20%D9%81%D9%89%20%D8%A7%D9%84%D8%B4%D8%B1%D9%82%20%D8%A7%D9%84%D8%A3%D9%88%D8%B3%D8%B7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=28545262&gjid=259029338&cid=733115516.1666036383&tid=UA-53252402-1&_gid=1367500697.1666036383&_r=1&_slc=1&z=249669465

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.yallakora.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.yallakora.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 57ms
21ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=600219828&t=pageview&_s=2&dl=https%3A%2F%2Fwww.yallakora.com%2F&dp=Gutters%2FWE%20-%20Desktop%20-%20HP%20-%201546%20(Mix%202)&ul=en-us&de=UTF-8&dt=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%89%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%20%D9%81%D9%89%20%D8%A7%D9%84%D8%B4%D8%B1%D9%82%20%D8%A7%D9%84%D8%A3%D9%88%D8%B3%D8%B7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=&gjid=&cid=733115516.1666036383&tid=UA-53252402-1&_gid=1367500697.1666036383&cd2=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9&z=883337600

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 03:37:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 58530
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 56ms
20ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=600219828&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.yallakora.com%2F&ul=en-us&de=UTF-8&dt=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%89%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%20%D9%81%D9%89%20%D8%A7%D9%84%D8%B4%D8%B1%D9%82%20%D8%A7%D9%84%D8%A3%D9%88%D8%B3%D8%B7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Hp%20Poll%20Impresion&ea=%D8%A7%D9%84%D9%81%D8%B1%D9%8A%D9%82-%D8%A7%D9%84%D9%85%D8%B5%D8%B1%D9%8A-%D8%A7%D9%84%D8%A3%D9%81%D8%B6%D9%84-%D9%81%D9%8A-%D8%AA%D9%85%D9%87%D9%8A%D8%AF%D9%8A-%D8%A7%D9%84%D8%A8%D8%B7%D9%88%D9%84%D8%A7%D8%AA-%D8%A7%D9%84%D8%A3%D9%81%D8%B1%D9%8A%D9%82%D9%8A%D8%A9-%D9%87%D9%88-&el=HpPoll%20Impresion&_u=YEBAAEABAAAAACAAI~&jid=&gjid=&cid=733115516.1666036383&tid=UA-53252402-1&_gid=1367500697.1666036383&cd2=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9&z=1167274838

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 03:37:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 58530
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 geminiLogo.png
media.gemini.media/img/yallakora/staticimages/ 5 KB
6 KB 43ms
43ms Image
image/png 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/staticimages/geminiLogo.png
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.css?ver=57.40
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 20968a95e5a911a40d373861cd5ec8215c6c9148a45e4ce53f7bca46033e2e4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1063020
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5572
last-modified: Mon, 28 Feb 2022 13:31:16 GMT
server: cloudflare
etag: "5c2b4176a72cd81:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fDANgVxSUoNGcO%2BOWpubnj1ryNs9uYOrGS2hcxxe3fo3PzlBtJF1xftqzbKX9Arzkbctzk47JnZXKnLNIDz3gSQHcrcBommOeGal%2BoQUAi%2BkjExm1S67O5XAO5mvGd3KTW7HWjFt%2Fntmr0MlX%2BIL0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9403f80592c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 200 integrator.js Show response
adservice.google.sk/adsid/ 107 B
792 B 148ms
33ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.sk/adsid/integrator.js?domain=www.yallakora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 110ms
30ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.yallakora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 142 KB
43 KB 935ms
934ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2490143105744881&correlator=3183074780097299&eid=31068458%2C31070375%2C44774962&output=ldjh&gdfp_req=1&vrg=2022101301&ptt=17&impl=fifs&iu_parts=96551095%2CV3_Yallakora%2CDesktop%2CLeaderBoard%2CMediumRectangle%2CLeaderBoard2%2CMediumRectangle2&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6&prev_iu_szs=728x250%7C728x90%7C970x250%7C970x150%2C300x600%7C300x250%2C728x250%7C728x90%7C970x250%7C970x150%2C300x250&ifi=1&adks=1757246092%2C654180131%2C1742389685%2C1208294007&sfv=1-0-38&fsapi=false&cust_params=Yallakora%3DHome&sc=1&cookie_enabled=1&abxe=1&dt=1666036383405&lmt=1666036383&dlt=1666036382201&idt=1168&adxs=1324%2C562%2C1164%2C562&adys=764%2C244%2C1851%2C1891&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.yallakora.com%2F&frm=20&vis=1&psz=0x0%7C0x0%7C0x0%7C0x0&msz=0x0%7C0x0%7C0x0%7C0x0&fws=4%2C4%2C4%2C4&ohw=1600%2C300%2C1600%2C300&ga_vid=733115516.1666036383&ga_sid=1666036383&ga_hid=600219828&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ca9264953cc7bc4dab5b915a1fe5a5d70c333607438597814b89aa55895dfd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43677
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.yallakora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C3A8 6 KB
4 KB 209ms
90ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yallakora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:53:03 GMT
expires: Tue, 17 Oct 2023 19:53:03 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 90ms
29ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-53252402-1&cid=733115516.1666036383&jid=28545262&gjid=259029338&_gid=1367500697.1666036383&_u=IEBAAEAAAAAAACAAI~&z=1979396598

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e8e0475582ab3e866b093f14c52982006a8112d6a2833b0cd999cb8368b0f50d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.yallakora.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 17 Oct 2022 19:53:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.yallakora.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 invisible.js Show response
www.yallakora.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 6B50 39 KB
14 KB 31ms
31ms Script
application/javascript 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1666022400
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0febc807f52f524ceb199f9c29513525542c28543453580d6c4775b0d47e9750

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 75bb94048f53bb4f-FRA

GET
H2 200 GetLocation Show response
www.yallakora.com//General/ 204 B
249 B 130ms
129ms XHR
application/json 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com//General/GetLocation
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/bundles/Layout?v=ik3RNJNtkislbytZgVA2Vdcw0rnO1HQ_Jhil8agxBYw1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f4a23b131ab35b0dab5d4eec2607bf3cc92c197c7282b09c30c4055faa40ca9b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.yallakora.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
content-encoding: br
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: private
cf-ray: 75bb94049f75bb4f-FRA

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=600219828&t=event&ni=1&_s=4&dl=https%3A%2F%2Fwww.yallakora.com%2F&ul=en-us&de=UTF-8&dt=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%89%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%20%D9%81%D9%89%20%D8%A7%D9%84%D8%B4%D8%B1%D9%82%20%D8%A7%D9%84%D8%A3%D9%88%D8%B3%D8%B7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Location&ea=NotSavedInCookie&el=NoCountry&_u=aEBAAEABAAAAACAAI~&jid=&gjid=&cid=733115516.1666036383&tid=UA-53252402-1&_gid=1367500697.1666036383&cd2=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9&z=624713504

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 03:37:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 58530
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 untitled2019_12_2_17_57.jpg
media.gemini.media/img/yallakora/normal//2019/12/2/ 44 KB
45 KB 57ms
56ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/normal//2019/12/2/untitled2019_12_2_17_57.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 88c9d5ee53599dc2556c789bc4100f4828f915745a1d6c7d8f8934db7fbcf5e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15685
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45539
cf-bgj: h2pri
last-modified: Mon, 02 Dec 2019 15:57:35 GMT
server: cloudflare
etag: "737bc3729a9d51:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6b22c5xQBqie4ABrxnLoU9vBGx6AxmwU3yf1aBLCBRtsqIZ3dZuxBCZ3zb2JWN7QeIMokQRjtbaYlRPTgzPZNIK7NCcBqytw8MqLjkCYmOYVaa6cRJ7QlvZm3TYaOP10gOh58JWbt69OwCRX8mY%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9404996a92c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 %D8%B5%D9%84%D8%A7%D8%AD2022_10_17_21_34.jpg
media.gemini.media/img/yallakora/Wide//2022/10/17/ 21 KB
22 KB 80ms
78ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Wide//2022/10/17/%D8%B5%D9%84%D8%A7%D8%AD2022_10_17_21_34.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9744ea2e7a8a464a0832ae5913e5a6bd923916db589ad0210cc7ae4d7b9ef459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 709
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21573
cf-bgj: h2pri
last-modified: Mon, 17 Oct 2022 19:34:45 GMT
server: cloudflare
etag: "d59d7835fe2d81:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28geBm%2FnTn3sfhjibhBipqnricKm8ortOb67egCITl68LeEtxSaWAtroeSnCfJIjhiQgcNeugZRxcP4TpFNsd%2Bh9x8NUnVvR5cUq35c2Lx9AX7uGJa8HkK6ENnQ4vhRKluxjkVsY88QVD0Z7cc6qsA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9404996c92c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 capture2022_10_8_14_12.jpg
media.gemini.media/img/yallakora/Wide//2022/10/8/ 20 KB
21 KB 63ms
60ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Wide//2022/10/8/capture2022_10_8_14_12.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9e4c1867c75615b0c8feae52040194008b61fec6a1d216cf83d57da477a295f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23195
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20618
cf-bgj: h2pri
last-modified: Sat, 08 Oct 2022 12:12:16 GMT
server: cloudflare
etag: "3df59234fdbd81:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d0ijh7C5Y5Nd5XcanCxCJmaMZl%2Bbi7ybj6eOLcxIVNI3RLZzYWRJE8bhGjO5gFG2CBBrZJb352iJCSt2%2BWMILm9Sz%2BSYXL3B8JTYEXvf6Pl00rPo4IOyHevYlvj2nlPbz14QwLZ1NDE5TOWPdKPdQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9404997392c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 large2022_10_17_21_3.jpg
media.gemini.media/img/yallakora/Wide//2022/10/17/ 16 KB
16 KB 45ms
43ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Wide//2022/10/17/large2022_10_17_21_3.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2eaa37f26578030c2a77cc9b8603096882e02118feedaf841be8efefba6b2c43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2884
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15902
cf-bgj: h2pri
last-modified: Mon, 17 Oct 2022 19:03:28 GMT
server: cloudflare
etag: "869b27245be2d81:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4yJhVuAE8f2z9tV6RJOZA1cYaBmoT9T7ObV0v5JOh8AYPQqjqneqpyxMl8UjFFtPjrglsCpt%2FjHOamTkVPOeWrkgznzH5tSpVITjeJAAcMsru9nlQWg8ykOGkxgMCfC9dRT3p%2BJtnK4P1o3WLXBBJw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9404997892c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 anelkasalah-11221122022_10_17_17_34.jpg
media.gemini.media/img/yallakora/Wide//2022/10/17/ 13 KB
13 KB 78ms
76ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Wide//2022/10/17/anelkasalah-11221122022_10_17_17_34.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: aa5343e089a52e4642aaa762b491cd9d50c9875f55478fb1c182d8042cb853ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13100
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12809
cf-bgj: h2pri
last-modified: Mon, 17 Oct 2022 15:34:53 GMT
server: cloudflare
etag: "47f46703ee2d81:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2FtacCIODiO3zL8cIKR8crW%2F0FwXhnE9epT9%2BtrcmBnVlJdqx8IFSTb5TLri%2FGw8tEHSHwrhzbXj9Pto5PBaRF22z%2Fj6RlOIhPS9iUs6g6BmleqWwdqXB4bKSp3iW3sxDuiIkNyKFBXM4FhX2s9Q7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9404997a92c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 %D9%83%D9%88%D8%B1%D8%AA%D9%88%D8%A72022_10_17_21_36.jpg
media.gemini.media/img/yallakora/Wide//2022/10/17/ 15 KB
15 KB 47ms
45ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Wide//2022/10/17/%D9%83%D9%88%D8%B1%D8%AA%D9%88%D8%A72022_10_17_21_36.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a4d654c9cadb674793ea1565ab4488ea8d6c49204b41028e6aa28fc48f45895b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 521
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15067
cf-bgj: h2pri
last-modified: Mon, 17 Oct 2022 19:36:28 GMT
server: cloudflare
etag: "ebc372c05fe2d81:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6za14rPjjwtdFXV79NgMk8daHijvvrykc6hcC3%2FRpjHYckRtoX2SuIcoPRJg1TzdaM7tDe2GJe5fUmw95UBedRATE8cl25AYfA50jcxNfeakysVrAOvXaDzkOjz5PUD087FWGgcADDu%2F4qWWMXSP1w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9404997b92c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 fadxigcxgaazsii2022_8_13_18_12.jpg
media.gemini.media/img/yallakora/Wide//2022/8/13/ 37 KB
38 KB 69ms
67ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Wide//2022/8/13/fadxigcxgaazsii2022_8_13_18_12.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b7f7a386494436726b54b513ee9e1238f88e8de4e3eeb8c1fad6491ef316ed8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38261
cf-bgj: h2pri
last-modified: Sat, 13 Aug 2022 16:12:43 GMT
server: cloudflare
etag: "a88f11852fafd81:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zdl%2ByMgQdyz%2FBc0SJUFdXQj%2Fq9cApeLELW8V%2BN5vtCd%2BVle1b6lpi%2BSBZgqwEJkHkRul27swlpnTMMyuFAoxUrJxo9nW26QPRPj4gZV6BqeoQuHLJ8BkKkFnTV%2FuRm3e%2BzRP9HjKdvugQBvI5jYOfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9404997c92c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 %D8%A7%D9%85%D8%A7%D8%B2%D9%88%D9%86-%D8%B3%D8%A8%D8%B1%D8%A7%D9%8A2022_10_17_19_45.jpg
media.gemini.media/img/yallakora/Wide//2022/10/17/ 12 KB
12 KB 65ms
63ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Wide//2022/10/17/%D8%A7%D9%85%D8%A7%D8%B2%D9%88%D9%86-%D8%B3%D8%A8%D8%B1%D8%A7%D9%8A2022_10_17_19_45.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e4c36de7a54e400c4184602da89febfd47cfce642101a375a26e273a2f81aa2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7371
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12144
cf-bgj: h2pri
last-modified: Mon, 17 Oct 2022 17:45:13 GMT
server: cloudflare
etag: "25e9d43550e2d81:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1lg1ZI1%2By4NdCSss9KaIB7MHzTBbu0wxwHv%2FBCXWfm4bAvdbeZUNI%2FEOU%2BtdXKDsoYcMTpwSVeJrQeII2%2F%2BrS3w%2BJBWxlsJyvM1yBvlh5FZcNsZwa4pggg10qmmbFQRZtGer0JmMc6hkO8kM64iSA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9404997e92c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 capture2022_8_16_20_55.jpg
media.gemini.media/img/yallakora/Wide//2022/8/16/ 32 KB
33 KB 77ms
75ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Wide//2022/8/16/capture2022_8_16_20_55.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2b610e64635913a29b9146c1a8c9b038edb0853370a6ad7eed0926d94690d6be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11378
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32887
cf-bgj: h2pri
last-modified: Tue, 16 Aug 2022 18:55:36 GMT
server: cloudflare
etag: "fde883c5a1b1d81:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7h292hdb0cejnj5zHDyvTvgUX1%2FTfmgiwP5yHZAdTNXsQCOX4bEiKCdmO4nhm3AMle%2BTjI4aTmd0HFqj2AnI3Com4Sj7tJU6S5LKxNWZ9qTvMIYsyOhcEEu35yNdUpXPx6tS93ghZnf9gLxvnVDTsw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9404997f92c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 %D9%8A%D8%AD%D9%8A%D9%89-%D8%A7%D9%84%D9%83%D9%88%D9%85%D9%8A2022_8_11_23_37.jpg
media.gemini.media/img/yallakora/Wide//2022/8/11/ 16 KB
16 KB 50ms
48ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Wide//2022/8/11/%D9%8A%D8%AD%D9%8A%D9%89-%D8%A7%D9%84%D9%83%D9%88%D9%85%D9%8A2022_8_11_23_37.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9ee157d711d98786aaf06b8333223eca37d33d0c30dbff00aa40849f4bddc229

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 166146
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16219
cf-bgj: h2pri
last-modified: Thu, 11 Aug 2022 21:37:26 GMT
server: cloudflare
etag: "709da18ccaadd81:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8KtEnzJHeNOQd1L9VDdFZgj%2BgnVh%2BZKhqiKf6Hdv7kipgTLbmS4w4avKnrthUWcX8nCuJkreAxVorxnp18zhLGeS5TY2uj%2BuXEboByz2gIt5aFVjxltH%2Fj%2FvZz4qg7mEwTne5f%2B%2FgrE2Z7fhZxrOw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9404998292c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 310895885-1199623374235500-3217215169507873292-n2022_10_9_15_33.jpg
media.gemini.media/img/yallakora/Wide//2022/10/9/ 13 KB
13 KB 66ms
64ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Wide//2022/10/9/310895885-1199623374235500-3217215169507873292-n2022_10_9_15_33.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e22f8453e5ddb31ab328f2cf016eb5279f679cb155cc376738c379bfc16b8a40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20055
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12850
cf-bgj: h2pri
last-modified: Sun, 09 Oct 2022 13:33:31 GMT
server: cloudflare
etag: "d730b8b8e3dbd81:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1gxojNpCIjJDge8PSSbVchi9Wae1rux89R0b4G%2F3VSBEu1Eqh7GLHWu1R5dLkU589jwrRyI92a%2BUwYWUO3CW7ct%2FX9cZ79gWU4hebBmiSo36rLL3AbNfQq8EjV%2FKysguJ9z3L%2BtBCjpCZWJTUpnSFg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9404998392c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 217807502-2157252351240159-5542716654522005593-n-610308ad8128b2022_7_26_23_30.jpg
media.gemini.media/img/yallakora/Wide//2022/7/26/ 12 KB
13 KB 66ms
64ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Wide//2022/7/26/217807502-2157252351240159-5542716654522005593-n-610308ad8128b2022_7_26_23_30.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dd2b0d7f50497b1820556f3413706fdc5c52488ea8eb28600b5dc6fe80893bcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20506
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12779
cf-bgj: h2pri
last-modified: Tue, 26 Jul 2022 21:30:17 GMT
server: cloudflare
etag: "6db4ce636a1d81:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1i4Evv9EFthoh%2BKflbHOpH5ojqpAdcNxolrVXXdc3o%2BtajQCFVQb8g9H9Ej9R1mLcqQ846qO0YanA1nMkn9sdeC5lRSUvvXxAxwf%2BISJLblKcs1kM0msdHkEuR1XcvAJaEKONh8DL5ToZE2Izn8h7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9404998492c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 maxresdefault2022_10_17_15_53.jpg
media.gemini.media/img/yallakora/Wide//2022/10/17/ 24 KB
25 KB 67ms
65ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Wide//2022/10/17/maxresdefault2022_10_17_15_53.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f515d0b4bac725ccd0b10b5a56b54abf8b9f556e7984a83d59780f11468fc58f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20235
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24988
cf-bgj: h2pri
last-modified: Mon, 17 Oct 2022 13:53:55 GMT
server: cloudflare
etag: "b91221e62fe2d81:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dq3Jhw2SXx5CdKpUSuowtOhsbxigo6GAl8FDVsOhwGsykvw%2BZ3fRBBRAoN66%2B2%2FwRTVy00cBMLS1HhmJCD62FRd1XB78U01mDPxaRLMQddlLe92MMbdUOW1DaoqbUNrda17F1H7WTnaex4bb0bOjVw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb9404998692c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H3 200 %D8%B5%D9%84%D8%A7%D8%AD2022_5_10_20_32.jpg
media.gemini.media/img/yallakora/Wide//2022/5/10/ 18 KB
19 KB 83ms
82ms Image
image/jpeg 2606:4700:20::681a:4a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/Wide//2022/5/10/%D8%B5%D9%84%D8%A7%D8%AD2022_5_10_20_32.jpg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:4a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bbdb7965607a0a35785f6735e2b75c3e525d988be73f87638dfda923653b58e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21458
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18640
cf-bgj: h2pri
last-modified: Tue, 10 May 2022 18:32:38 GMT
server: cloudflare
etag: "58acb2539c64d81:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2B9B%2BiLbA5nOKd%2Fq70vFev3UKDVzPDHHXcqpKlbAr769zwal1%2FF%2BuDYYWYr5J0Lj16mzsk8mYFDoTRoJMKcfB8uKP6rVWFgrE6Xs1oCmWZVZ9X7Squ9uk7LCw2lSanHN9qDFolnoE%2Bt4DKkGzTza5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 75bb940499a592c9-FRA
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 200 check-radio-img.png
www.yallakora.com/Images/ 789 B
936 B 45ms
44ms Image
image/png 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yallakora.com/Images/check-radio-img.png
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/Content/Style.css?ver=57.40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7e52e4fc73e5fbcbc16db9561e5d9c11f5f5b8daf3d15f3000e1eded523cfc8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/Content/Style.css?ver=57.40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
cf-cache-status: HIT
age: 2215069
cf-polished: origSize=1385
x-powered-by: ASP.NET
content-length: 789
cf-bgj: imgq:85,h2pri
last-modified: Wed, 30 May 2018 20:46:52 GMT
server: cloudflare
etag: "c7be75657f8d31:0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://ads.geminimedia-eg.com
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 75bb9404af92bb4f-FRA

GET
H2 200 pica.js
www.yallakora.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 6B50 18 KB
7 KB 37ms
37ms Other
application/javascript 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4ec3048489dc9ca279c8a32ef268bf1753de503d6c68d9ab7607c177f5d22ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 75bb9404d839bb4f-FRA

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 109ms
58ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-53252402-1&cid=733115516.1666036383&jid=28545262&_u=IEBAAEAAAAAAACAAI~&z=116468217

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.sk/ads/ 42 B
501 B 111ms
60ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.sk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-53252402-1&cid=733115516.1666036383&jid=28545262&_u=IEBAAEAAAAAAACAAI~&z=116468217

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 130 KB
49 KB 87ms
38ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NBQG46X

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/bundles/Layout?v=ik3RNJNtkislbytZgVA2Vdcw0rnO1HQ_Jhil8agxBYw1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d4e98862f405e36a32d6fad82a91b14ad3b7619845eb23302a9aaf9e1f683e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49536
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 Oct 2022 19:53:03 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=600219828&t=event&ni=1&_s=5&dl=https%3A%2F%2Fwww.yallakora.com%2F&ul=en-us&de=UTF-8&dt=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%89%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%20%D9%81%D9%89%20%D8%A7%D9%84%D8%B4%D8%B1%D9%82%20%D8%A7%D9%84%D8%A3%D9%88%D8%B3%D8%B7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Location&ea=GetLocation&el=Germany&_u=aEBAAEABAAAAACAAI~&jid=&gjid=&cid=733115516.1666036383&tid=UA-53252402-1&_gid=1367500697.1666036383&cd2=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9&z=356122966

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 03:37:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 58530
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 75bb93fa58b3bb4f Show response
www.yallakora.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 6B50 2 B
312 B 87ms
86ms XHR
text/plain 2606:4700:10::6814:1a43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yallakora.com/cdn-cgi/challenge-platform/h/b/cv/result/75bb93fa58b3bb4f
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1666022400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1a43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
content-encoding: br
server: cloudflare
cf-ray: 75bb94074e09bb4f-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 Footer.js Show response
dashboard.ideanetwork.site/js/Footer/Yallakora/ 15 KB
3 KB 464ms
158ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dashboard.ideanetwork.site/js/Footer/Yallakora/Footer.js?ver=0.4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBQG46X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 700f22b5738b87cd04520bb9e3561ca09a1cb7a5d39ea514e5e06e8c3f0e14c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 317540
cf-polished: origSize=20128
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 07 Oct 2022 03:28:01 GMT
server: cloudflare
etag: W/"633f9cc1-4ea0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mk%2BRrQuiqnvI9OkQ2U1QAs1V1%2F4%2FMd8HR4cTA3Hu5auC9HKRlsE3Ipx68BdvC9CZn03zKPwTWKvOB5gtiu0zUFKZ7fqVBbuJGxCR35KDZDhmmccQVX6iiwafb72NIpDF2tuuis4LHOL%2BOC0A6iIClHRq4W2pq3K7Zg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 75bb9409caf29ae9-MIA
expires: Fri, 21 Oct 2022 03:40:44 GMT

GET
H2 200 www.yallakora.com.js Show response
agorahtag.tech/c/ 37 KB
4 KB 94ms
39ms Script
application/javascript 2606:4700:3032::6815:4ae4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://agorahtag.tech/c/www.yallakora.com.js
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4ae4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8239694397ec889c2703a9bd00b2383d8b86c7d377f5c74ff299a5fea3e81b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:03 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3A5ZWHDHC9N5S2NV
age: 2703
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3397
x-amz-id-2: IFa7j6VShj0HxQQv3r1syiqOc7WMTKvBrRiuRx9anaLZ/AotaMO4tMo8BJ9p0djUF7JXEdF2JDs=
last-modified: Thu, 23 Jun 2022 09:51:34 GMT
server: cloudflare
etag: "502fb774a9df35b755d7205251c23ced"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t9eGi83mhl2VDCudfod4H6Xw5RtWp2yCOYOL79TNF4Hy6kdW89i8HOIlzkZ4Vzn7tGzlEl2lulEGDypQed8u6MoCuSoRjFQciNDz1hjT4e0TE29CGxxECHkl3SPXqoW6w3W5RXGeqi7%2Fw%2BMibQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75bb9407dc0f91f3-FRA

GET
H2 200 projectagora.min.js Show response
aghtag.tech/libs/ 292 KB
86 KB 124ms
60ms Script
application/javascript 2606:4700:3031::ac43:81b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aghtag.tech/libs/projectagora.min.js
Requested by: Host: agorahtag.tech
URL: https://agorahtag.tech/c/www.yallakora.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:81b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd12c5f0ead3fa5f52679f8facf03b8bf51c10a2301de6f1a32ba7ca82550ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:04 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: DAYSJRMSCW4GZ0F0
age: 7085
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 87631
x-amz-id-2: +f4FVYHiPm9unfPmQjWvCedVg/Uv1uicA9YHuFRa/JGqXP8jJuDfSLFjEX4cAROfFOpzIJweVvs=
last-modified: Tue, 11 Oct 2022 07:53:38 GMT
server: cloudflare
etag: "e89ce74aa8e5f6bd01415dbc8471f1fd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzUgenOfvE43MDyjxDbqUIqz62xyMZA471zYs%2BD%2BaEYVlCXuCSmVl%2Fz2N7RFx8q4QmoVNfl%2FZo1VbNEjzeYEw8dPMg9NlIa9FmoMS5cWLfPLKKDSA%2BpXlRCTAs%2F7rw1SWVwdh8zH5P9OaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75bb94088adfbbf1-FRA

GET
H2 200 xtb.min.js Show response
cdn.exitbee.com/ 56 KB
20 KB 471ms
160ms Script
application/javascript 2606:4700:e2::ac40:850b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.exitbee.com/xtb.min.js
Requested by: Host: aghtag.tech
URL: https://aghtag.tech/libs/projectagora.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6541560df8ea35197eeae56b3e0f1b085f7c4e18cf812495c44b1310e27f57c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1835
x-guploader-uploadid: ADPycdsxCAnlBmWsW_Mp74nuMWCGHSIpxXhZkGYngoPt4Fa6tCjhInET_QAxe85u5ZxN5JxxuhqOzPJZaJCtzmGD6CpIbw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 10 Oct 2022 10:39:43 GMT
server: cloudflare
etag: W/"160222351787612bde9dee96ae280f63"
vary: Accept-Encoding
x-goog-hash: crc32c=rEBPtw==, md5=FgIiNReHYSvene6WrigPYw==
x-goog-generation: 1665398383880589
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XYa254CP%2BWHdzmlYtMrfQe5TplUoQsSC8Z5yoYnjoNz5hovLjmdhQdSBV8kHdmmn5Lk6b8dukPg%2FmlTYvsSb0pDkQru3%2BVFMhcduwmmV0fJzJ9nz%2Fr84TNBVm%2FSvJlZ8R6IToNFCEO3Y0j3rzk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 57450
cf-ray: 75bb940b7c0ad9e9-MIA
expires: Mon, 17 Oct 2022 20:22:29 GMT

GET
H3 200 container.html Show response
5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FAA4 6 KB
3 KB 67ms
23ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yallakora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:53:03 GMT
expires: Tue, 17 Oct 2023 19:53:03 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6695 6 KB
3 KB 60ms
22ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yallakora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:53:03 GMT
expires: Tue, 17 Oct 2023 19:53:03 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2185 6 KB
3 KB 42ms
21ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yallakora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:53:03 GMT
expires: Tue, 17 Oct 2023 19:53:03 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
api.ipify.org/ 32 B
216 B 332ms
106ms Script
application/javascript 3.232.242.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp&callback=getIP
Requested by: Host: dashboard.ideanetwork.site
URL: https://dashboard.ideanetwork.site/js/Footer/Yallakora/Footer.js?ver=0.4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.232.242.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-242-170.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 0af68c79fafbd45b6514fb7823270eb98f448b79df3d658dd467fa38edd2d9f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 19:53:04 GMT
Via: 1.1 vegur
Server: Cowboy
Connection: keep-alive
Content-Length: 32
Vary: Origin
Content-Type: application/javascript

GET
H2 200 css
fonts.googleapis.com/ Frame 2185 2 KB
1 KB 80ms
31ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Oct 2022 19:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 19:10:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Oct 2022 19:53:04 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 2185 2 KB
984 B 111ms
46ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:52:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 16:52:11 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2185 0
0 69ms
69ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CfHean7JNY-aXHbyl9u8PpeimiA6tisGXaL2l7q39CofgnevGCxABIIe-3j9gwAWgAfmR1J8DyAEJqQKzE3wBIWuwPuACAKgDAcgDywSqBOQBT9DkDFUV2i35fyQGaCh6vaCyime5BJlFZwJZySXz5Vm_cKh2lI16d_SAMCFwe6ppu5U4OOlvzatv8mHKvbpp26T_gyEE8dMYQfcbgbQS9YS6lM9ZaMg5d5wkmQLEebGHUL3-a697LLXpe7_SX6P8pw7c9bZSEUYZ2u_L44zLtFk96mDRGc8fCAc1EsYqqepp3EkXzIKU5rUnLBDvFeJm4yTxJLzSFlrHrhMKGdcUiMX2F-Dxac_5iLyVAh3qJO-BAVbatUgeQv3sp6sgS6zmSFmuanYrdZJBUPgnEYf739Jg4FwKwATmj7iVygHgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH7-2rYKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDrgALSCBIIiOGAEBABGB0yA6qCAToCgECACgPICwHYEwuIFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzY5MjE2NDI2MDk1ODA3NxiPmSg&sigh=x1RsqoucALU&uach_m=[UACH]&cid=CAQSPwDq26N9273l0L_ZQXUOadne8FZK3XKadae1l4_uQYqfmtQugYg6aCoTNGJzgr-KBw45WlVlsxlslQ5f9ME_-RgBIA4&template_id=494
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/ Frame 2185 23 KB
10 KB 85ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/abg_lite_fy2021.js

Requested by

Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 16:44:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 2185 3 KB
1 KB 109ms
46ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 16:49:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 2185 17 KB
7 KB 86ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 16:49:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2185 0
0 76ms
31ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTO2NWZA97m8UyZRdvQ2umJzzgt5v84I0_J6i04u3QMIFnfvHE8J8_i4Bsz2_KvNs2KSKz7y1NTbwhVRbvOBRGcvYrnyA
Requested by: Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2185 152 KB
47 KB 111ms
49ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 17 Oct 2022 19:53:04 GMT

GET
H2 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame 2185 33 KB
14 KB 76ms
20ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 307879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 20:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 06:21:45 GMT

GET
DATA 200
OK truncated
/ Frame 2185 358 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29b463a65a03d7915d022df12db018494b3aeac05df0121278323a62441a2f33

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 2185 20 KB
20 KB 97ms
26ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQR9zOhBaOH3s_JD0Fdcj6G3Y-7uvcnC2sS4ykm4MCVTLtWfGMOrYu3SKHBhA&usqp=CAI

Requested by

Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3bd78cbee1832cbc15fed1a3790fc05fbd92ca84797a01e75780f184ba2420b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 17:47:19 GMT
x-content-type-options: nosniff
age: 439545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20251
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 08:34:58 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 12 Oct 2023 17:47:19 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 2185 24 KB
25 KB 93ms
23ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSeifgonHZzsrHniaUwIXpgf7OtmhaMAbAFcgsMP77EolqO--t2xHvFlpPSWB0&usqp=CAI

Requested by

Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d78fc8b1a23a3bdae5c4b6a5fc67200cb0002abaa4d07a54a4c64341e723ee4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:22:33 GMT
x-content-type-options: nosniff
age: 253831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24655
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 07:25:08 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 14 Oct 2023 21:22:33 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 2185 13 KB
14 KB 94ms
24ms Image
image/jpeg 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcR8_EWaObX8dfUFSIi43T49y6iYXCzvp4m_yGHc3QhXPGuaXE5aSW4aeYhFJJs&usqp=CAI

Requested by

Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7aed2d07975037f5ddf33e800e8beb356d6c0dee760aa82fc739b61e00d9f57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 06:44:30 GMT
x-content-type-options: nosniff
age: 133714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13575
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 01:57:15 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 16 Oct 2023 06:44:30 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 2185 18 KB
19 KB 90ms
20ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQtUAWMsWyWyq3fy89l9nWitejEcArIaRe6KMkQcinPJmev_5Q&usqp=CAI

Requested by

Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99907b3ed1112cd467d35e36691e23109403da1a1d3fbf8bf57f31a06beaa440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 13:08:24 GMT
x-content-type-options: nosniff
age: 197080
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18856
x-xss-protection: 0
last-modified: Sun, 08 May 2022 01:53:20 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 15 Oct 2023 13:08:24 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 2185 15 KB
15 KB 112ms
42ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRyfh03qpf-U4aBspiUJ3bvqKuhmzqBqKrcI0572ya1wDGi4Y_ubV_YtscJiaw&usqp=CAI

Requested by

Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddd475944f6c92d5d81fc7148f712c83ed6ba1450d74bb38922583d933d32cf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 07:44:15 GMT
x-content-type-options: nosniff
age: 302929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15182
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 04:19:09 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 14 Oct 2023 07:44:15 GMT

GET
H3

200

16851322724340381604
tpc.googlesyndication.com/simgad/ Frame 2185
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr09Wf2AEQsAkYrAIyCPp95elfbcrd
https://tpc.googlesyndication.com/simgad/16851322724340381604

39 KB
39 KB

67ms
23ms

Image
image/png

2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16851322724340381604

Requested by

Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4de2e6f09f3a013353da5083f2cc8b688cb67385ec5b0ca7d5d20873682e4942

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 03:53:21 GMT
x-content-type-options: nosniff
age: 316783
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39508
x-xss-protection: 0
last-modified: Wed, 10 Oct 2018 15:56:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 14 Oct 2023 03:53:21 GMT

Redirect headers

date: Sun, 16 Oct 2022 20:24:25 GMT
x-content-type-options: nosniff
server: cafe
age: 84519
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/16851322724340381604
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Nov 2022 20:24:25 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E204 624 B
975 B 117ms
56ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOlvQEQ5tnSARio5urUATAB&v=APEucNWMjrvrQ5oCdXC9ZUL3mxvMbw3SyOcsJR35v0kFsp3sNViS6GlQXuIdWZpvaoAYLC6GWzzipgYtafI220gPjVaH01HITbzDbr0JyhV5kAidu5BX--YOuVN479HJCs7PdWqZLnEfj6SY5E7UYUhGdz4smCeOY-eAcJ0Tg9CWzTfF9577Lds

Requested by

Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:53:04 GMT
expires: Mon, 17 Oct 2022 19:53:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6695 48 KB
20 KB 144ms
84ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CN2894tVGr6wIwJnJRlPL9QU3oP7uaVOjVkQgrqoHYhQjQgUtrkIaw1woXTpsaplx_O5-0yA7mUsQ4sPKfmyGLJ1tRWR6fp0gPIbB3_1Gu4T2uQaFFKLlqZQLM5c7oXb1eisHIAPzwL3zGuWmscGdn3GUP4E0H0TIijywLXiqK0DPsVBI&dbm_d=AKAmf-DJP5BT3NK1YAmRCBIisFBan6l2mKy5YFD4UVWEeSO_QnDulNO4UsYe3XdVhCWqsHRwDWjiXFUHcYpyzNo0VRATzKfQ8nVVH-S5M9NhdVuXbG9wkS5Ccj64Y6CEEIFmKAuNvnJY9mil7I3oC1KANGYykqv_Ou-AzMGuTzTloqMdL1EHmuoiE1DYR3AK4PwBiOxxN-D12QGA7lid8ZpabNBDMGbaGoXOuJl6fNS9sPtkOV7WVd8osAuraB-kdb9E-FV89nQyo_BcQT_HXddA9tTj3gJtF9pUiV7C4UTRZgP0O0VXnzststrLvN6jVVl1ylRCh8C3Rcroy76_FIcPffzixnFd5tQleGpJM3TsJIOuqENSRktdG1cuOzmq66cuJd7ALU8bICJfV00Jp7jn5EF85-ILVfh6maqu_E4_ox1XkRdDN9W0pwfZITbABvrxGtgiugBuaoK4cRsF3BI0ePP1htx35P545BAEi7lMabMUFR4x2eqvvxCS7tDBD0FqMEKoLpESMolKOrspR0w1RG-Qqcj_6_k2ZnkrR9y_N1ebrF01wirJS4e6tAvp1_7nod4uisQvaljTB6nNMjxWwWhVc6P3U3z1gd7ycv3T68hI7q1KhV1NFNK39dIX1098qTVwrFuJvSKeJDqT7pIfutuGdCWrhPLCvn0N6y1Nl1767GtiKYOV0ma9cRT3wXl3hOVPb7Md7_pLhk29Rjrv2GVTpHKdYobXhOzRngbVD3knkF79tyzteDWWx_mtWSYsAzOvY0kiwYbvv-W1WIKEt1l4kd4BCavdDDaWCQ8v1Q-Ush2POE93MAws46wmKOZJas89l6gVTaA810ieztVubRC0D3e2K-cqXx8ozLcCRbl5CNTJYNZgl5sVqu_9DGRreD7XejwpRDXTcA1-qj4SkZCxmCLVh2QhwxWy0D2BR8Cu89eCpmkmJ1DVlUMICWxEy7UHIyPOFGIYotJcoxDDiHNFDoKIVqMUssAK4JOld0HKl1YBGmyg7m99DpAj9fOiolLTamDvRL_ohXisjg3My91CYJ3IZLaUC7kRcko8AErw6S0UKC0Mxbi07EU8qfD42Cw_pQ68JVUr-ujUC-dNai1Y3H9sRXEe-iZHwWxeFs9yr0dCdFMSjTIKTgTB86jW-I49EHAWETZRW6LwFnFQ1J-5Gr2RS1DGr5jAug2koAnhlPW4HCgU9VNalH_BG_cyvrDFCTsc3J26QD-zbJIQn88O-OH8pMvS-1WyWk-WRe2UnnuXiNPSz73-661gWk2N7g8PiQIrCTqEWvhL8bJ6CY07EvjBw7NMLQCg9JXl0JEPlAOnngvgSKzwNZx-RbKqqlwrnvu9uonzK0woPFgLwQKf-qNPyv-QnyWb_gQDZQnB6svTJzm3JIwi6l3jklGTetyl-juWnpZl8PC59_1DA95c109QSl_hOQgN6dp_sBCmSyFirShQ88G5HTIwXFUT0hplVvcXxhGpmjFvWv4M_EGDv0e3ljq8OVFmltIyQn07qm7FkwXvKQJH-NIWhmeGGpPHiAOGQ0vVx6OTcBdXr-hdcef2JIlMp_2JVuoYXleoQfQvlyOaC6lY5fw73N0ciELSxk2w7zOVRMvmUj5DgNHQZXbPhTHAqKHUc8ZzTzCKwu4ja77eVbt76FM-z8XD9OEZ9m0TtsJsoqmDlmwb_Cyl9KfpB1S5xFXmo_2ElATmHrfkG5DsU-rEgk1GRXwXOkNNLsXb-N-Jis2yPP1r9fs7_mB_aH8lnDoT2ly_ZCRIiVmWEFqH8y43YDV6dkJ7mzCRxuIzK10RFffVy0yqaPyJCyn5z_yKwackAHiKyBCGpm8V1iyAnhDvgGNB3tYOHR9HvrIe5nQxvp6q-3LfRVVGsWqQ7Dbnaq-piLWL-nCdamoM-J1QB7GR6KpHS4JSAf12Xq3RZbnrmxX2HCtUOVPnLdNyyUp5mo7FTApzmWAqtuiraY96U32nf_eIrng5rFcXhNbyJJKt8rNEWKRWaWTnA641KN6UjWbubKpw6Xeb202BRoLJ_RVUQ-e00QmTP2xz-O_GcEqPyZsV6sYltnySW_km3AkzJl9_Q4IyeDTjDsQeYXYxpAagt6O0X_jq4EUlLlIKSrotAQ8ROHRai_5oJJORvoklAP7CtTOkkalw-F93iOkJk2z6SYc8SzIzCjzXZ_HeBjs9MMfQzVNd2wAHrQJuSIUfJ49Iz_2JuweeaJcu0--omDnaMjAO9mrzpNWSF_XfC7qjYBDbipQnsn03iyp4tU07fuJ6h9xxPI8j5Zqf4uCK87Nqhll0cFOwF4ZvPbp6mAq2jqwfjiCioh7q_uq6lPtU-2PMjHQKZxQJALjm77e5vHhkUsJV7AuPglmDxcemBq-M2VbAdx1KU4QmVHxzLFRJaDnd-yIjsfnz815VMm7KuaburNaDRx5Fo0zq-Plf3KFNoVRGTdLhhSZQ8OQ2325G1FGP5WCE6s6TdcP0dpAm2_5guhzCzaAHJ22sHpkoZKYOAYnrd0LyHEydHZJJkveESkfXqS6oEwL4uEOSYfOVLJZwhTaVo8_XGOlcQHLQc121qNdMZndXJ-7Wjr-vuqs-SPekB3NrDuAjmIkUUci48cG6dAjZSOm5bn0SF5hsRmYQ8HkYlP4WyyorllZxazJ5oZvWwIhXlvAv1Iiqmk97kRuEbMRWCl6iB9RydDkO8i32f8jqAP1UW2R7LZClJTCo5cccWLxSvZSru2KgESySmgcuQ_H_Fkz-fsA6h_y1q2jHkyMY0P3GzgGQWUa8ppGBtP12ldmmSU94w-bPyC8Qgqa2KhtCDSFA6WHUt9dumdsfLUJRfu2BAMuhQSZzoxygOp59GfwOx2_WFtCuFQ-RI6U7zI459zgGa8y0n61I1ZeKG7islR05DOyRsONhW4w-FOvyfOZ9smvFS4hKM5K8SJVkgT3g7l-XHZggOiZCdxzxXnNKnrncmQ7DqJ59ZhP3-g-wSDg6LeWAdMyzKTiDQBYxjWe_bKNZzpnFI33FHQUsL5UMLxRROuV40S22TPsnTRNSZNwpKfGLw0LTzpw5qGZPAgbuSs4fZ3LtNDRlRFI6EXsGrzjvGMD1eHFtPe2kuGZ-EZ6XEEmnqD5-9qKrRsZdWiPVHjAUcOQ6P9QWCEkDUfOX8hON2ZKnAYkApkIzqBWQc4MeS9QnAf7_cTi-xiLx2BzfRjapPXeh8XJE_a7IlCPdR7lrLeBabmj4F0PQLbcMEve6FTrLZNxE_BFSkLPVIZmOoSe7-CoOYNHNlBPq8TmihvJppmusaOblOo-XR1fBCMr-CBIHJGRr4eY8amOLdC3WuLewD0WDdIMvnsfNNYULnlzI7Ch5hfdnC2qIwsCCBkzmtS0fbVjcdYM&cid=CAQSPwDq26N9273l0L_ZQXUOadne8FZK3XKadae1l4_uQYqfmtQugYg6aCoTNGJzgr-KBw45WlVlsxlslQ5f9ME_-RgBIA4&rfl=1%2Chttps%253A%252F%252Fwww.yallakora.com%252F%240

