URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Submission: On November 03 via manual from MM — Scanned from NL

Summary

This website contacted 68 IPs in 8 countries across 58 domains to perform 372 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is tv.shoot-yalla.live. The Cisco Umbrella rank of the primary domain is 533251.
TLS certificate: Issued by E1 on October 2nd 2023. Valid for: 3 months.
This is the only time tv.shoot-yalla.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 188.114.96.3 13335 (CLOUDFLAR...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
3 205.185.216.10 20446 (STACKPATH...)
25 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.109.61.144 7979 (SERVERS-COM)
1 2a00:1450:400... 15169 (GOOGLE)
4 172.67.130.34 13335 (CLOUDFLAR...)
14 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a02:26f0:310... 20940 (AKAMAI-ASN1)
5 45.133.44.3 39572 (ADVANCEDH...)
1 2001:4860:480... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 104.18.35.167 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2600:9000:225... 16509 (AMAZON-02)
1 108.138.36.46 16509 (AMAZON-02)
3 139.45.197.243 9002 (RETN-AS)
4 2a0c:5c87:524... 55081 (24SHELLS)
5 2a00:1450:400... 15169 (GOOGLE)
3 96.46.186.186 7979 (SERVERS-COM)
16 109.205.187.54 213373 (IPCONNECT)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
3 162.19.138.83 16276 (OVH)
1 139.45.195.8 9002 (RETN-AS)
1 51.77.64.70 16276 (OVH)
3 52.19.8.73 16509 (AMAZON-02)
2 3.71.149.231 16509 (AMAZON-02)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
3 35.244.159.8 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
47 2a00:1450:400... 15169 (GOOGLE)
6 52.59.87.200 16509 (AMAZON-02)
10 22 142.250.181.226 15169 (GOOGLE)
5 9 104.18.36.155 13335 (CLOUDFLAR...)
4 6 185.89.211.116 29990 (ASN-APPNEX)
23 2.21.20.199 20940 (AKAMAI-ASN1)
57 2a00:1450:400... 15169 (GOOGLE)
1 69.166.1.35 27630 (AS-XFERNET)
1 2600:9000:237... 16509 (AMAZON-02)
1 1 52.50.105.105 16509 (AMAZON-02)
1 185.86.139.94 201081 (SMARTADSE...)
3 3 188.42.105.236 7979 (SERVERS-COM)
1 1 193.108.153.24 20940 (AKAMAI-ASN1)
6 142.250.185.130 15169 (GOOGLE)
2 23.35.237.56 16625 (AKAMAI-AS)
2 3.76.235.209 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 35.190.0.66 15169 (GOOGLE)
1 1 64.227.64.62 14061 (DIGITALOC...)
2 52.59.98.46 16509 (AMAZON-02)
1 1 193.0.160.131 54312 (ROCKETFUEL)
1 2a02:26f0:310... 20940 (AKAMAI-ASN1)
3 69.16.175.42 20446 (STACKPATH...)
4 2a02:26f0:310... 20940 (AKAMAI-ASN1)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 54.83.253.175 14618 (AMAZON-AES)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
2 145.40.97.67 54825 (PACKET)
1 18.173.154.26 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 162.19.138.120 16276 (OVH)
372 68
Apex Domain
Subdomains
Transfer
76 googlesyndication.com
1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
455 KB
57 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
1 MB
50 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
400 KB
31 serving-sys.com
bs.serving-sys.com — Cisco Umbrella Rank: 1584
secure-ds.serving-sys.com — Cisco Umbrella Rank: 2642
lm.serving-sys.com — Cisco Umbrella Rank: 2729
255 KB
25 demand.supply
live.demand.supply — Cisco Umbrella Rank: 53681
api.demand.supply — Cisco Umbrella Rank: 91692
42 KB
16 bath002.site
a4.bath002.site — Cisco Umbrella Rank: 524066
2 MB
10 shoot-yalla.live
tv.shoot-yalla.live — Cisco Umbrella Rank: 533251
225 KB
9 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
5 KB
9 adipolo.com
adipolo.com — Cisco Umbrella Rank: 42278
player.aplhb.adipolo.com — Cisco Umbrella Rank: 45886
ghb.aplhb.adipolo.com — Cisco Umbrella Rank: 46852
153 KB
7 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
219 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
4 KB
5 avplayer.com
feed.avplayer.com — Cisco Umbrella Rank: 18921
player.avplayer.com — Cisco Umbrella Rank: 15557
content1.avplayer.com — Cisco Umbrella Rank: 21379
241 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
712 B
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
104 KB
5 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1656
google-bidout-d.openx.net — Cisco Umbrella Rank: 1665
us-u.openx.net — Cisco Umbrella Rank: 522
1016 B
5 modoro360.com
tg1.modoro360.com — Cisco Umbrella Rank: 148241
servt.modoro360.com — Cisco Umbrella Rank: 144157
serv.modoro360.com — Cisco Umbrella Rank: 192200
14 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
268 KB
4 aniview.com
player.aniview.com — Cisco Umbrella Rank: 1961
244 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
bidder.criteo.com — Cisco Umbrella Rank: 757
7 KB
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
13 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
id5-sync.com — Cisco Umbrella Rank: 440
32 KB
4 scorarab.com