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

086422b0241c5de2a18d9a236f95606ff34becd3d92692acaaca538f6458c026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6695 42 B
494 B 113ms
52ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CNYBTEdamyujnKkLwIWbBke1eC-kQ3f0ttAiPn2qUy8I0CYpeXt-ZOxHuO4R-7pZ9OhYQzWYDsrb_hyCy0sx_m864dBSJPH0BuVU-0v6patWBgxEA

Requested by

Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 6695 3 KB
1 KB 94ms
47ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 16:49:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame 6695 17 KB
7 KB 74ms
27ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 16:49:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6695 0
0 59ms
29ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSZfa23VomDLxNN3Ut-1_LYeUxc_591HJVcLHQLbwtgrS1MguHn60hE6kW8kyycS4JdXdXyskXfjNtz23FmaWA3eDrMOQ
Requested by: Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6695 152 KB
46 KB 126ms
79ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 17 Oct 2022 19:53:04 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 446D 624 B
561 B 113ms
57ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOlvQEQ5tnSARiU5OrUATAB&v=APEucNVB6aQ_PqPuZxLvj7usoz0fDlF2XpBDcqNoTF3aJi3r4hBhtCn98KbqxxM6tVmiPtbQZSqFZlv1M2b9KcXOxwIC-y7li3koExOlbQ2isKmoibqcQH2E32B6taM-cfQGz38fJBuwZ5JWVlgjFZfsx-KQ5Rsn4qHppL_qN_YJX7Tsn7vCbNs

Requested by

Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:53:04 GMT
expires: Mon, 17 Oct 2022 19:53:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FAA4 48 KB
20 KB 123ms
67ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DSAGBgFEH3IbxGQZcNNI7HAMeTuw2DXelyVq3JzQRy7UcerjLHVqocUfAy7raXK1pvH0Q3KOLke9rWJYsVNeMot3dp-w33iEVCFQaH4_uVAP9_W6adVr0qhSQutOJyBJeWhOFZm-U3hoB-pzkctv89EGRb15frKtnm3XIkH9Agjyl3TtU&dbm_d=AKAmf-Cuf_paMmNg0N-4t-wDZ2jwow5AgtESjg39FGaknLwt_g6qty4UE4FLmFKwPNxn2fnSWcIiSSx7lZbz_47tVUBCU52tO-jmTWAxvJszrpKCOM6fOYx9yyN5-nVA0pfvyCg8unaI-R4etJMkWHdGgmQNHOwHFMT8BZq95QC6Em6E0Ea0SpVC-MSOLIAHcX5NLNmmVW8QikduffMGOK72iNJQO-8ds3J1cAOJ74YDupnba945uNJV7ZMAsvKz8TkuyxpQzeaJpPhfeEt3FEJcy-vPV9T7uTI2tzkSQ0Hcw3LzqPuap2G27Y-vYywCNWdcEQ41z1tmGWS8GEBiR6gsyFDm47sDtnBC3EiF5U1TfbBAHE5yj3VoIjrtZr4qTG-7y9rHEQsjwo_EhAGx8Kw7FqjZD33KL4xRDXaeJylFMRcOuyfRthpJ4QWj8weXZMdKvEQPlgWLQzJZZBmorRZuf2OBZvDbbm5SPdp62ysrFKqcCRk5o29qWCj7tfuerkMgLfkXo9HQ82yPh9Z-kTV-wnXTEoF9bT7Bul7GSJGP-JjIgfMjGzaLBzLqFJwm63sXN4G-d-pzzlzjDVVXukr35rygqO5XiSjg2M6_-yp0DvC4h7f_jKYeeQTH-jdqi6k4W1mdhQe6n4v8ZVWqZwx6XDL5wHFCdfsdC80X-jDYPafkL5To7JYZpMvTrIoJAJctH-B77yh-99h8oFb8FdU33GoUJMHpipHju3nd1FAdWj8wmSslZzizVE9ybYWeYIF_a0kfYmYNopSe5UTpmSgottCU8WRamZxX75hFY3q0KpZYcj8OENDeV7dpXsBpoHkUd5b_K7SSlwY6j3lkNqnpgjCAUkJI3WcXE2AT8bYeViLOqXi2_Vq_MGB1ytM6bRzq2yBekqhidzDn2ccwtrnkxaHSInmoF52TLR-4Mov8m0lVhtH-zVOMzq1LnGbviJ6KAfRNyw2fyu6CAWAU-WxOo4zulYJYYkI9Cy-cCewmGYfFj1fBQlSUzRygxuKRC5K90XHsoeYc-GWmOGKzaLq3RZ-WhwmYoy-Ihz7AUt52Ixkd46dloYrDtY0IzfPEZ1hyzZjuG4jl2PBvPZdcp7wZuWsR24PyBGY0feeiGeT4p_Bc51vmDWp0tM4LsHOMpXLH_xofW_4N8JYmM9a_Ve_Nogd6T4p6AeYca3aQVIAjR93FX-89phu51qwGhPhxLGBsPnchXC0UhokMlBRhWQyYskFsTUpTFfuxs9_L-y9BRXdjKfniOe8vTJfb2WGzSnF5lWSsZ3PqadWpU8GhjRvIhdoSx8g2KiP4-bHtS1M181jQ2YbJfN1OmmOzhdfaAA0E40roXcWmZbKNFPoxkJVuV6kYWinbebx2T5EjkPpOvdQFUDkH1zoQ8bk_BEbBnOqpqh2nPwbrC5BMwAPhzLOVzEYzvW2saDeFWZ_ZzehGtgpOxiXoaxFiuU3Mh5b3OavaugfJAdwvjmYn3r9I38O5fmUD2d_CSBui4FraJvPTiZ8qA9DEohHOgmRxE-OqNeyX21pS-sAuBwG372i8Bj36ub-C9IJMLR_Xtsd7OrNLcPN8zZVy32gesJESG5350KZwysuAZmfju3-6tR87-R2Bfto9jLmNuVeYrMGk0xJv3qJetGXIsmbTMp-Dk1rqn9gkkuMK2Pndd2IahUmgotqsfYSnWSPMxmMDZWIOWcINlAdzD_JPwBlYQz0a09qlgJVAppa9V2vUM2mvEs1ejad99iF3qZd3-whMTT46gWHwXTG0YvWG7Cj8npvQKnL4E_RDLLbY7lRASkyZVbH82IM19Tlf2eF5_HyWwE-GkLGXftxX6lxi9YMnVIKnDBzBkkeIXqhIuUPVlW1-Bh0car_AG7moh-EH2tcTOZ_vPfZmsiDtaZGaDnsc96DJTasaCk8KKLxkgcX1IfmfoRUWbur_tu_eKI2cw4_DoEdV4ab71sN-VCSwEO7Hc4XlKgysdgolApmUDJY1fJdKCy8hllRkBzc2ARz-CzqG7zQ6uV4mYxAHdMeS-8sAXCLu6EbrZ0y7BW-dKjDzXsx665Dc30EuONTcuriNsDXR0e9JINddeLxXr27noiuW99dKAOcivyPLhEgdWIiuJUBwClBaeF0PnX427G3sWW9MM1gVxGdMuSPPiVRnYBjhu42tv0spoJylhQNRpEcwApWdPkPh6KN_X2eiG_AE-j-fNB21pLcLd14b3wuUK7tan3rpJVzGH5GzzNmlbachoA6F39avf9i4KnwVD5r-YAPjt-2g3jyk9nURluhmv40hsLPD1bflWrc9WExFrWUyf8kN14BsLhp0I2q0bS46BvQzFEmWCiQ7lDTA44dOZrJPPlgEGfwQmg09fpT6d_SEWLul9yK8m8HALaY9rF1AnExCUswmsCYLrLVWug0fsxtP7K90FuF47dml9TvbzbxHS8rHI-5MnPGd2RIHYs4IXu4Yl29tWIsPH1MpAMZad81AlvIy-58-Cc0szTTZcgSp4fk_ibsjOYl59LcsDNWPV_-lEEFP8tAoR57m8NzgWfXx_riJaPKfhl52pLPC2k39P8MED4oIBLPS9XoG0qfAuyOvwBVRSKGh4B9b-zJMlR96IiD8vkYq4Q43r0cemiY4SjEm8-aPToKqWCE58Smxn_iLj2IpNaE7Xtf6VVPeIHdfv8u7b30sABPMNzjIrNKtyA0-MTFFXA8VVcdHCSmLYb0its6c6jZFffYrPvCQZF5TxlfN4AqRQes_nx84PEtVKZCrnDzNhZzhrD0wJkc0g91ZfD8H2aPAJl16fMsi6bSDqxVr-4w_5pjswTRtg0YdcSu9iMon0pKQaPvW9pKVNBb1OX2_YDZ1A2GB8ylbBWkxUcfj_LnS4IK3fL_Uwgp8q15aSxGmDd2icIOLS0wVwpHAX7jEjPdPN1b84zSjfpvbkiLJtz3CR9OK-Tp1AyEIZW2UGrMcx0vN-OQx5whJKZZ_7_9nFPc4Y3d8cdh2NuXrZAIBfXA3fqazFNCDlq9E-RrAhfFFRMsl09YZG7MewmK9tYzmbmaYwifQ8kFNBVIj7W92mdnG8trkU1n3MUIG4P2vuOU-fOHGRAGZnA9UKSQ326hitx_LlpRb87dyKoyo-oXC_Nvxn7mBPkpP9yyTiW1dAwbGxA_MnU81r8Mmy_nusUqAIjlkLIQEbTAGnRjEwH0nChSUu-kHS6SM0HDYJVXsSjVumcfjloEauJfrhMrpJFktXGtJ6PHk9cQhnRF2Fn0t82g3t3oh23ZFE7IWYFMJrB9kDiGieDgByksAbyGeHqd2vfKM4dbG_OuT1r6bnIllGdgHS4nTvn-LyduD&cid=CAQSPwDq26N9273l0L_ZQXUOadne8FZK3XKadae1l4_uQYqfmtQugYg6aCoTNGJzgr-KBw45WlVlsxlslQ5f9ME_-RgBIA4&rfl=1%2Chttps%253A%252F%252Fwww.yallakora.com%252F%240

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da73d34a97b87014befec84c90b35cee21dacdfc6630acd7a1bc68293c480d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20228
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FAA4 42 B
107 B 110ms
54ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ADMlmCyamc-nQejt-slciBH2j7ihpuAWMkHyhpb7fqDOTTPN4KXxmTrfFu1-OkgEAo_1K1phssC3vncPLm-FXabngaS-DuU4cD5dz7dnHNk-efCig

Requested by

Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame FAA4 3 KB
1 KB 91ms
48ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 16:49:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/ Frame FAA4 17 KB
7 KB 83ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221013/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 16:49:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FAA4 0
0 56ms
30ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRHAYxJwldhsntksjK7zEVKn-cG6ZSPNjA0Me1Y6q4-TJIb7ZM8hbMcVD88N2Sty9hTVXS2OwRgpR2TSlu-Q4TSTFSgjQ
Requested by: Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FAA4 152 KB
46 KB 137ms
95ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 17 Oct 2022 19:53:04 GMT

GET
DATA 200
OK truncated
/ Frame 2185 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5aade6712debf50525e09a64d01f7e1ad9ce7a0a5f43f3dd2b3d40a744fa4c4b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E204
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOqj_K35FdiYlsngbUpvfmc&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOqj_K35FdiYlsngbUpvfmc&google_cver=1&C=1

43 B
766 B

23ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOqj_K35FdiYlsngbUpvfmc&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOlvQEQ5tnSARio5urUATAB&v=APEucNWMjrvrQ5oCdXC9ZUL3mxvMbw3SyOcsJR35v0kFsp3sNViS6GlQXuIdWZpvaoAYLC6GWzzipgYtafI220gPjVaH01HITbzDbr0JyhV5kAidu5BX--YOuVN479HJCs7PdWqZLnEfj6SY5E7UYUhGdz4smCeOY-eAcJ0Tg9CWzTfF9577Lds
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 19:53:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 19:53:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEOqj_K35FdiYlsngbUpvfmc&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E204
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y02yoAej0XFW47Wqhee6HAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTDOzmg4n9Z-9UaR-w-7aY&google_cver=1

43 B
766 B

21ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTDOzmg4n9Z-9UaR-w-7aY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOlvQEQ5tnSARio5urUATAB&v=APEucNWMjrvrQ5oCdXC9ZUL3mxvMbw3SyOcsJR35v0kFsp3sNViS6GlQXuIdWZpvaoAYLC6GWzzipgYtafI220gPjVaH01HITbzDbr0JyhV5kAidu5BX--YOuVN479HJCs7PdWqZLnEfj6SY5E7UYUhGdz4smCeOY-eAcJ0Tg9CWzTfF9577Lds
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 19:53:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTDOzmg4n9Z-9UaR-w-7aY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E204
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEK1czs5_AC9UHkTnzWFX6VE&google_cver=1

43 B
1020 B

54ms
25ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEK1czs5_AC9UHkTnzWFX6VE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOlvQEQ5tnSARio5urUATAB&v=APEucNWMjrvrQ5oCdXC9ZUL3mxvMbw3SyOcsJR35v0kFsp3sNViS6GlQXuIdWZpvaoAYLC6GWzzipgYtafI220gPjVaH01HITbzDbr0JyhV5kAidu5BX--YOuVN479HJCs7PdWqZLnEfj6SY5E7UYUhGdz4smCeOY-eAcJ0Tg9CWzTfF9577Lds

Protocol

HTTP/1.1

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 19:53:04 GMT
AN-X-Request-Uuid: 86e84b10-04f3-4193-896a-bcc36d676f11
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEK1czs5_AC9UHkTnzWFX6VE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E204
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAwMzI3Nzk4NDE2NjYzNDUxMw%3D%3D

170 B
188 B

77ms
32ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAwMzI3Nzk4NDE2NjYzNDUxMw%3D%3D

Requested by

Protocol

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 19:53:04 GMT
AN-X-Request-Uuid: f7c7853b-9b49-4cd6-abac-d49614c408f9
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAwMzI3Nzk4NDE2NjYzNDUxMw%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 446D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe_CUQkHbviRp4C2pedMxs&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe_CUQkHbviRp4C2pedMxs&google_cver=1&C=1

43 B
766 B

25ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHe_CUQkHbviRp4C2pedMxs&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOlvQEQ5tnSARiU5OrUATAB&v=APEucNVB6aQ_PqPuZxLvj7usoz0fDlF2XpBDcqNoTF3aJi3r4hBhtCn98KbqxxM6tVmiPtbQZSqFZlv1M2b9KcXOxwIC-y7li3koExOlbQ2isKmoibqcQH2E32B6taM-cfQGz38fJBuwZ5JWVlgjFZfsx-KQ5Rsn4qHppL_qN_YJX7Tsn7vCbNs
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 19:53:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 19:53:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEHe_CUQkHbviRp4C2pedMxs&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 446D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y02yoAej0XFW47Wqhee6HAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTDOzmg4n9Z-9UaR-w-7aY&google_cver=1

43 B
766 B

22ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTDOzmg4n9Z-9UaR-w-7aY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOlvQEQ5tnSARiU5OrUATAB&v=APEucNVB6aQ_PqPuZxLvj7usoz0fDlF2XpBDcqNoTF3aJi3r4hBhtCn98KbqxxM6tVmiPtbQZSqFZlv1M2b9KcXOxwIC-y7li3koExOlbQ2isKmoibqcQH2E32B6taM-cfQGz38fJBuwZ5JWVlgjFZfsx-KQ5Rsn4qHppL_qN_YJX7Tsn7vCbNs
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 19:53:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTDOzmg4n9Z-9UaR-w-7aY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 446D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHxtv0ciTzUEN9tPcf_1I_c&google_cver=1

43 B
1020 B

171ms
144ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHxtv0ciTzUEN9tPcf_1I_c&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOlvQEQ5tnSARiU5OrUATAB&v=APEucNVB6aQ_PqPuZxLvj7usoz0fDlF2XpBDcqNoTF3aJi3r4hBhtCn98KbqxxM6tVmiPtbQZSqFZlv1M2b9KcXOxwIC-y7li3koExOlbQ2isKmoibqcQH2E32B6taM-cfQGz38fJBuwZ5JWVlgjFZfsx-KQ5Rsn4qHppL_qN_YJX7Tsn7vCbNs

Protocol

HTTP/1.1

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 19:53:04 GMT
AN-X-Request-Uuid: 33af361b-5dc4-4969-8695-ab00bb433204
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHxtv0ciTzUEN9tPcf_1I_c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 446D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQyNjU2MzA1MDQ5MDI3MTU2Mg%3D%3D

170 B
188 B

34ms
33ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQyNjU2MzA1MDQ5MDI3MTU2Mg%3D%3D

Requested by

Protocol

Server

142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 19:53:04 GMT
AN-X-Request-Uuid: d8523cd6-dbf7-4dd9-ab71-16a756582496
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQyNjU2MzA1MDQ5MDI3MTU2Mg%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame FAA4 30 KB
11 KB 68ms
26ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DSAGBgFEH3IbxGQZcNNI7HAMeTuw2DXelyVq3JzQRy7UcerjLHVqocUfAy7raXK1pvH0Q3KOLke9rWJYsVNeMot3dp-w33iEVCFQaH4_uVAP9_W6adVr0qhSQutOJyBJeWhOFZm-U3hoB-pzkctv89EGRb15frKtnm3XIkH9Agjyl3TtU&dbm_d=AKAmf-Cuf_paMmNg0N-4t-wDZ2jwow5AgtESjg39FGaknLwt_g6qty4UE4FLmFKwPNxn2fnSWcIiSSx7lZbz_47tVUBCU52tO-jmTWAxvJszrpKCOM6fOYx9yyN5-nVA0pfvyCg8unaI-R4etJMkWHdGgmQNHOwHFMT8BZq95QC6Em6E0Ea0SpVC-MSOLIAHcX5NLNmmVW8QikduffMGOK72iNJQO-8ds3J1cAOJ74YDupnba945uNJV7ZMAsvKz8TkuyxpQzeaJpPhfeEt3FEJcy-vPV9T7uTI2tzkSQ0Hcw3LzqPuap2G27Y-vYywCNWdcEQ41z1tmGWS8GEBiR6gsyFDm47sDtnBC3EiF5U1TfbBAHE5yj3VoIjrtZr4qTG-7y9rHEQsjwo_EhAGx8Kw7FqjZD33KL4xRDXaeJylFMRcOuyfRthpJ4QWj8weXZMdKvEQPlgWLQzJZZBmorRZuf2OBZvDbbm5SPdp62ysrFKqcCRk5o29qWCj7tfuerkMgLfkXo9HQ82yPh9Z-kTV-wnXTEoF9bT7Bul7GSJGP-JjIgfMjGzaLBzLqFJwm63sXN4G-d-pzzlzjDVVXukr35rygqO5XiSjg2M6_-yp0DvC4h7f_jKYeeQTH-jdqi6k4W1mdhQe6n4v8ZVWqZwx6XDL5wHFCdfsdC80X-jDYPafkL5To7JYZpMvTrIoJAJctH-B77yh-99h8oFb8FdU33GoUJMHpipHju3nd1FAdWj8wmSslZzizVE9ybYWeYIF_a0kfYmYNopSe5UTpmSgottCU8WRamZxX75hFY3q0KpZYcj8OENDeV7dpXsBpoHkUd5b_K7SSlwY6j3lkNqnpgjCAUkJI3WcXE2AT8bYeViLOqXi2_Vq_MGB1ytM6bRzq2yBekqhidzDn2ccwtrnkxaHSInmoF52TLR-4Mov8m0lVhtH-zVOMzq1LnGbviJ6KAfRNyw2fyu6CAWAU-WxOo4zulYJYYkI9Cy-cCewmGYfFj1fBQlSUzRygxuKRC5K90XHsoeYc-GWmOGKzaLq3RZ-WhwmYoy-Ihz7AUt52Ixkd46dloYrDtY0IzfPEZ1hyzZjuG4jl2PBvPZdcp7wZuWsR24PyBGY0feeiGeT4p_Bc51vmDWp0tM4LsHOMpXLH_xofW_4N8JYmM9a_Ve_Nogd6T4p6AeYca3aQVIAjR93FX-89phu51qwGhPhxLGBsPnchXC0UhokMlBRhWQyYskFsTUpTFfuxs9_L-y9BRXdjKfniOe8vTJfb2WGzSnF5lWSsZ3PqadWpU8GhjRvIhdoSx8g2KiP4-bHtS1M181jQ2YbJfN1OmmOzhdfaAA0E40roXcWmZbKNFPoxkJVuV6kYWinbebx2T5EjkPpOvdQFUDkH1zoQ8bk_BEbBnOqpqh2nPwbrC5BMwAPhzLOVzEYzvW2saDeFWZ_ZzehGtgpOxiXoaxFiuU3Mh5b3OavaugfJAdwvjmYn3r9I38O5fmUD2d_CSBui4FraJvPTiZ8qA9DEohHOgmRxE-OqNeyX21pS-sAuBwG372i8Bj36ub-C9IJMLR_Xtsd7OrNLcPN8zZVy32gesJESG5350KZwysuAZmfju3-6tR87-R2Bfto9jLmNuVeYrMGk0xJv3qJetGXIsmbTMp-Dk1rqn9gkkuMK2Pndd2IahUmgotqsfYSnWSPMxmMDZWIOWcINlAdzD_JPwBlYQz0a09qlgJVAppa9V2vUM2mvEs1ejad99iF3qZd3-whMTT46gWHwXTG0YvWG7Cj8npvQKnL4E_RDLLbY7lRASkyZVbH82IM19Tlf2eF5_HyWwE-GkLGXftxX6lxi9YMnVIKnDBzBkkeIXqhIuUPVlW1-Bh0car_AG7moh-EH2tcTOZ_vPfZmsiDtaZGaDnsc96DJTasaCk8KKLxkgcX1IfmfoRUWbur_tu_eKI2cw4_DoEdV4ab71sN-VCSwEO7Hc4XlKgysdgolApmUDJY1fJdKCy8hllRkBzc2ARz-CzqG7zQ6uV4mYxAHdMeS-8sAXCLu6EbrZ0y7BW-dKjDzXsx665Dc30EuONTcuriNsDXR0e9JINddeLxXr27noiuW99dKAOcivyPLhEgdWIiuJUBwClBaeF0PnX427G3sWW9MM1gVxGdMuSPPiVRnYBjhu42tv0spoJylhQNRpEcwApWdPkPh6KN_X2eiG_AE-j-fNB21pLcLd14b3wuUK7tan3rpJVzGH5GzzNmlbachoA6F39avf9i4KnwVD5r-YAPjt-2g3jyk9nURluhmv40hsLPD1bflWrc9WExFrWUyf8kN14BsLhp0I2q0bS46BvQzFEmWCiQ7lDTA44dOZrJPPlgEGfwQmg09fpT6d_SEWLul9yK8m8HALaY9rF1AnExCUswmsCYLrLVWug0fsxtP7K90FuF47dml9TvbzbxHS8rHI-5MnPGd2RIHYs4IXu4Yl29tWIsPH1MpAMZad81AlvIy-58-Cc0szTTZcgSp4fk_ibsjOYl59LcsDNWPV_-lEEFP8tAoR57m8NzgWfXx_riJaPKfhl52pLPC2k39P8MED4oIBLPS9XoG0qfAuyOvwBVRSKGh4B9b-zJMlR96IiD8vkYq4Q43r0cemiY4SjEm8-aPToKqWCE58Smxn_iLj2IpNaE7Xtf6VVPeIHdfv8u7b30sABPMNzjIrNKtyA0-MTFFXA8VVcdHCSmLYb0its6c6jZFffYrPvCQZF5TxlfN4AqRQes_nx84PEtVKZCrnDzNhZzhrD0wJkc0g91ZfD8H2aPAJl16fMsi6bSDqxVr-4w_5pjswTRtg0YdcSu9iMon0pKQaPvW9pKVNBb1OX2_YDZ1A2GB8ylbBWkxUcfj_LnS4IK3fL_Uwgp8q15aSxGmDd2icIOLS0wVwpHAX7jEjPdPN1b84zSjfpvbkiLJtz3CR9OK-Tp1AyEIZW2UGrMcx0vN-OQx5whJKZZ_7_9nFPc4Y3d8cdh2NuXrZAIBfXA3fqazFNCDlq9E-RrAhfFFRMsl09YZG7MewmK9tYzmbmaYwifQ8kFNBVIj7W92mdnG8trkU1n3MUIG4P2vuOU-fOHGRAGZnA9UKSQ326hitx_LlpRb87dyKoyo-oXC_Nvxn7mBPkpP9yyTiW1dAwbGxA_MnU81r8Mmy_nusUqAIjlkLIQEbTAGnRjEwH0nChSUu-kHS6SM0HDYJVXsSjVumcfjloEauJfrhMrpJFktXGtJ6PHk9cQhnRF2Fn0t82g3t3oh23ZFE7IWYFMJrB9kDiGieDgByksAbyGeHqd2vfKM4dbG_OuT1r6bnIllGdgHS4nTvn-LyduD&cid=CAQSPwDq26N9273l0L_ZQXUOadne8FZK3XKadae1l4_uQYqfmtQugYg6aCoTNGJzgr-KBw45WlVlsxlslQ5f9ME_-RgBIA4&rfl=1%2Chttps%253A%252F%252Fwww.yallakora.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3c218f921126409f2f4a82b74458117039037330ffb76b30df5c6062b353a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11730
x-xss-protection: 0
server: cafe
etag: 9319256901541695429
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 18:53:14 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/ Frame FAA4 8 KB
3 KB 76ms
35ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 18:53:14 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FAA4 0
110 B 152ms
67ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssfwFntIkF2XBvTHUFwNowF-ltGk4eNLdG3IyW1XxVJ213NK6S5LjZvKEiYm_NnYsqLwW-M-AwQl-giq436eLE045-qrEkyhHPQUIk8TfPq3cVLR_19CHV-tE7ptb52QkBJNVbbf3wkHtoMzRSefMO6e4I85rxUoyMOcpsGmWUOhJkiEtsQAPlr5a2gt_LBgVebQO9OJgib5uvGDEoZfPSNoFBXfkf8aGYJwzCBI7fFwbN-PUUDlfwYHEZzg16v1eKOzCYO-ua1UwZE7K2fvFL5E5xN2Ei-JbkKdqlTSsyc6fgpDnAZB4UQQvVciDv5nZ_fxLUzLlh9kjWUrja1ximZoiM2fddHNx71hqSzO5vMC0E1vHoeL-WlLTgvrtw0bqzWgElBL6X_8gCZgzwtNgOKFvHkG2BaeaHj2sumgjxZ_nGEA1dugcWXV2KDo5SKPJk7gI6vCUoASEgZXEV9TyPtpDhJcunD6khWDdl448ZHMDCvFDoCCKKCRmoOv4bMeWkbbAvi9i8RgL-UkiNn2JHx9pw09BH3sgpYZZO9tY_PrAtRZXQ28_BAYCafdrOZItaoHyXc7NAVApUX55HyEfA-mRCGSFUQoYCd65zvOj0tMjlbAnB4AtSVDMkWhxedJstsQ3YbbDLfVJ5dNyuaXjA_dRWSZjfBG2UBUqLslxMNYuDNYlW-OAJod7kw-rhcKC2HGkGYulvacXKeAWunBxXofT45Y-yox3zGcXdVS7q0DCd0IssJomMvhknJtVL_C0flRBlCwRqO2KJ8aKnjGR4j8TUfNgSUVEp21S4DGIb30ZYufZKtxzk0vIqH8IxjXI9P4dcOp8wjQFtB1ekQhAxOakvLIYznr7RsieAS_-WpvkzSYsMpeKz6RynXU1ugYn1FCqQQzbIc_IgNhhxwYSqH2aihM15kvfIEj8bR-1F7Wd8__U8IDYqHCZQmWhws_zuLJEGosELeLQtyAPNtGdfvVlCZlCwrn-9zykLNnlNelCyO1SKb9hlLmINAY6SCaKze2lqrVtRahnNTLYM3ABTuVBTJ16D47N3wxUoOhn_6aO5rFbMNMvAqvcu0lsV2MB0GGW2c9glYmlVPEOjFF3t79H2XBK_1YQXr2qeOL1Uf7_kDRu5CamgVNGk7-9dtYkZa3wFOmch2lXvDr8RAn6hKdPLsMK0sZ6ExKMeH3_jngoHiE0nOrEk&sai=AMfl-YQRNCx2b16S7ON5jtEymo19osv2fi74I4l-oG3P-CpiwfEo6BZyknEGf8TDF4CsmO594QVu6ohK60t_A-4xlTHfdcis_T3gC0WZcMWIcd43CuQfAaeoaLC8fw6_JlzKEFeNyouuvog13Jl5TtFZlogK6Fp7Kwsi37Xgi_b_PFqlcI-Pq4HKdDH9CIfFKIOeaRUwE9HGf31QZoquEXoGryBl6DmwtMU6Mb3HmU7EuuHG8oIK8J_x16wFadMtL4-zyNl7sOcKzaswD49DbsY8QsY&sig=Cg0ArKJSzMm3g8mC4xPbEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20221012.04345&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 17 Oct 2022 19:53:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK web.js Show response
ads.celtra.com/5feb638a/ Frame FAA4 7 KB
5 KB 120ms
31ms Script
application/javascript 3.120.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.celtra.com/5feb638a/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu56bNRq0cTKVQKOhsiWNn6zTels0JRYsNi7_MuZ8jRP73PvKIG6xH0om3hCANDVrC9viEhfPgoQd8a_B9blwU_dCN8tWLfQXOU_Rq93sz6vE2pfj45fJQuos4ndpnJNU5RCHFGqw0E-0cZ27QEbciU3uotTH_Hv3m7VTnziPvfIW7PYzLt6ODdv842dX1gzFcc3qc7_epbDY3G3egpBOnzs2BEJJtdLMmr5uoUedoccl190AJktVKSeUCqO6qPNuOpB_oYzy8KsoSCNwDJRa1PrhmfPT-ZswMa0HLY4cQc5ps7KHzaNXB263S5hjsdYBzYAWGPWgK23QeZlLOe6a8PfgHdP7uJVadTRWpJNw41e8S_2odxCIMlS9iWP02nE5W4deEoo7ixmJ2OszqjDkDqdCn9AQ7d01BgoYitWpvl_T8XkIYlLslBxfXy3oL4OhRUEMSJQkxclZniHSPXNsD5Se2_mt49rqbsZov_2FoZ5qUTdcBwnYxGy-xnTtGV_iNgYxpoD7QXbzdGcsy_8AzlmV6g0O18aa0UJE8yIgTglts8PiAG8e36o8yA57x3LapA8dC7PU7SRwT2eDoDbh_XlJCGAKrtnLIT5YHC5WpO-nEpiooWw-O-O9nZw63iZnQ0Ho-ovQBWTtAvm2jIH_8T_Rlg1HUnwFrqlD3qOt5aRZzU5StQe12j0gfyte8fOMaQR9dwVo0FhiqMsfIbUHQKgoGFZ1pg1BoZjPgl8-pwPmfiHxPTgNZs1ONud6_4g2lZa4-efE4O4mhKsmJsjTYhU3jd2lKdwBuyvEIAiAIZR7oKHTPn2GCSL2J7agp79Gp2snKCN6CXHz-ke4DASBml0BnCT9PPAH3gDwWMsR2Wec_WTOv0gwo6ir74YTu9X5GrQD-eyz5kylQCElTOBepEY_timNKLrHrf-Rens4HQLxZzEO8dxYyvANvjzYOqRSgHIfdD7SfoDbfJodpZdThxtS6BRiElRp2D_ly41ThisRVuiUP2F0thHXXEc6bbGod30IvJouecd1POizHibKXov8kgBz-DyPvzZM2Ew8dx1KJN1Qzq3qmXM-5qjfinEwPfP2zwU7WX1hOuH8qrqGwfkuTyLBE_A4RTgpU8UEml6m4F4hzmxffxxUztbCB6noFa9rX8wAEOI8TdRR285kVp-_mHlD99omHIyVw%26sai%3DAMfl-YT07G9wb0Wr-EawwiRPXyEC54yJmMrm1gjO6orOwLL6-KGaoRu4fxPYPVRN2yIWERsp1QOXZ3keoxWEFtpRrv0KmD_r25tK0bi_Dpuc8uORNtgnxnOtgIuqT6A0_xXH2gYYGABro8_YL1XjB4v1QcXRE71fa8GgI2lsTIguDuK8KVWrUh7ZjiOxot9XVzAHd3HFFs4ACMT724lZZeqcq5hDfDRyBAfYAqpteW16lU6QGEmbTGufsmiYYfgAWzq2ZBUeVe9BdhB9KawIq0plf8NE2QYeiwiqxg%26sig%3DCg0ArKJSzG5-rY-VpVtUEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&preferredClickThroughWindow=new&clickEvent=advertiser&externalAdServer=DCM&tagVersion=html-standard-7&eas.JWVjaWQh=179216930&externalCreativeId=179216930&externalPlacementId=347806802&externalSiteId=5056234&externalLineItemId=539319740&externalCampaignId=28402807&externalCreativeSize=728x90&externalUserId=0&externalDestinationUrl=https%3A%2F%2Fwww.adidas.sk%2Foriginals%3Fcm_mmc%3DAdiDisplay_DV360-_-CrossCategory-_-OE-_-Banner-_-Banner-_-dv%3AeCOM-_-cn%3AAlwaysOn_MidFunnel-_-pc%3ACrossCategory%26cm_mmc1%3DSK%26cm_mmc2%3Dadidas-EMEA-eCOM-Display-CrossCategory-Prospecting-SK-AlwaysOn-2201-00052-NA-Programmatic-MidFunnel%26dclid%3D%25edclid!&scriptId=celtra-script-1&clientTimestamp=1666036384.674&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=6778971796190185
Requested by: Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.29.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-29-79.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: ae73873f04df746538263a9eb9bc01531311ad553c505b9a082020491c909328

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 19:53:04 GMT
content-encoding: gzip
Connection: keep-alive
Content-Length: 5109
Content-Type: application/javascript; charset=utf-8

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FAA4 0
575 B 134ms
60ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame 6695 30 KB
11 KB 44ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CN2894tVGr6wIwJnJRlPL9QU3oP7uaVOjVkQgrqoHYhQjQgUtrkIaw1woXTpsaplx_O5-0yA7mUsQ4sPKfmyGLJ1tRWR6fp0gPIbB3_1Gu4T2uQaFFKLlqZQLM5c7oXb1eisHIAPzwL3zGuWmscGdn3GUP4E0H0TIijywLXiqK0DPsVBI&dbm_d=AKAmf-DJP5BT3NK1YAmRCBIisFBan6l2mKy5YFD4UVWEeSO_QnDulNO4UsYe3XdVhCWqsHRwDWjiXFUHcYpyzNo0VRATzKfQ8nVVH-S5M9NhdVuXbG9wkS5Ccj64Y6CEEIFmKAuNvnJY9mil7I3oC1KANGYykqv_Ou-AzMGuTzTloqMdL1EHmuoiE1DYR3AK4PwBiOxxN-D12QGA7lid8ZpabNBDMGbaGoXOuJl6fNS9sPtkOV7WVd8osAuraB-kdb9E-FV89nQyo_BcQT_HXddA9tTj3gJtF9pUiV7C4UTRZgP0O0VXnzststrLvN6jVVl1ylRCh8C3Rcroy76_FIcPffzixnFd5tQleGpJM3TsJIOuqENSRktdG1cuOzmq66cuJd7ALU8bICJfV00Jp7jn5EF85-ILVfh6maqu_E4_ox1XkRdDN9W0pwfZITbABvrxGtgiugBuaoK4cRsF3BI0ePP1htx35P545BAEi7lMabMUFR4x2eqvvxCS7tDBD0FqMEKoLpESMolKOrspR0w1RG-Qqcj_6_k2ZnkrR9y_N1ebrF01wirJS4e6tAvp1_7nod4uisQvaljTB6nNMjxWwWhVc6P3U3z1gd7ycv3T68hI7q1KhV1NFNK39dIX1098qTVwrFuJvSKeJDqT7pIfutuGdCWrhPLCvn0N6y1Nl1767GtiKYOV0ma9cRT3wXl3hOVPb7Md7_pLhk29Rjrv2GVTpHKdYobXhOzRngbVD3knkF79tyzteDWWx_mtWSYsAzOvY0kiwYbvv-W1WIKEt1l4kd4BCavdDDaWCQ8v1Q-Ush2POE93MAws46wmKOZJas89l6gVTaA810ieztVubRC0D3e2K-cqXx8ozLcCRbl5CNTJYNZgl5sVqu_9DGRreD7XejwpRDXTcA1-qj4SkZCxmCLVh2QhwxWy0D2BR8Cu89eCpmkmJ1DVlUMICWxEy7UHIyPOFGIYotJcoxDDiHNFDoKIVqMUssAK4JOld0HKl1YBGmyg7m99DpAj9fOiolLTamDvRL_ohXisjg3My91CYJ3IZLaUC7kRcko8AErw6S0UKC0Mxbi07EU8qfD42Cw_pQ68JVUr-ujUC-dNai1Y3H9sRXEe-iZHwWxeFs9yr0dCdFMSjTIKTgTB86jW-I49EHAWETZRW6LwFnFQ1J-5Gr2RS1DGr5jAug2koAnhlPW4HCgU9VNalH_BG_cyvrDFCTsc3J26QD-zbJIQn88O-OH8pMvS-1WyWk-WRe2UnnuXiNPSz73-661gWk2N7g8PiQIrCTqEWvhL8bJ6CY07EvjBw7NMLQCg9JXl0JEPlAOnngvgSKzwNZx-RbKqqlwrnvu9uonzK0woPFgLwQKf-qNPyv-QnyWb_gQDZQnB6svTJzm3JIwi6l3jklGTetyl-juWnpZl8PC59_1DA95c109QSl_hOQgN6dp_sBCmSyFirShQ88G5HTIwXFUT0hplVvcXxhGpmjFvWv4M_EGDv0e3ljq8OVFmltIyQn07qm7FkwXvKQJH-NIWhmeGGpPHiAOGQ0vVx6OTcBdXr-hdcef2JIlMp_2JVuoYXleoQfQvlyOaC6lY5fw73N0ciELSxk2w7zOVRMvmUj5DgNHQZXbPhTHAqKHUc8ZzTzCKwu4ja77eVbt76FM-z8XD9OEZ9m0TtsJsoqmDlmwb_Cyl9KfpB1S5xFXmo_2ElATmHrfkG5DsU-rEgk1GRXwXOkNNLsXb-N-Jis2yPP1r9fs7_mB_aH8lnDoT2ly_ZCRIiVmWEFqH8y43YDV6dkJ7mzCRxuIzK10RFffVy0yqaPyJCyn5z_yKwackAHiKyBCGpm8V1iyAnhDvgGNB3tYOHR9HvrIe5nQxvp6q-3LfRVVGsWqQ7Dbnaq-piLWL-nCdamoM-J1QB7GR6KpHS4JSAf12Xq3RZbnrmxX2HCtUOVPnLdNyyUp5mo7FTApzmWAqtuiraY96U32nf_eIrng5rFcXhNbyJJKt8rNEWKRWaWTnA641KN6UjWbubKpw6Xeb202BRoLJ_RVUQ-e00QmTP2xz-O_GcEqPyZsV6sYltnySW_km3AkzJl9_Q4IyeDTjDsQeYXYxpAagt6O0X_jq4EUlLlIKSrotAQ8ROHRai_5oJJORvoklAP7CtTOkkalw-F93iOkJk2z6SYc8SzIzCjzXZ_HeBjs9MMfQzVNd2wAHrQJuSIUfJ49Iz_2JuweeaJcu0--omDnaMjAO9mrzpNWSF_XfC7qjYBDbipQnsn03iyp4tU07fuJ6h9xxPI8j5Zqf4uCK87Nqhll0cFOwF4ZvPbp6mAq2jqwfjiCioh7q_uq6lPtU-2PMjHQKZxQJALjm77e5vHhkUsJV7AuPglmDxcemBq-M2VbAdx1KU4QmVHxzLFRJaDnd-yIjsfnz815VMm7KuaburNaDRx5Fo0zq-Plf3KFNoVRGTdLhhSZQ8OQ2325G1FGP5WCE6s6TdcP0dpAm2_5guhzCzaAHJ22sHpkoZKYOAYnrd0LyHEydHZJJkveESkfXqS6oEwL4uEOSYfOVLJZwhTaVo8_XGOlcQHLQc121qNdMZndXJ-7Wjr-vuqs-SPekB3NrDuAjmIkUUci48cG6dAjZSOm5bn0SF5hsRmYQ8HkYlP4WyyorllZxazJ5oZvWwIhXlvAv1Iiqmk97kRuEbMRWCl6iB9RydDkO8i32f8jqAP1UW2R7LZClJTCo5cccWLxSvZSru2KgESySmgcuQ_H_Fkz-fsA6h_y1q2jHkyMY0P3GzgGQWUa8ppGBtP12ldmmSU94w-bPyC8Qgqa2KhtCDSFA6WHUt9dumdsfLUJRfu2BAMuhQSZzoxygOp59GfwOx2_WFtCuFQ-RI6U7zI459zgGa8y0n61I1ZeKG7islR05DOyRsONhW4w-FOvyfOZ9smvFS4hKM5K8SJVkgT3g7l-XHZggOiZCdxzxXnNKnrncmQ7DqJ59ZhP3-g-wSDg6LeWAdMyzKTiDQBYxjWe_bKNZzpnFI33FHQUsL5UMLxRROuV40S22TPsnTRNSZNwpKfGLw0LTzpw5qGZPAgbuSs4fZ3LtNDRlRFI6EXsGrzjvGMD1eHFtPe2kuGZ-EZ6XEEmnqD5-9qKrRsZdWiPVHjAUcOQ6P9QWCEkDUfOX8hON2ZKnAYkApkIzqBWQc4MeS9QnAf7_cTi-xiLx2BzfRjapPXeh8XJE_a7IlCPdR7lrLeBabmj4F0PQLbcMEve6FTrLZNxE_BFSkLPVIZmOoSe7-CoOYNHNlBPq8TmihvJppmusaOblOo-XR1fBCMr-CBIHJGRr4eY8amOLdC3WuLewD0WDdIMvnsfNNYULnlzI7Ch5hfdnC2qIwsCCBkzmtS0fbVjcdYM&cid=CAQSPwDq26N9273l0L_ZQXUOadne8FZK3XKadae1l4_uQYqfmtQugYg6aCoTNGJzgr-KBw45WlVlsxlslQ5f9ME_-RgBIA4&rfl=1%2Chttps%253A%252F%252Fwww.yallakora.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3c218f921126409f2f4a82b74458117039037330ffb76b30df5c6062b353a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11730
x-xss-protection: 0
server: cafe
etag: 9319256901541695429
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 18:53:14 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/ Frame 6695 8 KB
3 KB 55ms
34ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 18:53:14 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6695 0
64 B 133ms
69ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst64RX3VLaffK2NVmgCJjHheQdql5xtdL76ae3eK_IgNMR2I4oOqcLDw9l7wMhWB_3jgCrSvbKGkp2j7_XlR98COT4O6o7ZhgjTy72A-uMQozWZ_NVVD3o-dhmi0gBVvEfCR3IkLNgLMcH8n7dtV4FDYo6BeY0KRLXSauZptp72Ihr0Wrpsn_wkpbrFs0jNzoV9O7rxsHMvTdwaaQzU8nakIv_NvJy99wAApWtt7Lw7_QQ_R1LQVimRpGgZ1hb8WhcbXnRPjYUOz_Q_HFmYAiUycaw0IOo-PicAehHCbzJzQ3HUWPyd-fOEO0XoWHc01XObNtkMYQV-cdeYIcTXoxKpjxkYA1WEBO-FAjmj5xriDMePpjIKR5LYeW5G5DfMvigSVUIjA5LP3JLQkqgLxHNQZL8uSIwcLR0elphGlafBTzAbQGRBI7HfSOzYV_9dpMh1tferfbWx3UoRIF0C_XmRIfm2-q3B4xU8nqqOFfMTmJeCS5n0naZd-XZ65AW3lkQyWVJZ08Zxa8yOPDpZOn8fOR1eY30W4a6sspjqn7i7gXL7mGfwVHzvyuySWxFYYsWQp14jHeOh2I36uQIn4iRWAsPuz1FMtW5b2awEBIq8PI-X7eh-thAUGJ7pvKwANceRQuYFM3k08L1umOfr5g2Rm4WYfapYxOBlSmYZUG9WSciWjtXzGEO92fvLzyYkiHica9ihwL5jQ5H_m-Bfzb_u81SiS5OAy9y-iWi6mqnG8H_cDNcl85ecRK3KlabjckhfTJMhiWmU0yFpC0vIYdtnEowRBWbEjOP9MC1DPQ1_8Emn7uSmZqllGCq5O54aJ9cy9-PWI2fGEM6upEts0EvmczoU4cUVaBGjBFMMgBJ7y_XtLW8_7lKZHefNSfnqJDHiW_Pyq3Ll1kYYDvSbxJOIeaAQ6oxZZBgNTiRWdURAFKKm_6_AJXASCzHlmT6_UjId3hTjKM4K7QHKDTAJec_4VrGkyK_61h63NsCcp82liHhBA5cfK3qmJ4uAZxYLDJUTIGTS5mLNClFT5YPO_Ik906a_HX6v9styLM02e_nL4iGIw-_ie15iu088w9m0TkmJr_6OfjkOxq2tDiGBpadCgyjNPKUfZibPXQ5Kn9FXBQNW6ljbRtG5FQ1GPnUiAc5_bqqP9EMjqcSlfjsorKE0aVW436gMiQTIECBvcCeUiyCJigv62UDB9A7jgfrcnQ&sai=AMfl-YS9-aDImV4RMCGbVVKlGHlTG5aqYMo_X4rh_W8bu21pXLOOSz-grt4azqWmzwaUqw9GZ-wkGRE8B5bHLEn_ZDiT6OAmHmx9H7upBQOUGGnwTo-k3ewx08an5CM52d-vSFEQiDyHF2tfTuzibwtdscMRIGEB3tlPwzS9IYqkyu9zfPahq_RqViyxTUAr4MD3SgpWaaky0md8Puv00i-6XEFtBD7qO9J64VZNWiNUOk9Ce-PKRACytjUn7c_bPIM8ig2b6k6kgn0pIpCwctWdchM&sig=Cg0ArKJSzPmETQTUouFkEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221012.99684&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 17 Oct 2022 19:53:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 2185 20 KB
21 KB 76ms
20ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 21:33:43 GMT
x-content-type-options: nosniff
age: 253161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 21:33:43 GMT

GET
H/1.1 200
OK web.js Show response
ads.celtra.com/d44bccfa/ Frame 6695 7 KB
5 KB 110ms
39ms Script
application/javascript 3.120.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.celtra.com/d44bccfa/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv8hTTX2FxqTdR8uIlmJwXail3fXCIUs5ifG8ayLLEMCkTuwFuzmdGsGnsTxlamdWJL1QzynBd2zPw7XBJM_1lZNHk2Qy-O3jPJtSSF2BatdThBaqdeAgqmJL3YVn7tDYVELt3EDaCLTLufkvk2HHMN4H_eFpTKd74kNFSdM5ulTt4EPaTiliR6LDK2DWfCx2JTYNqjvl0gocje0dhVEZRDFLIihywy0BjpgwVCZxLwnW7PpgU8vp75h_arfQeiE9qYf9hO4OWi65kGVzCsWamPnXuy9x7pUH46r_HP70y6eVruZVT82NOEA9EOUVWsNLOn7Z31eCjuVsw7l2xvesSdiAeDzlrzduxH2eFDhg6rdDoV3Uw5o_YneZfy-2VbJV_cMgdFuFxoiMUAW-NjYf_BHy8GQ_uXsOXjCiODm7sNQnp3oHQ_bLa0xL46UHY08keYeMuhRZVVvDx-7ohgn9SteUqAMebuErMgH5aXYgZF-QjjEV3uX6yKd73k3lFMnqjsgtawzihe7nVnN_qYc3BePrcfhxh66juDInl5WbVv2Uj4JegBAgYy0EE8fDfVKLEUzdxLwzz_0juFQfB-xY9orTfAiyXMAUyDepJhwsygKNtCxOqO3jXbF43TFk5w1-ZuuzINj0gPLRkfPFHXbBw-ZQlkIZr_u6cVQR-wImYdQL_Na-fPjOV_ul9KdSU0YYix6Eg6IJ0nqlTEsjLQ7gQGIccJxiTLaTWy7MbP7xu2uoNIYqq2GOvxeTwO6mWMqOaw_fUIha7uvH8Ywt9aHa2mdlwfY6ybLH5cLKoY25KrjVxQXL813hpeD8VI_T03wU4VflRnjokx4I_HR2Ht0RSnf4O5pKh_J-qQzhl7tj6Hd2GLN2fwA9f6qAVF4IrL1KDR1aeCJD_dMlAdxkZTwk9yxV53JNTo2HGecyvRKQZXvjbtjMffEs2eh0weIHvF5tPd3QPzKjzhkh6hwwO4C9XEdVy1bslUCA6agy4_ejZZ1aox_XGzVsjE3SlCSQOfLgsRGUGKEgXTTtLa-sSAn1z2m3YEKmU-lsqABvGAD9TwcGDxj-LtVt_9NgtHgO_WSapsfeiFyeCBacAUuoNUJ8ewZVJW_STwQ8Z7HWYxeuERweHfFEwyuC0wrfXmf6EkBRKgjGD-79v4iZher5Z4XIZrqdCOHZtwog8j95BOA3c07Ut7Tg%26sai%3DAMfl-YTKtT4BzESPDtGaF4kICb7qtt8KQSrtALWO9qHufBuW2pF9C2a8A57_N2JH2odK90dmfFd_QMcdC1t8VRB8DkU2zk37V6wGHKQWMHPrhxBqgykneqwTMgNx7qTNY0x-u7chLBdcdQ7t4NBZa3hr7LtHKWDC561W-Yy8870d0jk3wUi9CyXIB0SSl4o49WxQiEcXIM9TQbgPDyEpfM0y1MxIlW2_ygieu_tfE5bvw1cMRg_bohznnTB4YlWuMZSqSoH_fcDHQKnBZ8lK6VVDMouWF6PODcPuAQ%26sig%3DCg0ArKJSzOKPkf9ERsn2EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&preferredClickThroughWindow=new&clickEvent=advertiser&externalAdServer=DCM&tagVersion=html-standard-7&eas.JWVjaWQh=179219009&externalCreativeId=179219009&externalPlacementId=348106347&externalSiteId=5056234&externalLineItemId=539319770&externalCampaignId=28402807&externalCreativeSize=300x250&externalUserId=0&externalDestinationUrl=https%3A%2F%2Fwww.adidas.sk%2Foriginals%3Fcm_mmc%3DAdiDisplay_DV360-_-CrossCategory-_-OE-_-Banner-_-Banner-_-dv%3AeCOM-_-cn%3AAlwaysOn_MidFunnel-_-pc%3ACrossCategory%26cm_mmc1%3DSK%26cm_mmc2%3Dadidas-EMEA-eCOM-Display-CrossCategory-Prospecting-SK-AlwaysOn-2201-00052-NA-Programmatic-MidFunnel%26dclid%3D%25edclid!&scriptId=celtra-script-1&clientTimestamp=1666036384.697&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=4566966418211471
Requested by: Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.29.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-29-79.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 9341cd3125505fee47364cf9e415adb87bcd9e7c7b0ce85f90b96daea2f10b28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 19:53:04 GMT
content-encoding: gzip
Connection: keep-alive
Content-Length: 5120
Content-Type: application/javascript; charset=utf-8

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6695 0
63 B 112ms
61ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

HEAD adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0

POST
H3 200 settings Show response
s.exitbee.com/8005/ 0
779 B 258ms
215ms XHR
text/plain 2606:4700:e2::ac40:850b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.exitbee.com/8005/settings

Requested by

Host: cdn.exitbee.com
URL: https://cdn.exitbee.com/xtb.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e2::ac40:850b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.yallakora.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 17 Oct 2022 19:53:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
xtb-visit-duration: 120
xtb-eb-response: 21
xtb-country: Germany
xtb-visit-id: 029a51bc-3a77-4803-8792-5cdfc07d6809
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
xtb-zip-code: 99084
server: cloudflare
xtb-city: Erfurt
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r89eyDZvYmg%2BMvhrH%2FIerbgmjG0mgPApkZex9V%2BI9JNq%2FTjMekB4HwlT22ueUCc5ZC8il1UvIc1RkV1KcPBZhO60DrdLtnbVhtf8uzxx43GRfhA%2FTj5rU6dbBHH4OXT%2FIy9srCVyoripHwBR"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.yallakora.com
access-control-expose-headers: Xtb-Vid, Xtb-Visit-Id, Xtb-Visit-Duration, Xtb-Country, Xtb-City, Xtb-Zip-Code, Xtb-Pageviewid, Xtb-eb-response
xtb-pageviewid: 9e5fee1e-4dc8-46ad-bde2-8b7575823b0e
access-control-allow-credentials: false
cf-ray: 75bb940d98fa92a7-FRA
xtb-vid: 83743ff7-bc45-4f95-9993-bd4ca9f16979

OPTIONS
H2 200 settings
s.exitbee.com/8005/ Frame 0
0 140ms
78ms Preflight 2606:4700:e2::ac40:850b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.exitbee.com/8005/settings

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:850b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.yallakora.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.yallakora.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75bb940cdcb69bf5-FRA
content-length: 0
date: Mon, 17 Oct 2022 19:53:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGWOC9dg1DtylJqTEB%2FKIb20sz3oG6A1OsmGArqemlIbtHp4Vtd8afG2kXj28IUKs1b4GMa3fwdyWtF%2B4%2FstJwVQ0laWAaeZEukDxK7Hp4tYFNe5ERyXYv45IXIBKeM7UvL2uqvxjXy1W85p"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

GET
DATA 200
OK truncated
/ Frame 6695 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63e45776b846644cf637104db683aa2eaf80459aaec3de2afbbc9f476f585afa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FAA4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d7a869117d9aa8dcfea3c3ee9b212a64ce77bae138704fb92f923fe51a91d00

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 4DB8 36 KB
16 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 14:58:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15945
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 14:58:46 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 96 KB
38 KB 77ms
35ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NDSNZ8M

Requested by

Host: dashboard.ideanetwork.site
URL: https://dashboard.ideanetwork.site/js/Footer/Yallakora/Footer.js?ver=0.4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

60039250ab3081bd04747ce9982eab8226208b35e9b3cbf4363cae6247788593

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38485
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 Oct 2022 19:53:04 GMT

GET
H/1.1 200
OK fbbdf2d8 Show response
celtraidentity.com/ Frame FAA4 93 B
337 B 89ms
20ms Script
text/javascript 3.126.58.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://celtraidentity.com/fbbdf2d8?countryCode=DE&readOnly=true&cb=__jsonp40206355167260965

Requested by

Host: ads.celtra.com
URL: https://ads.celtra.com/5feb638a/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu56bNRq0cTKVQKOhsiWNn6zTels0JRYsNi7_MuZ8jRP73PvKIG6xH0om3hCANDVrC9viEhfPgoQd8a_B9blwU_dCN8tWLfQXOU_Rq93sz6vE2pfj45fJQuos4ndpnJNU5RCHFGqw0E-0cZ27QEbciU3uotTH_Hv3m7VTnziPvfIW7PYzLt6ODdv842dX1gzFcc3qc7_epbDY3G3egpBOnzs2BEJJtdLMmr5uoUedoccl190AJktVKSeUCqO6qPNuOpB_oYzy8KsoSCNwDJRa1PrhmfPT-ZswMa0HLY4cQc5ps7KHzaNXB263S5hjsdYBzYAWGPWgK23QeZlLOe6a8PfgHdP7uJVadTRWpJNw41e8S_2odxCIMlS9iWP02nE5W4deEoo7ixmJ2OszqjDkDqdCn9AQ7d01BgoYitWpvl_T8XkIYlLslBxfXy3oL4OhRUEMSJQkxclZniHSPXNsD5Se2_mt49rqbsZov_2FoZ5qUTdcBwnYxGy-xnTtGV_iNgYxpoD7QXbzdGcsy_8AzlmV6g0O18aa0UJE8yIgTglts8PiAG8e36o8yA57x3LapA8dC7PU7SRwT2eDoDbh_XlJCGAKrtnLIT5YHC5WpO-nEpiooWw-O-O9nZw63iZnQ0Ho-ovQBWTtAvm2jIH_8T_Rlg1HUnwFrqlD3qOt5aRZzU5StQe12j0gfyte8fOMaQR9dwVo0FhiqMsfIbUHQKgoGFZ1pg1BoZjPgl8-pwPmfiHxPTgNZs1ONud6_4g2lZa4-efE4O4mhKsmJsjTYhU3jd2lKdwBuyvEIAiAIZR7oKHTPn2GCSL2J7agp79Gp2snKCN6CXHz-ke4DASBml0BnCT9PPAH3gDwWMsR2Wec_WTOv0gwo6ir74YTu9X5GrQD-eyz5kylQCElTOBepEY_timNKLrHrf-Rens4HQLxZzEO8dxYyvANvjzYOqRSgHIfdD7SfoDbfJodpZdThxtS6BRiElRp2D_ly41ThisRVuiUP2F0thHXXEc6bbGod30IvJouecd1POizHibKXov8kgBz-DyPvzZM2Ew8dx1KJN1Qzq3qmXM-5qjfinEwPfP2zwU7WX1hOuH8qrqGwfkuTyLBE_A4RTgpU8UEml6m4F4hzmxffxxUztbCB6noFa9rX8wAEOI8TdRR285kVp-_mHlD99omHIyVw%26sai%3DAMfl-YT07G9wb0Wr-EawwiRPXyEC54yJmMrm1gjO6orOwLL6-KGaoRu4fxPYPVRN2yIWERsp1QOXZ3keoxWEFtpRrv0KmD_r25tK0bi_Dpuc8uORNtgnxnOtgIuqT6A0_xXH2gYYGABro8_YL1XjB4v1QcXRE71fa8GgI2lsTIguDuK8KVWrUh7ZjiOxot9XVzAHd3HFFs4ACMT724lZZeqcq5hDfDRyBAfYAqpteW16lU6QGEmbTGufsmiYYfgAWzq2ZBUeVe9BdhB9KawIq0plf8NE2QYeiwiqxg%26sig%3DCg0ArKJSzG5-rY-VpVtUEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&preferredClickThroughWindow=new&clickEvent=advertiser&externalAdServer=DCM&tagVersion=html-standard-7&eas.JWVjaWQh=179216930&externalCreativeId=179216930&externalPlacementId=347806802&externalSiteId=5056234&externalLineItemId=539319740&externalCampaignId=28402807&externalCreativeSize=728x90&externalUserId=0&externalDestinationUrl=https%3A%2F%2Fwww.adidas.sk%2Foriginals%3Fcm_mmc%3DAdiDisplay_DV360-_-CrossCategory-_-OE-_-Banner-_-Banner-_-dv%3AeCOM-_-cn%3AAlwaysOn_MidFunnel-_-pc%3ACrossCategory%26cm_mmc1%3DSK%26cm_mmc2%3Dadidas-EMEA-eCOM-Display-CrossCategory-Prospecting-SK-AlwaysOn-2201-00052-NA-Programmatic-MidFunnel%26dclid%3D%25edclid!&scriptId=celtra-script-1&clientTimestamp=1666036384.674&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=6778971796190185

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.126.58.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-58-88.eu-central-1.compute.amazonaws.com

Software

/ Express

Resource Hash

a0c7fb0d6d84eac96a71b2f3d7377e5ad6fd454ca0a34d93fcdc4bbbd6e489cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 19:53:04 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
ETag: W/"5d-Ryges6zapO0l7FyZz8v6QBPF5Zo"
X-Powered-By: Express
Content-Length: 93
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK fbbdf2d8 Show response
celtraidentity.com/ Frame 6695 93 B
337 B 89ms
20ms Script
text/javascript 3.126.58.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://celtraidentity.com/fbbdf2d8?countryCode=DE&readOnly=true&cb=__jsonp04940065339633137

Requested by

Host: ads.celtra.com
URL: https://ads.celtra.com/d44bccfa/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv8hTTX2FxqTdR8uIlmJwXail3fXCIUs5ifG8ayLLEMCkTuwFuzmdGsGnsTxlamdWJL1QzynBd2zPw7XBJM_1lZNHk2Qy-O3jPJtSSF2BatdThBaqdeAgqmJL3YVn7tDYVELt3EDaCLTLufkvk2HHMN4H_eFpTKd74kNFSdM5ulTt4EPaTiliR6LDK2DWfCx2JTYNqjvl0gocje0dhVEZRDFLIihywy0BjpgwVCZxLwnW7PpgU8vp75h_arfQeiE9qYf9hO4OWi65kGVzCsWamPnXuy9x7pUH46r_HP70y6eVruZVT82NOEA9EOUVWsNLOn7Z31eCjuVsw7l2xvesSdiAeDzlrzduxH2eFDhg6rdDoV3Uw5o_YneZfy-2VbJV_cMgdFuFxoiMUAW-NjYf_BHy8GQ_uXsOXjCiODm7sNQnp3oHQ_bLa0xL46UHY08keYeMuhRZVVvDx-7ohgn9SteUqAMebuErMgH5aXYgZF-QjjEV3uX6yKd73k3lFMnqjsgtawzihe7nVnN_qYc3BePrcfhxh66juDInl5WbVv2Uj4JegBAgYy0EE8fDfVKLEUzdxLwzz_0juFQfB-xY9orTfAiyXMAUyDepJhwsygKNtCxOqO3jXbF43TFk5w1-ZuuzINj0gPLRkfPFHXbBw-ZQlkIZr_u6cVQR-wImYdQL_Na-fPjOV_ul9KdSU0YYix6Eg6IJ0nqlTEsjLQ7gQGIccJxiTLaTWy7MbP7xu2uoNIYqq2GOvxeTwO6mWMqOaw_fUIha7uvH8Ywt9aHa2mdlwfY6ybLH5cLKoY25KrjVxQXL813hpeD8VI_T03wU4VflRnjokx4I_HR2Ht0RSnf4O5pKh_J-qQzhl7tj6Hd2GLN2fwA9f6qAVF4IrL1KDR1aeCJD_dMlAdxkZTwk9yxV53JNTo2HGecyvRKQZXvjbtjMffEs2eh0weIHvF5tPd3QPzKjzhkh6hwwO4C9XEdVy1bslUCA6agy4_ejZZ1aox_XGzVsjE3SlCSQOfLgsRGUGKEgXTTtLa-sSAn1z2m3YEKmU-lsqABvGAD9TwcGDxj-LtVt_9NgtHgO_WSapsfeiFyeCBacAUuoNUJ8ewZVJW_STwQ8Z7HWYxeuERweHfFEwyuC0wrfXmf6EkBRKgjGD-79v4iZher5Z4XIZrqdCOHZtwog8j95BOA3c07Ut7Tg%26sai%3DAMfl-YTKtT4BzESPDtGaF4kICb7qtt8KQSrtALWO9qHufBuW2pF9C2a8A57_N2JH2odK90dmfFd_QMcdC1t8VRB8DkU2zk37V6wGHKQWMHPrhxBqgykneqwTMgNx7qTNY0x-u7chLBdcdQ7t4NBZa3hr7LtHKWDC561W-Yy8870d0jk3wUi9CyXIB0SSl4o49WxQiEcXIM9TQbgPDyEpfM0y1MxIlW2_ygieu_tfE5bvw1cMRg_bohznnTB4YlWuMZSqSoH_fcDHQKnBZ8lK6VVDMouWF6PODcPuAQ%26sig%3DCg0ArKJSzOKPkf9ERsn2EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&preferredClickThroughWindow=new&clickEvent=advertiser&externalAdServer=DCM&tagVersion=html-standard-7&eas.JWVjaWQh=179219009&externalCreativeId=179219009&externalPlacementId=348106347&externalSiteId=5056234&externalLineItemId=539319770&externalCampaignId=28402807&externalCreativeSize=300x250&externalUserId=0&externalDestinationUrl=https%3A%2F%2Fwww.adidas.sk%2Foriginals%3Fcm_mmc%3DAdiDisplay_DV360-_-CrossCategory-_-OE-_-Banner-_-Banner-_-dv%3AeCOM-_-cn%3AAlwaysOn_MidFunnel-_-pc%3ACrossCategory%26cm_mmc1%3DSK%26cm_mmc2%3Dadidas-EMEA-eCOM-Display-CrossCategory-Prospecting-SK-AlwaysOn-2201-00052-NA-Programmatic-MidFunnel%26dclid%3D%25edclid!&scriptId=celtra-script-1&clientTimestamp=1666036384.697&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=4566966418211471

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.126.58.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-58-88.eu-central-1.compute.amazonaws.com

Software

/ Express

Resource Hash

9b2e04ec885365474c2e1d15bf19964548a1939ba55b4fb4007e21ffe7a19bbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 19:53:04 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
ETag: W/"5d-5K9Eo/NEOZcEO+hayNBmHigoSyg"
X-Powered-By: Express
Content-Length: 93
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK w4qma5wstXLbfLN5oI7shCtesJNPZbbEfzLYkWGavSO6QAFm3hiboYilEcfG9sX1mAxxCdVshK09zmI49tgDJlcVQjTlgLr0oyFSV1tHWT9ERI2bMRqolJ9V4oZ3PhjKin2cX3WsVh7eR8X44h1Q24QpAmNvOcO9CcLMcq8Rv4SiG4D1r22MZ0I5ViUGpNwpyb3SH... Show response
ads.celtra.com/continue/ Frame FAA4 20 KB
7 KB 35ms
34ms Script
application/javascript 3.120.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.celtra.com/continue/w4qma5wstXLbfLN5oI7shCtesJNPZbbEfzLYkWGavSO6QAFm3hiboYilEcfG9sX1mAxxCdVshK09zmI49tgDJlcVQjTlgLr0oyFSV1tHWT9ERI2bMRqolJ9V4oZ3PhjKin2cX3WsVh7eR8X44h1Q24QpAmNvOcO9CcLMcq8Rv4SiG4D1r22MZ0I5ViUGpNwpyb3SHsL0KurwNS2zkScZHst7xDWSkzd-oN867nVWU3PLpeg2fZneFDO3L0KrDGayqyt667AJ0BToJCu4q8FSo1MwvLTQj8NosNf8RGQxFAQ1cRCcRYhrPC3qzwnFFxAWrvcln_Bklf-n8DdYaw1Y489xf7Z4W4K_BRvIPLSvcL6Ecj9bE3evsnXEYm6nosT8umb2xQ2QLeAT74MMF9gzqjcZSuqP_btJNj1wpbbLt1BqKmKgHpuHfxykruk6xDuyCOUv8hCXYNwI8uIMNYyhmIVBd5u93npypnh-qn59L8SiXgXbihhxhvt7bDNX5-IygI2tHufccoYY76vl81Bn4UMLwtVBo81hNGA438izGosRznMojMTPVS6dl6i8Cv1xpS0UD4JRd4GzMUonSBSHaVcYuJMT_fsx83cOpa0zNbzUyEr0nWwDuUprusRkzWlJsmHP7CvvnDuqtF_k6CUhtsRlLFD9NWzpv1gJ-kc0zJoLY98zRZnyGFUjYzkZdAXlkTrFaMDN9NTfUtTdyqpBr8iCIyQTAIZPiDz0R1Qvze7I-M97yYvrNKZxmwzCa2t5mJm90dCU9gnxXSPZnPLPETl8UP322rBw2Drh013j6_VHMLib8Gg3Nb9GuytypnGkVctZTXn1OXn00PeGnQLT5xQeMT4ICJEW9iW6YJ0RgIWKmmmTskr8wOk8d44FiM7E-pqnzXronGBBaTFNpKi1AsH_GMHd-EkwlGGJBuPui-q46Uod7TvaMoTP3trw3UNVmsYhTtaQCNtPGGmQVPoZif8GAauf4wKZNOqjadulp9rujpuf7ZyUMRzMtd7M_NKsmFF2ern5NboLGEBXQfOqGOZv7quX3gVfOh-renEmCw_KmDKDKXDvb_UI6Z0kZK0FB0W2gK1ZIClIkSjS2kAG6tYEAESZs456pxtRpPwBDoyRoqB2DL59N20bH5G7-2Tv-BiL5qLTWGu9l1WA7JHolIbc733OBtwdEfUv1GflMhE_B1nldc4XZLOSiOAs7VqHlqlGSnswLFkRiDI5kWeIK-8ypDOo8Km6ROV2OfNCUrqgKx5P7NLXY9xwcZxWKrD-mb7-4S0UY_ZtIDAEGdfkwweY5_M1IzbvNxcDRXRWP-mrtvYW-uRRT9sjORgRemyZTglRa9yAaKZqeX0PyZIM7WHxWId_O0rbjqTzrloEH4dxMIKJWDoSRXeXhGBrtx6MK4A3GcJWZjcNtSeK-63714je4Eo4IQ0AyhTtlFiNvw-oCrrpx1qRRPFS3W_cImOYl9_cBN1pghC7AoCTK8d9WTcmEc3dcBjRvlb-tjIlogrs2lcHw_2epTtlXFlapORRHafUT0zknSUS5SNfC6qE3iSaKlY3YPbMqbp19WoLnUSNoWQDSWkV67pBczF20Hhl-JyVq9xQPQBtpPfB9DfyFuXJSIOC4kPsut1upvHFvg5CRzAyB1-_qSgxud5HTc_FpxNPA4u0VRJAQVnKh-BGwS_Expsy8252UBoQVYZw51cKDtasit6apCmh6zP3PlnjSSp66mOepbE8XJ_W4Y_yp4oQLOpscKR6WB3QDa7dcsD3Z87GnIEXAS7SkYGl8hSffmS9qoIHiOxlAc07twyvAx6pRfzw9mjclZokMo-cwM-EqDBjMLDxW6YdIP-W3ZAvnrOw2gLqE9BEBtRLeSJykD-e3F57X5OcrJrxxQzvb58_K0R2RXHJde-AV6eOa23ZBtiARkm61nnHyNYUPcmlacGfS_Fz3MqyZ79mAe13LuFoBSR8P2ruFFIFFaBdxJa7eNTU1zKceX97S6rHEkkv_wmntrr_oAkd09RXGOhIfA-VX_P2kBPrzs3v5YBZNvS9C-MlxSo74pGZWBd70BFk_6r_VN-IKIWynoH9NyroUUTO4FJ100d-wNsAdlgkXcT-5449XLL62bkK8OxKM_GDSdrbuF8rq5AfR30qllorvJl9A3LwIHXgyWQ5fMhJQl0ne_auuEAI3jL_NsLskHRUwT0Y4mkCay1Q0nTeZJJ4wEuUpiCX5hVoFAr9ZZdNpTuGuLZ3Dm9sNUN5l7z_1EdT01tjJuXi6XawMrr3YdqtatQFmDaUpILoooE2aTlW4YwafWBMty7PCFugFq4eJ358F8YAoWSdJNLveBH81nCiRGGLmgYPoG8ZbAdewtB8crCePq5wbzSvWE0lmR351ku36iYASPRaC7sW6mcDpx-Tw3f2Ux1Aqj9XkQX5ZFoFSyAOlkPEI3Qxr9KJhgGgz9qhWaCEaXfh8s_DTjL7ZxjxmPlYVPsLVeYiTTBCg6Ta4H2ssuXhW-0hki_FBkaMrOOvCXxbFn-0_Nb14IfPKxs02xgSRWwpQ4pSIdO3aEe-D7gPw0NAp4gbwmj-ee0XQ_0OlRefEkKPaXqqd-AjybRZ0edzclsXrVXgwa8_D7UksT_BfPMIgTI-qYw9M15-S2DhkW-My9BlZQMTvA1srOO_Yeb1LBzTiIeZiGma4q2Ep3WN6HNqRSbx5ioHyew7Yw1hVF-s9JJvwWOtzS2e5fTUzF6lh4NMw_fvNdVDJiymAPGMaGJ3oloZ_4fgNz-bRHLNmmAkoJA_1YHSvWizOT_gfs-AUcEwChPQyCmfK7hZbrEM1d0HHVTylHDUXcBmWKsGWwts-pImv9lktK26BNy-rj_zBDzEZENxow2igWp7vtdeemCijTz54CTlmkA_Wwa9PtAvgzlfP_4amqNeVcbNBN0WqelY8lxgUhdI7TgbEyMnvSACyJ5u1iJe3fBaLOhlRgQX-J0sNMBso6TbRBLMAIkgyt4P8gJtnqt0cTLF-6cEwrEBBenJPytKQgoS8HcYx0RFNqrAVX2HGoBi2xWyBCeORM2vcYCxLhVpK-AZb1pnAu0h7TLXckFWln_6Fgrbc0EB_YziNKvtwZ3xPpLYjXWFR5vjMnpLAeo-Eyr8guXYkFx-iJ4li6SJiWPphjPyLnpf60-xlGT5Ixlf2OiSL43N0fMQfSPAeG4BP0GpH9nEpn9RX22omaOIxweGXGXJ8rQpVUuI6Nl10m26ledjgNDdjRmQZZwH39IOk8TyBPnjcdtBEwt5_qHiWcoSDTzlBxotQq2Z04i7zpcPVxputV6L_AwUy6owPC_4NDJXGQT25Iy8gUjCqLZLQsvBDCzOo31zvJCDPG0duY2vWZ1PYesm-oExUxAvlwxn5tDuuMrNZsDd_GQbhs06-7cncL_u7BlYYrttNp20Hm_geHVgL46omSlnOWcexFfQ5WMtOnP5fmzJhr6MK3Tj1-Oc5kceOf3HrERZwb6S44GulYKh0Hj8e6w4MtU1ASZ3UiaKmTO2SVZkvKzUc2Knj6ZV2KuBPPmtZQ6ffWZXEyLumfvygK0ZnnlV4GNttwmbRC5JbxrrYogI19D9OC3HZFrwAogx7_xuy1KuAfMBuU9gy9QMQ2Fu1mHJ5Bk3hyr1UN1dEsDQLUicFzP-FXuMUxcSeNtwvwRBOVox-Y91W4JaVfwo6gbW-ZpIrYLo60Uw-MV1OL48f96qmmq1bBMQzv55ofMPMUUj4Si6pXREeZZ8YWOi_7evgDebxN58_PTXH847UAVhNq2zqUl8cZVqsb9kKkePsurdS6NAqdtGzua6OrY8oqQMEtvm3vxISw95y2hF-flBh9BPmAmIbGeuvFXJXm8DcrqJRWCW96UzpSR3ZyD-gm1UPAPJT0_mj1FNCdLIhiTU7qmXzCPeEEvQHGN9vchGmOwAj0wm2JaQqiPRQ3mfBNlhoKPcuZ0bzYVfaWdCK4WI5d71j6dBDOBuCIHvtBraYS-dt19TduSOyttUw0PrZKJYXbET-6XAcm27egpr5D_mhyKL2Vh0ytz-E0jh9cpi5nCWM9iHBmSgWlcrkTzd77wukjVMA-Z6vXWYWgK5kZ_ZsAd8cvyVTMqa8-6uRJJLPPOTB9r1ocywch4Tbb_0OXHy4HH4RGc88FNnk_1YuCGY4aKMQOa2wOnttdeXS4uwwj1gsOD4guJYBhQ7v0qrWlautS-JjhG2tr30nyK3mQ34t2AU7mB7uPaliKmfljczaLC-8c3HWHOoulFO_1eOwNHEHD_uFUjgqPg4chsTaXmlutczuJq924NXOli6_009foct6n39uFL9fSPcorN1YzMhjqBEvAPlwA43Y7YdSbU_0C92T04oojSj8BNbD5YIJ67NKDqfmONyFjr-tQ_PnQ7Ml7IMcI4tsc0ek5ChsKv562qziS276RarcqJZVPApooTxHzoDy2dFlMCv_iVgS2a8bvFJaHblkSq0Vq6LxUIx1iZaMoj6ROQXyj7PRPGX7SoT8kLxxjKGojfzpdk9_DYEBACHmV3LuXM7ilKujd0tTEwTBhPBd4YXqQrTSUzPaBqwNXSF2UFoYQHcVtPEOtFIgXJTM_wdgjU5vDwQgbq4EsGApJKGJax89PxmiEEr21qub-MEiCldJp06pRnImueWohYKVnsCM2-pyhQbmGgnPLER1dHcRH3om4xYHgrkg89qo5BCJEt4HQWlYHjSFM0JeW73mCjFDgrNwrN2I48cjbh0pDP_MJbF1H96OJ4FmzWnsRYHM8_uXrCbIyOfd8DL_cSAlIKEtR7LFDuOvvND_UpkBhsmObuzYbU8KjGm0emRSf4c4WKLxRmRGsnbwUbtMjKX0aU0UO9A-aSJUSITPAmcuKcgIWNtFcc2ZC7OS5vdob7o-mbLJ5CPi3kRLUOiFQdQ-BhchU7v474neTKZNGFuGf1XrXHSOYhMw4oI6nOhqRuSbekML7De9VZLlQPTgVWhjguJQOccEd88CIHnPGWnxKjRJARm5LdhOtFUp62KEZc0oX7bs2_BVjnzdaLQyttatcZHVYH-LW2v5hkDWJ9-4vLbWx87Mpu-fYIPQXnuHa44qAHAyEuL-EJRoWyNTQ7hfoBZagxG9Zv2ZQQAVo-XJOG64BKbn9--5miq72KmxrrIKSXd9JrUoKca4gYOAfVuOLIcNzGfWKmZCCCThvidj1qRLWbvZlcAj74y3_9-xrg9N-pFyKerlZOxHDwnlvR_lDRVfAaQwgIZ?signature=XWFt-7JNJUf9TvARaSArOA&clientParams=eyJpZGVudGl0eVRyYWNraW5nIjp7InN0YXR1cyI6InN1Y2Nlc3MiLCJ0aW1lIjo5NywiZGF0YSI6eyJpZCI6bnVsbH19fQ%3D%3D
Requested by: Host: ads.celtra.com
URL: https://ads.celtra.com/5feb638a/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu56bNRq0cTKVQKOhsiWNn6zTels0JRYsNi7_MuZ8jRP73PvKIG6xH0om3hCANDVrC9viEhfPgoQd8a_B9blwU_dCN8tWLfQXOU_Rq93sz6vE2pfj45fJQuos4ndpnJNU5RCHFGqw0E-0cZ27QEbciU3uotTH_Hv3m7VTnziPvfIW7PYzLt6ODdv842dX1gzFcc3qc7_epbDY3G3egpBOnzs2BEJJtdLMmr5uoUedoccl190AJktVKSeUCqO6qPNuOpB_oYzy8KsoSCNwDJRa1PrhmfPT-ZswMa0HLY4cQc5ps7KHzaNXB263S5hjsdYBzYAWGPWgK23QeZlLOe6a8PfgHdP7uJVadTRWpJNw41e8S_2odxCIMlS9iWP02nE5W4deEoo7ixmJ2OszqjDkDqdCn9AQ7d01BgoYitWpvl_T8XkIYlLslBxfXy3oL4OhRUEMSJQkxclZniHSPXNsD5Se2_mt49rqbsZov_2FoZ5qUTdcBwnYxGy-xnTtGV_iNgYxpoD7QXbzdGcsy_8AzlmV6g0O18aa0UJE8yIgTglts8PiAG8e36o8yA57x3LapA8dC7PU7SRwT2eDoDbh_XlJCGAKrtnLIT5YHC5WpO-nEpiooWw-O-O9nZw63iZnQ0Ho-ovQBWTtAvm2jIH_8T_Rlg1HUnwFrqlD3qOt5aRZzU5StQe12j0gfyte8fOMaQR9dwVo0FhiqMsfIbUHQKgoGFZ1pg1BoZjPgl8-pwPmfiHxPTgNZs1ONud6_4g2lZa4-efE4O4mhKsmJsjTYhU3jd2lKdwBuyvEIAiAIZR7oKHTPn2GCSL2J7agp79Gp2snKCN6CXHz-ke4DASBml0BnCT9PPAH3gDwWMsR2Wec_WTOv0gwo6ir74YTu9X5GrQD-eyz5kylQCElTOBepEY_timNKLrHrf-Rens4HQLxZzEO8dxYyvANvjzYOqRSgHIfdD7SfoDbfJodpZdThxtS6BRiElRp2D_ly41ThisRVuiUP2F0thHXXEc6bbGod30IvJouecd1POizHibKXov8kgBz-DyPvzZM2Ew8dx1KJN1Qzq3qmXM-5qjfinEwPfP2zwU7WX1hOuH8qrqGwfkuTyLBE_A4RTgpU8UEml6m4F4hzmxffxxUztbCB6noFa9rX8wAEOI8TdRR285kVp-_mHlD99omHIyVw%26sai%3DAMfl-YT07G9wb0Wr-EawwiRPXyEC54yJmMrm1gjO6orOwLL6-KGaoRu4fxPYPVRN2yIWERsp1QOXZ3keoxWEFtpRrv0KmD_r25tK0bi_Dpuc8uORNtgnxnOtgIuqT6A0_xXH2gYYGABro8_YL1XjB4v1QcXRE71fa8GgI2lsTIguDuK8KVWrUh7ZjiOxot9XVzAHd3HFFs4ACMT724lZZeqcq5hDfDRyBAfYAqpteW16lU6QGEmbTGufsmiYYfgAWzq2ZBUeVe9BdhB9KawIq0plf8NE2QYeiwiqxg%26sig%3DCg0ArKJSzG5-rY-VpVtUEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&preferredClickThroughWindow=new&clickEvent=advertiser&externalAdServer=DCM&tagVersion=html-standard-7&eas.JWVjaWQh=179216930&externalCreativeId=179216930&externalPlacementId=347806802&externalSiteId=5056234&externalLineItemId=539319740&externalCampaignId=28402807&externalCreativeSize=728x90&externalUserId=0&externalDestinationUrl=https%3A%2F%2Fwww.adidas.sk%2Foriginals%3Fcm_mmc%3DAdiDisplay_DV360-_-CrossCategory-_-OE-_-Banner-_-Banner-_-dv%3AeCOM-_-cn%3AAlwaysOn_MidFunnel-_-pc%3ACrossCategory%26cm_mmc1%3DSK%26cm_mmc2%3Dadidas-EMEA-eCOM-Display-CrossCategory-Prospecting-SK-AlwaysOn-2201-00052-NA-Programmatic-MidFunnel%26dclid%3D%25edclid!&scriptId=celtra-script-1&clientTimestamp=1666036384.674&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=6778971796190185
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.29.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-29-79.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: f9162735c234a7f8fb0b5c2e84d8ccd1e66444a5672dabb41ec18cffcdd2d7db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 19:53:04 GMT
content-encoding: gzip
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 6423
Expires: 0