web-api.scorarab.com — Cisco Umbrella Rank: 292597
29 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
2 KB
3 gonet-ads.com
sync.gonet-ads.com — Cisco Umbrella Rank: 30346
1 KB
3 vaitotoo.net
vaitotoo.net — Cisco Umbrella Rank: 294289
30 KB
3 yahoo.com
connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4351
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
9 KB
3 greeter.me
jscdn.greeter.me — Cisco Umbrella Rank: 50318
22 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
173 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
291 B
2 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 5683
905 B
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
41 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1403
326 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928
279 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 957
363 B
1 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1601
340 B
1 researchnow.com
tag.researchnow.com — Cisco Umbrella Rank: 2316
445 B
1 urekamedia.com
cdn-adipolo.urekamedia.com — Cisco Umbrella Rank: 322156
881 KB
1 rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 2969
1 KB
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2242
548 B
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2858
1018 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
45 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 657
600 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 716
237 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 931
401 B
1 web3-lab.com
us.web3-lab.com — Cisco Umbrella Rank: 155536
653 B
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 6032
304 B
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11206
548 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491
3 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1762
8 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1383
5 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
13 KB
1 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 6758
5 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
257 B
1 shoot-yalla.tv
live.shoot-yalla.tv — Cisco Umbrella Rank: 359509
462 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
91 KB
1 pisanguttate.com
pisanguttate.com — Cisco Umbrella Rank: 480898
1 KB
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
372 58
Domain Requested by
57 s0.2mdn.net tv.shoot-yalla.live
s0.2mdn.net
1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
47 pagead2.googlesyndication.com 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
tv.shoot-yalla.live
s0.2mdn.net
securepubads.g.doubleclick.net
www.googletagservices.com
24 tpc.googlesyndication.com tv.shoot-yalla.live
1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
23 secure-ds.serving-sys.com bs.serving-sys.com
secure-ds.serving-sys.com
23 live.demand.supply tv.shoot-yalla.live
live.demand.supply
client
22 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
16 a4.bath002.site cdn.jsdelivr.net
14 securepubads.g.doubleclick.net live.demand.supply
securepubads.g.doubleclick.net
tv.shoot-yalla.live
10 tv.shoot-yalla.live tv.shoot-yalla.live
8 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
8 googleads.g.doubleclick.net tv.shoot-yalla.live
1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
pagead2.googlesyndication.com
7 cdn.jsdelivr.net tv.shoot-yalla.live
securepubads.g.doubleclick.net
6 googleads4.g.doubleclick.net tv.shoot-yalla.live
6 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
6 bs.serving-sys.com 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
secure-ds.serving-sys.com
5 www.google.com 1 redirects 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 www.googletagservices.com jscdn.greeter.me
securepubads.g.doubleclick.net
1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
4 player.aniview.com player.avplayer.com
player.aniview.com
4 ghb.aplhb.adipolo.com player.aplhb.adipolo.com
4 player.aplhb.adipolo.com jscdn.greeter.me
player.aplhb.adipolo.com
4 web-api.scorarab.com tv.shoot-yalla.live
3 player.avplayer.com tg1.modoro360.com
player.avplayer.com
3 sync.gonet-ads.com 3 redirects
3 bcp.crwdcntrl.net tags.crwdcntrl.net
1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
3 id5-sync.com cdn.id5-sync.com
player.aniview.com
3 servt.modoro360.com tv.shoot-yalla.live
player.aniview.com
3 vaitotoo.net tv.shoot-yalla.live
vaitotoo.net
3 jscdn.greeter.me tv.shoot-yalla.live
2 prebid.a-mo.net player.aniview.com
2 x.bidswitch.net 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
2 ads.travelaudience.com 2 redirects
2 a.tribalfusion.com 1 redirects 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
2 cdnjs.cloudflare.com s0.2mdn.net
2 lm.serving-sys.com secure-ds.serving-sys.com
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 ups.analytics.yahoo.com connectid.analytics.yahoo.com