GET
H/1.1 200
OK w4qma5wstYL7fLMxeHUDugWkMTtuBynHRXr0EpuxhiEaVry5iCHz5H3HEc0dQH25DoJgCwYP2bm7jZ4-rMm6wpN-KFU-Yc2UVUSJ6huRqCyPuQhoHtyO-1efg8B5UKPiW6SznLrFno2GQgostPeZ3kC3qhTgnunSpXaSlznTP3eRCfvYx9GUjgVynPehe4-mMys8l... Show response
ads.celtra.com/continue/ Frame 6695 20 KB
7 KB 29ms
28ms Script
application/javascript 3.120.29.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.celtra.com/continue/w4qma5wstYL7fLMxeHUDugWkMTtuBynHRXr0EpuxhiEaVry5iCHz5H3HEc0dQH25DoJgCwYP2bm7jZ4-rMm6wpN-KFU-Yc2UVUSJ6huRqCyPuQhoHtyO-1efg8B5UKPiW6SznLrFno2GQgostPeZ3kC3qhTgnunSpXaSlznTP3eRCfvYx9GUjgVynPehe4-mMys8lJqYO3IHZDpRcNoMOX-e7JxYEjSgLAD3PSD2CfVACmwRIj_huudGpyMaIO3RvutZ7mlXI5Dml0Not4DiALOIw9xgEP-S7IRG86_OkVYn8RLKsKrxOISYFDAK3-cVaToVhZg0R5q9GGWrfGRT5wmlD4-n2qWH0wXynkK-2E2AJaJObGDwvNjJf0uTCBXEKZwR5OoadlqqsuSMvX9K_AjSSx61RHwa8NxdikOco0PNytYdpBwy10m3Me4SZhpfoSDuq72WMgbn_-fzw1ENejjVOKoBP-ta-1NUY_FvLWSTdm7leRRcrByrSgX-y5w6wapAUeYE_OV4CHiT_gnv7JnI0Gf-I9r1J7AhSMTQwupq0InZQLZSUEosGxxYHky4kAtEZ0BcNxOvdIjG2UoRLt6nQhEBHT54b0X7qdKTU4_F-kEp8Am8usKVZpY5neFVshHznlWuhJzAqogb7efue13xhNyzD-5BVIvKuCov3xE8X8fxe4CGwJ79o8fJ2_pfW_5cBPhfNqseakfab34GmwGflIhfTnndqb_zPZi--SQoLqhYEeUitYQge_q7RWeBJ_-eH2D08Z1iu8bU1yeszwtVsF4bYdHWgWN96hqqP6Fw1MN652ogWtzB0YBLL-CF6oL9lyU64MHCklgo16K7Dqwl5sYpSiCt5izcj-RuulN0l62jShJA-Sf_OHJgQOjuDGnxGRaYR2OY0GhEKL0LEDrjOkzNF8uqiQLlScTwNMe2qx8dyaDFsVWRCfWGxVMBh6Y5hNvO9Ix-MSo0jNwGkFdKgaeyG0H2GtA5DTrOQM6xHDduVUZUX1JiY0KzWXm7ZL9zyrSKqWStekHsf_0921Jn66MfE9RWT8Z2o9rmwZZS-UYT2vbCjx94AyYm1J5drCrZqKewnxQGWiEpdRGJfnEgdPZ7RxftUpOLaYZNYtKLwABa4XJFca-YLC-vIYcVpqcQ2MZ_ys-HG1R6sf0t5ihvAWtV-ZNoRK2G66j-aVFtcsdF95K-ilGVSf_SlG7wqZFkMgP289LPKJRXPc91oTbAVOaSzzmHRmOVjAGtFYnXBpDdSMwH_M8K-cnbRJa0FdrB_k3ZMqrV0vMlDCH4RImsnMy9LnStBuCkIQKmB5KMGPW3AF5h9tqFyM5Wc-7PyU-evTaLnZFKfKnG8lx8tvzxET9f738W-Hif6rSc5GVh8xHJcxjLVZWSZ-0k25sa53cVlnbyyb_Ze7gFslcBTr2VnVePq0TwBrw8uAoas5wMx35E-hFAwDXNIANBxIftKA33zFRAauhN1Mdma4vH5Rgb4OlhQl4rlP-ZbiRv7DD0iK1JPnyqoxZaIz-2a59L8HqYISYyUWyWCX5vlbkenCdjaYssYQs5zRhZUDX4C4wjgMpLatFML9oqLPZT6DPI1sPz4bRkQfsFYWfBMrGuHlofo4lqb0lblcXgECPYE8g0cNh82ZPfzvYeXG0tIsTNo8KX0yirGCjS4mEdRmuH_-nHdHVW0L72aIeVzEdj-LPthchlP93lWO3X2Uh7c_BXTHo0_BnH-d4FO-cYmcGNGJMLwU3IGoQ-FKT3SnG20yfwz-A_XZg74XUxDq39R6KZWmz2zcxgrRSy9Cvi_x6B9K4lm_j75Ff7o-4HRxSlLpHyPx3Hw2tH4m7-XzxMDncrqwvdWdNwmKBUepauigXnK3ntXYMZqKxNQneilrD-bmk_HvpDousoJ-J5qmFHE9M6LlcdYhyhf7gpzHGTmmeWfACzIB9rQmoX5iHYfhZbMGQei6qYzDznSKnmyoK1pg5geY7RJafk1FdVk8MRM2jnpqAz9FHtv3ia8LlXJoE-NhoIRLmvFtMbrvfrG9h_tbLnHIQOES77h9B0YcS49QAbaAxhHAcn0kjCttqc9hYb_dPyln-BWnCxcVzNwUuP6JlxM0YPiDkH9oZAiYzkKpQvnuCxwTakAdrswtW1M2Qhh6gcLKXDKCNHYNOH2ZEUxykyupn-c1W8pFKEvL0o4d2SDzWTTaxYuW0ThR8AzYi_aB2rtbRWpBKMJoD3PVDD5CIzoIn5s8OCSZlaB3SlX1srwguGrQEHFvqXThw5pELxz04AjezK-ihf3DqWXrbVhzF22WSnD0S_-DgnFsWOPniIBxOtaeKStXq9w9DVO9k2jWuuxgjZ28o5X4o1CcS1EqVhFWRBD_OYt_GBvFNHQMi6C7c3d3m_5lSRDZTHdT3ZmF7Jer8BMFoc-r1OxDNFRhyht1MykF2InF7PSXEptVLnQCrBohLatQdsxrM6wtAwZyONDm_3JvuSF9AI4tB4S0_GV0BzawqGu2C2CuiAGM-kAzWauu4PnD9voK18lmRMcE2cA4kRMsd4s7adl9c5Jxd_vDSE4hR7GITyZlzheYRQOmPq_2ZcApKlc2P_NVdKVSmWb9uGoQZzN7KjqMEA3tjBP4IVQ_o3uVE_uY82kOTl2dfEvGd-NObg6A32JoQvKf6D2FQmFbcY4kejqFN9CZ0sagjH9zVn-AYL2WGWtjDpA61RVrmXAP7SayeC9gDKt-ohG87jTzOCrfo69PaPUWSLhoFvJwlON5fqtoiDnF7G4QuyuL6nzrL3wKk2jZQeFPwyRkQt-yuArL6VQMHCvwkL75YR9kJD8A1a43WVQRFSlBqngWz4Ghh0FQtL3hS8Tr7VCkEdvgrRFiXXPchZpZVF9UWOMIvFWbc0wIokXmrd2kF1kEOfB0iG3VUVdY2lZ8gmKesYkGQsIboVQs84YtocBBFcfbw1pYJkjFeHcw1wjqdvs9UPOhupgDy1blLcp-V-r2AKC99xC1P4x5bMEETXImnO8MWaRrcHDakEEw_hRAGhGNdjRi7bT0SMPYxrKQEz4IQJ3yjXeCQI16ebQ2CHc663NhCkxODGjeGudHGmS6rgUBByNqptg6DEizJ6WnSOT11nTKxlWP3op3Jsp0XMleVqgekUpWs3jlk1WgsYP1q0-3PhukFZ9a8zzELbmIB6Gz1Ix4vDE8gpqMpx-vjw3TEwRjHUE99RWYVDHP_0RulreSOpEAdtVMQ__og12vN4FSJy9_G1a9_d3CTfaWq93CCteyu_X3G-ONKbmtJDRqUT55xgTIdyllvaf2EhPM6AZI6TGkdNIK8jgpHNQex5m71wblxbmFnISRrZ_Jys3iSEifqkqj6nGOnvKCroEhDse5a7AtYZSEM08205-1A7whwwdwPDVhhWI2I0daLRsbGGC4B8fCQVn-BFPCqNU7Tbs7ECJZTmpuEaxygu50a8CjTdfjj4NkkOYhC3XUUgD0G8VDU_NIuOu9OOPxMjfraW010FqJk1tFpZGdkpU5aKmakJBJaAk-5f2VjzidKe5gyaLmmpjvFTalmqnk_Z1nTeZK1WldTT9NYg5Zr4a750CfkVYbA9Au5geC6RHFMmGbEo0r9CfU9G8MnkBm-bkJBJzxydvewaRPrNurX3cSkRTOckm-4Qhm1k3fRUJLTlMEtQpbYib4Kt6Gf78peVpgxz7uFodZm9oTTWVGx9VVflQ__uEfuTgWzeynpMvNzLLtE0HPI0EADYRNk72tofw1vuTjmTYWtKDX4bnJzCfHzv_k2HOkH1Yd0r8CwxvS9Yt-lpm7xiKDSEHEC2A-fxeIc18202nPRFK2xqjKDb-DRLy2uisAJz-7XHzyp-cFy_EAnkcTebEyY3PfLLykIa0ty3NFvr_d3fH9c88HjjODW03zMmDl8ATsMHMDSBRI9yd94PwbUW6yb9x1PW7e2kTIajgSFFRfyOzty88gwE47Vhllj8Ab4Qz7CaA1VMyNTtIiVhvHOxS46STc_MjrIw6SVm0fQiWD63SwCFCOhi_TyxEpNu1LO-0ZsKNWOX9ZVm6Jarw9FXXShpW5WOt9pySXG9IG8zhP_q06xbMjTdovNyrv90EVY4fBNtEijfhokxBnOo9L-t8aVO1mzgR2H3bhI_54QKUBMg6auFdBZ30rF-G75frOm55xfjL9CjTshY751nsZ8gz0BPl83NxtKfYyJS0SN6Bp6nxxtwnmWdUJo5IULWxpJl_Q6qE-mKABb1E576tcTx6bixBQXnmlJZqiQzgab1WqCFavkUeE7Yn_3EsB7EDdhVA53LJEg_LWy2mtkduVxd9FpH1nhdgZpTj8lnIS30gJjkCaFHHKgjcB1oZsVH3qhNgN6zzRIkswWOwRNEf4AqEtrzIRmX_wgJqH7o7J7Q_kO2zE2MsU54fI3lWHTaNeHkyAymSonFpyOiBAWlgtunGMHHUZsgLLXD6WkxrzJBofHqdTIy-otZPaOxyyKi2CcGZSKerHUBtr9m8y5qdKjhlkSZrPvdsIvQZrVmpJni-znM_Rkno46EANfqWKPNsRVE8ZEUqXQAym-7j7hnPJy3j_WKON6206xRN2mn8rXd7pcN2z2-BWNstGEt24CvvTV6I7pUUgOHJaLjxPxQoQXm4meo_5_Dx0b4dVKGR6NRfpidDVQfuUKhEmJsGHlOQXE9m92q1Dy2DgzIKS7l0FwgqA6_jG_wmp9hBlD7jGXeQdZnCH0YcroiKPNKiA1XqxYtSkFkDqqHsspByl2pI7Zr4BD3Ip3pQP182QB2L3cJk8_-QzUwOx1sZtFyPDb4VPtjz-X8ZfzqZI9gO4qUhTsmdikjamVSRev7e6hS1fh5ChxYawXJu7ADONhIzaSf_zViqXsuFMlmIeRcftRrTxGLKj7WEOpCWaE6AoGWRT-N4f2JDikPTp4Bn0su8opBEnUj9WUSGgIJxA5mr6qzyM5WX04cf_CAM1KAGXT4l4UnuJvf1fvxrKR9TgVOAt8yOxpqYqg15mltARJahM1bOdM_bHH8yKq1BvdA5Lsr3j0-sgNE5FI1Nmj26tprHYNZgfN1EpydbmDl9tvpGnnyH8fQh-QF0cxv35WDrGqQB8v0YpMCO_29vkdlGb9aeqpk_ZZUpXDMet4j27DHjq6ksfUJgR-FsFDDSGR-KmyMF6rKdAhtBYO7BOIp2YgZU6hYKxJcKL-doQqlWRuQHTvLYVS8p6P0wGwT3oSXCo5HEHddFuNLQGkOWF0A6y92gWA9W088tB5aTrM?signature=vTxttDWSo6l0fnLkzYgGNA&clientParams=eyJpZGVudGl0eVRyYWNraW5nIjp7InN0YXR1cyI6InN1Y2Nlc3MiLCJ0aW1lIjo5NywiZGF0YSI6eyJpZCI6bnVsbH19fQ%3D%3D
Requested by: Host: ads.celtra.com
URL: https://ads.celtra.com/d44bccfa/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv8hTTX2FxqTdR8uIlmJwXail3fXCIUs5ifG8ayLLEMCkTuwFuzmdGsGnsTxlamdWJL1QzynBd2zPw7XBJM_1lZNHk2Qy-O3jPJtSSF2BatdThBaqdeAgqmJL3YVn7tDYVELt3EDaCLTLufkvk2HHMN4H_eFpTKd74kNFSdM5ulTt4EPaTiliR6LDK2DWfCx2JTYNqjvl0gocje0dhVEZRDFLIihywy0BjpgwVCZxLwnW7PpgU8vp75h_arfQeiE9qYf9hO4OWi65kGVzCsWamPnXuy9x7pUH46r_HP70y6eVruZVT82NOEA9EOUVWsNLOn7Z31eCjuVsw7l2xvesSdiAeDzlrzduxH2eFDhg6rdDoV3Uw5o_YneZfy-2VbJV_cMgdFuFxoiMUAW-NjYf_BHy8GQ_uXsOXjCiODm7sNQnp3oHQ_bLa0xL46UHY08keYeMuhRZVVvDx-7ohgn9SteUqAMebuErMgH5aXYgZF-QjjEV3uX6yKd73k3lFMnqjsgtawzihe7nVnN_qYc3BePrcfhxh66juDInl5WbVv2Uj4JegBAgYy0EE8fDfVKLEUzdxLwzz_0juFQfB-xY9orTfAiyXMAUyDepJhwsygKNtCxOqO3jXbF43TFk5w1-ZuuzINj0gPLRkfPFHXbBw-ZQlkIZr_u6cVQR-wImYdQL_Na-fPjOV_ul9KdSU0YYix6Eg6IJ0nqlTEsjLQ7gQGIccJxiTLaTWy7MbP7xu2uoNIYqq2GOvxeTwO6mWMqOaw_fUIha7uvH8Ywt9aHa2mdlwfY6ybLH5cLKoY25KrjVxQXL813hpeD8VI_T03wU4VflRnjokx4I_HR2Ht0RSnf4O5pKh_J-qQzhl7tj6Hd2GLN2fwA9f6qAVF4IrL1KDR1aeCJD_dMlAdxkZTwk9yxV53JNTo2HGecyvRKQZXvjbtjMffEs2eh0weIHvF5tPd3QPzKjzhkh6hwwO4C9XEdVy1bslUCA6agy4_ejZZ1aox_XGzVsjE3SlCSQOfLgsRGUGKEgXTTtLa-sSAn1z2m3YEKmU-lsqABvGAD9TwcGDxj-LtVt_9NgtHgO_WSapsfeiFyeCBacAUuoNUJ8ewZVJW_STwQ8Z7HWYxeuERweHfFEwyuC0wrfXmf6EkBRKgjGD-79v4iZher5Z4XIZrqdCOHZtwog8j95BOA3c07Ut7Tg%26sai%3DAMfl-YTKtT4BzESPDtGaF4kICb7qtt8KQSrtALWO9qHufBuW2pF9C2a8A57_N2JH2odK90dmfFd_QMcdC1t8VRB8DkU2zk37V6wGHKQWMHPrhxBqgykneqwTMgNx7qTNY0x-u7chLBdcdQ7t4NBZa3hr7LtHKWDC561W-Yy8870d0jk3wUi9CyXIB0SSl4o49WxQiEcXIM9TQbgPDyEpfM0y1MxIlW2_ygieu_tfE5bvw1cMRg_bohznnTB4YlWuMZSqSoH_fcDHQKnBZ8lK6VVDMouWF6PODcPuAQ%26sig%3DCg0ArKJSzOKPkf9ERsn2EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&preferredClickThroughWindow=new&clickEvent=advertiser&externalAdServer=DCM&tagVersion=html-standard-7&eas.JWVjaWQh=179219009&externalCreativeId=179219009&externalPlacementId=348106347&externalSiteId=5056234&externalLineItemId=539319770&externalCampaignId=28402807&externalCreativeSize=300x250&externalUserId=0&externalDestinationUrl=https%3A%2F%2Fwww.adidas.sk%2Foriginals%3Fcm_mmc%3DAdiDisplay_DV360-_-CrossCategory-_-OE-_-Banner-_-Banner-_-dv%3AeCOM-_-cn%3AAlwaysOn_MidFunnel-_-pc%3ACrossCategory%26cm_mmc1%3DSK%26cm_mmc2%3Dadidas-EMEA-eCOM-Display-CrossCategory-Prospecting-SK-AlwaysOn-2201-00052-NA-Programmatic-MidFunnel%26dclid%3D%25edclid!&scriptId=celtra-script-1&clientTimestamp=1666036384.697&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=4566966418211471
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.29.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-29-79.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: be637ea21f7bef12f88e1eb02937667793201d0ed8ea73ad824b35d6152a37c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 19:53:04 GMT
content-encoding: gzip
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 6472
Expires: 0

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/ 92 KB
32 KB 70ms
19ms Script
application/javascript 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/ast.js
Requested by: Host: dashboard.ideanetwork.site
URL: https://dashboard.ideanetwork.site/js/Footer/Yallakora/Footer.js?ver=0.4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 90352cd429fceb3b816c9418248ab076c32d27239cc9bdf453287b07c952fe93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires: Tue, 18 Oct 2022 12:32:40 GMT
Date: Mon, 17 Oct 2022 19:53:04 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 26426
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 32131
X-Served-By: cache-lga21942-LGA, cache-hhn4050-HHN
Last-Modified: Mon, 17 Oct 2022 12:28:46 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1666036385.999252,VS0,VE0
ETag: W/"634d4a7e-16e64"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 18, 15405

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-232068335-1&l=INdata

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDSNZ8M

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2323fd6619df5e6ab4def7d7660caebf683ab33c51d9a391827d3bab30d3354e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42395
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 Oct 2022 19:53:04 GMT

GET
H2 200 web.js Show response
cache-ssl.celtra.com/api/creatives/7e4dc96f/compiled/ Frame 6695 500 KB
123 KB 148ms
67ms Script
application/javascript 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/creatives/7e4dc96f/compiled/web.js?v=3-99d7afd5c5&secure=1&cachedVariantChoices=W10-&isPurposePreview=0&eventMetadataExperiment=newMeta&inmobi=0&batch-trackers-enabled=1
Requested by: Host: ads.celtra.com
URL: https://ads.celtra.com/continue/w4qma5wstYL7fLMxeHUDugWkMTtuBynHRXr0EpuxhiEaVry5iCHz5H3HEc0dQH25DoJgCwYP2bm7jZ4-rMm6wpN-KFU-Yc2UVUSJ6huRqCyPuQhoHtyO-1efg8B5UKPiW6SznLrFno2GQgostPeZ3kC3qhTgnunSpXaSlznTP3eRCfvYx9GUjgVynPehe4-mMys8lJqYO3IHZDpRcNoMOX-e7JxYEjSgLAD3PSD2CfVACmwRIj_huudGpyMaIO3RvutZ7mlXI5Dml0Not4DiALOIw9xgEP-S7IRG86_OkVYn8RLKsKrxOISYFDAK3-cVaToVhZg0R5q9GGWrfGRT5wmlD4-n2qWH0wXynkK-2E2AJaJObGDwvNjJf0uTCBXEKZwR5OoadlqqsuSMvX9K_AjSSx61RHwa8NxdikOco0PNytYdpBwy10m3Me4SZhpfoSDuq72WMgbn_-fzw1ENejjVOKoBP-ta-1NUY_FvLWSTdm7leRRcrByrSgX-y5w6wapAUeYE_OV4CHiT_gnv7JnI0Gf-I9r1J7AhSMTQwupq0InZQLZSUEosGxxYHky4kAtEZ0BcNxOvdIjG2UoRLt6nQhEBHT54b0X7qdKTU4_F-kEp8Am8usKVZpY5neFVshHznlWuhJzAqogb7efue13xhNyzD-5BVIvKuCov3xE8X8fxe4CGwJ79o8fJ2_pfW_5cBPhfNqseakfab34GmwGflIhfTnndqb_zPZi--SQoLqhYEeUitYQge_q7RWeBJ_-eH2D08Z1iu8bU1yeszwtVsF4bYdHWgWN96hqqP6Fw1MN652ogWtzB0YBLL-CF6oL9lyU64MHCklgo16K7Dqwl5sYpSiCt5izcj-RuulN0l62jShJA-Sf_OHJgQOjuDGnxGRaYR2OY0GhEKL0LEDrjOkzNF8uqiQLlScTwNMe2qx8dyaDFsVWRCfWGxVMBh6Y5hNvO9Ix-MSo0jNwGkFdKgaeyG0H2GtA5DTrOQM6xHDduVUZUX1JiY0KzWXm7ZL9zyrSKqWStekHsf_0921Jn66MfE9RWT8Z2o9rmwZZS-UYT2vbCjx94AyYm1J5drCrZqKewnxQGWiEpdRGJfnEgdPZ7RxftUpOLaYZNYtKLwABa4XJFca-YLC-vIYcVpqcQ2MZ_ys-HG1R6sf0t5ihvAWtV-ZNoRK2G66j-aVFtcsdF95K-ilGVSf_SlG7wqZFkMgP289LPKJRXPc91oTbAVOaSzzmHRmOVjAGtFYnXBpDdSMwH_M8K-cnbRJa0FdrB_k3ZMqrV0vMlDCH4RImsnMy9LnStBuCkIQKmB5KMGPW3AF5h9tqFyM5Wc-7PyU-evTaLnZFKfKnG8lx8tvzxET9f738W-Hif6rSc5GVh8xHJcxjLVZWSZ-0k25sa53cVlnbyyb_Ze7gFslcBTr2VnVePq0TwBrw8uAoas5wMx35E-hFAwDXNIANBxIftKA33zFRAauhN1Mdma4vH5Rgb4OlhQl4rlP-ZbiRv7DD0iK1JPnyqoxZaIz-2a59L8HqYISYyUWyWCX5vlbkenCdjaYssYQs5zRhZUDX4C4wjgMpLatFML9oqLPZT6DPI1sPz4bRkQfsFYWfBMrGuHlofo4lqb0lblcXgECPYE8g0cNh82ZPfzvYeXG0tIsTNo8KX0yirGCjS4mEdRmuH_-nHdHVW0L72aIeVzEdj-LPthchlP93lWO3X2Uh7c_BXTHo0_BnH-d4FO-cYmcGNGJMLwU3IGoQ-FKT3SnG20yfwz-A_XZg74XUxDq39R6KZWmz2zcxgrRSy9Cvi_x6B9K4lm_j75Ff7o-4HRxSlLpHyPx3Hw2tH4m7-XzxMDncrqwvdWdNwmKBUepauigXnK3ntXYMZqKxNQneilrD-bmk_HvpDousoJ-J5qmFHE9M6LlcdYhyhf7gpzHGTmmeWfACzIB9rQmoX5iHYfhZbMGQei6qYzDznSKnmyoK1pg5geY7RJafk1FdVk8MRM2jnpqAz9FHtv3ia8LlXJoE-NhoIRLmvFtMbrvfrG9h_tbLnHIQOES77h9B0YcS49QAbaAxhHAcn0kjCttqc9hYb_dPyln-BWnCxcVzNwUuP6JlxM0YPiDkH9oZAiYzkKpQvnuCxwTakAdrswtW1M2Qhh6gcLKXDKCNHYNOH2ZEUxykyupn-c1W8pFKEvL0o4d2SDzWTTaxYuW0ThR8AzYi_aB2rtbRWpBKMJoD3PVDD5CIzoIn5s8OCSZlaB3SlX1srwguGrQEHFvqXThw5pELxz04AjezK-ihf3DqWXrbVhzF22WSnD0S_-DgnFsWOPniIBxOtaeKStXq9w9DVO9k2jWuuxgjZ28o5X4o1CcS1EqVhFWRBD_OYt_GBvFNHQMi6C7c3d3m_5lSRDZTHdT3ZmF7Jer8BMFoc-r1OxDNFRhyht1MykF2InF7PSXEptVLnQCrBohLatQdsxrM6wtAwZyONDm_3JvuSF9AI4tB4S0_GV0BzawqGu2C2CuiAGM-kAzWauu4PnD9voK18lmRMcE2cA4kRMsd4s7adl9c5Jxd_vDSE4hR7GITyZlzheYRQOmPq_2ZcApKlc2P_NVdKVSmWb9uGoQZzN7KjqMEA3tjBP4IVQ_o3uVE_uY82kOTl2dfEvGd-NObg6A32JoQvKf6D2FQmFbcY4kejqFN9CZ0sagjH9zVn-AYL2WGWtjDpA61RVrmXAP7SayeC9gDKt-ohG87jTzOCrfo69PaPUWSLhoFvJwlON5fqtoiDnF7G4QuyuL6nzrL3wKk2jZQeFPwyRkQt-yuArL6VQMHCvwkL75YR9kJD8A1a43WVQRFSlBqngWz4Ghh0FQtL3hS8Tr7VCkEdvgrRFiXXPchZpZVF9UWOMIvFWbc0wIokXmrd2kF1kEOfB0iG3VUVdY2lZ8gmKesYkGQsIboVQs84YtocBBFcfbw1pYJkjFeHcw1wjqdvs9UPOhupgDy1blLcp-V-r2AKC99xC1P4x5bMEETXImnO8MWaRrcHDakEEw_hRAGhGNdjRi7bT0SMPYxrKQEz4IQJ3yjXeCQI16ebQ2CHc663NhCkxODGjeGudHGmS6rgUBByNqptg6DEizJ6WnSOT11nTKxlWP3op3Jsp0XMleVqgekUpWs3jlk1WgsYP1q0-3PhukFZ9a8zzELbmIB6Gz1Ix4vDE8gpqMpx-vjw3TEwRjHUE99RWYVDHP_0RulreSOpEAdtVMQ__og12vN4FSJy9_G1a9_d3CTfaWq93CCteyu_X3G-ONKbmtJDRqUT55xgTIdyllvaf2EhPM6AZI6TGkdNIK8jgpHNQex5m71wblxbmFnISRrZ_Jys3iSEifqkqj6nGOnvKCroEhDse5a7AtYZSEM08205-1A7whwwdwPDVhhWI2I0daLRsbGGC4B8fCQVn-BFPCqNU7Tbs7ECJZTmpuEaxygu50a8CjTdfjj4NkkOYhC3XUUgD0G8VDU_NIuOu9OOPxMjfraW010FqJk1tFpZGdkpU5aKmakJBJaAk-5f2VjzidKe5gyaLmmpjvFTalmqnk_Z1nTeZK1WldTT9NYg5Zr4a750CfkVYbA9Au5geC6RHFMmGbEo0r9CfU9G8MnkBm-bkJBJzxydvewaRPrNurX3cSkRTOckm-4Qhm1k3fRUJLTlMEtQpbYib4Kt6Gf78peVpgxz7uFodZm9oTTWVGx9VVflQ__uEfuTgWzeynpMvNzLLtE0HPI0EADYRNk72tofw1vuTjmTYWtKDX4bnJzCfHzv_k2HOkH1Yd0r8CwxvS9Yt-lpm7xiKDSEHEC2A-fxeIc18202nPRFK2xqjKDb-DRLy2uisAJz-7XHzyp-cFy_EAnkcTebEyY3PfLLykIa0ty3NFvr_d3fH9c88HjjODW03zMmDl8ATsMHMDSBRI9yd94PwbUW6yb9x1PW7e2kTIajgSFFRfyOzty88gwE47Vhllj8Ab4Qz7CaA1VMyNTtIiVhvHOxS46STc_MjrIw6SVm0fQiWD63SwCFCOhi_TyxEpNu1LO-0ZsKNWOX9ZVm6Jarw9FXXShpW5WOt9pySXG9IG8zhP_q06xbMjTdovNyrv90EVY4fBNtEijfhokxBnOo9L-t8aVO1mzgR2H3bhI_54QKUBMg6auFdBZ30rF-G75frOm55xfjL9CjTshY751nsZ8gz0BPl83NxtKfYyJS0SN6Bp6nxxtwnmWdUJo5IULWxpJl_Q6qE-mKABb1E576tcTx6bixBQXnmlJZqiQzgab1WqCFavkUeE7Yn_3EsB7EDdhVA53LJEg_LWy2mtkduVxd9FpH1nhdgZpTj8lnIS30gJjkCaFHHKgjcB1oZsVH3qhNgN6zzRIkswWOwRNEf4AqEtrzIRmX_wgJqH7o7J7Q_kO2zE2MsU54fI3lWHTaNeHkyAymSonFpyOiBAWlgtunGMHHUZsgLLXD6WkxrzJBofHqdTIy-otZPaOxyyKi2CcGZSKerHUBtr9m8y5qdKjhlkSZrPvdsIvQZrVmpJni-znM_Rkno46EANfqWKPNsRVE8ZEUqXQAym-7j7hnPJy3j_WKON6206xRN2mn8rXd7pcN2z2-BWNstGEt24CvvTV6I7pUUgOHJaLjxPxQoQXm4meo_5_Dx0b4dVKGR6NRfpidDVQfuUKhEmJsGHlOQXE9m92q1Dy2DgzIKS7l0FwgqA6_jG_wmp9hBlD7jGXeQdZnCH0YcroiKPNKiA1XqxYtSkFkDqqHsspByl2pI7Zr4BD3Ip3pQP182QB2L3cJk8_-QzUwOx1sZtFyPDb4VPtjz-X8ZfzqZI9gO4qUhTsmdikjamVSRev7e6hS1fh5ChxYawXJu7ADONhIzaSf_zViqXsuFMlmIeRcftRrTxGLKj7WEOpCWaE6AoGWRT-N4f2JDikPTp4Bn0su8opBEnUj9WUSGgIJxA5mr6qzyM5WX04cf_CAM1KAGXT4l4UnuJvf1fvxrKR9TgVOAt8yOxpqYqg15mltARJahM1bOdM_bHH8yKq1BvdA5Lsr3j0-sgNE5FI1Nmj26tprHYNZgfN1EpydbmDl9tvpGnnyH8fQh-QF0cxv35WDrGqQB8v0YpMCO_29vkdlGb9aeqpk_ZZUpXDMet4j27DHjq6ksfUJgR-FsFDDSGR-KmyMF6rKdAhtBYO7BOIp2YgZU6hYKxJcKL-doQqlWRuQHTvLYVS8p6P0wGwT3oSXCo5HEHddFuNLQGkOWF0A6y92gWA9W088tB5aTrM?signature=vTxttDWSo6l0fnLkzYgGNA&clientParams=eyJpZGVudGl0eVRyYWNraW5nIjp7InN0YXR1cyI6InN1Y2Nlc3MiLCJ0aW1lIjo5NywiZGF0YSI6eyJpZCI6bnVsbH19fQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 8846de6b36062db2c0aec7c3b9d8ab54f51b0f971de9bb25fef00ad243c2ef47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:05:44 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.2), 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 384440
x-cache: Hit from cloudfront
content-length: 125299
server: Apache
etag: "45fe3c03e7258b66e0490c859c65c35a753daffd17df0551f1a75c63fc5b9bce"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2228229
accept-ranges: bytes
x-amz-cf-id: Is1q3xkPq0jlRTaItXEFlvg1cTMwkGXUMXk6hbF9JEyZ7KipfgzERA==

GET
DATA 200
OK truncated
/ Frame 6695 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 0e035ecc-7ec2-453e-9955-9e6ef1477a7c
https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/ Frame 6695 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/0e035ecc-7ec2-453e-9955-9e6ef1477a7c
Requested by: Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 167
Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FAA4 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 web.js Show response
cache-ssl.celtra.com/api/creatives/5142cb86/compiled/ Frame FAA4 500 KB
123 KB 101ms
24ms Script
application/javascript 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/creatives/5142cb86/compiled/web.js?v=4-99d7afd5c5&secure=1&cachedVariantChoices=W10-&isPurposePreview=0&eventMetadataExperiment=newMeta&inmobi=0&batch-trackers-enabled=1
Requested by: Host: ads.celtra.com
URL: https://ads.celtra.com/continue/w4qma5wstXLbfLN5oI7shCtesJNPZbbEfzLYkWGavSO6QAFm3hiboYilEcfG9sX1mAxxCdVshK09zmI49tgDJlcVQjTlgLr0oyFSV1tHWT9ERI2bMRqolJ9V4oZ3PhjKin2cX3WsVh7eR8X44h1Q24QpAmNvOcO9CcLMcq8Rv4SiG4D1r22MZ0I5ViUGpNwpyb3SHsL0KurwNS2zkScZHst7xDWSkzd-oN867nVWU3PLpeg2fZneFDO3L0KrDGayqyt667AJ0BToJCu4q8FSo1MwvLTQj8NosNf8RGQxFAQ1cRCcRYhrPC3qzwnFFxAWrvcln_Bklf-n8DdYaw1Y489xf7Z4W4K_BRvIPLSvcL6Ecj9bE3evsnXEYm6nosT8umb2xQ2QLeAT74MMF9gzqjcZSuqP_btJNj1wpbbLt1BqKmKgHpuHfxykruk6xDuyCOUv8hCXYNwI8uIMNYyhmIVBd5u93npypnh-qn59L8SiXgXbihhxhvt7bDNX5-IygI2tHufccoYY76vl81Bn4UMLwtVBo81hNGA438izGosRznMojMTPVS6dl6i8Cv1xpS0UD4JRd4GzMUonSBSHaVcYuJMT_fsx83cOpa0zNbzUyEr0nWwDuUprusRkzWlJsmHP7CvvnDuqtF_k6CUhtsRlLFD9NWzpv1gJ-kc0zJoLY98zRZnyGFUjYzkZdAXlkTrFaMDN9NTfUtTdyqpBr8iCIyQTAIZPiDz0R1Qvze7I-M97yYvrNKZxmwzCa2t5mJm90dCU9gnxXSPZnPLPETl8UP322rBw2Drh013j6_VHMLib8Gg3Nb9GuytypnGkVctZTXn1OXn00PeGnQLT5xQeMT4ICJEW9iW6YJ0RgIWKmmmTskr8wOk8d44FiM7E-pqnzXronGBBaTFNpKi1AsH_GMHd-EkwlGGJBuPui-q46Uod7TvaMoTP3trw3UNVmsYhTtaQCNtPGGmQVPoZif8GAauf4wKZNOqjadulp9rujpuf7ZyUMRzMtd7M_NKsmFF2ern5NboLGEBXQfOqGOZv7quX3gVfOh-renEmCw_KmDKDKXDvb_UI6Z0kZK0FB0W2gK1ZIClIkSjS2kAG6tYEAESZs456pxtRpPwBDoyRoqB2DL59N20bH5G7-2Tv-BiL5qLTWGu9l1WA7JHolIbc733OBtwdEfUv1GflMhE_B1nldc4XZLOSiOAs7VqHlqlGSnswLFkRiDI5kWeIK-8ypDOo8Km6ROV2OfNCUrqgKx5P7NLXY9xwcZxWKrD-mb7-4S0UY_ZtIDAEGdfkwweY5_M1IzbvNxcDRXRWP-mrtvYW-uRRT9sjORgRemyZTglRa9yAaKZqeX0PyZIM7WHxWId_O0rbjqTzrloEH4dxMIKJWDoSRXeXhGBrtx6MK4A3GcJWZjcNtSeK-63714je4Eo4IQ0AyhTtlFiNvw-oCrrpx1qRRPFS3W_cImOYl9_cBN1pghC7AoCTK8d9WTcmEc3dcBjRvlb-tjIlogrs2lcHw_2epTtlXFlapORRHafUT0zknSUS5SNfC6qE3iSaKlY3YPbMqbp19WoLnUSNoWQDSWkV67pBczF20Hhl-JyVq9xQPQBtpPfB9DfyFuXJSIOC4kPsut1upvHFvg5CRzAyB1-_qSgxud5HTc_FpxNPA4u0VRJAQVnKh-BGwS_Expsy8252UBoQVYZw51cKDtasit6apCmh6zP3PlnjSSp66mOepbE8XJ_W4Y_yp4oQLOpscKR6WB3QDa7dcsD3Z87GnIEXAS7SkYGl8hSffmS9qoIHiOxlAc07twyvAx6pRfzw9mjclZokMo-cwM-EqDBjMLDxW6YdIP-W3ZAvnrOw2gLqE9BEBtRLeSJykD-e3F57X5OcrJrxxQzvb58_K0R2RXHJde-AV6eOa23ZBtiARkm61nnHyNYUPcmlacGfS_Fz3MqyZ79mAe13LuFoBSR8P2ruFFIFFaBdxJa7eNTU1zKceX97S6rHEkkv_wmntrr_oAkd09RXGOhIfA-VX_P2kBPrzs3v5YBZNvS9C-MlxSo74pGZWBd70BFk_6r_VN-IKIWynoH9NyroUUTO4FJ100d-wNsAdlgkXcT-5449XLL62bkK8OxKM_GDSdrbuF8rq5AfR30qllorvJl9A3LwIHXgyWQ5fMhJQl0ne_auuEAI3jL_NsLskHRUwT0Y4mkCay1Q0nTeZJJ4wEuUpiCX5hVoFAr9ZZdNpTuGuLZ3Dm9sNUN5l7z_1EdT01tjJuXi6XawMrr3YdqtatQFmDaUpILoooE2aTlW4YwafWBMty7PCFugFq4eJ358F8YAoWSdJNLveBH81nCiRGGLmgYPoG8ZbAdewtB8crCePq5wbzSvWE0lmR351ku36iYASPRaC7sW6mcDpx-Tw3f2Ux1Aqj9XkQX5ZFoFSyAOlkPEI3Qxr9KJhgGgz9qhWaCEaXfh8s_DTjL7ZxjxmPlYVPsLVeYiTTBCg6Ta4H2ssuXhW-0hki_FBkaMrOOvCXxbFn-0_Nb14IfPKxs02xgSRWwpQ4pSIdO3aEe-D7gPw0NAp4gbwmj-ee0XQ_0OlRefEkKPaXqqd-AjybRZ0edzclsXrVXgwa8_D7UksT_BfPMIgTI-qYw9M15-S2DhkW-My9BlZQMTvA1srOO_Yeb1LBzTiIeZiGma4q2Ep3WN6HNqRSbx5ioHyew7Yw1hVF-s9JJvwWOtzS2e5fTUzF6lh4NMw_fvNdVDJiymAPGMaGJ3oloZ_4fgNz-bRHLNmmAkoJA_1YHSvWizOT_gfs-AUcEwChPQyCmfK7hZbrEM1d0HHVTylHDUXcBmWKsGWwts-pImv9lktK26BNy-rj_zBDzEZENxow2igWp7vtdeemCijTz54CTlmkA_Wwa9PtAvgzlfP_4amqNeVcbNBN0WqelY8lxgUhdI7TgbEyMnvSACyJ5u1iJe3fBaLOhlRgQX-J0sNMBso6TbRBLMAIkgyt4P8gJtnqt0cTLF-6cEwrEBBenJPytKQgoS8HcYx0RFNqrAVX2HGoBi2xWyBCeORM2vcYCxLhVpK-AZb1pnAu0h7TLXckFWln_6Fgrbc0EB_YziNKvtwZ3xPpLYjXWFR5vjMnpLAeo-Eyr8guXYkFx-iJ4li6SJiWPphjPyLnpf60-xlGT5Ixlf2OiSL43N0fMQfSPAeG4BP0GpH9nEpn9RX22omaOIxweGXGXJ8rQpVUuI6Nl10m26ledjgNDdjRmQZZwH39IOk8TyBPnjcdtBEwt5_qHiWcoSDTzlBxotQq2Z04i7zpcPVxputV6L_AwUy6owPC_4NDJXGQT25Iy8gUjCqLZLQsvBDCzOo31zvJCDPG0duY2vWZ1PYesm-oExUxAvlwxn5tDuuMrNZsDd_GQbhs06-7cncL_u7BlYYrttNp20Hm_geHVgL46omSlnOWcexFfQ5WMtOnP5fmzJhr6MK3Tj1-Oc5kceOf3HrERZwb6S44GulYKh0Hj8e6w4MtU1ASZ3UiaKmTO2SVZkvKzUc2Knj6ZV2KuBPPmtZQ6ffWZXEyLumfvygK0ZnnlV4GNttwmbRC5JbxrrYogI19D9OC3HZFrwAogx7_xuy1KuAfMBuU9gy9QMQ2Fu1mHJ5Bk3hyr1UN1dEsDQLUicFzP-FXuMUxcSeNtwvwRBOVox-Y91W4JaVfwo6gbW-ZpIrYLo60Uw-MV1OL48f96qmmq1bBMQzv55ofMPMUUj4Si6pXREeZZ8YWOi_7evgDebxN58_PTXH847UAVhNq2zqUl8cZVqsb9kKkePsurdS6NAqdtGzua6OrY8oqQMEtvm3vxISw95y2hF-flBh9BPmAmIbGeuvFXJXm8DcrqJRWCW96UzpSR3ZyD-gm1UPAPJT0_mj1FNCdLIhiTU7qmXzCPeEEvQHGN9vchGmOwAj0wm2JaQqiPRQ3mfBNlhoKPcuZ0bzYVfaWdCK4WI5d71j6dBDOBuCIHvtBraYS-dt19TduSOyttUw0PrZKJYXbET-6XAcm27egpr5D_mhyKL2Vh0ytz-E0jh9cpi5nCWM9iHBmSgWlcrkTzd77wukjVMA-Z6vXWYWgK5kZ_ZsAd8cvyVTMqa8-6uRJJLPPOTB9r1ocywch4Tbb_0OXHy4HH4RGc88FNnk_1YuCGY4aKMQOa2wOnttdeXS4uwwj1gsOD4guJYBhQ7v0qrWlautS-JjhG2tr30nyK3mQ34t2AU7mB7uPaliKmfljczaLC-8c3HWHOoulFO_1eOwNHEHD_uFUjgqPg4chsTaXmlutczuJq924NXOli6_009foct6n39uFL9fSPcorN1YzMhjqBEvAPlwA43Y7YdSbU_0C92T04oojSj8BNbD5YIJ67NKDqfmONyFjr-tQ_PnQ7Ml7IMcI4tsc0ek5ChsKv562qziS276RarcqJZVPApooTxHzoDy2dFlMCv_iVgS2a8bvFJaHblkSq0Vq6LxUIx1iZaMoj6ROQXyj7PRPGX7SoT8kLxxjKGojfzpdk9_DYEBACHmV3LuXM7ilKujd0tTEwTBhPBd4YXqQrTSUzPaBqwNXSF2UFoYQHcVtPEOtFIgXJTM_wdgjU5vDwQgbq4EsGApJKGJax89PxmiEEr21qub-MEiCldJp06pRnImueWohYKVnsCM2-pyhQbmGgnPLER1dHcRH3om4xYHgrkg89qo5BCJEt4HQWlYHjSFM0JeW73mCjFDgrNwrN2I48cjbh0pDP_MJbF1H96OJ4FmzWnsRYHM8_uXrCbIyOfd8DL_cSAlIKEtR7LFDuOvvND_UpkBhsmObuzYbU8KjGm0emRSf4c4WKLxRmRGsnbwUbtMjKX0aU0UO9A-aSJUSITPAmcuKcgIWNtFcc2ZC7OS5vdob7o-mbLJ5CPi3kRLUOiFQdQ-BhchU7v474neTKZNGFuGf1XrXHSOYhMw4oI6nOhqRuSbekML7De9VZLlQPTgVWhjguJQOccEd88CIHnPGWnxKjRJARm5LdhOtFUp62KEZc0oX7bs2_BVjnzdaLQyttatcZHVYH-LW2v5hkDWJ9-4vLbWx87Mpu-fYIPQXnuHa44qAHAyEuL-EJRoWyNTQ7hfoBZagxG9Zv2ZQQAVo-XJOG64BKbn9--5miq72KmxrrIKSXd9JrUoKca4gYOAfVuOLIcNzGfWKmZCCCThvidj1qRLWbvZlcAj74y3_9-xrg9N-pFyKerlZOxHDwnlvR_lDRVfAaQwgIZ?signature=XWFt-7JNJUf9TvARaSArOA&clientParams=eyJpZGVudGl0eVRyYWNraW5nIjp7InN0YXR1cyI6InN1Y2Nlc3MiLCJ0aW1lIjo5NywiZGF0YSI6eyJpZCI6bnVsbH19fQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: aafdca6d5f2e65f9d50c7a040750ad1121db6caf7460e3d6da19e767ccaa8818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:05:39 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.2), 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 384446
x-cache: Hit from cloudfront
content-length: 125440
server: Apache
etag: "bc1060d9dea86da83a69ea6d4ca2b56a13211d8f9ee1abd99bd032b5b603a062"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 884743
accept-ranges: bytes
x-amz-cf-id: WhYaZ3BnAb3u4j-pfCP1fjYMfiReeCCsnyTGNqXy-1_r-lv_TSVuow==

GET
BLOB 200
OK 0d3f630f-28ea-40cc-995b-d0a1791336a9
https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/ Frame FAA4 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/0d3f630f-28ea-40cc-995b-d0a1791336a9
Requested by: Host: 5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
URL: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 167
Content-Type: image/png

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-232068335-1&l=INdata

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 17 Oct 2022 19:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2228
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 17 Oct 2022 21:15:57 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 27ms
27ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=600219828&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.yallakora.com%2F&ul=en-us&de=UTF-8&dt=%D9%8A%D9%84%D8%A7%D9%83%D9%88%D8%B1%D8%A9%20%D8%A7%D9%84%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%B1%D9%8A%D8%A7%D8%B6%D9%89%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%20%D9%81%D9%89%20%D8%A7%D9%84%D8%B4%D8%B1%D9%82%20%D8%A7%D9%84%D8%A3%D9%88%D8%B3%D8%B7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=YKFooter&ea=IdeaNetwork&el=Germany&_u=aEDAAUABAAAAACAAI~&jid=1783647192&gjid=2044475529&cid=733115516.1666036383&tid=UA-232068335-1&_gid=1367500697.1666036383&_r=1&gtm=2ouaa0&z=740861602

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.yallakora.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.yallakora.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK v3 Show response
ib.adnxs.com/ut/ 45 KB
17 KB 170ms
170ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

25cee3559b94c2af68543a4f8fc8695587e485fdf08f5680cfc0193a75caccc5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.yallakora.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 17 Oct 2022 19:53:05 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c2f50835-4f95-4194-ba6c-f0c016be7135
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.yallakora.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 44ms
44ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022101301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2a210880abe6ed2548e4d81e3441056d2c90b841aa060eed53253882d0cc603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11379
x-xss-protection: 0

GET
H/1.1 200
OK ANOutstreamVideo.js Show response
acdn.adnxs.com/video/outstream/ 723 KB
185 KB 21ms
21ms Script
application/javascript 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/video/outstream/ANOutstreamVideo.js
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ec96aea18a8b7a4cb9c407d6083c7e668ad2de5280c2af815b8251b305189c83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires: Thu, 06 Oct 2022 20:01:52 GMT
Date: Mon, 17 Oct 2022 19:53:05 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 85852
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 189081
X-Served-By: cache-lga21958-LGA, cache-hhn4050-HHN
Last-Modified: Wed, 05 Oct 2022 19:47:24 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1666036385.220242,VS0,VE0
ETag: W/"633ddf4c-b4d13"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 4, 274

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 17 Oct 2022 19:53:05 GMT

GET
H2 200 adineuePROCond-Bold.woff
cache-ssl.celtra.com/api/fonts/16bf8d7f/3_cb19957205cb8dd9b8c6a45e451a34a854cdff86c97628846dddfb1f39a9a519/ Frame 33F9 6 KB
6 KB 70ms
24ms Font
application/font-woff 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/fonts/16bf8d7f/3_cb19957205cb8dd9b8c6a45e451a34a854cdff86c97628846dddfb1f39a9a519/adineuePROCond-Bold.woff?subset=%20AGIKLNORSY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: e661776e889d3e1807e7f44b09fd7fe3bd0659ec47da78b481006ba9b04b3f06

Request headers

Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
Origin: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:34:25 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1160320
x-cache: Hit from cloudfront
content-length: 5880
server: Apache
etag: "e661776e889d3e1807e7f44b09fd7fe3bd0659ec47da78b481006ba9b04b3f06"
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 819803
accept-ranges: bytes
x-amz-cf-id: IhousUka1LBFwdoaeT6ScpRVNPtbfxL62SiEb1bQuMPRSqA3tF7NyA==

GET
H2 200 AdihausDIN-Bold.woff
cache-ssl.celtra.com/api/fonts/36109108/3_a411088e7420926ae5055220c98f30661f330f0b1e15ab56bb3fdb332ddad3dd/ Frame 33F9 3 KB
3 KB 69ms
25ms Font
application/font-woff 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/fonts/36109108/3_a411088e7420926ae5055220c98f30661f330f0b1e15ab56bb3fdb332ddad3dd/AdihausDIN-Bold.woff?subset=%20ACISTVZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: e2c8c88a02894f378df4073ba4b376dde449ff2bf10b34cdc70d23ddeb7d9349

Request headers

Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
Origin: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:51:55 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1854069
x-cache: Hit from cloudfront
content-length: 2612
server: Apache
etag: "e2c8c88a02894f378df4073ba4b376dde449ff2bf10b34cdc70d23ddeb7d9349"
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 17014104
accept-ranges: bytes
x-amz-cf-id: M7NKDrYtxaMSdXJOqnH7xfUoXSbbbzj6O-r9pvNUsFW8EhydL7jeuQ==

GET
H2 200 logo_originals.svg
cache-ssl.celtra.com/api/blobs/ef3af8e1231e3994efbe92c8f43bd5fdb0d8b67562c12416153c5fa04ce60043/ Frame 33F9 2 KB
3 KB 21ms
21ms Image
image/svg+xml 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/ef3af8e1231e3994efbe92c8f43bd5fdb0d8b67562c12416153c5fa04ce60043/logo_originals.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: ef3af8e1231e3994efbe92c8f43bd5fdb0d8b67562c12416153c5fa04ce60043

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 07:41:43 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1253481
x-cache: Hit from cloudfront
content-length: 2420
server: Apache
etag: "ef3af8e1231e3994efbe92c8f43bd5fdb0d8b67562c12416153c5fa04ce60043"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 39078391 6592354
accept-ranges: bytes
x-amz-cf-id: bNg6X5vh-fJCyRgXgwtmnLb2U8Ovk-A4rQQqXvUYdKGUWCAxcXwQ5A==

GET
H2 200 BG-Dynamic_728x90.jpg
cache-ssl.celtra.com/api/blobs/5130d9f8617e4f4cb34476a815b67a2af353b3243c8795802cceacfe48f386a1/ Frame 33F9 18 KB
18 KB 22ms
22ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/5130d9f8617e4f4cb34476a815b67a2af353b3243c8795802cceacfe48f386a1/BG-Dynamic_728x90.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: c1218bbbb0f1d4acec1d237359247534bfb2b1580f979b9bb968f8833c8bf727

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 09:25:09 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1247276
x-cache: Hit from cloudfront
content-length: 18033
server: Apache
etag: "c1218bbbb0f1d4acec1d237359247534bfb2b1580f979b9bb968f8833c8bf727"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 38053023
accept-ranges: bytes
x-amz-cf-id: C8X63mzct7yOmUTFeRk3X3yRbeEHpqTbthTffvXTFFvspEjSbpprgQ==

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ 36 KB
17 KB 153ms
81ms XHR
text/xml 142.250.13.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Azm7nY2gxvL0lu5O_EUpGJ-mSEJa_fWEiQ00gMkX6XCel0Bgi-s_2tycEU5l6GvDx2Ek5r&dbm_d=AKAmf-B4nnrNOqEp0s9c_sGUao8fGgq5hqQEG7dZ_KICEmHtCZUm93XMhyVuGiF8flVEYkRRgzfPbHfThjCo2mxd6CyhePPiYyEpesAXUxRl8Aa0H7z6aUrzrKmpKOpC082rgHJgeB43ML6kajHtat6T5xpRR4Y4NG1JoRxczFjqkvKvZVRVh4NC5GuKS_kK8oO0LykIIfGNxefMyYYYt0_xRKuj_ylbo6kcRkQwN6eerYBJxnxseBUTp5NcIC7Zg7mfMwCqZzfY4Ny-FoFs6IbKdBkMA_D1flfAlw3NvjRdTAzm9HDUGXUWNgY2VeNnVFP3Ntvqt6pjF0FoIJOe_SqOJAOVvN01-2dHIKp-AdCxFgLuNjtTvhWOgbuvlXyVdTMGqjtlpZJxcsRX5khf5_Qv_XIIw0GAQ-yiRfgCXqEf84xp7DxhxhhjXpNLROXGdqd_3l2k5oKF41_4OkrY_0tqLyrqLmSt-ao8z7RWeSzc_dskZoQHmKJXMskvf5MVQ3Q1w5JC6NC2EaCspNI5kEu-5X1aT0IDEV06advUDBnuPmOFOwrhmDi3lhCRixeXgdMtedfhaOQVC1Yl0q1pOI9gWbxTW0Q6CfNad145CejwBy32dmLLxGEUuzMVOkWha9GmYliyE-QqO6avX9bCLlzxzngBm4x8FefapisuirSLyMD55rGQ-YnXsfxRwTanT-g03L61ALrxUSkTqqSU4BNmidke7tjXqI5fFfsyNZNTNMUpIvpM77Rs8qi-hk-JTkJgLgaZ8P8cueVFRogM00p4GJ5BicN3h_1z2AiFRWZI8ttQJxexh8_gX0S5u1KieB6LQWjiMpledvwdNbYOhq1jojktn_bmEACkstu0Lb4Uqy4OtshR1lZmUojXCCD1MT1Z21G9U174HTejMfjR_UaLwlAwyGnJNzGspnIW-1Xjni7JFb0wRdE8eOKaHF_IvW4dwVuz7XdBFKsYgcFM0zEVhQsVafhKy2Zd7Q2zVV8BeiBKbDNdqmuH_FUDkx4CFDwS0_771EbkIqYXK29ZzWMT5zOHl6znTeFsE0M2G4xeCe73Y4ZaaJHVpfF9NbfM2SQRh7Z9v6-iQF-pb45vDCwDwGrj4I8_B5MBD15vu7rIr-a0BHFKj_wLcArVlEx--JNWXoEUAbe2XS1K8kpEP1LnNwkrGqLh9-aGVjr9HPVBkrxyAkWvdBpmf_Po3zJSRSzIzfVxz6z_c-5O1158tvxFpZsedP7jLGR-coLlhb-WKPOdkQTlv5uzXzFvv7wKBV_eIrUkuYLF4YT08iRVYyEvVnivSGl96HauCUAoqQMd39qsc2bjWcVIAjJmogXKmcsGQqcq5yxKgV4_JGuAYhdOzKW8yyOMXHcROcNWtAQkQA-9VjV9_nxBdOdpfUMgI1qd0afwDShG7eTuNkxs6iEuSPqCJubceImSXN29MvV-hJLUaFJQdh1TTAEoHiSXdmFUG7pVrRTsTYbWrqiOnNMk4Wde1_6BIquqWQGKnQo5gwHer-lKS0i195OX6Mo_HqPRchuhCcJdPvTE5e9O4pjJdg9j-2tfm11v19LKu4kgnZnLZRZh-BwQOFsucmHHnoZzccEWmU_YOb0ePfRaAprbkD954o22-jywAbCScJupSu_c2SaOYHcvmg61nJq2u25Eag1HjSwOVIcO_Jv8r4GNYJQnCVOcGZJb_rjA7wTO8y9oJMk26NUsganO7GBcpCEpDw3nwykDmhTPTPf6HoLWNNgiWkZ8xoy0P1T5nw0VGGaZC-d-jJGX0_5fZCBChMaQtN2yGoZDkOU5gOaDLDAv_SnE7Q5RdR-w7bAcx3vRTkJGsTi8yAenHIJN_gj5JGxI-ap4TWVmKxj8lwhUg05YKeczjSmwN1Pw95sGyqe00wL176hUp4p3629DeSRCBMep_KnZUXw7hRjA5ma4kJz6oD9oYZWS_bh7YF1nlYuyo0LgDflTOX91HFgn0l_RczkxXIEGdqcvEQNdmSAS0CqSBYxWZTcVH9rwKgxfyvPq-Cx54V-hgyAD6RfJvcOGLK5gccvxGRDO0JGLYGdDdfgUYBSzZ5WcfM8frdFxdJbRbGiRqwHPJ0Mhr2rRgp2jz3_ZKBIW_miSQjfegpCKHVHtrx_K9ruVloAWCIyBEIZ-TBqBx8K9_zfZeHWPBRay7_m5vn7-3JqBWJFo5-GN52WLXaUgA2Kllkdde8hu2baY5YiqYx4vPeThJUlaQZL9e8_-96-KBf9pIgTgR9QUrCrfCwUeul-q0CWSmJYxtSmUW3i2rr-IbsilxTkxDmVJo_jNy0ThQs4LJ8RQuer1OIChgxzM2GFk_B10dgdPnIfqrmU58ltbgegffHbkyijzurJjAURcfuUPzl_UiD4hL4qnN_2GyGxLlAfuaBJHOlhfO7_lzPg83UJMDTj78kX0nRi4yOiG4j0QXOLbSXIgBua-izyaQsm5eUqsmAu_kGD1Z5OG58M2UWtO9jwm3PYDl4Ae9k3k0Pe-GA_jPsowP_TKj-2V1lrJXHYmUbB7tKejwCDZ0H96Ojtuo9EdV8y_Kg_aj7cYkUGQEUMYjQzyqsvQ38wZcHm0eauEP4ng6OrX5yFR4wGsUaONRO9P8QadAwgfHGK5168GATNHCjq6PxKwleqpcpxKxUnkqE3xHSEgnGRCMGjr4bYdIGbsC-i-IiYJWvycZ1qOfNl_ctBlTyOBEtOrMghZ7eRmq9oRDCbpyiWbL6aMExx2uvOZwuU2fzsbBQ7LRI-gT29lVz5LCJrDpDYUNlj9-EnGo69i5kjZGhTU4pkzJmN5OwACCo1rc_YnZtTKhz4wnKP6c3G38frr87RrOYVa8RE8Bp08YFLwMmpQuyM9vhYMudhyStkaRjsJnCow_xGbRHZdgoVq828XPhvznAJf79iKlemssm31icYl0_yUvxhx04BKEHeE-H_3yz8SX843xgacG7kEjotdP-y63mrNAxWw7lUZnf7QeAGmu8YWv8HHkOM67y8OXcHg36DyNSM7wjbBg2w-tDEl4sXfDhfzgfastEtzKzQsxFsR7UmESx_s3owLeWAxopbUrio1oMPU4slmfiA5eRCxRdYM7FycZEkXSO9QmCBZXQyEWbufKnVjH8coulBNP1b6JmQZTc0U5k4wpBCkcQoJ2APtReOofzNYceyxjkVU_zOKGNqM6KKP844EtB1WEe8czSzVXjH0ejHB5iJIYzHafxmISIgzEs2FgnkdL7-JqbUsSlraTL-MGIl0LSwDGMT9_rk9o9lL&pr=10:0.888719&cid=CAASFeRoXWhbZBM2FpoHESUzC02n5TiDNw

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/video/outstream/ANOutstreamVideo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.13.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

we-in-f156.1e100.net

Software

cafe /

Resource Hash

69ddf7e268cb8389d3db374380a398e1ffbba4924f976e99b7d77d5e7be542f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17008
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://www.yallakora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK v2
fra1-ib.adnxs.com/vast_track/ 0
819 B 85ms
21ms Image
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/vast_track/v2?info=aQAAAAMArgAFAQmhsk1jAAAAABEKnjgaankGDhmhsk1jAAAAACCZ4-uyASgAMLwJON5kQPPafEjFq-ECULDi7AtY_QViAkRFaAFwAXgAgAECiAEEkAGsApgB-gGgAQCoAZnj67IBsAEB&s=c50f1ce1032892ee9cd0291e2ae357f78b53a4ef&event_type=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 19:53:05 GMT
AN-X-Request-Uuid: fbab64ee-daac-4aee-aa7c-5949fc870d2f
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 image.jpg
cache-ssl.celtra.com/api/blobs/6b044a444d8a38d2cf424917ace4f7fd414789f3f97151b50c9511d9c7c4c6dd/ Frame 33F9 58 KB
58 KB 21ms
21ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/6b044a444d8a38d2cf424917ace4f7fd414789f3f97151b50c9511d9c7c4c6dd/image.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 6b044a444d8a38d2cf424917ace4f7fd414789f3f97151b50c9511d9c7c4c6dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 04:25:55 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3425230
x-cache: Hit from cloudfront
content-length: 59275
server: Apache
etag: "6b044a444d8a38d2cf424917ace4f7fd414789f3f97151b50c9511d9c7c4c6dd"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 8056649
accept-ranges: bytes
x-amz-cf-id: Fz0xP5OikWANaurB4_eKFerwRMK4AZyWIBb2IcY0e4oHlQelkUTs-g==

GET
H2 200 image.jpg
cache-ssl.celtra.com/api/blobs/7e298a4f0cc804dd68ea246cc169fc5ad318011960b113f853213bba366e5e62/ Frame 33F9 46 KB
46 KB 25ms
24ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/7e298a4f0cc804dd68ea246cc169fc5ad318011960b113f853213bba366e5e62/image.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 7e298a4f0cc804dd68ea246cc169fc5ad318011960b113f853213bba366e5e62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 06:09:34 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3937410
x-cache: Hit from cloudfront
content-length: 46672
server: Apache
etag: "7e298a4f0cc804dd68ea246cc169fc5ad318011960b113f853213bba366e5e62"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 7013955
accept-ranges: bytes
x-amz-cf-id: NbIUwNwMGT4-MDN_om0S1dUhvSHkr1laNXMH7FjjU7mv-J-xxvQEHg==

GET
H2 200 adineuePROCond-Bold.woff
cache-ssl.celtra.com/api/fonts/16bf8d7f/3_cb19957205cb8dd9b8c6a45e451a34a854cdff86c97628846dddfb1f39a9a519/ Frame 688E 6 KB
6 KB 26ms
26ms Font
application/font-woff 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/fonts/16bf8d7f/3_cb19957205cb8dd9b8c6a45e451a34a854cdff86c97628846dddfb1f39a9a519/adineuePROCond-Bold.woff?subset=%20AGIKLNORSY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: e661776e889d3e1807e7f44b09fd7fe3bd0659ec47da78b481006ba9b04b3f06

Request headers

Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
Origin: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:34:25 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1160320
x-cache: Hit from cloudfront
content-length: 5880
server: Apache
etag: "e661776e889d3e1807e7f44b09fd7fe3bd0659ec47da78b481006ba9b04b3f06"
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 819803
accept-ranges: bytes
x-amz-cf-id: FeLSmDw0WjxL3SayEA5oIngrILPPKWED8fauuJF-sFt80I1w6eXbJQ==

GET
H2 200 AdihausDIN-Bold.woff
cache-ssl.celtra.com/api/fonts/36109108/3_a411088e7420926ae5055220c98f30661f330f0b1e15ab56bb3fdb332ddad3dd/ Frame 688E 3 KB
3 KB 26ms
26ms Font
application/font-woff 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/fonts/36109108/3_a411088e7420926ae5055220c98f30661f330f0b1e15ab56bb3fdb332ddad3dd/AdihausDIN-Bold.woff?subset=%20ACISTVZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: e2c8c88a02894f378df4073ba4b376dde449ff2bf10b34cdc70d23ddeb7d9349

Request headers

Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
Origin: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 08:51:55 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1854069
x-cache: Hit from cloudfront
content-length: 2612
server: Apache
etag: "e2c8c88a02894f378df4073ba4b376dde449ff2bf10b34cdc70d23ddeb7d9349"
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 17014104
accept-ranges: bytes
x-amz-cf-id: pWwua7OJIK-RzarNu4tO7WJL-Ew79nQzLcFXS32U-5MbxzUho-p9Pw==

GET
H2 200 image.jpg
cache-ssl.celtra.com/api/blobs/c4cd88ec9b17f2a945f846a1118a57c5ee95afd6f7aac8e071b1d57d6d10890f/ Frame 33F9 85 KB
86 KB 21ms
21ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/c4cd88ec9b17f2a945f846a1118a57c5ee95afd6f7aac8e071b1d57d6d10890f/image.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: c4cd88ec9b17f2a945f846a1118a57c5ee95afd6f7aac8e071b1d57d6d10890f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 02:13:50 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 927555
x-cache: Hit from cloudfront
content-length: 87509
server: Apache
etag: "c4cd88ec9b17f2a945f846a1118a57c5ee95afd6f7aac8e071b1d57d6d10890f"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 20463805
accept-ranges: bytes
x-amz-cf-id: ag_nbXPuTkk7HiH-A5Xqs6-y6TrLkB12mF6w1ARHtzENjZOemh-Czw==

GET
H2 200 logo_originals.svg
cache-ssl.celtra.com/api/blobs/ef3af8e1231e3994efbe92c8f43bd5fdb0d8b67562c12416153c5fa04ce60043/ Frame 688E 2 KB
3 KB 23ms
21ms Image
image/svg+xml 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/ef3af8e1231e3994efbe92c8f43bd5fdb0d8b67562c12416153c5fa04ce60043/logo_originals.svg
Requested by: Host: www.yallakora.com
URL: https://www.yallakora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: ef3af8e1231e3994efbe92c8f43bd5fdb0d8b67562c12416153c5fa04ce60043

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 07:41:43 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1253481
x-cache: Hit from cloudfront
content-length: 2420
server: Apache
etag: "ef3af8e1231e3994efbe92c8f43bd5fdb0d8b67562c12416153c5fa04ce60043"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 39078391 6592354
accept-ranges: bytes
x-amz-cf-id: 1B184np311GM8xqfua0p0aF5e4DexACt-c0NiaENhexU0M7nfWvJrQ==

GET
H2 200 BG-Dynamic_300x250.jpg
cache-ssl.celtra.com/api/blobs/fa4ba7159219f904ea897adaa73c66f9aa9343cd400b941d0d85d0d6d9116627/ Frame 688E 25 KB
25 KB 23ms
22ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/fa4ba7159219f904ea897adaa73c66f9aa9343cd400b941d0d85d0d6d9116627/BG-Dynamic_300x250.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 9e02ba9f2dab0339bff6b9e5a1e8d79ffcaaabbba02d81b3a775cfebec5e14c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 09:24:55 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1247289
x-cache: Hit from cloudfront
content-length: 25135
server: Apache
etag: "9e02ba9f2dab0339bff6b9e5a1e8d79ffcaaabbba02d81b3a775cfebec5e14c9"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 40672233
accept-ranges: bytes
x-amz-cf-id: 3ODq16varrWXddsa7-CRf9GCLrJQnnFyeefATfI0pnd3xCXNOFN1Ug==

GET
H2 200 image.jpg
cache-ssl.celtra.com/api/blobs/1efe13e4897206e5d852df789e1e37b9114a85e6bc1496b39b680041d8a4d780/ Frame 688E 53 KB
53 KB 24ms
23ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/1efe13e4897206e5d852df789e1e37b9114a85e6bc1496b39b680041d8a4d780/image.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 1efe13e4897206e5d852df789e1e37b9114a85e6bc1496b39b680041d8a4d780

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 09:19:00 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4962845
x-cache: Hit from cloudfront
content-length: 53798
server: Apache
etag: "1efe13e4897206e5d852df789e1e37b9114a85e6bc1496b39b680041d8a4d780"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 37967478
accept-ranges: bytes
x-amz-cf-id: zvNkPxuDUJh2rIXuvlDGk5vBYM7gIPMgWS8Zv67_km71_nM8yYG4Pg==

GET
H2 200 image.jpg
cache-ssl.celtra.com/api/blobs/94a82fd6958bef0bcc62d2523b31a2a553cb3ae2f1c960d98e9330a63e227aea/ Frame 688E 43 KB
44 KB 26ms
26ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/94a82fd6958bef0bcc62d2523b31a2a553cb3ae2f1c960d98e9330a63e227aea/image.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 94a82fd6958bef0bcc62d2523b31a2a553cb3ae2f1c960d98e9330a63e227aea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 07:21:40 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 909085
x-cache: Hit from cloudfront
content-length: 44251
server: Apache
etag: "94a82fd6958bef0bcc62d2523b31a2a553cb3ae2f1c960d98e9330a63e227aea"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 18257449
accept-ranges: bytes
x-amz-cf-id: KMku0-K9G7mspL5wP_OUkuIlD04GhRUg86G4x9VX-zh-8-QbM759Vg==

GET
H2 200 image.jpg
cache-ssl.celtra.com/api/blobs/79b525d9a222506f07c982f65ff83a20369203fad57ba161159cdd3fd552873e/ Frame 688E 151 KB
151 KB 30ms
29ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/79b525d9a222506f07c982f65ff83a20369203fad57ba161159cdd3fd552873e/image.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 79b525d9a222506f07c982f65ff83a20369203fad57ba161159cdd3fd552873e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 01:01:09 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4128716
x-cache: Hit from cloudfront
content-length: 154397
server: Apache
etag: "79b525d9a222506f07c982f65ff83a20369203fad57ba161159cdd3fd552873e"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 37166082
accept-ranges: bytes
x-amz-cf-id: JtaBYm14kBv4W2-JNgcXsFWUPUGfzgIYwsO0j0C8jhXQQhtSr_yXBw==

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D359 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yallakora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 661
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:42:04 GMT
expires: Tue, 17 Oct 2023 19:42:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F461 783 B
535 B 31ms
30ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

66dff4b505c9df6cf3518e8cbac563f9ca34f66f4938df6e1f7399ea063d4812

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z3DJP_ikCBlN-4gVr0zJsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.yallakora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-z3DJP_ikCBlN-4gVr0zJsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:53:05 GMT
expires: Mon, 17 Oct 2022 19:53:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 logo_originals.svg
cache-ssl.celtra.com/api/blobs/ef3af8e1231e3994efbe92c8f43bd5fdb0d8b67562c12416153c5fa04ce60043/ Frame 33F9 2 KB
3 KB 24ms
20ms Image
image/svg+xml 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/ef3af8e1231e3994efbe92c8f43bd5fdb0d8b67562c12416153c5fa04ce60043/logo_originals.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: ef3af8e1231e3994efbe92c8f43bd5fdb0d8b67562c12416153c5fa04ce60043

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 07:41:43 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1253481
x-cache: Hit from cloudfront
content-length: 2420
server: Apache
etag: "ef3af8e1231e3994efbe92c8f43bd5fdb0d8b67562c12416153c5fa04ce60043"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 39078391 6592354
accept-ranges: bytes
x-amz-cf-id: nkz2GCAyRA8YV3VG8CqH3FlNf2MA04hm21Q_wmx-QzXMnhMsKY99Sw==

GET
H2 200 BG-Dynamic_728x90.jpg
cache-ssl.celtra.com/api/blobs/5130d9f8617e4f4cb34476a815b67a2af353b3243c8795802cceacfe48f386a1/ Frame 33F9 18 KB
18 KB 25ms
21ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/5130d9f8617e4f4cb34476a815b67a2af353b3243c8795802cceacfe48f386a1/BG-Dynamic_728x90.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: c1218bbbb0f1d4acec1d237359247534bfb2b1580f979b9bb968f8833c8bf727

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 09:25:09 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1247276
x-cache: Hit from cloudfront
content-length: 18033
server: Apache
etag: "c1218bbbb0f1d4acec1d237359247534bfb2b1580f979b9bb968f8833c8bf727"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 38053023
accept-ranges: bytes
x-amz-cf-id: 63N-OQQdKPhMdteJSJqnNzl7i8PxweEnKYEWxKQyfiSte6oeo0Y3NA==

GET
H2 200 image.jpg
cache-ssl.celtra.com/api/blobs/6b044a444d8a38d2cf424917ace4f7fd414789f3f97151b50c9511d9c7c4c6dd/ Frame 33F9 58 KB
58 KB 25ms
21ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/6b044a444d8a38d2cf424917ace4f7fd414789f3f97151b50c9511d9c7c4c6dd/image.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 6b044a444d8a38d2cf424917ace4f7fd414789f3f97151b50c9511d9c7c4c6dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 04:25:55 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3425230
x-cache: Hit from cloudfront
content-length: 59275
server: Apache
etag: "6b044a444d8a38d2cf424917ace4f7fd414789f3f97151b50c9511d9c7c4c6dd"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 8056649
accept-ranges: bytes
x-amz-cf-id: LknOB8qfWyNYzb6lw0HV-M9jdNG9vXajJ4qZxrXRWS-NZDVqk6uVJg==

GET
H2 200 image.jpg
cache-ssl.celtra.com/api/blobs/7e298a4f0cc804dd68ea246cc169fc5ad318011960b113f853213bba366e5e62/ Frame 33F9 46 KB
46 KB 26ms
23ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/7e298a4f0cc804dd68ea246cc169fc5ad318011960b113f853213bba366e5e62/image.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 7e298a4f0cc804dd68ea246cc169fc5ad318011960b113f853213bba366e5e62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 06:09:34 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3937410
x-cache: Hit from cloudfront
content-length: 46672
server: Apache
etag: "7e298a4f0cc804dd68ea246cc169fc5ad318011960b113f853213bba366e5e62"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 7013955
accept-ranges: bytes
x-amz-cf-id: o-KlnEZ-eU5RjrVNEWJ4BBxTkOlWTr-5gK9RVRaW7v3gpyc9n_ynyQ==

GET
H2 200 image.jpg
cache-ssl.celtra.com/api/blobs/c4cd88ec9b17f2a945f846a1118a57c5ee95afd6f7aac8e071b1d57d6d10890f/ Frame 33F9 85 KB
86 KB 27ms
24ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/c4cd88ec9b17f2a945f846a1118a57c5ee95afd6f7aac8e071b1d57d6d10890f/image.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: c4cd88ec9b17f2a945f846a1118a57c5ee95afd6f7aac8e071b1d57d6d10890f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 02:13:50 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 927555
x-cache: Hit from cloudfront
content-length: 87509
server: Apache
etag: "c4cd88ec9b17f2a945f846a1118a57c5ee95afd6f7aac8e071b1d57d6d10890f"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 20463805
accept-ranges: bytes
x-amz-cf-id: GgyVVDPVuHgI84TdeIPfM3JNdRity0xxjZqvIqOHMXEnRhrqc9rlmQ==

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjY2MDM2Mzg0eGFjZDU1ZGZiM2FkODJmeDU5MDUyOTgxIiwiYWNjb3VudElkIjoiZmJiZGYyZDgiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxMjI2MTE3NzIyMDg5MzY4MiIsImluZGV4I...
track.celtra.com/json/ Frame FAA4 35 B
242 B 100ms
20ms Image
image/gif 3.124.253.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjY2MDM2Mzg0eGFjZDU1ZGZiM2FkODJmeDU5MDUyOTgxIiwiYWNjb3VudElkIjoiZmJiZGYyZDgiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxMjI2MTE3NzIyMDg5MzY4MiIsImluZGV4IjowLCJjbGllbnRUaW1lc3RhbXAiOjE2NjYwMzYzODUuMjAxLCJzY29wZSI6Imdsb2JhbCIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDYuMC41MjQ5LjExOSBTYWZhcmkvNTM3LjM2Iiwib3JpZW50YXRpb24iOjAsInRvcG1vc3RSZWFjaGFibGVXaW5kb3ciOnsid2lkdGgiOjcyOCwiaGVpZ2h0Ijo5MH0sImhvc3RXaW5kb3ciOnsid2lkdGgiOjcyOCwiaGVpZ2h0Ijo5MH0sIm5lc3RpbmciOnsiaWZyYW1lIjp0cnVlLCJmcmllbmRseUlmcmFtZSI6ZmFsc2UsImlhYkZyaWVuZGx5SWZyYW1lIjpmYWxzZSwiaG9zdGlsZUlmcmFtZSI6dHJ1ZSwiaWZyYW1lRGVwdGgiOjB9LCJwYWdlVmlzaWJpbGl0eUFwaSI6dHJ1ZSwicmVxdWVzdEFuaW1hdGlvbkZyYW1lIjp0cnVlLCJ0b3BXaW5kb3dOYXRpdmVSQUZTdXBwb3J0ZWQiOnRydWUsImFsbG93Tm9uTmF0aXZlUkFGRm9yVmlld2FibGVUaW1lVXNlZCI6ZmFsc2UsImNsaWVudFRpbWVab25lT2Zmc2V0SW5NaW51dGVzIjowLCJzdXBwb3J0c0NvbnRhaW5lclZpZXdhYmlsaXR5IjpmYWxzZSwic3VwcG9ydHNDb250YWluZXJJbml0aWFsVmlld2FiaWxpdHkiOmZhbHNlLCJ0YWdQYXJlbnRXaWR0aCI6MCwidGFnUGFyZW50SGVpZ2h0IjowLCJhbXBEZXRlY3RlZCI6ZmFsc2UsImFtcE5lc3RpbmdMZXZlbCI6IiIsInNhZmVGcmFtZURldGVjdGVkIjpmYWxzZSwiZmV0Y2hTdXBwb3J0ZWQiOnRydWUsImFzYXBFbmFibGVkIjpudWxsLCJuYXRpdmVQcm9taXNlc1N1cHBvcnRlZCI6dHJ1ZSwiYmVhY29uU3VwcG9ydGVkIjp0cnVlLCJJbnRlcnNlY3Rpb25PYnNlcnZlclN1cHBvcnRlZCI6dHJ1ZSwiaXNNdXRhdGlvbk9ic2VydmVyU3VwcG9ydGVkIjp0cnVlLCJ3ZWJWaWV3IjpudWxsLCJpc1dpbmRvd09wZW5OYXRpdmUiOnRydWUsInByb3RvTG9hZGluZyI6eyJkYXRhTG9hZFN0YXR1cyI6InN1cHBvcnRlZCIsImJsb2JMb2FkU3RhdHVzIjoic3VwcG9ydGVkIn0sIm5hbWUiOiJlbnZpcm9ubWVudEluZm8ifSx7InNlc3Npb25JZCI6InMxNjY2MDM2Mzg0eGFjZDU1ZGZiM2FkODJmeDU5MDUyOTgxIiwiYWNjb3VudElkIjoiZmJiZGYyZDgiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxMjI2MTE3NzIyMDg5MzY4MiIsImluZGV4IjoxLCJjbGllbnRUaW1lc3RhbXAiOjE2NjYwMzYzODUuNDAyLCJuYW1lIjoiY3JlYXRpdmVMb2FkZWQiLCJ2aWV3YWJpbGl0eTAwTWVhc3VyYWJsZSI6ZmFsc2UsInZpZXdhYmlsaXR5NTAxTWVhc3VyYWJsZSI6ZmFsc2UsInZpZXdhYmxlVGltZU1lYXN1cmFibGUiOmZhbHNlLCJjZG5WYXJpYW50Ijoibm9uZSJ9XX0=?crc32c=71732434
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.253.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-253-38.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Mon, 17 Oct 2022 19:53:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 logo_originals.svg
cache-ssl.celtra.com/api/blobs/ef3af8e1231e3994efbe92c8f43bd5fdb0d8b67562c12416153c5fa04ce60043/ Frame 688E 2 KB
3 KB 25ms
24ms Image
image/svg+xml 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/ef3af8e1231e3994efbe92c8f43bd5fdb0d8b67562c12416153c5fa04ce60043/logo_originals.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: ef3af8e1231e3994efbe92c8f43bd5fdb0d8b67562c12416153c5fa04ce60043

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 07:41:43 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1253481
x-cache: Hit from cloudfront
content-length: 2420
server: Apache
etag: "ef3af8e1231e3994efbe92c8f43bd5fdb0d8b67562c12416153c5fa04ce60043"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 39078391 6592354
accept-ranges: bytes
x-amz-cf-id: vohq9O7f1IODegR0CqciQ79AdL-RoQw5MbwyLCehRteTaVyLEQY6mw==

GET
H2 200 BG-Dynamic_300x250.jpg
cache-ssl.celtra.com/api/blobs/fa4ba7159219f904ea897adaa73c66f9aa9343cd400b941d0d85d0d6d9116627/ Frame 688E 25 KB
25 KB 26ms
24ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/fa4ba7159219f904ea897adaa73c66f9aa9343cd400b941d0d85d0d6d9116627/BG-Dynamic_300x250.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 9e02ba9f2dab0339bff6b9e5a1e8d79ffcaaabbba02d81b3a775cfebec5e14c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 09:24:55 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1247289
x-cache: Hit from cloudfront
content-length: 25135
server: Apache
etag: "9e02ba9f2dab0339bff6b9e5a1e8d79ffcaaabbba02d81b3a775cfebec5e14c9"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 40672233
accept-ranges: bytes
x-amz-cf-id: z4KSsGC_Ew7uHlBi4dzsHvTlEE8S6y7YN2wBNg-BfC_llAs_DabWiw==

GET
H2 200 image.jpg
cache-ssl.celtra.com/api/blobs/1efe13e4897206e5d852df789e1e37b9114a85e6bc1496b39b680041d8a4d780/ Frame 688E 53 KB
53 KB 26ms
25ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/1efe13e4897206e5d852df789e1e37b9114a85e6bc1496b39b680041d8a4d780/image.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 1efe13e4897206e5d852df789e1e37b9114a85e6bc1496b39b680041d8a4d780

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 09:19:00 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4962845
x-cache: Hit from cloudfront
content-length: 53798
server: Apache
etag: "1efe13e4897206e5d852df789e1e37b9114a85e6bc1496b39b680041d8a4d780"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 37967478
accept-ranges: bytes
x-amz-cf-id: hqv_f4u-wf0-P2rKOHBbIMGlnGt0k6NJYD3RRDu82h-TbWzaXF0l1g==

GET
H2 200 image.jpg
cache-ssl.celtra.com/api/blobs/94a82fd6958bef0bcc62d2523b31a2a553cb3ae2f1c960d98e9330a63e227aea/ Frame 688E 43 KB
44 KB 27ms
26ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/94a82fd6958bef0bcc62d2523b31a2a553cb3ae2f1c960d98e9330a63e227aea/image.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 94a82fd6958bef0bcc62d2523b31a2a553cb3ae2f1c960d98e9330a63e227aea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 07:21:40 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 909085
x-cache: Hit from cloudfront
content-length: 44251
server: Apache
etag: "94a82fd6958bef0bcc62d2523b31a2a553cb3ae2f1c960d98e9330a63e227aea"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 18257449
accept-ranges: bytes
x-amz-cf-id: VPFLEtsow8S4AmPrHi4NXEytrGQwrMEDwFkipLdLEu85iVns7269gA==