googleads.g.doubleclick.net
2 gum.criteo.com 1 redirects static.criteo.net
2 oajs.openx.net 1 redirects tv.shoot-yalla.live
2 api.demand.supply live.demand.supply
1 lb.eu-1-id5-sync.com player.aniview.com
1 api.rlcdn.com player.aniview.com
1 id.hadron.ad.gt player.aniview.com
1 tag.researchnow.com 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
1 bidder.criteo.com player.aniview.com
1 serv.modoro360.com player.aniview.com
1 cdn-adipolo.urekamedia.com
1 content1.avplayer.com
1 feed.avplayer.com tg1.modoro360.com
1 a.rfihub.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 s.tribalfusion.com
1 analytics.pangle-ads.com 1 redirects
1 ssbsync.smartadserver.com 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
1 ads.yieldmo.com 1 redirects
1 s.ad.smaato.net 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
1 sync.go.sonobi.com 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
1 ssum-sec.casalemedia.com 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 us.web3-lab.com cdn.jsdelivr.net
1 mug.criteo.com tv.shoot-yalla.live
1 pro.ip-api.com cdn.jsdelivr.net
1 my.rtmark.net vaitotoo.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 connectid.analytics.yahoo.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 player.adtelligent.com player.aplhb.adipolo.com
1 region1.google-analytics.com www.googletagmanager.com
1 tg1.modoro360.com jscdn.greeter.me
1 adipolo.com tv.shoot-yalla.live
1 live.shoot-yalla.tv 1 redirects
1 www.googletagmanager.com tv.shoot-yalla.live
1 pisanguttate.com tv.shoot-yalla.live
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
372 81
Subject Issuer Validity Valid
shoot-yalla.live
E1
2023-10-02 -
2023-12-31
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh
greeter.me
E1
2023-10-12 -
2024-01-10
3 months crt.sh
demand.supply
Cloudflare Inc ECC CA-3
2023-02-19 -
2024-02-19
a year crt.sh
pisanguttate.com
R3
2023-09-01 -
2023-11-30
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
scorarab.com
GTS CA 1P5
2023-09-24 -
2023-12-23
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
adipolo.com
E1
2023-10-30 -
2024-01-28
3 months crt.sh
wl1.aniview.com
R3
2023-09-18 -
2023-12-17
3 months crt.sh
player.aplhb.adipolo.com
R3
2023-09-15 -
2023-12-14
3 months crt.sh
player.adtelligent.com
R3
2023-09-16 -
2023-12-15
3 months crt.sh
connectid.analytics.yahoo.com
GlobalSign ECC OV SSL CA 2018
2023-08-15 -
2024-02-08
6 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-09 -
2024-01-06
3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-06 -
2024-09-30
a year crt.sh
oa.openxcdn.net
GTS CA 1D4
2023-09-25 -
2023-12-24
3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4
2023-10-24 -
2024-01-22
3 months crt.sh
cdn.prod.uidapi.com
R3
2023-11-02 -
2024-01-31
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
vaitotoo.net
R3
2023-10-28 -
2024-01-26
3 months crt.sh
ghb.aplhb.adipolo.com
ZeroSSL ECC Domain Secure Site CA
2023-10-03 -
2024-01-01
3 months crt.sh
servt.modoro360.com
ZeroSSL RSA Domain Secure Site CA
2023-09-22 -
2023-12-21
3 months crt.sh
a4.bath002.site
R3
2023-10-20 -
2024-01-18
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2023-12-23
3 months crt.sh
*.id5-sync.com
R3
2023-11-01 -
2024-01-30
3 months crt.sh
rtmark.net
R3
2023-10-07 -
2024-01-05
3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA
2022-11-25 -
2023-12-26
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-08-03 -
2024-01-24
6 months crt.sh
*.web3-lab.com
GTS CA 1P5
2023-09-25 -
2023-12-24
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
bs.serving-sys.com
Amazon RSA 2048 M02
2023-03-11 -
2024-04-08
a year crt.sh
www.google.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
secure-ds.serving-sys.com
R3
2023-09-19 -
2023-12-18
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2022-12-06 -
2024-01-07
a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03
2023-09-04 -
2024-10-02
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
teads.tv
R3
2023-10-09 -
2024-01-07
3 months crt.sh
lm.serving-sys.com
Amazon RSA 2048 M01
2023-02-14 -
2024-02-15
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
*.google.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
outstreamedia.com
R3
2023-10-12 -
2024-01-10
3 months crt.sh
*.avplayer.com
GeoTrust TLS RSA CA G1
2023-08-14 -
2024-09-13
a year crt.sh
*.aniview.com
DigiCert TLS RSA SHA256 2020 CA1
2023-09-11 -
2024-09-11
a year crt.sh
1372348363.rsc.contentproxy9.cz
R3
2023-10-19 -
2024-01-17
3 months crt.sh
*.adservrs.com
Amazon RSA 2048 M03
2023-09-20 -
2024-10-18
a year crt.sh
*.a-mo.net
R3
2023-10-06 -
2024-01-04
3 months crt.sh
*.researchnow.com
Amazon RSA 2048 M03
2023-09-13 -
2024-10-11
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2023-02-02 -
2024-03-03
a year crt.sh
*.eu-1-id5-sync.com
R3
2023-11-01 -
2024-01-30
3 months crt.sh