GET
H2 200 image.jpg
cache-ssl.celtra.com/api/blobs/79b525d9a222506f07c982f65ff83a20369203fad57ba161159cdd3fd552873e/ Frame 688E 151 KB
151 KB 27ms
27ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/79b525d9a222506f07c982f65ff83a20369203fad57ba161159cdd3fd552873e/image.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 79b525d9a222506f07c982f65ff83a20369203fad57ba161159cdd3fd552873e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 01:01:09 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4128716
x-cache: Hit from cloudfront
content-length: 154397
server: Apache
etag: "79b525d9a222506f07c982f65ff83a20369203fad57ba161159cdd3fd552873e"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 37166082
accept-ranges: bytes
x-amz-cf-id: R0oKBF-__KOi0sy0R9zjvgVJ7EFckVIGD9Uiw5GIalvVLLQQurlUmQ==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjY2MDM2Mzg0eGFjZDU1ZGZiM2FkODJmeDU5MDUyOTgxIiwiYWNjb3VudElkIjoiZmJiZGYyZDgiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxMjI2MTE3NzIyMDg5MzY4MiIsImluZGV4IjoyLCJjbGllbnRUaW1lc3RhbXAiOjE2NjYwMzYzODUuNDE3LCJ1bml0TmFtZSI6ImJhbm5lciIsInVuaXRWYXJpYW50TG9jYWxJZCI6Miwic2NyZWVuTG9jYWxJZCI6bnVsbCwic2NyZWVuVGl0bGUiOm51bGwsInNjcmVlbklzTWFzdGVyIjpudWxsLCJvYmplY3RMb2NhbElkIjpudWxsLCJvYmplY3ROYW1lIjpudWxsLCJvYmplY3RDbGF6eiI6bnVsbCwiaW5pdGlhdGlvblRpbWVzdGFtcCI6MTY2NjAzNjM4NS40MTcsIm5hbWUiOiJ2aWV3U2hvd24iLCJ2aWV3TmFtZSI6IjcyOCB4IDkwIiwiY2xhenoiOiJDcmVhdGl2ZVVuaXRWYXJpYW50IiwiZGVzaWduU2l6ZSI6eyJ3aWR0aCI6NzI4LCJoZWlnaHQiOjkwfSwiYXZhaWxhYmxlU2l6ZSI6eyJ3aWR0aCI6NzI4LCJoZWlnaHQiOjkwfX0seyJzZXNzaW9uSWQiOiJzMTY2NjAzNjM4NHhhY2Q1NWRmYjNhZDgyZng1OTA1Mjk4MSIsImFjY291bnRJZCI6ImZiYmRmMmQ4Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiMTIyNjExNzcyMjA4OTM2ODIiLCJpbmRleCI6MywiY2xpZW50VGltZXN0YW1wIjoxNjY2MDM2Mzg1LjQzLCJ1bml0TmFtZSI6ImJhbm5lciIsInVuaXRWYXJpYW50TG9jYWxJZCI6Miwic2NyZWVuTG9jYWxJZCI6NCwic2NyZWVuVGl0bGUiOiJTdGFydCIsInNjcmVlbklzTWFzdGVyIjpmYWxzZSwib2JqZWN0TG9jYWxJZCI6bnVsbCwib2JqZWN0TmFtZSI6bnVsbCwib2JqZWN0Q2xhenoiOm51bGwsImluaXRpYXRpb25UaW1lc3RhbXAiOjE2NjYwMzYzODUuNDMsIm5hbWUiOiJzY3JlZW5TaG93biJ9LHsic2Vzc2lvbklkIjoiczE2NjYwMzYzODR4YWNkNTVkZmIzYWQ4MmZ4NTkwNTI5ODEiLCJhY2NvdW50SWQiOiJmYmJkZjJkOCIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjEyMjYxMTc3MjIwODkzNjgyIiwiaW5kZXgiOjQsImNsaWVudFRpbWVzdGFtcCI6MTY2NjAzNjM4NS40MywibmFtZSI6ImNyZWF0aXZlUmVuZGVyZWQifSx7InNlc3Npb25JZCI6InMxNjY2MDM2Mzg0eGFjZDU1ZGZiM2FkODJmeDU5MDUyOTgxIiwiYWNjb3VudElkIjoiZmJiZGYyZDgiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIxMjI2MTE3NzIyMDg5MzY4MiIsImluZGV4Ijo1LCJjbGllbnRUaW1lc3RhbXAiOjE2NjYwMzYzODUuNDMyLCJ1bml0TmFtZSI6ImJhbm5lciIsInVuaXRWYXJpYW50TG9jYWxJZCI6Miwic2NyZWVuTG9jYWxJZCI6NCwic2NyZWVuVGl0bGUiOiJTdGFydCIsInNjcmVlbklzTWFzdGVyIjpmYWxzZSwib2JqZWN0TG9jYWxJZCI6NzEwLCJvYmplY3ROYW1lIjoicHJvZHVjdHMiLCJvYmplY3RDbGF6eiI6IlN3aXBleUdyb3VwIiwiaW5pdGlhdGlvblRpbWVzdGFtcCI6MTY2NjAzNjM4NS40MzIsIm5hbWUiOiJpdGVtRm9jdXNlZCIsIml0ZW0iOjF9LHsic2Vzc2lvbklkIjoiczE2NjYwMzYzODR4YWNkNTVkZmIzYWQ4MmZ4NTkwNTI5ODEiLCJhY2NvdW50SWQiOiJmYmJkZjJkOCIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjEyMjYxMTc3MjIwODkzNjgyIiwiaW5kZXgiOjYsImNsaWVudFRpbWVzdGFtcCI6MTY2NjAzNjM4NS40MzIsInVuaXROYW1lIjoiYmFubmVyIiwidW5pdFZhcmlhbnRMb2NhbElkIjoyLCJzY3JlZW5Mb2NhbElkIjo0LCJzY3JlZW5UaXRsZSI6IlN0YXJ0Iiwic2NyZWVuSXNNYXN0ZXIiOmZhbHNlLCJvYmplY3RMb2NhbElkIjo3MTAsIm9iamVjdE5hbWUiOiJwcm9kdWN0cyIsIm9iamVjdENsYXp6IjoiU3dpcGV5R3JvdXAiLCJpbml0aWF0aW9uVGltZXN0YW1wIjoxNjY2MDM2Mzg1LjQzMiwibmFtZSI6Iml0ZW1Gb2N1c2VkIiwiaXRlbSI6MX0seyJzZXNzaW9uSWQiOiJzMTY2NjAzNjM4NHhhY2Q1NWRmYjNhZDgyZng1OTA1Mjk4MSIsImFjY291bnRJZCI6ImZiYmRmMmQ4Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiMTIyNjExNzcyMjA4OTM2ODIiLCJpbmRleCI6NywiY2xpZW50VGltZXN0YW1wIjoxNjY2MDM2Mzg1LjQzMiwidW5pdE5hbWUiOiJiYW5uZXIiLCJ1bml0VmFyaWFudExvY2FsSWQiOjIsInNjcmVlbkxvY2FsSWQiOjQsInNjcmVlblRpdGxlIjoiU3RhcnQiLCJzY3JlZW5Jc01hc3RlciI6ZmFsc2UsIm9iamVjdExvY2FsSWQiOjEwMDQsIm9iamVjdE5hbWUiOiJwcm9kdWN0LWxpbmsiLCJvYmplY3RDbGF6eiI6IlN3aXBleUdyb3VwIiwiaW5pdGlhdGlvblRpbWVzdGFtcCI6MTY2NjAzNjM4NS40MzIsIm5hbWUiOiJpdGVtRm9jdXNlZCIsIml0ZW0iOjF9LHsic2Vzc2lvbklkIjoiczE2NjYwMzYzODR4YWNkNTVkZmIzYWQ4MmZ4NTkwNTI5ODEiLCJhY2NvdW50SWQiOiJmYmJkZjJkOCIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjEyMjYxMTc3MjIwODkzNjgyIiwiaW5kZXgiOjgsImNsaWVudFRpbWVzdGFtcCI6MTY2NjAzNjM4NS40MzMsInVuaXROYW1lIjoiYmFubmVyIiwidW5pdFZhcmlhbnRMb2NhbElkIjoyLCJzY3JlZW5Mb2NhbElkIjo0LCJzY3JlZW5UaXRsZSI6IlN0YXJ0Iiwic2NyZWVuSXNNYXN0ZXIiOmZhbHNlLCJvYmplY3RMb2NhbElkIjoxMDA0LCJvYmplY3ROYW1lIjoicHJvZHVjdC1saW5rIiwib2JqZWN0Q2xhenoiOiJTd2lwZXlHcm91cCIsImluaXRpYXRpb25UaW1lc3RhbXAiOjE2NjYwMzYzODUuNDMzLCJuYW1lIjoiaXRlbUZvY3VzZWQiLCJpdGVtIjoxfV19?crc32c=2891113622
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.253.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-253-38.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Mon, 17 Oct 2022 19:53:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjY2MDM2Mzg0eDJiMjc3NWUyZWVlMmE5eDY0Njk2OTg4IiwiYWNjb3VudElkIjoiZmJiZGYyZDgiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyODM1OTUyMDE3NDQ4NjI2MyIsImluZGV4I...
track.celtra.com/json/ Frame 6695 35 B
242 B 68ms
20ms Image
image/gif 3.124.253.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjY2MDM2Mzg0eDJiMjc3NWUyZWVlMmE5eDY0Njk2OTg4IiwiYWNjb3VudElkIjoiZmJiZGYyZDgiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyODM1OTUyMDE3NDQ4NjI2MyIsImluZGV4IjowLCJjbGllbnRUaW1lc3RhbXAiOjE2NjYwMzYzODUuMjc3LCJzY29wZSI6Imdsb2JhbCIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDYuMC41MjQ5LjExOSBTYWZhcmkvNTM3LjM2Iiwib3JpZW50YXRpb24iOjAsInRvcG1vc3RSZWFjaGFibGVXaW5kb3ciOnsid2lkdGgiOjMwMCwiaGVpZ2h0IjoyNTB9LCJob3N0V2luZG93Ijp7IndpZHRoIjozMDAsImhlaWdodCI6MjUwfSwibmVzdGluZyI6eyJpZnJhbWUiOnRydWUsImZyaWVuZGx5SWZyYW1lIjpmYWxzZSwiaWFiRnJpZW5kbHlJZnJhbWUiOmZhbHNlLCJob3N0aWxlSWZyYW1lIjp0cnVlLCJpZnJhbWVEZXB0aCI6MH0sInBhZ2VWaXNpYmlsaXR5QXBpIjp0cnVlLCJyZXF1ZXN0QW5pbWF0aW9uRnJhbWUiOnRydWUsInRvcFdpbmRvd05hdGl2ZVJBRlN1cHBvcnRlZCI6dHJ1ZSwiYWxsb3dOb25OYXRpdmVSQUZGb3JWaWV3YWJsZVRpbWVVc2VkIjpmYWxzZSwiY2xpZW50VGltZVpvbmVPZmZzZXRJbk1pbnV0ZXMiOjAsInN1cHBvcnRzQ29udGFpbmVyVmlld2FiaWxpdHkiOmZhbHNlLCJzdXBwb3J0c0NvbnRhaW5lckluaXRpYWxWaWV3YWJpbGl0eSI6ZmFsc2UsInRhZ1BhcmVudFdpZHRoIjowLCJ0YWdQYXJlbnRIZWlnaHQiOjAsImFtcERldGVjdGVkIjpmYWxzZSwiYW1wTmVzdGluZ0xldmVsIjoiIiwic2FmZUZyYW1lRGV0ZWN0ZWQiOmZhbHNlLCJmZXRjaFN1cHBvcnRlZCI6dHJ1ZSwiYXNhcEVuYWJsZWQiOm51bGwsIm5hdGl2ZVByb21pc2VzU3VwcG9ydGVkIjp0cnVlLCJiZWFjb25TdXBwb3J0ZWQiOnRydWUsIkludGVyc2VjdGlvbk9ic2VydmVyU3VwcG9ydGVkIjp0cnVlLCJpc011dGF0aW9uT2JzZXJ2ZXJTdXBwb3J0ZWQiOnRydWUsIndlYlZpZXciOm51bGwsImlzV2luZG93T3Blbk5hdGl2ZSI6dHJ1ZSwicHJvdG9Mb2FkaW5nIjp7ImRhdGFMb2FkU3RhdHVzIjoic3VwcG9ydGVkIiwiYmxvYkxvYWRTdGF0dXMiOiJzdXBwb3J0ZWQifSwibmFtZSI6ImVudmlyb25tZW50SW5mbyJ9LHsic2Vzc2lvbklkIjoiczE2NjYwMzYzODR4MmIyNzc1ZTJlZWUyYTl4NjQ2OTY5ODgiLCJhY2NvdW50SWQiOiJmYmJkZjJkOCIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjI4MzU5NTIwMTc0NDg2MjYzIiwiaW5kZXgiOjEsImNsaWVudFRpbWVzdGFtcCI6MTY2NjAzNjM4NS40NDYsIm5hbWUiOiJjcmVhdGl2ZUxvYWRlZCIsInZpZXdhYmlsaXR5MDBNZWFzdXJhYmxlIjpmYWxzZSwidmlld2FiaWxpdHk1MDFNZWFzdXJhYmxlIjpmYWxzZSwidmlld2FibGVUaW1lTWVhc3VyYWJsZSI6ZmFsc2UsImNkblZhcmlhbnQiOiJub25lIn1dfQ==?crc32c=2379620380
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.253.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-253-38.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Mon, 17 Oct 2022 19:53:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F461 0
0 55ms
54ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022101301&jk=2490143105744881&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjY2MDM2Mzg0eDJiMjc3NWUyZWVlMmE5eDY0Njk2OTg4IiwiYWNjb3VudElkIjoiZmJiZGYyZDgiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyODM1OTUyMDE3NDQ4NjI2MyIsImluZGV4IjoyLCJjbGllbnRUaW1lc3RhbXAiOjE2NjYwMzYzODUuNDY5LCJ1bml0TmFtZSI6ImJhbm5lciIsInVuaXRWYXJpYW50TG9jYWxJZCI6Miwic2NyZWVuTG9jYWxJZCI6bnVsbCwic2NyZWVuVGl0bGUiOm51bGwsInNjcmVlbklzTWFzdGVyIjpudWxsLCJvYmplY3RMb2NhbElkIjpudWxsLCJvYmplY3ROYW1lIjpudWxsLCJvYmplY3RDbGF6eiI6bnVsbCwiaW5pdGlhdGlvblRpbWVzdGFtcCI6MTY2NjAzNjM4NS40NjksIm5hbWUiOiJ2aWV3U2hvd24iLCJ2aWV3TmFtZSI6IjMwMCB4IDI1MCIsImNsYXp6IjoiQ3JlYXRpdmVVbml0VmFyaWFudCIsImRlc2lnblNpemUiOnsid2lkdGgiOjMwMCwiaGVpZ2h0IjoyNTB9LCJhdmFpbGFibGVTaXplIjp7IndpZHRoIjozMDAsImhlaWdodCI6MjUwfX0seyJzZXNzaW9uSWQiOiJzMTY2NjAzNjM4NHgyYjI3NzVlMmVlZTJhOXg2NDY5Njk4OCIsImFjY291bnRJZCI6ImZiYmRmMmQ4Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiMjgzNTk1MjAxNzQ0ODYyNjMiLCJpbmRleCI6MywiY2xpZW50VGltZXN0YW1wIjoxNjY2MDM2Mzg1LjQ3OCwidW5pdE5hbWUiOiJiYW5uZXIiLCJ1bml0VmFyaWFudExvY2FsSWQiOjIsInNjcmVlbkxvY2FsSWQiOjQsInNjcmVlblRpdGxlIjoiU3RhcnQiLCJzY3JlZW5Jc01hc3RlciI6ZmFsc2UsIm9iamVjdExvY2FsSWQiOm51bGwsIm9iamVjdE5hbWUiOm51bGwsIm9iamVjdENsYXp6IjpudWxsLCJpbml0aWF0aW9uVGltZXN0YW1wIjoxNjY2MDM2Mzg1LjQ3OCwibmFtZSI6InNjcmVlblNob3duIn0seyJzZXNzaW9uSWQiOiJzMTY2NjAzNjM4NHgyYjI3NzVlMmVlZTJhOXg2NDY5Njk4OCIsImFjY291bnRJZCI6ImZiYmRmMmQ4Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiMjgzNTk1MjAxNzQ0ODYyNjMiLCJpbmRleCI6NCwiY2xpZW50VGltZXN0YW1wIjoxNjY2MDM2Mzg1LjQ3OCwibmFtZSI6ImNyZWF0aXZlUmVuZGVyZWQifSx7InNlc3Npb25JZCI6InMxNjY2MDM2Mzg0eDJiMjc3NWUyZWVlMmE5eDY0Njk2OTg4IiwiYWNjb3VudElkIjoiZmJiZGYyZDgiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyODM1OTUyMDE3NDQ4NjI2MyIsImluZGV4Ijo1LCJjbGllbnRUaW1lc3RhbXAiOjE2NjYwMzYzODUuNDc5LCJ1bml0TmFtZSI6ImJhbm5lciIsInVuaXRWYXJpYW50TG9jYWxJZCI6Miwic2NyZWVuTG9jYWxJZCI6NCwic2NyZWVuVGl0bGUiOiJTdGFydCIsInNjcmVlbklzTWFzdGVyIjpmYWxzZSwib2JqZWN0TG9jYWxJZCI6NjA1LCJvYmplY3ROYW1lIjoicHJvZHVjdHMiLCJvYmplY3RDbGF6eiI6IlN3aXBleUdyb3VwIiwiaW5pdGlhdGlvblRpbWVzdGFtcCI6MTY2NjAzNjM4NS40NzksIm5hbWUiOiJpdGVtRm9jdXNlZCIsIml0ZW0iOjF9LHsic2Vzc2lvbklkIjoiczE2NjYwMzYzODR4MmIyNzc1ZTJlZWUyYTl4NjQ2OTY5ODgiLCJhY2NvdW50SWQiOiJmYmJkZjJkOCIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjI4MzU5NTIwMTc0NDg2MjYzIiwiaW5kZXgiOjYsImNsaWVudFRpbWVzdGFtcCI6MTY2NjAzNjM4NS40OCwidW5pdE5hbWUiOiJiYW5uZXIiLCJ1bml0VmFyaWFudExvY2FsSWQiOjIsInNjcmVlbkxvY2FsSWQiOjQsInNjcmVlblRpdGxlIjoiU3RhcnQiLCJzY3JlZW5Jc01hc3RlciI6ZmFsc2UsIm9iamVjdExvY2FsSWQiOjYwNSwib2JqZWN0TmFtZSI6InByb2R1Y3RzIiwib2JqZWN0Q2xhenoiOiJTd2lwZXlHcm91cCIsImluaXRpYXRpb25UaW1lc3RhbXAiOjE2NjYwMzYzODUuNDgsIm5hbWUiOiJpdGVtRm9jdXNlZCIsIml0ZW0iOjF9LHsic2Vzc2lvbklkIjoiczE2NjYwMzYzODR4MmIyNzc1ZTJlZWUyYTl4NjQ2OTY5ODgiLCJhY2NvdW50SWQiOiJmYmJkZjJkOCIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6IjI4MzU5NTIwMTc0NDg2MjYzIiwiaW5kZXgiOjcsImNsaWVudFRpbWVzdGFtcCI6MTY2NjAzNjM4NS40OCwidW5pdE5hbWUiOiJiYW5uZXIiLCJ1bml0VmFyaWFudExvY2FsSWQiOjIsInNjcmVlbkxvY2FsSWQiOjQsInNjcmVlblRpdGxlIjoiU3RhcnQiLCJzY3JlZW5Jc01hc3RlciI6ZmFsc2UsIm9iamVjdExvY2FsSWQiOjYzMiwib2JqZWN0TmFtZSI6InByb2R1Y3RzLWxpbmsiLCJvYmplY3RDbGF6eiI6IlN3aXBleUdyb3VwIiwiaW5pdGlhdGlvblRpbWVzdGFtcCI6MTY2NjAzNjM4NS40OCwibmFtZSI6Iml0ZW1Gb2N1c2VkIiwiaXRlbSI6MX0seyJzZXNzaW9uSWQiOiJzMTY2NjAzNjM4NHgyYjI3NzVlMmVlZTJhOXg2NDY5Njk4OCIsImFjY291bnRJZCI6ImZiYmRmMmQ4Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiMjgzNTk1MjAxNzQ0ODYyNjMiLCJpbmRleCI6OCwiY2xpZW50VGltZXN0YW1wIjoxNjY2MDM2Mzg1LjQ4LCJ1bml0TmFtZSI6ImJhbm5lciIsInVuaXRWYXJpYW50TG9jYWxJZCI6Miwic2NyZWVuTG9jYWxJZCI6NCwic2NyZWVuVGl0bGUiOiJTdGFydCIsInNjcmVlbklzTWFzdGVyIjpmYWxzZSwib2JqZWN0TG9jYWxJZCI6NjMyLCJvYmplY3ROYW1lIjoicHJvZHVjdHMtbGluayIsIm9iamVjdENsYXp6IjoiU3dpcGV5R3JvdXAiLCJpbml0aWF0aW9uVGltZXN0YW1wIjoxNjY2MDM2Mzg1LjQ4LCJuYW1lIjoiaXRlbUZvY3VzZWQiLCJpdGVtIjoxfV19?crc32c=977383587
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.253.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-253-38.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Mon, 17 Oct 2022 19:53:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H3 200 7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js Show response
pagead2.googlesyndication.com/bg/ Frame D359 36 KB
16 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 14:58:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15945
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 14:58:46 GMT

GET
H/1.1 206
Partial Content av2.mp4
acdn.adnxs-simple.com/video/static/res/ Frame 32B3 25 KB
25 KB 104ms
19ms Media
video/mp4 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/video/static/res/av2.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ea09040c0f36fbe5e5ec7510c1560d14513db8bfbe27e1b79c55aab1d3c1edb0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range: bytes=0-

Response headers

X-Cache-Hits: 11740, 106753
Date: Mon, 17 Oct 2022 19:53:05 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 4199760
X-Cache: HIT, HIT
Content-Range: bytes 0-25171/25172
Connection: keep-alive
Content-Length: 25172
X-Served-By: cache-lga21966-LGA, cache-hhn4035-HHN
Last-Modified: Fri, 22 Sep 2017 18:58:43 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1666036386.646207,VS0,VE0
ETag: "59c55d63-6254"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Expires: Wed, 30 Aug 2023 05:17:06 GMT

GET
H/1.1 206
Partial Content av2.mp4
acdn.adnxs-simple.com/video/static/res/ Frame 78DF 25 KB
25 KB 105ms
21ms Media
video/mp4 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/video/static/res/av2.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ea09040c0f36fbe5e5ec7510c1560d14513db8bfbe27e1b79c55aab1d3c1edb0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range: bytes=0-

Response headers

X-Cache-Hits: 11740, 145276
Date: Mon, 17 Oct 2022 19:53:05 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 4199760
X-Cache: HIT, HIT
Content-Range: bytes 0-25171/25172
Connection: keep-alive
Content-Length: 25172
X-Served-By: cache-lga21966-LGA, cache-hhn4078-HHN
Last-Modified: Fri, 22 Sep 2017 18:58:43 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1666036386.647055,VS0,VE0
ETag: "59c55d63-6254"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Expires: Wed, 30 Aug 2023 05:17:06 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D359 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mrOBEg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/omsdkvideo/229/ Frame CAE7 128 KB
39 KB 109ms
29ms Script
application/x-javascript 23.35.228.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/omsdkvideo/229/trk.js
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/video/outstream/ANOutstreamVideo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.228.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d76ee730bf11c03b986c5e5ca90907671c2a0b7871a2ac5f2657a898c01e7e56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 19:53:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Oct 2022 09:41:44 GMT
Server: AkamaiNetStorage
ETag: "cfb4dc27166a399fdd5608c0d96cdc52:1664962904.795943"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39176
Expires: Tue, 17 Oct 2023 19:53:05 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9B67 52 KB
17 KB 20ms
19ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/video/outstream/ANOutstreamVideo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.yallakora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 50889
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 17 Oct 2022 19:53:05 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 57, 906949
X-Served-By: cache-lga13626-LGA, cache-hhn4050-HHN
X-Timer: S1666036386.732917,VS0,VE0

GET
DATA 200
OK truncated
/ Frame CAE7 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4ed5465b3e77cbca37e9d5a38c620e238e8f225368039c002f2d4bbd14b852c

Request headers

Referer
Origin: https://www.yallakora.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 3C44 44 KB
16 KB 88ms
22ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64acc77d9de85bfc688d93355c91769fda5ea9b3e43de901304f2d302551c29e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 689
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16259
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 22:03:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Mon, 17 Oct 2022 19:56:36 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9B67 0
747 B 27ms
26ms Script
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 19:53:05 GMT
AN-X-Request-Uuid: b62bdc3b-4991-4adc-9687-d0fc0030d29d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6695 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSEi75BJcXeYPCvtXYvPgG4TOOZKGuVtPXILqmNEasYPc8JBZ8c18spyjNcv7srSb1BbYsYB8PsDLXGn2XB-qhtuDC375BTcAhze8hPsdhWkkMtrCO11UYyYfPpw&sai=AMfl-YSYYWzKQRNBXGTBmDy8AUXP11gD7plPiPazXogVJRhBlyg3Onjm7apFCMbHAmUuRjKPkF68mx-MY6xoNV_SwA6mZn71ZctXIMdQSzJaM2mqCJszWjLjR9pzQMhJrCsam7M&sig=Cg0ArKJSzEq3mtN6z8P3EAE&cid=CAQSPwDq26N9273l0L_ZQXUOadne8FZK3XKadae1l4_uQYqfmtQugYg6aCoTNGJzgr-KBw45WlVlsxlslQ5f9ME_-RgBIA4&id=lidar2&mcvt=1008&p=244,262,494,562&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=654180131&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666036384369&rpt=399&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FAA4 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstuRYI-9eiPE2C2FbO9ibZeVAKDrIMxrgMKlgxkxzD5bW8NKxnqKtTsQiGKsL9A44hQe0h-oKy48VD_swIibptgBMC7-kw6XBOam5Vpfs1wryvXBOuKfKCttBgzAA&sai=AMfl-YRTtekhRnDYT7YxtYhu2Njm1FVF4lAPkYN-Byug7PNYSbH6Ei55nxcxoQLQrb9DTCy37dMulpZ5NxNM4IoEuYBggAqzsOs3YOLzPbaQ2SYUVjQp82UJuDF8EleOzKpEhhQ&sig=Cg0ArKJSzKe1w3x2CbhtEAE&cid=CAQSPwDq26N9273l0L_ZQXUOadne8FZK3XKadae1l4_uQYqfmtQugYg6aCoTNGJzgr-KBw45WlVlsxlslQ5f9ME_-RgBIA4&id=lidar2&mcvt=1000&p=764,596,854,1324&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1757246092&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666036384363&rpt=439&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK rd_log
fra1-ib.adnxs.com/ Frame CAE7 0
843 B 21ms
21ms Ping
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.yallakora.com%2F&e=wqT_3QKHbPBMBzYAAAMA1gAFAQih5baaBhCKvOLRoa2egw4YkcizsdGw-6dTKjYJsK4K1GJw7D8RfBQJAVQs6D8ZAAAAQOF6AEAhfBQJAVQs6D8psK4JJNgxAAAAIK5H6T8wsOLsCzjeZEC8CUhlUJnj67IBWOu9mAFgAGiYm7sBeOKEBoABAYoBA1VTRJIBAQb01BSYAQGgAQGoAQGwAQC4AQPAAQXIAQLQAQDYAQDgAQDwAQC6AqELaHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQvZGJtL2Nsaz9zYT1MJmFpPUNweU9yb2JKTlk1ZVRCTXlYLXdiRDc2andCWW1fOU5GcmtlNndwcWdRLUM0UUFTRG1sOVlsWUpVQ29BR2duT2ZSQWNnQkJhZ0RBY2dERTVnRUFLb0U3d0ZQME0yeHoteVN5RE1yR3ZXSElpQngtOEtlTHhYSHh3ODUzS3ZkZHBzX3VSSjZuY3JqU0JvZGIyT2N0QkFFR1ItMU9NMUxQakhlSFZ6LWlpYzV6b0tnampJaXdiNzA1Mk1WMXZxWHVJVno2YlRpTE8xdmNmWFZ1dkE5LUlUU1ZsWW9qNklRLV85U1BMSmhYUUo3bXR5aTk1bGlZWWlKeUNvSEFHNWhpMkJrY1l6VFp4amZaYnoxRS1YZ0s3UUZmc29MVVdIcDV6alNXSFNiVHd2cnNkRUVPb1hlUVplS05PMzRlYUtad05xeFg3UE02ZzBFd3MtQnVaLUx3bHA3c2R1QVYzdEwzem5yTWhBbjFseThaaTdJay1NZmtvX09xZzVYYnMtc05ISE9IdHFrbXZrbEIwZlBKTUZSYWFtRzc4QUU1UGJtNDR3RTRBUURrQVlCb0FaT2dBZkk0NWl1QXFnSGpzNGJxQWVUMkJ1b0ItNldzUUtvQl82ZXNRS29CNlNqc1FLb0I5WEpHNmdIcHI0YnFBZWFCcWdIODlFYnFBZVcyQnVvQjZxYnNRS29COS1mc1FMWUJ3RFNDQkVJZ09HQUVCQUJHQjh5QXFvQ09nS0FRUElJRG1KcFpHUmxjaTAxTnpnNU1USTFnQW9FbUFzQnlBc0JnQXdCc0JPdDdPMFEwQk1BMkJNTGlCU05BdGdVQWRBVkFmZ1dBWUFYQVEmbnVtPTEmY2lkPUNBQVNGZVJvWFdoYlpCTTJGcG9IRVNVekMwMm41VGlETncmc2lnPUFPRDY0XzJSVjF0UVRhV3RJVTRsdHdyb0FkTVNQWWZINHcmY2xpZW50PWNhLXB1Yi0zMDc2ODkwMDEyNzQxNDY3JmRibV9jPUFLQW1mLURFa3VYRjEyc1hfSzN6ZEtCTkVaT1NEeVhMb3gwRjM1eHl1UkJhVTdKSmh4cmdhLWpFTUhzeXVGTkMxdGo0VWM0S3hQc3gmZGJtX2Q9QUtBbWYtQ3RKdF9SZDNTWWRGUmJjYklmYXUtWHpta3c3ZGljTjZYU2wweFJqZ2R1bWRWVERBWkQxQWlGYkZLOHA2bmlwcG9Cd2R0cHkzNk5WbnpQNEkyLUxJajNnYV9FQmt1dVFrTlhXNG5zY0pVaDlMNXZfcEtXRFR5VTJ3S3VDeVpxY2ZLTm5PNDhhRHhpSjVxMFJ1bm1KTzdobXN4MWlnM01wc0VCeXNReHZtZWdEQ2k5dlFFY3JmQ3hQcnV6djF4UHhGTjRjVlBMN1R2b2VXSkJFQ0hXcTU0a1dBR28wbEtwNmFUcmRlZnZORGZvQjJGcW9OOUhYbWpBM19qZmFaRlRoOWtTY19XaGR3dGFyLU5vc0lVM0FMeVVXMVJkbENjcFVRUlBVNUMxNXFzQzRLWHhOR0lVR3g1aldWVU5QQ29YbHBtc0N0T08wNTkzaENadTAzTEZjS0tIVGF6NWtRU1gxQlpZYWwtY2RuWTJjd21wOTFFN09La2trdTR4eEJwYV9QZk1EbXMtOGpjMEZodmVNRVpnWGpSTDlhSjRJV3h4aHhsWmxIV3g0dGxuQnZ6ZTU3U2VrSkJkd0l5S3YtNjQxc2J3VjlFNnlGVjRXU3VUbndmWXhkazdfUElHenFMRWZNSnhIWVhFQ3M0Ti1UVFhFbm9Ud0tvNThsdU5seHJCT1RsYU43ZXVoZFduY1hBXy1HR2pBSnNOV1VFWjRnJmFkdXJsPdgCAOAC459c6gIaaHR0cHM6Ly93d3cueWFsbGFrb3JhLmNvbS_yAtkZCghCSURfREFUQRLMGUFLQW1mLUI0bm5yTk9xRXAwczljX3NHVWFvOGZHZ3E1aHFRRUc3ZFpfS0lDRW1IdENaVW05M1hNaHlWdUdpRjhmbFZFWWtSUmd6ZlBiSGZUaGpDbzJteGQ2Q3loZVBQaVl5RXBlc0FYVXhSbDhBYTBIN3o2YVVyenJLbXBLT3BDMDgycmdISmdlQjQzTUw2a2FqSHRhdDZUNXhwUlI0WTRORzFKb1J4Y3pGanFrdkt2WlZSVmg0TkM1R3VLU19rSzhvTzBMeWtJSWZHTnhlZk15WVlZdDBfeFJLdWpfeWxibzZrY1JrUXdONmVlcllCSnhueHNlQlVUcDVOY0lDN1pnN21mTXdDcVp6Zlk0TnktRm9GczZJYktkQmtNQV9EMWZsZkFsdzNOdmpSZFRBem05SERVR1hVV05nWTJWZU5uVkZQM050dnF0NnBqRjBGb0lKT2VfU3FPSkFPVnZOMDEtMmRISUtwLUFkQ3hGZ0x1Tmp0VHZoV09nYnV2bFh5VmRUTUdxanRscFpKeGNzUlg1a2hmNV9Rdl9YSUl3MEdBUS15aVJmZ0NYcUVmODR4cDdEeGh4aGhqWHBOTFJPWEdkcWRfM2wyazVvS0Y0MV80T2tyWV8wdHFMeXJxTG1TdC1hbzh6N1JXZVN6Y19kc2tab1FIbUtKWE1za3ZmNU1WUTNRMXc1SkM2TkMyRWFDc3BOSTVrRXUtNVgxYVQwSURFVjA2YWR2VURCbnVQbU9GT3dyaG1EaTNsaENSaXhlWGdkTXRlZGZoYU9RVkMxWWwwcTFwT0k5Z1dieFRXMFE2Q2ZOYWQxNDVDZWp3QnkzMmRtTEx4R0VVdXpNVk9rV2hhOUdtWWxpeUUtUXFPNmF2WDliQ0xsenh6bmdCbTR4OEZlZmFwaXN1aXJTTHlNRDU1ckdRLVluWHNmeFJ3VGFuVC1nMDNMNjFBTHJ4VVNrVHFxU1U0Qk5taWRrZTd0alhxSTVmRmZzeU5aTlROTVVwSXZwTTc3UnM4cWktaGstSlRrSmdMZ2FaOFA4Y3VlVkZSb2dNMDBwNEdKNUJpY04zaF8xejJBaUZSV1pJOHR0UUp4ZXhoOF9nWDBTNXUxS2llQjZMUVdqaU1wbGVkdndkTmJZT2hxMWpvamt0bl9ibUVBQ2tzdHUwTGI0VXF5NE90c2hSMWxabVVvalhDQ0QxTVQxWjIxRzlVMTc0SFRlak1malJfVWFMd2xBd3lHbkpOekdzcG5JVy0xWGpuaTdKRmIwd1JkRThlT0thSEZfSXZXNGR3VnV6N1hkQkZLc1lnY0ZNMHpFVmhRc1ZhZmhLeTJaZDdRMnpWVjhCZWlCS2JETmRxbXVIX0ZVRGt4NENGRHdTMF83NzFFYmtJcVlYSzI5WnpXTVQ1ek9IbDZ6blRlRnNFME0yRzR4ZUNlNzNZNFphYUpIVnBmRjlOYmZNMlNRUmg3Wjl2Ni1pUUYtcGI0NXZEQ3dEd0dyajRJOF9CNU1CRDE1dnU3cklyLWEwQkhGS2pfd0xjQXJWbEV4LS1KTldYb0VVQWJlMlhTMUs4a3BFUDFMbk53a3JHcUxoOS1hR1ZqcjlIUFZCa3J4eUFrV3ZkQnBtZl9QbzN6SlNSU3pJemZWeHo2el9jLTVPMTE1OHR2eEZwWnNlZFA3akxHUi1jb0xsaGItV0tQT2RrUVRsdjV1elh6RnZ2N3dLQlZfZUlyVWt1WUxGNFlUMDhpUlZZeUV2Vm5pdlNHbDk2SGF1Q1VBb3FRTWQzOXFzYzJialdjVklBakptb2dYS21jc0dRcWNxNXl4S2dWNF9KR3VBWWhkT3pLVzh5eU9NWEhjUk9jTld0QVFrUUEtOVZqVjlfbnhCZE9kcGZVTWdJMXFkMGFmd0RTaEc3ZVR1Tmt4czZpRXVTUHFDSnViY2VJbVNYTjI5TXZWLWhKTFVhRkpRZGgxVFRBRW9IaVNYZG1GVUc3cFZyUlRzVFliV3JxaU9uTk1rNFdkZTFfNkJJcXVxV1FHS25RbzVnd0hlci1sS1MwaTE5NU9YNk1vX0hxUFJjaHVoQ2NKZFB2VEU1ZTlPNHBqSmRnOWotMnRmbTExdjE5TEt1NGtnblpuTFpSWmgtQndRT0ZzdWNtSEhub1p6Y2NFV21VX1lPYjBlUGZSYUFwcmJrRDk1NG8yMi1qeXdBYkNTY0p1cFN1X2MyU2FPWUhjdm1nNjFuSnEydTI1RWFnMUhqU3dPVkljT19KdjhyNEdOWUpRbkNWT2NHWkpiX3JqQTd3VE84eTlvSk1rMjZOVXNnYW5PN0dCY3BDRXBEdzNud3lrRG1oVFBUUGY2SG9MV05OZ2lXa1o4eG95MFAxVDVudzBWR0dhWkMtZC1qSkdYMF81ZlpDQkNoTWFRdE4yeUdvWkRrT1U1Z09hRExEQXZfU25FN1E1UmRSLXc3YkFjeDN2UlRrSkdzVGk4eUFlbkhJSk5fZ2o1Skd4SS1hcDRUV1ZtS3hqOGx3aFVnMDVZS2VjempTbXdOMVB3OTVzR3lxZTAwd0wxNzZoVXA0cDM2MjlEZVNSQ0JNZXBfS25aVVh3N2hSakE1bWE0a0p6Nm9EOW9ZWldTX2JoN1lGMW5sWXV5bzBMZ0RmbFRPWDkxSEZnbjBsX1Jjemt4WElFR2RxY3ZFUU5kbVNBUzBDcVNCWXhXWlRjVkg5cndLZ3hmeXZQcS1DeDU0Vi1oZ3lBRDZSZkp2Y09HTEs1Z2NjdnhHUkRPMEpHTFlHZERkZmdVWUJTelo1V2NmTThmcmRGeGRKYlJiR2lScXdIUEowTWhyMnJSZ3AyanozX1pLQklXX21pU1FqZmVncENLSFZIdHJ4X0s5cnVWbG9BV0NJeUJFSVotVEJxQng4SzlfemZaZUhXUEJSYXk3X201dm43LTNKcUJXSkZvNS1HTjUyV0xYYVVnQTJLbGxrZGRlOGh1MmJhWTVZaXFZeDR2UGVUaEpVbGFRWkw5ZThfLTk2LUtCZjlwSWdUZ1I5UVVyQ3JmQ3dVZXVsLXEwQ1dTbUpZeHRTbVVXM2kycnItSWJzaWx4VGt4RG1WSm9fak55MFRoUXM0TEo4UlF1ZXIxT0lDaGd4ek0yR0ZrX0IxMGRnZFBuSWZxcm1VNThsdGJnZWdmZkhia3lpanp1ckpqQVVSY2Z1VVB6bF9VaUQ0aEw0cW5OXzJHeUd4TGxBZnVhQkpIT2xoZk83X2x6UGc4M1VKTURUajc4a1gwblJpNHlPaUc0ajBRWE9MYlNYSWdCdWEtaXp5YVFzbTVlVXFzbUF1X2tHRDFaNU9HNThNMlVXdE85andtM1BZRGw0QWU5azNrMFBlLUdBX2pQc293UF9US2otMlYxbHJKWEhZbVViQjd0S2Vqd0NEWjBIOTZPanR1bzlFZFY4eV9LZ19hajdjWWtVR1FFVU1ZalF6eXFzdlEzOHdaY0htMGVhdUVQNG5nNk9yWDV5RlI0d0dzVWFPTlJPOVA4UWFkQXdnZkhHSzUxNjhHQVROSENqcTZQeEt3bGVxcGNweEt4VW5rcUUzeEhTRWduR1JDTUdqcjRiWWRJR2JzQy1pLUlpWUpXdnljWjFxT2ZObF9jdEJsVHlPQkV0T3JNZ2haN2VSbXE5b1JEQ2JweWlXYkw2YU1FeHgydXZPWnd1VTJmenNiQlE3TFJJLWdUMjlsVno1TENKckRwRFlVTmxqOS1FbkdvNjlpNWtqWkdoVFU0cGt6Sm1ONU93QUNDbzFyY19Zblp0VEtoejR3bktQNmMzRzM4ZnJyODdSck9ZVmE4UkU4QnAwOFlGTHdNbXBRdXlNOXZoWU11ZGh5U3RrYVJqc0puQ293X3hHYlJIWmRnb1ZxODI4WFBodnpuQUpmNzlpS2xlbXNzbTMxaWNZbDBfeVV2eGh4MDRCS0VIZUUtSF8zeXo4U1g4NDN4Z2FjRzdrRWpvdGRQLXk2M21yTkF4V3c3bFVabmY3UWVBR211OFlXdjhISGtPTTY3eThPWGNIZzM2RHlOU003d2piQmcydy10REVsNHNYZkRoZnpnZmFzdEV0ekt6UXN4RnNSN1VtRVN4X3Mzb3dMZVdBeG9wYlVyaW8xb01QVTRzbG1maUE1ZVJDeFJkWU03RnljWkVrWFNPOVFtQ0JaWFF5RVdidWZLblZqSDhjb3VsQk5QMWI2Sm1RWlRjMFU1azR3cEJDa2NRb0oyQVB0UmVPb2Z6TlljZXl4amtWVV96T0tHTnFNNktLUDg0NEV0QjFXRWU4Y3pTelZYakgwZWpIQjVpSklZekhhZnhtSVNJZ3pFczJGZ25rZEw3LUpxYlVzU2xyYVRMLU1HSWwwTFN3REdNVDlfcms5bzlsTPIChgEKC0JFQUNPTl9EQVRBEndBS0FtZi1BdXNLMzR2SkNyUWFocjhSMzliZlljVDBTNHMzM21haUotN1VOaENRd04yeXNCN01TRk1sVWVFMnZiOUdISDFOaVVUX1VsQ1BJbkJYTjh6Yk1hLWEtbVFpMDNQUTJnTVgxNWRuR3VMelV2bDlkeFU3b_IClwIKG0RZTkFNSUNfQ1JFQVRJVkVfUElYRUxfREFUQRL3AUFQRXVjTlUwS0tNaGxYUlBqTkJmcTY4czJXdV8tTmtYZHF3c05vRmNiNFBBMS1MNGJLd0JOQ0pxZThiLVFaaVh1SlM3aFM2N0dxWnV1N0dnTktXeXc1b015ZmxsekxKTWJPSUFGYnBpV24tRzB5elU1MUlheHRpWngyTzdhWXp1SnIzZ3FjMzRqcmp2Wk5oR0EwVDJQZ3RlZjNXY0xPRm1aSUMzRHp1X2ZhaTNhTUI4Qm13X2hKV2ZZVFFXV3pNam04cEtFSGpEb1ZpR3JVZHJOZDl3UWw4Qmw2MlRFX2hkdHpNLU1tNGE5WDFZd2QtNUZxZDlndEnyArQLCg5YQklEX0NMSUNLX1VSTBKhC2h0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0L2RibS9jbGs_c2E9TCZhaT1DcHlPcm9iSk5ZNWVUQk15WC13YkQ3Nmp3QlltX_5fFP5fFP5fFP5fFP5fFP5fFP5fFP5fFP5fFP5fFP5fFP5fFP5fFP5fFP5fFP5fFP5fFP5fFP5fFP5fFP5fFD5fFGjyAtwLChJYQklEX0NMSUNLX1VSTF9FTkMSxQuqGxpAJTNGc2ElM0RMJTI2YWklM0T-Ixr-Ixr-Ixr-Ixr-Ixr-Ixr-Ixr-Ixr-IxraIxo8JTI2bnVtJTNEMSUyNmNpZEGKUEFBU0ZlUm9YV2hiWkJNMkZwb0hFUy4rGjwlMjZzaWclM0RBT0Q2NF8yai8aAVZcbGllbnQlM0RjYS1wdWItMzA3Njg5MDAxGjMaHCUyNmRibV9jAVAoS0FtZi1ERWt1WEb-NxoNVwHSCVcYQ3RKdF9SZP47Gv47Gv47Gv47Gv47Gv47Gv47Gv47GlI7GqGGMGR1cmwlM0TyAv8LChEy2wWl3wDpst8FBDI1peEEMjWl4wA1peUBDf7nBf7nBf7nBf7nBf7nBf7nBf7nBf7nBf7nBeLnBQA1qelBhAQxJQEOoe0BDo7vBQA1qfEBL47zBQg1Mjat9QEyYvcFADWx-QEmqaT--wWx-w1bAGQdW_7_Bf7_Bf7_Bf7_Bf7_Bf7_Bf7_Bf7_BXb_BaGixQFBjBTyAqcMChVCAwbFBwSNDK7mCwQyNdUJAVkATAURzQ0BEf4PBv4PBv4PBv4PBv4PBv4PBv4PBv4PBv4PBuoPBtURQYjFE6G3AGmhMwESlhcG1RkBM5YbBgFmFhIMZR1uHwatxgBjDSr-IwY-IwYNXxHyCV_-Jwb-Jwb-Jwb-Jwb-Jwb-Jwb-Jwb-JwZ-Jwahvs0pQfQU8gLZCwoPySsgUE9JTlRST0xM_gsS_gsS_gsS_gsS_gsS_gsS_gsS_gsS_gsS_gsS_gsS_gsS_gsS_gsS_gsS_gsS_gsS_gsS_gsS_gsS_gsS_gsS_gsSJgsSkB8KC0NBQ0hFQlVTVEVSEhAxNjY2MDM2Mzg1MDY3OTkx8gIvCg8SDBiwQVVDVElPTl9JRBIcQUJBakgwanIwbDkzSXk5bFNrUWp1a2hDWGxDOPICHQoQBTIcQ1JFQVRJVkUBMzAJNDM2NjAyNzk08gIaAXQQTVBBSUcFTlQLMTc4MTM0MTE5ODbyAiAKEklOU0VSBWwQT1JERVIBP1gKMTAwODU2NDcyMfICEQoLRVhDSEFORwVbHAIxMPICFwoRBXQYUFVCTElTSAk2BRogEgoOUElYRUxfDtAYQE9NTUESAPICKAoKU09VUkNFDt0YBBIaHvIMCHd3d0JHLQgsCg4ZKxIiDXIvADwgChFVTklWRVJTQUxfU0lUBaNUCzI2NDk1ODgxNDkw8gIpCgNDSUQSIoaCCiEPKBxJTlZFTlRPUllfDYgYRVhURVJOQQHSAcwcDQoJQlVOREwFatAA8gInChdBRFNUWFRfQURfU1lTVEVNX0RPTUFJThIMYXBwbmV4dXMuY29t8gIbChJBRFNYVDY2AfB5BTEyODk0gAMAiAMBkAMAmAMXoAMBqgMAwAPgqAHIAwDYA4yNBuADAOgDAPgDAYAEAJIEBi91dC92M5gEAKIEDzIxNy4xMTQuMjE1LjEzMqgEALIEEggEEAQYrAIg-gEoASgCMAA4ArgEAMAEAMgEANoEAggB4AQA8AQSwzRYiAUBmAUAoAXF3tKcntimlT7ABQDJBQAFARTwP9IFCQkFC3gAAADYBQHgBQHwBf0F-gUECAAQAJAGAZgGALgGAMEGASAwAADwP9AG80vaBhYKEAkRGQFYEAAYAOAGBPIGAggAgAcBiAcAoAdAqgcujQIIugcPAVZIGAAgADAAOLkGQADIB-KEBtIHDRWDAUYI2gcGCSdo4AcA6gcCCADwB6PtA4oIAhAAlQgAAIA_mAgB&s=94b8c3f4f88fdfc0c36cc20fafd8ad32963f9d7e&bdref=https%3A%2F%2Fwww.yallakora.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.yallakora.com%2F,https%3A%2F%2Fwww.yallakora.com%2F

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/omsdkvideo/229/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 19:53:05 GMT
AN-X-Request-Uuid: 1da0767e-4dea-404b-989f-1dc90ddb1982
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.yallakora.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame CAE7 0
843 B 55ms
37ms Ping
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.yallakora.com%2F&e=wqT_3QLlH_BM5Q8AAAMA1gAFAQih5baaBhCKvOLRoa2egw4YkcizsdGw-6dTKjYJsK4K1GJw7D8RfBQJAVQs6D8ZAAAAQOF6AEAhfBQJAVQs6D8psK4JJNgxAAAAIK5H6T8wsOLsCzjeZEC8CUhlUJnj67IBWOu9mAFgAGiYm7sBeOKEBoABAYoBA1VTRJIBAQbwXpgBAaABAagBAbABALgBA8ABBcgBAtABANgBAOABAPABANgCAOAC459c6gIaaHR0cHM6Ly93d3cueWFsbGFrb3JhLmNvbS-AAwCIAwGQAwCYAxegAwGqA8IbCosbaHR0BTD08g5iaWQuZy5kb3VibGVjbGljay5uZXQvZGJtL3Zhc3Q_ZGJtX2M9QUtBbWYtRG1uOVlxQUZrcnphVkp0U3VwdjhDYUFfMHlEdHI5UEE2V3VYU3VjOGVzT01NWWtyTFR0VXhzZ1R3QnVyS3I1R2NZY1BhWExMZklZYUVuN1FaVXY5MG9QTTR6Y0EmZGJtX2Q9QUtBbWYtQWN2TGpTeGVfb2hqYXBidnF5ZVdpM3lRVV9vLXM0UWJCY2FFVm13cVYzTWU5bWV6YTZQSEdRS18xM1N3Y2Nya0hRRXhMcmphbjBueVhneWpkYkNhRlVoajF5c2RpeWJka2wwc0VzV2xBNlFyR3NOWU5fbjFxLU1jSjhGQUlpcTJaSmg4aWg2Mnl0UXZTTGE0dHpfZHNkMTBuU0QxaWV4bHhOaWkyV2JxN1lvamF1cU04Vk13NWxUaTNFcFBsRHNQRWdGTDFzNjJrOXc0SDN6ZF9ET2JpemFuRjVLZHlZUEhxSUlHQ3pFQkZKVmtkV2gyOTIzemh2Y3pQYnBEMFFTRHVZTUFleFVXVGM3ZlkwVUxnTXdzU2dPQlVhMmFOU2JPYTRzc0FuVFlVVE13ZHdZWFVRbmNOWjdIM1doeFMyVUx6eDdpd2Q4Y2JDZ0hJVzFTaUpvU3R2UUo1N0Y4Y1F3VFJzNUZLYXBpSURjdmdsRkJuNThETFVoY3R5cnFuUFVuQ0lKaFVVcWZhZEx4SGF2aGpvOVJ6S0VWWF9FRXVUdkhIRVo3QUhtQ0NqcUJtekRXMEFsQjUwZUdrdWotNFhGWlhrYkh6Z2JVRFJfOTFqQ0x3TGhWYXpRckdFRXFoRmVIRGNwZ2hQU2ZUb2M2ejU4c1RiZl9xS285V2d4T28yamRNSGRWaTYtcGh0UWRJZUl0cmxvdXliM1pWbmFmUFRadkRwekRJaGtDRmJUX1A3RUU4ZUItemFRMl9MYTJiZjRkMFB1b3M3dlR6LWlVeU16cUk2WEFZdXlCQzdxVFBIVFljNUpJZ3FIcDRRUHZuS1M4OUVxNlB0c0pZWHFVRXRodnEtbElMWmpfdl9fVThmdmc3V0tCaHRVMjNnWTExbmg0Z0swdHZubWZfMWlfUTIzNHktQlNacThpQXpvS0dodHJUcHYxd2twZjJVOUpIcVZWZ2lCQ1F5czBFejdwMFdVR2pCREhTczdPa0xqVWdRRUdQRTh4RGFlbE1sS1VlaHdNaG83TDROTFVINzFMbkJEUThfcm1OVXg5MjBHWFZnbVY4UUFfY1dOSlhXdXhGUnpUNGlPbGRCN0lpZDEySjRMdFloQ0x4TkIwZDBCQllpVF9kdWNFdHFUMVRzaGxldmZrMjlyQjhVVy1qTHRRY3JUd1g0djhGZlIyMG9hU3Zqdzh5aS1fMGI2YmNNMW9MZjVIdm4tSl9oU1U1Y1NUc3k2a0pULUdBSWxWRVhFTXdTbzBWSGI0U0pNbE1TdGZ6VkpzSHhmN3k0WE5XcktscWJWa19adEVWeEhNUXhiYkFHTElMY1BiMUstZFZILVg2Q2NNQnhqeTZ0QmdCellUSm1odkkxbW8xal90dzhyb2xDQ3ktRzZydDJEMzdSUFBldWdrbF9sVjZuUGUtaGtpNmMxclEyQU91VWZiNFZuUjR1TXZwSHZPMzZIT05Zam90eE1EdkxjLWhsOEw1R1FCMEZBaTlLSXFERU44aVJJY0N6SnlpNWdqWEo0VFBsRzNWeWFVTWttUGYxT2w2ZzRVejJ0SXVibnJLNDF3SmNwSmhBT0hJUE44MTJQZVVaWGVOcGQycFBGM0xIc0VTdHJnTnc5RU41YjFrZjc0ME5MX1dBY1J3TnNJaWtBWjR0Z1NocWdYR0FidFpISUxVdVhFZ01UMzZIWmRWVWhYeW9SQWtpWGhLQXFzMG92NmpIU3RFWUVSYktsbjRYVnk4RjJrU1JvTVFtR2tBcjl1WUVpZ3RYZVpFQzlqdzFnWU5EdTY0Mk9sRjdCUG1fdnkzNjVOVlprdjFVNnVna2dLUHFZcFpPRUV1bVQ1dVJNbkJEdDN0R3lkZmttNlVxZ2l1X1BGLTZqVGtUZjIyNkZ0MmpNbld5UGxLbVVJZjY5dFcxckhMOGhUV1hXV0lSN2RHSGpyanN0NXJ1SlloZEZ2c0o4SVRTLWt5OUVuclEzbDhUMDlxSkttTmVPQ2JzMWt2dFlXUVBBV3BiMXk3UjY3Wklhc0k5ZmFab1ZkNllIMGE2dnA0bEJoYnVCM3dON3lVTGlGdWlvZkRHcS1CSHE4WmpJNXcwYllMVGlkRTVlVnF1ZVRiWm52UXdIRVA3Q0UyYklBeXEwaEQyMlVZa1BmcWVLVkJWWU1saU9ZQlR0ZjRPWVRRdHNId3BCN1UyVnl3bEhFVmE5YnBLRlcyeklwRkEyOVotNko1OUt5NEc3TUN4eGhXa0hYNkhRNVo4VWN3NzgtZEtvRWI1RDJsT2xXRDl1RmJoTVRsd3VycFhFalBxS2lZaHNtV1g2dEZISDNpVVdkZUlVYXkxdWRUZ2pVX20xT2YxVDdqWHQzOHhQSUZBaGJqMU10eVcxellPbXlpTzlWekdsUEF0LXBrNUFsNVFCNnFmMnNQTDkyeDFVc3pMZ3k2TmlJMXQ3UWdWZGMtZXIwMkNWSmtEeFJPOWtKZWw2cVh6cFFUQnNhWVkzd2xua1lyc2UzUmJScmR1M0tUeE5ESlJnQXNUUTRnWk9Ga3MtZE5YemlqZ3Q5VGNqcTVuVjhFUzBiNzNFM3ZtYnBHZmZtMjlEazV0X19wNFdpV0xEaThfSzBhcmJVSGFqVmo1R3pXR3pxWGUxVW5qOXNmTmVBQmJqX3poVDgxakp2MjQtTnEzRkh2dmZXYVpsU0dhWkxiZnFWd3pTakk5M3Yya1otNXJzNnRaWmpLanpJZnBhWU8xSTRoMzhXNi1vdWJ1akF2cnlKRlpZd2MxNnAtaDVkNUNYWElSZ1k1Qm92Rk52N2JTWUdRaVNJSU8tdXhaRU9mdUdNR1Q2NVFRcVhsQThLUXlCclJiY2lzTkVTVG55R2ZOQVY3ck8yYUhYcnI5LUswWFIzSnp1SW5oLTFyUTRtalJIVElRWUVRajlEeEtIcVhLZEdxc1FKVWRrb3RzVkVoQ3Z5OXhJNVpDWXVmMUFwYkpQaHcxVVRzYWgxbTdOa2QyektmTU1ZSEZhaFdVM2s1cUlacldGaHE2NnlBZlVuTERDTzZsLXZBQkRPQWUyd20zQjBpVV9PYm1QeXFLQzlvWFUwUmZsNVJ0S2tjZWhhNkVqWjJHQkdqN29sYmtTT05ieks1cWJ0cWlWell3MHNEQUhEYWJITjBWZE5CQlpreV9LTnZlN1JoTjJJN0hzZGdrSjhQNmJnTmlzc2Jlb0JPdXVwYmhKY0g1VFpIVjB4RlVkbXFaVVdydXpjWE9TcnNKV1hVbjNPWnpRaGk0MUg1cjlKNnFzNmM3U1c5ZlhZSEswVi1QT1NyZy1lVUs5Q3kwbG93cHNUWjJIdXZOb19IaHJ5emJTYUpyMXJqa1hPWG82ZWVyLU5aVGJSMkhFTW9GSi0ya0R3ekpaY2ZXY2ZzQXFQbjEtLWxhWFJ2VnhZSE83REdOZXczUFY1Zk4tdHN5RHpMSTM2UFVkQUh5Q3R4X000OFNVMEsxc0pzemQyNW96U1dZTnp3dkc3ZDZvenBfbGRMZ1Y4UVNwWHpRd3pYNlAzSngzaEZHbVRjM29BR2dya0N4ZFZpWFVDNklvbUpBNm0tTzVDem9JS1BFZUNibDlDVEJzek1LTjdqT3gwVjBBMGZIREt0TzJkanFaVGpFMDRCc2xxYnc0bWMtdmtEc0dWSnBCb2ZiWGJwRnNwc2VLaGpOSy1HRmZhRG54SXM0cHFNRnZ4a19RNHB0dDRIWWE1MHZQUl92bmwyRnJNamlJWmdIWkRETnIxdGhSYlp2X0M5enFzR3VsRXY0MlR6YmNDZnQ0YUU5VFNucmYwMGNIUlhxN2RlOFFKUlMxSk1DLVFJSUJpTklPTGg4Z0hFdndOTXJIc0k2S3VGYWFGOUNkNjVuWDdpYnN2UHBxaUF6czJUUkF2eUhBci1UTGkyZVJmV0JxWVByelRSOENCLW8xTHA2MHRzVkE5NDk4LXNfN2J5N05QMnN1ZlRBVEFZRjFOZWpuZjB0S1R0WFA2ZGtpdHdSWjlMcFRMNDVfS1B4am5Ib1d2dnNfQjhGZlhsX2JzY2h0MTJONFRjdEh2VUdVQWdmUGtHREJfRFJzM0MxRjFrem9sNWhiTXFDc0tDWnpld0tiZ1lULTdfYWlvQk5IZ2FsYVFmbnZ0RTVmbUJaU0x1Nm5FQmY5bWhkVUxQcGp1cnhva2JFaUNRd2M5NllBa3QyeGE1LURvS0Y5SlR0UmhHOWZsX3dwcElTemdKbUdZbEVGM190Q2RZMDB0eHhoT0pkVFVFTjJSRTZrMHFsY21relJOR1FISC1SLUh6OEdmcTJoNy1JSWdmaExfRVF0cUdKRW0wRmRUYnktMTNaWW9FJmNpZD1DQUFTRmVSb1hXaGJaQk0yRnBvSEVTVXpDMDJuNVRpRE53JnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzEwMTA2Mjg2NjMwMDQ2Njc0MDIiCTM3NTA1ODg0MSoHMTUzMDkzMToJNDM2NjAyNzk0wAPgqAHIAwDYA4yNBuADAOgDAPgDAYAEAJIEBi91dC92M5gEAKIEDzIxNy4xMTQuMjE1LjEzMqgEALIEEggEEAQYrAIg-gEoASgCMAA4ArgEAMAEAMgEANoEAggB4AQA8ASZ4-uyAYgFAZgFAKAFxd7SnJ7YppU-wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF_QX6BQQIABAAkAYBmAYAuAYAwQYAAAAAAADwP9AG80vaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYE8gYCCACABwGIBwCgB0CqBwsxNzgxMzQxMTk4NroHDwgAEAAYACAAMAA4uQZAAMgH4oQG0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8Aej7QOKCAIQAJUIAACAP5gIAQ..&s=53d236e121213a36204dabce50724c3d3e1601a2&type=nv&nvt=5&jm=1330|1320|1003|1022|1020&px=0&py=1027&bw=300&bh=250&sid=1602025651626782473&vd=ct~0|pn~xdrviewapi_Video_Framework|rr~0&sv=229&tv=vh2-134&ua=chrome52&pl=win&x=omsdkvideo&sw=1600&sh=1200&pw=1600&ph=4170&ww=1600&wh=1200&cd=30&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/omsdkvideo/229/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 19:53:05 GMT
AN-X-Request-Uuid: 06afc6fc-27b1-4c78-bd42-ae9e8fa2cf7b
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.yallakora.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 3C44 380 KB
127 KB 128ms
83ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab76c8f3c21530b36d51b97e8107597d45ce1e645213592cd5b1319924ef8391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129648
x-xss-protection: 0
expires: Mon, 17 Oct 2022 19:53:05 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C44 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init&vps=0.21882872540963771&wt=1666036385892&sdkv=h.3.539.0&xai=AKAOjsvM8BF0qgPvaK0-2zRFfgJgr3VnSEtT04EdRxe1xfIsruh9v2sVx8mVerx9Rl2hn2uLSrkEDInjxPeMlyd_KwzCyncxxGMfXN0yQ_MhNRU8ttwR0F77ndAVJf4nCMcIIkJ3K0-h9lbHSOdD0sA5xv8iQG350AQj20m7tU_odytktvzn_aaEEdbiCS28oj7ff9n7U-vKEx7zzTbXuA4t1R3xs0kT2ziJC5zT5_wlnuklNaO6RbO_PKDYFbbGsLTHCs0qfQ72NAh6KiAYpM80IeTEvZt-tc1I3Jo58fecRtQ0_tdhNs7WrOT3THpA0myx2Tq88pPZtqY13Ot-qo6txhrC-VKVmSdAmm5OMgbjkKJ4LyxDykDNDKGAspRSD5bkHmlLvFYd6V9AktyttPMwWotwppz4g6zIFaf1Gh5LLJSpCDADF6GoNJDDpARMQ82eN8IZ9Qp6YG5lKWWvbO6mFgem6ora-lSchxZvjFFJDvoO_CF6FiiC6T0gj0HpB3w_eVH2TUQ2w4neo-L4oCn4dajCgCFYzyQ9lRsH3CUsunYxL2ZYvo90ezRn9-1-gOOcdfo9dekCeQCoKI1pGTv0we2YU01gSCA-uXtw-h_uFX0nvIXZHplZf4yyW-k6RBh2U4xJXMkzrjX-k-hpFc2AVI0wF8ftcNqYBp3vBZvuuvc7hsImvAy87XexxaLKHpC4v1McZMS49LEkVzoDRX5b25XnDFiZU5Sjhx6iNS2TNo2KdTZ9hQNIEpENyIW1wRlBGVB1K2lq1sBxlVNU3022ArPUgvd0dxykjh4l2SKjfhMgcDLTFs1CjAiRF2b5QNAM0ObGO8e0OoKWI2XO8lzh4IFTmCvYu2RRJfhWunAkaIf08xtSfz7nelfVwIkXRc5izkRIU65VbEaBvKLGXfqYUVl8Rxc4SKfYjofWXcAMvFzIF_Cptb1E_yxEgsaMZk0uSdfoccGi3olvcxXvKmn65tTXGQWoB3uaHO6IBoGGtgG9VWfM6fVaVx-brDNw9YV4IAs_GpED5oxJktXJcfy_bQoyKLIpeitNtTWlIlCjDDpJS0IKY-6vc805_-zOliW37v9gC6FRoEFggm9U3OONBzrgdWA5gqEMlX3fPRLN-XeIqP6SnJrbtLUg-83Fz_ZTvvWkpQ5qe6J_n6SPv5_9hTvDIzBS9te5D-9xy59Mqnf_amIjazFT6pEQtQKLATASRgwIuyjEBuaoO7EWxecc8cH-c9gg8Nzz63FQujd2k24UeUwQWA&aid=534045987&len=00%3A00%3A30&url=2,https%3A%2F%2Fwww.yallakora.com%2F$0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bridge3.539.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 506E 687 KB
221 KB 25ms
21ms Document
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.539.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56b3b5056e215c527846e60d3c1244f74b9ad5435f41bda47d354e027f29df49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yallakora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 42292
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 226562
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 08:08:14 GMT
expires: Tue, 17 Oct 2023 08:08:14 GMT
last-modified: Tue, 11 Oct 2022 21:54:17 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 3C44 44 KB
17 KB 159ms
49ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 17 Oct 2022 19:53:06 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3C44 107 B
122 B 72ms
30ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.yallakora.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022101301&jk=2490143105744881&bg=!HB-lH1vNAAYeOJy_Pjg7ACkAdvg8Ws5Ww-YXuCa0txNlNsBIIn6q0CunkCfPipptus-iFJAQM98aaQIAAABtUgAAAAFoAQeZAqqM1jgAu10lX3rxt1glsipdzpJRpczUAyre6GkjCLzjYCN4jL39_kLkwF-vwNeTIMFRpuFFZfZOUJhMmOwVhRHQhEGpFxc36hdcN8F9p8Y9CVaLUkSgQkKxSbWpuApCu9E8QjYQ3LdDatK_wWeEYDLjXuZVdlnZ80TllnMZ4rhwajIDgeiu7HfaXex8xAXCi8ESvCT9OStY9Iq5oioE2VYYdWxMKQQMwO0tR1oSdYHdNjhodVRQiojSfLm-WqCMPLBgpjlAW_cSBCcsmWT9eNRx9o0zjL63iRAl6pSkztsmR1lTwRP-WXnIOK_t2HdDa7Oky15SnV7C0rdt02bFmxAKrQXvA-pb9jrhWIax4RDJzNmPJgCaBKFPf9DpfoK9wlxzfnGjRyPK2XHnwGbncp0uE4Z9aXvEK9pnOnWvdBr_tMnT8ozB0hUp8DZDxFAvZIK2jhLt2It9TrVNL05HmIkWeBm46eumLZL_caRluJ4IRIivj3tKm1WXjMRR_ZCzxKKkf22HNmz7F-DZBkdxbgpHOkcaR9wpn8uIhM4n_xvBQiIvjWQ7YMFkpO_VQTxPWPvo10CNhW-y9EG5Zm5gyZwlyNzTYo_6-1Xb79iFNVpwYmHs2YgNEjTyDdMAfrS_pXRGr-ldppKNWLSf2BUI2AkS5O8PKgbZlQbfEsdGyvZcz2lwCk0x6577XRk3Rl4UfJbc--GuEugqfa5jj1pxVPp4PaD1wRC_YlgL9iNhc0feLjoq9PHYUPDB2geYSPbcmDc9Jm3aneKO7iuWqp7OADTv6YLTGnxEY6MXzeqZ1slxeDyitdL2LbVRMayhcYxDGfjhoMctr4IPtXarkDjhE-VPd75-UQ2v4ViopFnC-lNbzsu_99y2YuACZ5KAgcLF29wLlsl4MPHJ9GWk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9B67 0
747 B 21ms
21ms Script
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 19:53:06 GMT
AN-X-Request-Uuid: 78bb5424-35ed-40db-b37f-d597ce65c2e4
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame CAE7 120 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 902899b8dd3a6b30f6bc1be0f39f48ce72d0c41357d8bf521cd86f58bb633b7e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 506E 0
327 B 108ms
42ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l9d71r1g&c=7562533800324&slotId=3781266900162&fb=ima_html5-lima&sdkv=h.3.539.0%2Fvpaid_adapter&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=2.0&vmfc=11&vhc=0&ghmsh_eids=44726389%2C44730464%2C44748969%2C44750822%2C44760950%2C44765701%2C44775499
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.539.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3C44 0
54 B 83ms
43ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l9d71qug&c=7562533800324&slotId=3781266900162&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

48
r2---sn-4g5ednss.c.2mdn.net/videoplayback/id/e5142e99b93c75bd/itag/692/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3803380793/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame CAE7
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/e5142e99b93c75bd/itag/692/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3803380793/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r2---sn-4g5ednss.c.2mdn.net/videoplayback/id/e5142e99b93c75bd/itag/692/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3803380793/sparams/acao,ctier,expire,id,ip,ipbits,ita...

4 MB
4 MB

412ms
22ms

Media
video/mp4

2a00:1450:4001:6b::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5ednss.c.2mdn.net/videoplayback/id/e5142e99b93c75bd/itag/692/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3803380793/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7D1A80C185B1B901120BBF244D73D2F142F5EE39.03FF165F87735DFFEF35BC7618800A9F2B32FFFA/key/cms1/cms_redirect/yes/mh/CK/mip/2001:1b60:1010:3:1012:b8a4:c96e:b47b/mm/42/mn/sn-4g5ednss/ms/onc/mt/1666035906/mv/m/mvi/2/pl/48?cpn=xYI4m3kXiqWnNNrz&file=file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:6b::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 19:53:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Jul 2022 14:36:08 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-4008032/4008033
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4008033
Expires: Mon, 17 Oct 2022 19:53:07 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:07 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r2---sn-4g5ednss.c.2mdn.net/videoplayback/id/e5142e99b93c75bd/itag/692/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3803380793/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7D1A80C185B1B901120BBF244D73D2F142F5EE39.03FF165F87735DFFEF35BC7618800A9F2B32FFFA/key/cms1/cms_redirect/yes/mh/CK/mip/2001:1b60:1010:3:1012:b8a4:c96e:b47b/mm/42/mn/sn-4g5ednss/ms/onc/mt/1666035906/mv/m/mvi/2/pl/48?cpn=xYI4m3kXiqWnNNrz&file=file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 691
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 506E 0
17 B 84ms
41ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l9d71rgn&c=7562533800324&slotId=3781266900162&fb=ima_html5-lima&sdkv=h.3.539.0%2Fvpaid_adapter&mrd=4&aab=1&itv=1&gpm_i=11&gpm_c=11&gpm_a=10&smb=1000&br=871&mt=video%2Fmp4&vs=960x540&webm=0&vp9=0&vamt=application%2Fx-mpegurl%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=692&vsrc=web_video_ads
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.539.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:07 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 506E 41 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.539.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 11:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289460
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 11:28:47 GMT

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 506E 43 B
66 B 65ms
21ms Image
image/gif 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:37:59 GMT
x-content-type-options: nosniff
age: 11708
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Oct 2022 16:37:59 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 506E 42 B
64 B 57ms
56ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutVUt3xZ1J19adxo-hJq6FKq89R2kDTz4GHK9KgHSuySXosnEYluqJcZ4cy-Aq1qI8fobPGCy0F3a4pF8UlWhWtuOIMXELZys&sig=Cg0ArKJSzIlic6YK1CZoEAE&id=lidarv&acvw=sv%3D940%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1027,0,1196,300%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30037%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D575%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D484384597%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1666036386090%26ptlt%3D1666036387481%26pngs%3D9,14,15%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1666036386897&avm=1

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI0di_l4Xo-gIV26xRCh1zAAElEAAYACCN1-ZTQhMI1-eol4Xo-gIVzMveCh3DNwpe;av=1;acvw=sv%3D940%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1027,0,1196,300%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26am...
ade.googlesyndication.com/ddm/activity/ Frame 506E 42 B
107 B 128ms
62ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI0di_l4Xo-gIV26xRCh1zAAElEAAYACCN1-ZTQhMI1-eol4Xo-gIVzMveCh3DNwpe;av=1;acvw=sv%3D940%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1027,0,1196,300%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30037%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D575%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D484384597%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1666036386090%26ptlt%3D1666036387481%26pngs%3D9,14,15%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1666036386897;ecn1=0;etm1=0;eid1=200101;

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI0di_l4Xo-gIV26xRCh1zAAElEAAYACCN1-ZTQhMI1-eol4Xo-gIVzMveCh3DNwpe;av=1;acvw=sv%3D940%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1027,0,1196,300%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amt...
ade.googlesyndication.com/ddm/activity/ Frame 506E 42 B
107 B 124ms
59ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI0di_l4Xo-gIV26xRCh1zAAElEAAYACCN1-ZTQhMI1-eol4Xo-gIVzMveCh3DNwpe;av=1;acvw=sv%3D940%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1027,0,1196,300%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30037%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D575%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D484384597%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1666036386090%26ptlt%3D1666036387482%26pngs%3D9,14,15s%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1666036386897;dc_rfl=2,https%253A%252F%252Fwww.yallakora.com%252F%240;ecn1=0;etm1=0;eid1=210001;

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI0di_l4Xo-gIV26xRCh1zAAElEAAYACCN1-ZTQhMI1-eol4Xo-gIVzMveCh3DNwpe;av=1;acvw=sv%3D940%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1027,0,1196,300%26tos%3D8,0,0,0,0%26mtos%3D8,8,8,8,8%26am...
ade.googlesyndication.com/ddm/activity/ Frame 506E 42 B
107 B 123ms
58ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI0di_l4Xo-gIV26xRCh1zAAElEAAYACCN1-ZTQhMI1-eol4Xo-gIVzMveCh3DNwpe;av=1;acvw=sv%3D940%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1027,0,1196,300%26tos%3D8,0,0,0,0%26mtos%3D8,8,8,8,8%26amtos%3D0,0,0,0,0%26mcvt%3D8%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D8%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D8%26pst%3D-1%26dur%3D30037%26vmtime%3D-1%26dvs%3D8%26dfvs%3D8%26dvpt%3D8%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D575%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D484384597%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1666036386090%26ptlt%3D1666036387484%26pngs%3D9,14,15s%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,8;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1666036386897;ecn1=0;etm1=0;eid1=210006;

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ 0
819 B 25ms
22ms Image
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.yallakora.com%2F&e=wqT_3QLlH_BM5Q8AAAMA1gAFAQih5baaBhCKvOLRoa2egw4YkcizsdGw-6dTKjYJsK4K1GJw7D8RfBQJAVQs6D8ZAAAAQOF6AEAhfBQJAVQs6D8psK4JJNgxAAAAIK5H6T8wsOLsCzjeZEC8CUhlUJnj67IBWOu9mAFgAGiYm7sBeOKEBoABAYoBA1VTRJIBAQbwXpgBAaABAagBAbABALgBA8ABBcgBAtABANgBAOABAPABANgCAOAC459c6gIaaHR0cHM6Ly93d3cueWFsbGFrb3JhLmNvbS-AAwCIAwGQAwCYAxegAwGqA8IbCosbaHR0BTD08g5iaWQuZy5kb3VibGVjbGljay5uZXQvZGJtL3Zhc3Q_ZGJtX2M9QUtBbWYtRG1uOVlxQUZrcnphVkp0U3VwdjhDYUFfMHlEdHI5UEE2V3VYU3VjOGVzT01NWWtyTFR0VXhzZ1R3QnVyS3I1R2NZY1BhWExMZklZYUVuN1FaVXY5MG9QTTR6Y0EmZGJtX2Q9QUtBbWYtQWN2TGpTeGVfb2hqYXBidnF5ZVdpM3lRVV9vLXM0UWJCY2FFVm13cVYzTWU5bWV6YTZQSEdRS18xM1N3Y2Nya0hRRXhMcmphbjBueVhneWpkYkNhRlVoajF5c2RpeWJka2wwc0VzV2xBNlFyR3NOWU5fbjFxLU1jSjhGQUlpcTJaSmg4aWg2Mnl0UXZTTGE0dHpfZHNkMTBuU0QxaWV4bHhOaWkyV2JxN1lvamF1cU04Vk13NWxUaTNFcFBsRHNQRWdGTDFzNjJrOXc0SDN6ZF9ET2JpemFuRjVLZHlZUEhxSUlHQ3pFQkZKVmtkV2gyOTIzemh2Y3pQYnBEMFFTRHVZTUFleFVXVGM3ZlkwVUxnTXdzU2dPQlVhMmFOU2JPYTRzc0FuVFlVVE13ZHdZWFVRbmNOWjdIM1doeFMyVUx6eDdpd2Q4Y2JDZ0hJVzFTaUpvU3R2UUo1N0Y4Y1F3VFJzNUZLYXBpSURjdmdsRkJuNThETFVoY3R5cnFuUFVuQ0lKaFVVcWZhZEx4SGF2aGpvOVJ6S0VWWF9FRXVUdkhIRVo3QUhtQ0NqcUJtekRXMEFsQjUwZUdrdWotNFhGWlhrYkh6Z2JVRFJfOTFqQ0x3TGhWYXpRckdFRXFoRmVIRGNwZ2hQU2ZUb2M2ejU4c1RiZl9xS285V2d4T28yamRNSGRWaTYtcGh0UWRJZUl0cmxvdXliM1pWbmFmUFRadkRwekRJaGtDRmJUX1A3RUU4ZUItemFRMl9MYTJiZjRkMFB1b3M3dlR6LWlVeU16cUk2WEFZdXlCQzdxVFBIVFljNUpJZ3FIcDRRUHZuS1M4OUVxNlB0c0pZWHFVRXRodnEtbElMWmpfdl9fVThmdmc3V0tCaHRVMjNnWTExbmg0Z0swdHZubWZfMWlfUTIzNHktQlNacThpQXpvS0dodHJUcHYxd2twZjJVOUpIcVZWZ2lCQ1F5czBFejdwMFdVR2pCREhTczdPa0xqVWdRRUdQRTh4RGFlbE1sS1VlaHdNaG83TDROTFVINzFMbkJEUThfcm1OVXg5MjBHWFZnbVY4UUFfY1dOSlhXdXhGUnpUNGlPbGRCN0lpZDEySjRMdFloQ0x4TkIwZDBCQllpVF9kdWNFdHFUMVRzaGxldmZrMjlyQjhVVy1qTHRRY3JUd1g0djhGZlIyMG9hU3Zqdzh5aS1fMGI2YmNNMW9MZjVIdm4tSl9oU1U1Y1NUc3k2a0pULUdBSWxWRVhFTXdTbzBWSGI0U0pNbE1TdGZ6VkpzSHhmN3k0WE5XcktscWJWa19adEVWeEhNUXhiYkFHTElMY1BiMUstZFZILVg2Q2NNQnhqeTZ0QmdCellUSm1odkkxbW8xal90dzhyb2xDQ3ktRzZydDJEMzdSUFBldWdrbF9sVjZuUGUtaGtpNmMxclEyQU91VWZiNFZuUjR1TXZwSHZPMzZIT05Zam90eE1EdkxjLWhsOEw1R1FCMEZBaTlLSXFERU44aVJJY0N6SnlpNWdqWEo0VFBsRzNWeWFVTWttUGYxT2w2ZzRVejJ0SXVibnJLNDF3SmNwSmhBT0hJUE44MTJQZVVaWGVOcGQycFBGM0xIc0VTdHJnTnc5RU41YjFrZjc0ME5MX1dBY1J3TnNJaWtBWjR0Z1NocWdYR0FidFpISUxVdVhFZ01UMzZIWmRWVWhYeW9SQWtpWGhLQXFzMG92NmpIU3RFWUVSYktsbjRYVnk4RjJrU1JvTVFtR2tBcjl1WUVpZ3RYZVpFQzlqdzFnWU5EdTY0Mk9sRjdCUG1fdnkzNjVOVlprdjFVNnVna2dLUHFZcFpPRUV1bVQ1dVJNbkJEdDN0R3lkZmttNlVxZ2l1X1BGLTZqVGtUZjIyNkZ0MmpNbld5UGxLbVVJZjY5dFcxckhMOGhUV1hXV0lSN2RHSGpyanN0NXJ1SlloZEZ2c0o4SVRTLWt5OUVuclEzbDhUMDlxSkttTmVPQ2JzMWt2dFlXUVBBV3BiMXk3UjY3Wklhc0k5ZmFab1ZkNllIMGE2dnA0bEJoYnVCM3dON3lVTGlGdWlvZkRHcS1CSHE4WmpJNXcwYllMVGlkRTVlVnF1ZVRiWm52UXdIRVA3Q0UyYklBeXEwaEQyMlVZa1BmcWVLVkJWWU1saU9ZQlR0ZjRPWVRRdHNId3BCN1UyVnl3bEhFVmE5YnBLRlcyeklwRkEyOVotNko1OUt5NEc3TUN4eGhXa0hYNkhRNVo4VWN3NzgtZEtvRWI1RDJsT2xXRDl1RmJoTVRsd3VycFhFalBxS2lZaHNtV1g2dEZISDNpVVdkZUlVYXkxdWRUZ2pVX20xT2YxVDdqWHQzOHhQSUZBaGJqMU10eVcxellPbXlpTzlWekdsUEF0LXBrNUFsNVFCNnFmMnNQTDkyeDFVc3pMZ3k2TmlJMXQ3UWdWZGMtZXIwMkNWSmtEeFJPOWtKZWw2cVh6cFFUQnNhWVkzd2xua1lyc2UzUmJScmR1M0tUeE5ESlJnQXNUUTRnWk9Ga3MtZE5YemlqZ3Q5VGNqcTVuVjhFUzBiNzNFM3ZtYnBHZmZtMjlEazV0X19wNFdpV0xEaThfSzBhcmJVSGFqVmo1R3pXR3pxWGUxVW5qOXNmTmVBQmJqX3poVDgxakp2MjQtTnEzRkh2dmZXYVpsU0dhWkxiZnFWd3pTakk5M3Yya1otNXJzNnRaWmpLanpJZnBhWU8xSTRoMzhXNi1vdWJ1akF2cnlKRlpZd2MxNnAtaDVkNUNYWElSZ1k1Qm92Rk52N2JTWUdRaVNJSU8tdXhaRU9mdUdNR1Q2NVFRcVhsQThLUXlCclJiY2lzTkVTVG55R2ZOQVY3ck8yYUhYcnI5LUswWFIzSnp1SW5oLTFyUTRtalJIVElRWUVRajlEeEtIcVhLZEdxc1FKVWRrb3RzVkVoQ3Z5OXhJNVpDWXVmMUFwYkpQaHcxVVRzYWgxbTdOa2QyektmTU1ZSEZhaFdVM2s1cUlacldGaHE2NnlBZlVuTERDTzZsLXZBQkRPQWUyd20zQjBpVV9PYm1QeXFLQzlvWFUwUmZsNVJ0S2tjZWhhNkVqWjJHQkdqN29sYmtTT05ieks1cWJ0cWlWell3MHNEQUhEYWJITjBWZE5CQlpreV9LTnZlN1JoTjJJN0hzZGdrSjhQNmJnTmlzc2Jlb0JPdXVwYmhKY0g1VFpIVjB4RlVkbXFaVVdydXpjWE9TcnNKV1hVbjNPWnpRaGk0MUg1cjlKNnFzNmM3U1c5ZlhZSEswVi1QT1NyZy1lVUs5Q3kwbG93cHNUWjJIdXZOb19IaHJ5emJTYUpyMXJqa1hPWG82ZWVyLU5aVGJSMkhFTW9GSi0ya0R3ekpaY2ZXY2ZzQXFQbjEtLWxhWFJ2VnhZSE83REdOZXczUFY1Zk4tdHN5RHpMSTM2UFVkQUh5Q3R4X000OFNVMEsxc0pzemQyNW96U1dZTnp3dkc3ZDZvenBfbGRMZ1Y4UVNwWHpRd3pYNlAzSngzaEZHbVRjM29BR2dya0N4ZFZpWFVDNklvbUpBNm0tTzVDem9JS1BFZUNibDlDVEJzek1LTjdqT3gwVjBBMGZIREt0TzJkanFaVGpFMDRCc2xxYnc0bWMtdmtEc0dWSnBCb2ZiWGJwRnNwc2VLaGpOSy1HRmZhRG54SXM0cHFNRnZ4a19RNHB0dDRIWWE1MHZQUl92bmwyRnJNamlJWmdIWkRETnIxdGhSYlp2X0M5enFzR3VsRXY0MlR6YmNDZnQ0YUU5VFNucmYwMGNIUlhxN2RlOFFKUlMxSk1DLVFJSUJpTklPTGg4Z0hFdndOTXJIc0k2S3VGYWFGOUNkNjVuWDdpYnN2UHBxaUF6czJUUkF2eUhBci1UTGkyZVJmV0JxWVByelRSOENCLW8xTHA2MHRzVkE5NDk4LXNfN2J5N05QMnN1ZlRBVEFZRjFOZWpuZjB0S1R0WFA2ZGtpdHdSWjlMcFRMNDVfS1B4am5Ib1d2dnNfQjhGZlhsX2JzY2h0MTJONFRjdEh2VUdVQWdmUGtHREJfRFJzM0MxRjFrem9sNWhiTXFDc0tDWnpld0tiZ1lULTdfYWlvQk5IZ2FsYVFmbnZ0RTVmbUJaU0x1Nm5FQmY5bWhkVUxQcGp1cnhva2JFaUNRd2M5NllBa3QyeGE1LURvS0Y5SlR0UmhHOWZsX3dwcElTemdKbUdZbEVGM190Q2RZMDB0eHhoT0pkVFVFTjJSRTZrMHFsY21relJOR1FISC1SLUh6OEdmcTJoNy1JSWdmaExfRVF0cUdKRW0wRmRUYnktMTNaWW9FJmNpZD1DQUFTRmVSb1hXaGJaQk0yRnBvSEVTVXpDMDJuNVRpRE53JnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzEwMTA2Mjg2NjMwMDQ2Njc0MDIiCTM3NTA1ODg0MSoHMTUzMDkzMToJNDM2NjAyNzk0wAPgqAHIAwDYA4yNBuADAOgDAPgDAYAEAJIEBi91dC92M5gEAKIEDzIxNy4xMTQuMjE1LjEzMqgEALIEEggEEAQYrAIg-gEoASgCMAA4ArgEAMAEAMgEANoEAggB4AQA8ASZ4-uyAYgFAZgFAKAFxd7SnJ7YppU-wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF_QX6BQQIABAAkAYBmAYAuAYAwQYAAAAAAADwP9AG80vaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYE8gYCCACABwGIBwCgB0CqBwsxNzgxMzQxMTk4NroHDwgAEAAYACAAMAA4uQZAAMgH4oQG0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8Aej7QOKCAIQAJUIAACAP5gIAQ..&s=53d236e121213a36204dabce50724c3d3e1601a2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 19:53:07 GMT
AN-X-Request-Uuid: e5907c37-338e-46b6-ae00-3ac2268b3af0
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ 0
27 B 118ms
69ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstWFlyxgxFRlYhlO-C6wBt3nskMoqzTQeO5OWscHImomBUcGMllwHRy-X4XwayzG1VPnYkQ_SzK1REaapt0my-2UKz4WmoYJ1d0JxmatzPTLaypPbEAapFPJ_miFh6vxIE85R5xEIs-dwEFpBVZ2s5IXREfFVtbhmP-4CQhGDykd9A16ADB7VKaOp69PCIFMYqsXHWpLCkrfEuGc1zs_mgweSQtZPMHsh1By2Fj9iSpvueseMAFULzBKcucndT0UbWxT4y5lOLmKUy3u09OWWuy-GHLy5SGz5H76Tuvcz_oKvCF1sdPSCxE_njbpcbQzrS1qhK1T4UXYYlZqIzpbvAVGDxZjuNxNX3o1uJfGJVCI_ccycioP87vgcmKNYpZmNpliZZ0GJuzoD_2t_QnD63EXtt_D43W0hlXOztzeKuBi9NCM7ZBFFpmwGKCCXrYUeoJll7rJwmTk8H0JtZE5w3408oQLDEifYbdn9gw46CmUG4axaxBWr--_806StP3_nuDyph8Ypd20NNnCYxnvs6rBpJE4-g_B3O5h9O1WG2mb8gGk8gcDszTJiK_3MxagX7CqM-sBcKTODt7MsP39xL-KB7waRMJb-YalTgRUL9MeU2ENEUf0i4tlIUoUswDwFgX9LYPsu6sumQnDChWKHPq2ZgkpCypTp0avs3mKpWDAbK3aX4IxP9vnEFyGSkc0D6cdSCN0Dn1vVKljgXqWi0CTbkjtSvrd9K-fb9AgbfH4QGrCpHjDQUrIIcoRHBK0LUfePxDOrekfY91_49Wu3XMg8lvnwsmexXVLLbx6pYO-WLDiegwCTtN4Vhh3d8rSMObnWxp2s6TuhQBqno-3t12NgmK_Gpi-HIZVVhHUMdhmzLuN9E3L11_Pe-5FS2dWD_DuLmFy1i7tgA7eH1lsvVVu7fmHITr6sZfhlwwEF7xJYzIfFcXiP0t1F5gPuI63lzjOrdKXX-fKMVcWt1Yr9ZWvrP2gDkViWihs9Zpqgjad5TBxa_DWEnYvZMr3zFPKCJys_VKaG8-O4At4D-M3jWZ7wAdqERkirepLcZC5SJGlcXpp108p4-rFVJUmr_W6Yw-DrwstzEjm_hXKUU3clZ5s02RjhOk_kMo-w2eLU6V2SeFHBYCtmL6CtJeHnPUI_6ud-3be731_YOD8maecmAeRT9kE7-5sdESjtEp0WiZZMYA4p7w96UvJ_HXLvbK3RW4mg&sai=AMfl-YRc2NNWoQ9ziEKjrAON6qiB25aJtL2tm9n5j7B34kZBMUtHfG0Q2wHAlnUkO797WN3jCa1cmD4T4LqsyQ4ej5fof3paW5xe7CBin-IGNM-nhVy7go9GWy9WT2JZVoAngATgzC_LMXbJjMWsUKXHKaeHGcpPO06TtEo3jkd9h3uoxJgsMnUr6iiiuGs_A-5AJEZA-To&sig=Cg0ArKJSzMtsWDP_pyElEAE&uach_m=[UACH]&pr=10:0.888719&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 17 Oct 2022 19:53:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2