This page contains 33 frames:

Primary Page: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Frame ID: 0D4126472D4E55F6C0E52119A6E9CA5F
Requests: 114 HTTP requests in this frame

Frame: https://tv.shoot-yalla.live/frame.php?ch=jazz_1&p=6&token=NmQ3YTY1NzU2ZDZhNjEzMDZjNmE2NTMxNmQ2MzM0Nzg2ZTY0Njg3MTY0Nzg2ZTZmNmQ2YTYxNzk2ZDY5NzM3OTZkNjQ2OTc3NmI2YjZjNjU3MTY4NmYzMzc5Nzg2YjMxNjQ2YTZkMzI2OTc4NmYzMTY5Nzc=&kt=1698982257
Frame ID: 4C2ACADF8EC523E9FAFD2E5B56943057
Requests: 29 HTTP requests in this frame

Frame: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2218A6E4F5879ADD5B95FCE7A4AADC47
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=tv.shoot-yalla.live
Frame ID: CDE1F1ABC025D8E29A68E4A5D1CA192F
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvng5XHZ6amfeheqzXDwzn5hKfBmFAoj3jn8ki12eq7Nh81njxSUQv2xgLWfK7wQVBqjLL-inDffrhG3eX3Ia9jjaes5JT51W-o9cD98jtNu3nLnFw_L2l6MEn_ZG8PYdA2o9oNu9FqkaT4jeo8jVCgLPZew76k77CJv_Ae-9ntoFGgo0KJGEiHXHI5Yfqh4KD7Q3wzs0SAsSnU6RWk46XXrclSGdfdwfIQAHe3zdjGU4W5iwuO3ZQkeZLCXvaRHD0b_k6GACsr8SoE9zzBuqs_l62xCU1XCPhp5uZO-9tO-7b_eE5lB7T8XR3YjJjBQQuXUqfiHVVRcYwglqJj45iN4tQYlgMEFqM5rg8JUvub6UPxwHt4xlJk83JNfLDAgOG5Zpj6yd-abD5S3UpV2mbNbVrsPbu_iYINAKO2IM-h6X4H8jBr3g&sai=AMfl-YQ0LFbDzIey5cBT2mme3b4aUCiBREbuO1rx5HOnSYlSDJ6CG-yz8qynm7FFv762J0KUsq2rNkOQIeIuUfMq0iI5Ihrh13-jHJNy7It7RmVdvM-WsDyWyz1kgZXbK1mEelXlNi1hf0Mvk7J_umW8&sig=Cg0ArKJSzNPXLcFFH5_-EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 60131A734B457651F1D2A7692F932C4E
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032310301456000/amp4ads-v0.mjs
Frame ID: 3E89DCF0944FD445C995222031C3FDA9
Requests: 9 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: F041C49176B017AF66E3C32475D1DD52
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstm803hMg7sbE_xXompM_ffyBWCYSU3k8vw3GFckUfNuH9DeLOot5O0VnWzXDbrX2uLX2HDE1UP_eR6zJbzGjq-oo5QMlUm2XmY3RWoS9vjJsOpTapS49FOtVyKmwjNeVzi3dgza3HRODQnKGbLUg_ciG3VBrztvcxI2vDPBUr7NouAMLPKGMP0te46DIZZeHXTmMGEdSHKT4DR03aJvMZF49eKnw1BwmsRT92VKzFKSKTcr8oJV29uZ6VtxjmQv91Im8eOaBeE9jnamWPoH-aIDFdLtIZjGvQIGBtdKtr7JO2UDqbAz5ZG5GEJZ0IflDwZbNYApSsWZmpwl0jU0k29b14JFY91euHQun9ze18VX6-23_vjf7D6noiG_jddosOszkG5JNn7H4Nvd6dVcQFh1da-RvpkhIQ2ac8iBys7bk4uoxE2rQ&sai=AMfl-YRcCw85GlBqA97alaaWWn4GEuRc0sxE7FzdHswH8wlc3-ZbVWIrlrTbsU0AaIpAC92uNoZq_XRqC94PHzehujSzT252LqHiMek4it3DfpYM_F0xP1ZwO5E3ZIAxtxF06gcKKt2kE2ntgO82PCM&sig=Cg0ArKJSzEChORrUGikpEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 50A573C2B4CF29FB19DD26E108081956
Requests: 2 HTTP requests in this frame