200

usersync
rtb.gumgum.com/
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO4XRCv-LquAhiqj5jQASABMAE&v=APEucNVDuchHPGlDDm1Oq5zOksRqIt48s-0s80e4mW00bKXm2qaRsCVNnD0UgmkwOOzO7k9e_6tFwyl4BzSm5RSqve-ft4KizA
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_cm
https://rtb.gumgum.com/usersync?b=gdv&i=CAESEHB8ItFTqvJYvnEH6NvJ1ig&google_cver=1

35 B
209 B

146ms
45ms

Image
image/gif

52.51.237.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=gdv&i=CAESEHB8ItFTqvJYvnEH6NvJ1ig&google_cver=1
Protocol: H2
Server: 52.51.237.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-237-189.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:07 GMT
server: nginx
content-type: image/gif;charset=UTF-8
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb.gumgum.com/usersync?b=gdv&i=CAESEHB8ItFTqvJYvnEH6NvJ1ig&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 286
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK v2
fra1-ib.adnxs.com/vast_track/ 0
819 B 30ms
29ms Image
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 19:53:07 GMT
AN-X-Request-Uuid: bdfeec09-1a74-4fe2-82cc-387bc05ac329
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 dc_oe=ChMI0di_l4Xo-gIV26xRCh1zAAElEAAYACCN1-ZTQhMI1-eol4Xo-gIVzMveCh3DNwpe;met=1;ecn1=1;etm1=0;eid1=11;
ade.googlesyndication.com/ddm/activity/ 42 B
494 B 112ms
56ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI0di_l4Xo-gIV26xRCh1zAAElEAAYACCN1-ZTQhMI1-eol4Xo-gIVzMveCh3DNwpe;met=1;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame FB1F 23 KB
9 KB 22ms
22ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 328180
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 00:43:27 GMT
expires: Sat, 14 Oct 2023 00:43:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js Show response
pagead2.googlesyndication.com/bg/ Frame FB1F 36 KB
16 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 13:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15922
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 16 Oct 2023 13:17:01 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FB1F 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.539.0&bgai=BkjPAobJNY5GEG9vZxgLzgISoAgAAAAA4AeAEAg&bg=!kJOlk9fNAAYeOJy_Pjg7ACkAdvg8Wtm4MLnrZHTp1MrbYrqGJyGr014uWYgZvGVxJW_iPXSd96yImAIAAAB7UgAAAAJoAQeZAwJ0BLMwbCN_J6sMPO4G_3I0NMaGTFaaerM7EcPrrWwJX3xLslbZ2gJQzDG2CnEZYEcnHqteC0qDFoTXfDYWEXw186wdSDd96LXCZoICCdANl2VRxX9vrN6Oq1-9v9AivvzvuKs9hu2JA8fHu1qFTfjxqgbYjKjZrLsjKZJQVsv8lyYMa875Qz5sF807DeFrg1uL-39ZdjjDkFBmFWnmqyVFJBl-OXSyBZifK2PH9snPp_i5T2BJAB0vq5ReVBcLNwiR613MVLkvysZT_Zkd3DMzA3DCuLsFnDLSgDoTF2fyYqX1wfpXkyP-lZGPr9xc0qkOz33e_BH9L8vHjvMju2WbcMjDW1hFJyRg8O5BHO9Gty_FL2AN42mDXiiAS2d3D9rdUtek7VQZpdjeYb_48J3h1hf16JMKloR4URtjr4_AUTuItnhMmDfMVscuqo32kKuwxQoeJyrRQSjvLHY2XZO4JooG8cAQgIu7dErvZgy3b0iYctK0AF4rTjvvYyPO-h2pMnzj2ZhDeTnF49t4UieSxIf5kXerBzfAssTbki1k0rHCpQEZjinztU9MVmqhYGphlaY_gRnLjNb2R2_rAAmpOcassVe4xoFE64uUMV7uRHk_t2cFYmpfWQMGDDotmlNe5XjcbOcOnc7TUNDbbtetowWQ67F26OIn8--oPiH-vt90PSz2iaTF_MKLg4Ro2XoZOIorUr1Fm9B0IYgnXaYqdNQog8xrPG9Vi5mlKMVBReRPz6hZWHzNx0mlQVNeh81dCiKHGBQj2Aw_K4qAdZFVsEx3sabmAdWK6U1cFwxT5D081fAvZA_wGZRTOkQNkV3v3c59S7ByiaxfAm_mSK6uXeZcgGgbMD7QzHk0J463Wbtvk3hoGZVPK91337QNBO0Qtc9fai1X9nD_30xJSFDH9Aaz2e3kzOpYfwFDTS7Kptxy5BCgF4jYkg0qfVUjsWPmigkXWpUmCvfIjtNwdiElisy3G9Mhjc6l99sujWG10pyak6w4Dkro-aejaPSOFVK3HQ

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
53 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4076396686996071

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/bundles/Layout?v=ik3RNJNtkislbytZgVA2Vdcw0rnO1HQ_Jhil8agxBYw1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

228585ad6dd0a1115e6b69f0b252a74efad35ea9ebc9af361340e82261041ce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54272
x-xss-protection: 0
server: cafe
etag: 13517818599290528444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 17 Oct 2022 19:53:09 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 506E 42 B
64 B 62ms
62ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutVUt3xZ1J19adxo-hJq6FKq89R2kDTz4GHK9KgHSuySXosnEYluqJcZ4cy-Aq1qI8fobPGCy0F3a4pF8UlWhWtuOIMXELZys&sig=Cg0ArKJSzIlic6YK1CZoEAE&id=lidarv&acvw=sv%3D940%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D1027,0,1196,300%26tos%3D2018,0,0,0,0%26mtos%3D2018,2018,2018,2018,2018%26amtos%3D0,0,0,0,0%26mcvt%3D2018%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2018%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D613%26pst%3D414%26dur%3D30037%26vmtime%3D1806%26dtos%3D2018%26dtoss%3D1%26dvs%3D2010%26dfvs%3D2010%26dvpt%3D2010%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D575%26femvt%3D0%26emc%3D14%26emuc%3D0%26emb%3D13,0,0,0,0%26avms%3Dexc%26qi%3D484384597%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnmm%3D1666036386090%26ptlt%3D1666036389494%26pngs%3D9,14,15s%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2018&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1666036386897

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMI0di_l4Xo-gIV26xRCh1zAAElEAAYACCN1-ZTQhMI1-eol4Xo-gIVzMveCh3DNwpe;av=1;acvw=sv%3D940%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D1027,0,1196,300%26tos%3D2018,0,0,0,0%26mtos%3D2018,2018,20...
ade.googlesyndication.com/ddm/activity/ Frame 506E 42 B
63 B 105ms
60ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI0di_l4Xo-gIV26xRCh1zAAElEAAYACCN1-ZTQhMI1-eol4Xo-gIVzMveCh3DNwpe;av=1;acvw=sv%3D940%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D1027,0,1196,300%26tos%3D2018,0,0,0,0%26mtos%3D2018,2018,2018,2018,2018%26amtos%3D0,0,0,0,0%26mcvt%3D2018%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2018%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D613%26pst%3D414%26dur%3D30037%26vmtime%3D1806%26dtos%3D2018%26dtoss%3D1%26dvs%3D2010%26dfvs%3D2010%26dvpt%3D2010%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D575%26femvt%3D0%26emc%3D14%26emuc%3D0%26emb%3D13,0,0,0,0%26avms%3Dexc%26qi%3D484384597%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnmm%3D1666036386090%26ptlt%3D1666036389494%26pngs%3D9,14,15s%26veid%3Dfmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2018;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1666036386897;ecn1=0;etm1=0;eid1=200000;

Requested by

Host: www.yallakora.com
URL: https://www.yallakora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame CAE7 0
843 B 21ms
21ms Ping
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.yallakora.com%2F&e=wqT_3QLlH_BM5Q8AAAMA1gAFAQih5baaBhCKvOLRoa2egw4YkcizsdGw-6dTKjYJsK4K1GJw7D8RfBQJAVQs6D8ZAAAAQOF6AEAhfBQJAVQs6D8psK4JJNgxAAAAIK5H6T8wsOLsCzjeZEC8CUhlUJnj67IBWOu9mAFgAGiYm7sBeOKEBoABAYoBA1VTRJIBAQbwXpgBAaABAagBAbABALgBA8ABBcgBAtABANgBAOABAPABANgCAOAC459c6gIaaHR0cHM6Ly93d3cueWFsbGFrb3JhLmNvbS-AAwCIAwGQAwCYAxegAwGqA8IbCosbaHR0BTD08g5iaWQuZy5kb3VibGVjbGljay5uZXQvZGJtL3Zhc3Q_ZGJtX2M9QUtBbWYtRG1uOVlxQUZrcnphVkp0U3VwdjhDYUFfMHlEdHI5UEE2V3VYU3VjOGVzT01NWWtyTFR0VXhzZ1R3QnVyS3I1R2NZY1BhWExMZklZYUVuN1FaVXY5MG9QTTR6Y0EmZGJtX2Q9QUtBbWYtQWN2TGpTeGVfb2hqYXBidnF5ZVdpM3lRVV9vLXM0UWJCY2FFVm13cVYzTWU5bWV6YTZQSEdRS18xM1N3Y2Nya0hRRXhMcmphbjBueVhneWpkYkNhRlVoajF5c2RpeWJka2wwc0VzV2xBNlFyR3NOWU5fbjFxLU1jSjhGQUlpcTJaSmg4aWg2Mnl0UXZTTGE0dHpfZHNkMTBuU0QxaWV4bHhOaWkyV2JxN1lvamF1cU04Vk13NWxUaTNFcFBsRHNQRWdGTDFzNjJrOXc0SDN6ZF9ET2JpemFuRjVLZHlZUEhxSUlHQ3pFQkZKVmtkV2gyOTIzemh2Y3pQYnBEMFFTRHVZTUFleFVXVGM3ZlkwVUxnTXdzU2dPQlVhMmFOU2JPYTRzc0FuVFlVVE13ZHdZWFVRbmNOWjdIM1doeFMyVUx6eDdpd2Q4Y2JDZ0hJVzFTaUpvU3R2UUo1N0Y4Y1F3VFJzNUZLYXBpSURjdmdsRkJuNThETFVoY3R5cnFuUFVuQ0lKaFVVcWZhZEx4SGF2aGpvOVJ6S0VWWF9FRXVUdkhIRVo3QUhtQ0NqcUJtekRXMEFsQjUwZUdrdWotNFhGWlhrYkh6Z2JVRFJfOTFqQ0x3TGhWYXpRckdFRXFoRmVIRGNwZ2hQU2ZUb2M2ejU4c1RiZl9xS285V2d4T28yamRNSGRWaTYtcGh0UWRJZUl0cmxvdXliM1pWbmFmUFRadkRwekRJaGtDRmJUX1A3RUU4ZUItemFRMl9MYTJiZjRkMFB1b3M3dlR6LWlVeU16cUk2WEFZdXlCQzdxVFBIVFljNUpJZ3FIcDRRUHZuS1M4OUVxNlB0c0pZWHFVRXRodnEtbElMWmpfdl9fVThmdmc3V0tCaHRVMjNnWTExbmg0Z0swdHZubWZfMWlfUTIzNHktQlNacThpQXpvS0dodHJUcHYxd2twZjJVOUpIcVZWZ2lCQ1F5czBFejdwMFdVR2pCREhTczdPa0xqVWdRRUdQRTh4RGFlbE1sS1VlaHdNaG83TDROTFVINzFMbkJEUThfcm1OVXg5MjBHWFZnbVY4UUFfY1dOSlhXdXhGUnpUNGlPbGRCN0lpZDEySjRMdFloQ0x4TkIwZDBCQllpVF9kdWNFdHFUMVRzaGxldmZrMjlyQjhVVy1qTHRRY3JUd1g0djhGZlIyMG9hU3Zqdzh5aS1fMGI2YmNNMW9MZjVIdm4tSl9oU1U1Y1NUc3k2a0pULUdBSWxWRVhFTXdTbzBWSGI0U0pNbE1TdGZ6VkpzSHhmN3k0WE5XcktscWJWa19adEVWeEhNUXhiYkFHTElMY1BiMUstZFZILVg2Q2NNQnhqeTZ0QmdCellUSm1odkkxbW8xal90dzhyb2xDQ3ktRzZydDJEMzdSUFBldWdrbF9sVjZuUGUtaGtpNmMxclEyQU91VWZiNFZuUjR1TXZwSHZPMzZIT05Zam90eE1EdkxjLWhsOEw1R1FCMEZBaTlLSXFERU44aVJJY0N6SnlpNWdqWEo0VFBsRzNWeWFVTWttUGYxT2w2ZzRVejJ0SXVibnJLNDF3SmNwSmhBT0hJUE44MTJQZVVaWGVOcGQycFBGM0xIc0VTdHJnTnc5RU41YjFrZjc0ME5MX1dBY1J3TnNJaWtBWjR0Z1NocWdYR0FidFpISUxVdVhFZ01UMzZIWmRWVWhYeW9SQWtpWGhLQXFzMG92NmpIU3RFWUVSYktsbjRYVnk4RjJrU1JvTVFtR2tBcjl1WUVpZ3RYZVpFQzlqdzFnWU5EdTY0Mk9sRjdCUG1fdnkzNjVOVlprdjFVNnVna2dLUHFZcFpPRUV1bVQ1dVJNbkJEdDN0R3lkZmttNlVxZ2l1X1BGLTZqVGtUZjIyNkZ0MmpNbld5UGxLbVVJZjY5dFcxckhMOGhUV1hXV0lSN2RHSGpyanN0NXJ1SlloZEZ2c0o4SVRTLWt5OUVuclEzbDhUMDlxSkttTmVPQ2JzMWt2dFlXUVBBV3BiMXk3UjY3Wklhc0k5ZmFab1ZkNllIMGE2dnA0bEJoYnVCM3dON3lVTGlGdWlvZkRHcS1CSHE4WmpJNXcwYllMVGlkRTVlVnF1ZVRiWm52UXdIRVA3Q0UyYklBeXEwaEQyMlVZa1BmcWVLVkJWWU1saU9ZQlR0ZjRPWVRRdHNId3BCN1UyVnl3bEhFVmE5YnBLRlcyeklwRkEyOVotNko1OUt5NEc3TUN4eGhXa0hYNkhRNVo4VWN3NzgtZEtvRWI1RDJsT2xXRDl1RmJoTVRsd3VycFhFalBxS2lZaHNtV1g2dEZISDNpVVdkZUlVYXkxdWRUZ2pVX20xT2YxVDdqWHQzOHhQSUZBaGJqMU10eVcxellPbXlpTzlWekdsUEF0LXBrNUFsNVFCNnFmMnNQTDkyeDFVc3pMZ3k2TmlJMXQ3UWdWZGMtZXIwMkNWSmtEeFJPOWtKZWw2cVh6cFFUQnNhWVkzd2xua1lyc2UzUmJScmR1M0tUeE5ESlJnQXNUUTRnWk9Ga3MtZE5YemlqZ3Q5VGNqcTVuVjhFUzBiNzNFM3ZtYnBHZmZtMjlEazV0X19wNFdpV0xEaThfSzBhcmJVSGFqVmo1R3pXR3pxWGUxVW5qOXNmTmVBQmJqX3poVDgxakp2MjQtTnEzRkh2dmZXYVpsU0dhWkxiZnFWd3pTakk5M3Yya1otNXJzNnRaWmpLanpJZnBhWU8xSTRoMzhXNi1vdWJ1akF2cnlKRlpZd2MxNnAtaDVkNUNYWElSZ1k1Qm92Rk52N2JTWUdRaVNJSU8tdXhaRU9mdUdNR1Q2NVFRcVhsQThLUXlCclJiY2lzTkVTVG55R2ZOQVY3ck8yYUhYcnI5LUswWFIzSnp1SW5oLTFyUTRtalJIVElRWUVRajlEeEtIcVhLZEdxc1FKVWRrb3RzVkVoQ3Z5OXhJNVpDWXVmMUFwYkpQaHcxVVRzYWgxbTdOa2QyektmTU1ZSEZhaFdVM2s1cUlacldGaHE2NnlBZlVuTERDTzZsLXZBQkRPQWUyd20zQjBpVV9PYm1QeXFLQzlvWFUwUmZsNVJ0S2tjZWhhNkVqWjJHQkdqN29sYmtTT05ieks1cWJ0cWlWell3MHNEQUhEYWJITjBWZE5CQlpreV9LTnZlN1JoTjJJN0hzZGdrSjhQNmJnTmlzc2Jlb0JPdXVwYmhKY0g1VFpIVjB4RlVkbXFaVVdydXpjWE9TcnNKV1hVbjNPWnpRaGk0MUg1cjlKNnFzNmM3U1c5ZlhZSEswVi1QT1NyZy1lVUs5Q3kwbG93cHNUWjJIdXZOb19IaHJ5emJTYUpyMXJqa1hPWG82ZWVyLU5aVGJSMkhFTW9GSi0ya0R3ekpaY2ZXY2ZzQXFQbjEtLWxhWFJ2VnhZSE83REdOZXczUFY1Zk4tdHN5RHpMSTM2UFVkQUh5Q3R4X000OFNVMEsxc0pzemQyNW96U1dZTnp3dkc3ZDZvenBfbGRMZ1Y4UVNwWHpRd3pYNlAzSngzaEZHbVRjM29BR2dya0N4ZFZpWFVDNklvbUpBNm0tTzVDem9JS1BFZUNibDlDVEJzek1LTjdqT3gwVjBBMGZIREt0TzJkanFaVGpFMDRCc2xxYnc0bWMtdmtEc0dWSnBCb2ZiWGJwRnNwc2VLaGpOSy1HRmZhRG54SXM0cHFNRnZ4a19RNHB0dDRIWWE1MHZQUl92bmwyRnJNamlJWmdIWkRETnIxdGhSYlp2X0M5enFzR3VsRXY0MlR6YmNDZnQ0YUU5VFNucmYwMGNIUlhxN2RlOFFKUlMxSk1DLVFJSUJpTklPTGg4Z0hFdndOTXJIc0k2S3VGYWFGOUNkNjVuWDdpYnN2UHBxaUF6czJUUkF2eUhBci1UTGkyZVJmV0JxWVByelRSOENCLW8xTHA2MHRzVkE5NDk4LXNfN2J5N05QMnN1ZlRBVEFZRjFOZWpuZjB0S1R0WFA2ZGtpdHdSWjlMcFRMNDVfS1B4am5Ib1d2dnNfQjhGZlhsX2JzY2h0MTJONFRjdEh2VUdVQWdmUGtHREJfRFJzM0MxRjFrem9sNWhiTXFDc0tDWnpld0tiZ1lULTdfYWlvQk5IZ2FsYVFmbnZ0RTVmbUJaU0x1Nm5FQmY5bWhkVUxQcGp1cnhva2JFaUNRd2M5NllBa3QyeGE1LURvS0Y5SlR0UmhHOWZsX3dwcElTemdKbUdZbEVGM190Q2RZMDB0eHhoT0pkVFVFTjJSRTZrMHFsY21relJOR1FISC1SLUh6OEdmcTJoNy1JSWdmaExfRVF0cUdKRW0wRmRUYnktMTNaWW9FJmNpZD1DQUFTRmVSb1hXaGJaQk0yRnBvSEVTVXpDMDJuNVRpRE53JnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzEwMTA2Mjg2NjMwMDQ2Njc0MDIiCTM3NTA1ODg0MSoHMTUzMDkzMToJNDM2NjAyNzk0wAPgqAHIAwDYA4yNBuADAOgDAPgDAYAEAJIEBi91dC92M5gEAKIEDzIxNy4xMTQuMjE1LjEzMqgEALIEEggEEAQYrAIg-gEoASgCMAA4ArgEAMAEAMgEANoEAggB4AQA8ASZ4-uyAYgFAZgFAKAFxd7SnJ7YppU-wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF_QX6BQQIABAAkAYBmAYAuAYAwQYAAAAAAADwP9AG80vaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYE8gYCCACABwGIBwCgB0CqBwsxNzgxMzQxMTk4NroHDwgAEAAYACAAMAA4uQZAAMgH4oQG0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8Aej7QOKCAIQAJUIAACAP5gIAQ..&s=53d236e121213a36204dabce50724c3d3e1601a2&type=pv&jm=1330|1320|1003|1022|1020&px=0&py=1027&bw=300&bh=250&sf=1&sid=1602025651626782473&vd=ct~0|pn~xdrviewapi_Video_Framework|rr~5&sv=229&tv=vh2-134&ua=chrome52&pl=win&x=omsdkvideo&cd=30&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/omsdkvideo/229/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 19:53:09 GMT
AN-X-Request-Uuid: bd3410c5-3371-492f-aeb1-619726d7ae2d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.yallakora.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/ 352 KB
116 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4076396686996071&plah=www.yallakora.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4076396686996071

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52da3158d4eaf4ffb51f036a5771da61d9463765cbc6c67f758265bd52e9acb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118619
x-xss-protection: 0
server: cafe
etag: 5904122163832271422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 17 Oct 2022 19:53:09 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/ Frame 5DE3 10 KB
4 KB 21ms
20ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4076396686996071

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yallakora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82421
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 16 Oct 2022 20:59:28 GMT
etag: 9671129459699598864
expires: Sun, 30 Oct 2022 20:59:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 12 B
476 B 94ms
29ms Script
text/javascript 142.250.186.130

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.yallakora.com&callback=_gfp_s_&client=ca-pub-4076396686996071&cookie=ID%3D9ff5d9d654014fe5-221129974ace0028%3AT%3D1666036383%3AS%3DALNI_MaxsM9RhG0tR0DgrOAdQOIR6YAxlg&gpic=UID%3D00000b7490353c30%3AT%3D1666036383%3ART%3D1666036383%3AS%3DALNI_MaOYDJErbkV8KMQEGyyiT1oONJVPg&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4076396686996071&plah=www.yallakora.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.sk/adsid/ 107 B
122 B 71ms
29ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.sk/adsid/integrator.js?domain=www.yallakora.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
29ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.yallakora.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:53:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.yallakora.com%2F&tn=DIV&id=adxbox&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 54ms
53ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.yallakora.com%2F&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallakora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:53:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4598 0
16 B 115ms
114ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4076396686996071&output=html&adk=1812271804&adf=3025194257&lmt=1666036389&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.yallakora.com%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666036389614&bpp=2&bdt=7413&idt=94&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9ff5d9d654014fe5-221129974ace0028%3AT%3D1666036383%3AS%3DALNI_MaxsM9RhG0tR0DgrOAdQOIR6YAxlg&gpic=UID%3D00000b7490353c30%3AT%3D1666036383%3ART%3D1666036383%3AS%3DALNI_MaOYDJErbkV8KMQEGyyiT1oONJVPg&nras=1&correlator=7562533800324&frm=20&pv=2&ga_vid=733115516.1666036383&ga_sid=1666036383&ga_hid=600219828&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070342&oid=2&pvsid=2490143105744881&tmod=720007158&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=113

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yallakora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:53:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9FE8 430 B
227 B 485ms
485ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4076396686996071&output=html&h=250&slotname=7602326107&adk=602304427&adf=4134141899&pi=t.ma~as.7602326107&w=300&lmt=1666036389&format=300x250&url=https%3A%2F%2Fwww.yallakora.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666036389616&bpp=2&bdt=7415&idt=122&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9ff5d9d654014fe5-221129974ace0028%3AT%3D1666036383%3AS%3DALNI_MaxsM9RhG0tR0DgrOAdQOIR6YAxlg&gpic=UID%3D00000b7490353c30%3AT%3D1666036383%3ART%3D1666036383%3AS%3DALNI_MaOYDJErbkV8KMQEGyyiT1oONJVPg&prev_fmts=0x0&nras=1&correlator=7562533800324&frm=20&pv=1&ga_vid=733115516.1666036383&ga_sid=1666036383&ga_hid=600219828&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=262&ady=2256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070342&oid=2&pvsid=2490143105744881&tmod=720007158&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=hbTEfRCwaU&p=https%3A//www.yallakora.com&dtd=127

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d2125bf3059e17982042129785c19fc6203274db72a239ae49e19537eebd3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yallakora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:53:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Verdicts & Comments Add Verdict or Comment

353 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.yallakora.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 54r5qxalhsrlk1tyw2uyx1lj
www.yallakora.com/	1970-01-20 06:47:19	Name: FGTServer Value: B38C762E5508AA76F9CE87FB8FBFEC44A293CABD87AA0C4FB441CB8A2C71138CA1C44D80AA37A1D2
.yallakora.com/	1970-01-20 06:47:16	Name: lotame_domain_check Value: yallakora.com
.yallakora.com/	1970-01-20 16:23:16	Name: _ga Value: GA1.2.733115516.1666036383
.yallakora.com/	1970-01-20 06:48:42	Name: _gid Value: GA1.2.1367500697.1666036383
.yallakora.com/	1970-01-20 06:47:16	Name: _gat Value: 1
.izooto.com/	1970-01-20 16:23:16	Name: IZCID Value: 78896825-f88a-4183-baa8-47b368cae8e2
www.yallakora.com/	1970-01-20 06:57:21	Name: Location Value: Germany
.yallakora.com/	1970-01-20 08:56:52	Name: _gcl_au Value: 1.1.1695334141.1666036384
.yallakora.com/	1970-01-20 06:47:18	Name: __cf_bm Value: Ni5_aerlVw5.mNRAcW6J1Zqft83d.lN4QBUj.kK.IC8-1666036383-0-AZR7FgsGslERZl8BJRDZMElIBvr724JVHWWWmPAve27c+tXll/mC/qk3gg/R8BXjqaw9oBA+dSS3+JLTssTwk/RpvXc0dbkvQ04Vihe434DqhdS1DEcz3cLo+l2EXn4+HA==
.yallakora.com/	1970-01-20 16:08:52	Name: __gads Value: ID=9ff5d9d654014fe5-221129974ace0028:T=1666036383:S=ALNI_MaxsM9RhG0tR0DgrOAdQOIR6YAxlg
.yallakora.com/	1970-01-20 16:08:52	Name: __gpi Value: UID=00000b7490353c30:T=1666036383:RT=1666036383:S=ALNI_MaOYDJErbkV8KMQEGyyiT1oONJVPg
.doubleclick.net/	1970-01-20 16:08:52	Name: IDE Value: AHWqTUlT75z5SZTMgcGAh_8e-SWu4UFBCk02H6cyCvxm6zlcTy4RqszE4bZZb08o7Vc
.casalemedia.com/	1970-01-20 08:56:52	Name: CMPS Value: 2229
.casalemedia.com/	1970-01-20 08:56:52	Name: CMPRO Value: 2229
.casalemedia.com/	1970-01-20 15:32:52	Name: CMID Value: Y02yoAej0XFW47Wqhee6HAAA
.adnxs.com/	1970-01-20 08:56:52	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?]jGzU?!]tbPl1M>e)ZlrFUfJ+tGXxo3::ns8Ig:oF[5qT'<S1@#bZ2yh_K?)nlPibc3If)y3KL9D3I?+gIBNk_
.adnxs.com/	1970-01-20 08:56:52	Name: uuid2 Value: 6003277984166634513
.casalemedia.com/	1970-01-20 08:56:52	Name: CMTS Value: 1184
.yallakora.com/	1970-01-20 06:47:16	Name: _gat_gtag_UA_232068335_1 Value: 1
www.yallakora.com/	1970-01-20 11:06:28	Name: Exitbee_vid Value: 83743ff7-bc45-4f95-9993-bd4ca9f16979
www.yallakora.com/	1970-01-20 11:06:28	Name: Exitbee_sessionCampaigns Value: []
www.yallakora.com/	1970-01-20 11:06:28	Name: Exitbee_nrPagesVisited Value: 0
www.yallakora.com/	1970-01-20 11:06:28	Name: Exitbee_visitsCount Value: 1
www.yallakora.com/	1970-01-20 11:06:28	Name: Exitbee_source Value:
.adnxs.com/	1970-01-20 08:56:52	Name: icu Value: ChgI89p8EAoYASABKAEwoeW2mgY4AUABSAEQoeW2mgYYAA..

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://script.crazyegg.com/pages/scripts/0069/1078.js Message: Failed to load resource: the server responded with a status of 410 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5df36ebb7b53835965a73a9e7b9e7b27.safeframe.googlesyndication.com
acdn.adnxs-simple.com
acdn.adnxs.com
ade.googlesyndication.com
ads.celtra.com
ads.gemini.media
adservice.google.com
adservice.google.sk
aghtag.tech
agorahtag.tech
api.ipify.org
bcp.crwdcntrl.net
bid.g.doubleclick.net
cache-ssl.celtra.com
cdn.adnxs.com
cdn.exitbee.com
cdn.izooto.com
cdnimg.izooto.com
celtraidentity.com
cm.g.doubleclick.net
csi.gstatic.com
dashboard.ideanetwork.site
dsum-sec.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
media.gemini.media
pagead2.googlesyndication.com
partner.googleadservices.com
r2---sn-4g5ednss.c.2mdn.net
rtb.gumgum.com
s.exitbee.com
s0.2mdn.net
script.crazyegg.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tags.crwdcntrl.net
tpc.googlesyndication.com
track.celtra.com
www.google-analytics.com
www.google.com
www.google.sk
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.yallakora.com
yallakora.com
pagead2.googlesyndication.com
142.250.13.156
142.250.181.226
142.250.184.226
142.250.186.130
142.250.74.194
151.101.129.108
151.101.193.108
18.66.112.43
185.80.39.216
2001:4860:4802:32::3
23.35.228.188
2606:4700:10::6814:1a43
2606:4700:20::681a:4a9
2606:4700:3031::ac43:81b0
2606:4700:3032::6815:4ae4
2606:4700::6812:d941
2606:4700::6813:9408
2606:4700:e2::ac40:850b
2a00:1450:4001:6b::7
2a00:1450:4001:801::200a
2a00:1450:4001:801::200e
2a00:1450:4001:806::2003
2a00:1450:4001:806::2008
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2006
2a00:1450:4001:827::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a00:1450:400c:c1b::9a
2a06:98c1:3120::3
3.120.29.79
3.124.253.38
3.126.58.88
3.232.242.170
37.252.172.123
37.252.172.249
52.30.246.43
52.51.237.189
65.9.66.122
086422b0241c5de2a18d9a236f95606ff34becd3d92692acaaca538f6458c026
0af68c79fafbd45b6514fb7823270eb98f448b79df3d658dd467fa38edd2d9f8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0febc807f52f524ceb199f9c29513525542c28543453580d6c4775b0d47e9750
13cc628913dd7c9735028a0d829a31b219ed4854881343cf78f11b938009d33b
18452602462c179cc4f3cc1133318a00ddb0dc9b445411074d179c6f66811181
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
19b7681ad6b2f23f511744340fd8815409918f0a67ccf15edcae821c38bc3cab
1af2148d7bd5e2a0c9ddc1c5b9ff072996852f4f11ebc19695ba4ee08ddb9c4a
1bc184be377d70bbfdb7533905e9031817d52cfe8e978bc00a31893b49c23a11
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1efe13e4897206e5d852df789e1e37b9114a85e6bc1496b39b680041d8a4d780
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20968a95e5a911a40d373861cd5ec8215c6c9148a45e4ce53f7bca46033e2e4c
228585ad6dd0a1115e6b69f0b252a74efad35ea9ebc9af361340e82261041ce0
2323fd6619df5e6ab4def7d7660caebf683ab33c51d9a391827d3bab30d3354e
25cee3559b94c2af68543a4f8fc8695587e485fdf08f5680cfc0193a75caccc5
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2975f9c21af6e85c80800759ca7ca780cbad9657ae8c1238eb3d6bb04f61656c
29b463a65a03d7915d022df12db018494b3aeac05df0121278323a62441a2f33
2b610e64635913a29b9146c1a8c9b038edb0853370a6ad7eed0926d94690d6be
2eaa37f26578030c2a77cc9b8603096882e02118feedaf841be8efefba6b2c43
2f7bd0c73018f9c34a0a959f791da61431910dda0ef204b164ea1539255339db
3499c2bfdc525e4672c8a2d78d7fb89e7cadd4b4c84a58daf8c30f3a2c7cee59
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
39ef03d0aca8f63478b413d6b9326687b503dd7d6516faa6f446b346b03d8d8d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
481b14b5b14debb7986705407dae4a2a567756a87f4194e9257ffcd3b81323f5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca0f96b69c1db1ae3b894e171a7bebd30619347b22feeddeb1e855b5f91175a
4de2e6f09f3a013353da5083f2cc8b688cb67385ec5b0ca7d5d20873682e4942
52da3158d4eaf4ffb51f036a5771da61d9463765cbc6c67f758265bd52e9acb3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b3b5056e215c527846e60d3c1244f74b9ad5435f41bda47d354e027f29df49
5814798954486522a13b0047005b8f5db368ac7c3dd8c87642e710f47544e753
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
59e2f489c540cb69ebadfe2bf3ffe3c1921b608c09d9e70d410a647ba21d09cd
5aade6712debf50525e09a64d01f7e1ad9ce7a0a5f43f3dd2b3d40a744fa4c4b
5ae0fa8e75fae52d2a4cdfe986dbfd1469f7add01d3e4324f763db70d9f2aa80
5d2125bf3059e17982042129785c19fc6203274db72a239ae49e19537eebd3e9
5d7a869117d9aa8dcfea3c3ee9b212a64ce77bae138704fb92f923fe51a91d00
60039250ab3081bd04747ce9982eab8226208b35e9b3cbf4363cae6247788593
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63e45776b846644cf637104db683aa2eaf80459aaec3de2afbbc9f476f585afa
64acc77d9de85bfc688d93355c91769fda5ea9b3e43de901304f2d302551c29e
66dff4b505c9df6cf3518e8cbac563f9ca34f66f4938df6e1f7399ea063d4812
693dade10b46065ed48dbd1908c839ad28e666649be40350de16010e8abaf3f5
69ddf7e268cb8389d3db374380a398e1ffbba4924f976e99b7d77d5e7be542f5
6a1eb33c73e9d51134d31ee4bbe6c530b54004e2d65feb03fb285ea10709f428
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b044a444d8a38d2cf424917ace4f7fd414789f3f97151b50c9511d9c7c4c6dd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c34e9a64fd79b324b935ab3ecc8b513554ea5ef3cc1d11a7cbfefcb74c3d402
6d4e98862f405e36a32d6fad82a91b14ad3b7619845eb23302a9aaf9e1f683e8
700f22b5738b87cd04520bb9e3561ca09a1cb7a5d39ea514e5e06e8c3f0e14c3
733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a
7716e73394e512a606736b944852ebcdd693eac6bb0dd7f0c9c8b320ea920868
7725139453ed3eeafd6e094c93cc589da71d5ce68419923b1d99032fdb637efb
777cc2cc54a1db1c7113af0c171a2578f1145c612f273be3442421bbafe52f6b
79b525d9a222506f07c982f65ff83a20369203fad57ba161159cdd3fd552873e
7de6917909912632a6ead10e864ea9b98b29047da4590d5b645a94d5d0cdbd69
7e298a4f0cc804dd68ea246cc169fc5ad318011960b113f853213bba366e5e62
7e52e4fc73e5fbcbc16db9561e5d9c11f5f5b8daf3d15f3000e1eded523cfc8b
8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091
821b1cf475b9bb9c9a81d02c30c31ee3f4eb1dbc30e766541789150a03cdd987
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86fe7f6d887d87d1339f3a295124ba67c17527154144fc6171c3ddaf54d29be3
8846de6b36062db2c0aec7c3b9d8ab54f51b0f971de9bb25fef00ad243c2ef47
887cfc65d252ab6d32230aad1d4c0f719f94c6f7e5191fc5bf5ec5338e5bc0f5
88c9d5ee53599dc2556c789bc4100f4828f915745a1d6c7d8f8934db7fbcf5e9
898ff2b1ce00f443c1e78502947912b42d9778f34b2ca10a6df59b56b8b0df5a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ca9264953cc7bc4dab5b915a1fe5a5d70c333607438597814b89aa55895dfd2
8fb375863601548c8a58510189699ce2ef8b36940559eb5e605eced26019a636
902899b8dd3a6b30f6bc1be0f39f48ce72d0c41357d8bf521cd86f58bb633b7e
90352cd429fceb3b816c9418248ab076c32d27239cc9bdf453287b07c952fe93
9341cd3125505fee47364cf9e415adb87bcd9e7c7b0ce85f90b96daea2f10b28
94a82fd6958bef0bcc62d2523b31a2a553cb3ae2f1c960d98e9330a63e227aea
94f416a5e2b0810bc1238c695ced3e7f0722e2e38385a4fbad2dbd36f73f64e6
9744ea2e7a8a464a0832ae5913e5a6bd923916db589ad0210cc7ae4d7b9ef459
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99907b3ed1112cd467d35e36691e23109403da1a1d3fbf8bf57f31a06beaa440
9b2e04ec885365474c2e1d15bf19964548a1939ba55b4fb4007e21ffe7a19bbb
9da73d34a97b87014befec84c90b35cee21dacdfc6630acd7a1bc68293c480d4
9e02ba9f2dab0339bff6b9e5a1e8d79ffcaaabbba02d81b3a775cfebec5e14c9
9e4c1867c75615b0c8feae52040194008b61fec6a1d216cf83d57da477a295f9
9ee157d711d98786aaf06b8333223eca37d33d0c30dbff00aa40849f4bddc229
9f0f48a2d2a64bc67024f0a3c8cc14d9b1c7ae15955181bd3311a1f54a57d024
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0c7fb0d6d84eac96a71b2f3d7377e5ad6fd454ca0a34d93fcdc4bbbd6e489cb
a1c575c2cd9a3718657556f21d121eabb76f835a341b94fc95bf4590d50375ec
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d654c9cadb674793ea1565ab4488ea8d6c49204b41028e6aa28fc48f45895b
a4ed5465b3e77cbca37e9d5a38c620e238e8f225368039c002f2d4bbd14b852c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7aed2d07975037f5ddf33e800e8beb356d6c0dee760aa82fc739b61e00d9f57
aa5343e089a52e4642aaa762b491cd9d50c9875f55478fb1c182d8042cb853ef
aafdca6d5f2e65f9d50c7a040750ad1121db6caf7460e3d6da19e767ccaa8818
ab76c8f3c21530b36d51b97e8107597d45ce1e645213592cd5b1319924ef8391
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad46f0f41fedf27eab70fd152f61ec55a00235b7da945bc988a0b77319e5b83f
ae73873f04df746538263a9eb9bc01531311ad553c505b9a082020491c909328
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2f8c4ebd3654ffe2a9eb2136b648a1ce4b7323edb335553d7589324b231cea7
b3c218f921126409f2f4a82b74458117039037330ffb76b30df5c6062b353a90
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4ec3048489dc9ca279c8a32ef268bf1753de503d6c68d9ab7607c177f5d22ee
b5feee7a5d40a953995b630a5c85e83d3f173baa845310b5b4c66336cdd89cac
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
b7f7a386494436726b54b513ee9e1238f88e8de4e3eeb8c1fad6491ef316ed8a
b82665f6013dd05db5bbf5e6ce927083e41a888dab6d4db95d78bc522a3ea27a
b84c83d41cbea8ebbf8cb8228c635ea4d175deb0fb8f5d629cb57957b0fd4de2
bbdb7965607a0a35785f6735e2b75c3e525d988be73f87638dfda923653b58e0
bdd12c5f0ead3fa5f52679f8facf03b8bf51c10a2301de6f1a32ba7ca82550ee
be637ea21f7bef12f88e1eb02937667793201d0ed8ea73ad824b35d6152a37c7
c1218bbbb0f1d4acec1d237359247534bfb2b1580f979b9bb968f8833c8bf727
c4cd88ec9b17f2a945f846a1118a57c5ee95afd6f7aac8e071b1d57d6d10890f
c9a8fa41004fc1508b4c4162d3b9832f3affb9a7815ae37c12e7a22bc7c43511
cebfa75512f12a4d2f05cacae40f83ddc3e1efaf90aba3d5c9eabe0625a94858
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2
d2a210880abe6ed2548e4d81e3441056d2c90b841aa060eed53253882d0cc603
d51235d2c0cab04859f1df2458d94ee7db7eaa4a956dde8f9cfcebe7aeb3bbc5
d76ee730bf11c03b986c5e5ca90907671c2a0b7871a2ac5f2657a898c01e7e56
d78fc8b1a23a3bdae5c4b6a5fc67200cb0002abaa4d07a54a4c64341e723ee4e
d8239694397ec889c2703a9bd00b2383d8b86c7d377f5c74ff299a5fea3e81b6
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dd2b0d7f50497b1820556f3413706fdc5c52488ea8eb28600b5dc6fe80893bcf
ddd475944f6c92d5d81fc7148f712c83ed6ba1450d74bb38922583d933d32cf2
e22f8453e5ddb31ab328f2cf016eb5279f679cb155cc376738c379bfc16b8a40
e2aebef5ce63ce72dd804a69aacc09e3da179e3dad35fe41bf6192fdfd87550f
e2c8c88a02894f378df4073ba4b376dde449ff2bf10b34cdc70d23ddeb7d9349
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bd78cbee1832cbc15fed1a3790fc05fbd92ca84797a01e75780f184ba2420b
e4c36de7a54e400c4184602da89febfd47cfce642101a375a26e273a2f81aa2b
e5a3e7a5241d076d56fd7f0accbcc20a89bd047eea36c1eebeca9b10ea1018b2
e6541560df8ea35197eeae56b3e0f1b085f7c4e18cf812495c44b1310e27f57c
e661776e889d3e1807e7f44b09fd7fe3bd0659ec47da78b481006ba9b04b3f06
e8e0475582ab3e866b093f14c52982006a8112d6a2833b0cd999cb8368b0f50d
ea09040c0f36fbe5e5ec7510c1560d14513db8bfbe27e1b79c55aab1d3c1edb0
ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96
ec96aea18a8b7a4cb9c407d6083c7e668ad2de5280c2af815b8251b305189c83
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3af8e1231e3994efbe92c8f43bd5fdb0d8b67562c12416153c5fa04ce60043
f4a23b131ab35b0dab5d4eec2607bf3cc92c197c7282b09c30c4055faa40ca9b
f515d0b4bac725ccd0b10b5a56b54abf8b9f556e7984a83d59780f11468fc58f
f72aae04cff9595dc5dd9335e71257b3df1eebc78672f700ff83c3e863b3e3fb
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f7f17076ad2c067e34c60268f264719870616baa86fa6d372d9daaa2eb89498b
f9162735c234a7f8fb0b5c2e84d8ccd1e66444a5672dabb41ec18cffcdd2d7db
fc3ffd6b75e50ac42c503a098ace35680047984f1c3515b681c3143f0251a11d

www.yallakora.com Open in urlscan Pro 2606:4700:10::6814:1a43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

238 Requests

94 %HTTPS

61 %IPv6

27 Domains

55 Subdomains

50 IPs

5 Countries

8552 kBTransfer

14373 kBSize

26 Cookies

9 Outgoing links

Page URL History

Redirected requests

238 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.yallakora.com Open in urlscan Pro
2606:4700:10::6814:1a43 Public Scan

Screenshot
Live screenshot

Full Image

238
Requests

94 %
HTTPS

61 %
IPv6

27
Domains

55
Subdomains

50
IPs

5
Countries

8552 kB
Transfer

14373 kB
Size

26
Cookies

238 HTTP transactions
8 data transactions