Frame: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B80FB62BBEB3B6BE5EF324BD24B22B8C
Requests: 19 HTTP requests in this frame

Frame: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 462CF339C10BA3EF22E4A8776B470CDF
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRC3hRoYjrXl-gEwAQ&v=APEucNWIks4qMtLfOt8_hT7gtXl1Gbqp6zftc-taY_C6rXMk3LuCB2TODVKBmr01ZBt25wuI9YDzRdCZ6u0OAUZawoKPQFHWjN035Onix0phW-UrXPNUV97C7tMRpsrsM9hgiT2qkWCmb5IsyV8ozYjtvMVHyMi1IFlEdIATuiMmZtRS04a0DAk
Frame ID: 0AED08826F6DE9421DFA3D71AE5252AB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COPx4AIQpLb3lQUYlcnE-gEwAQ&v=APEucNWvXJmeJL7fO8VXdF380xReU1vNa-lOzBsqHoF1FuOCaFKaqpXIWdvZDlhqANigBtMo_Doq_LjWaLpiP7wKnNf1_xgZlZgoSJwD-pZRofNbZyYdI_gz1AXkOUCdd-kCPvMu5rVBMkpBGlbQ_1lQfbROWABWQ0rYmJWQ533roUJ_U-eR_Rq0uaJZfdKSXZMZ4OcILSIZNEqfuIbBxCTmWS8WdSeDmw
Frame ID: F0B897FAC4ECC3A6CE9D713EB7DB5B0A
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8v4bYs7_iVap9aP_YuNJ_DtfPAfxl4-asSbR1k3XPwm4D2H4cRgQdJWpbpBnxYBwhOAc8yLrhFbacI532i9lwqb0CFZnRb1acceObSA7Lanf1c465NaLpF3SEtwCR0zb58giERv8HMHlg3odmbFjhE4JfOyoRD9KmC0P1d520pDdK-Fwjp3D_3SP4S4gaPsb_VISaomgPK7WvgH5MzgigvxzRE1J5oAMe-3bMPgoi-ao5H5_URaCeFyc9EteaduJfhYHAakvgR9bCNxkX6DX9mX3hDPhT3qM9EfQdfCUzU3Ggy0a31WVldLVTMoWNZrIWbUF-C8tQy4tCouGtsz7PjAZPOdq3FHBAqz3B9Ej8VCTssH5AzV_fEtNtRmuhtUO3YD5JIUzWXLb7h7anLdmUTmzfjxuZEKIXuz1HdQT2CsfXW0JJ&sai=AMfl-YSOqhJ1y9Z_evL54dM5eL-wjRqdWe8ufAruLDO5jncfQAGw5ROpZ6tH47-VxcuaonU__OC1KZCkbBdp4EHXPZm2D19hA_tO_pNzzumvwrN844j2p6-JaGgflGlwbg&sig=Cg0ArKJSzFay_t-pp34zEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F5C451DEDC7BD22AC0199FE04A0B2C28
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F9D7D904CC0E22965B1DB049B91283A5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F72DE7C66D688DE4F8F1CEBDC2A370F9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4D79056F2CB543428230472361F88011
Requests: 3 HTTP requests in this frame

Frame: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 734F27F951E04037DA886DAE7955CA30
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRC3hRoYjrXl-gEwAQ&v=APEucNWJD-AXLiE0zQt8Jf8TSxSDh5e_YSV9GjeRGmYdL1nsIVMteez_e9o_TTvomrEcdREpNH2Dnk95RNtl6zWOrittqyJbiBLicS7N5GYjslD7555iozGdlQ5yCeIt_JPGtjKMxpBzjz6NDgqcf7nmLG3FTa1n0e_BpskQ7mpT4sk4dHPVFIVtotA1WnI0PRQWOyaY1qbPP0vUpU8sUu0sf1xKno6_Iw
Frame ID: 80AA22FEB1C231B456243062CDCAFD08
Requests: 5 HTTP requests in this frame

Frame: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/index.html?versionId=DAMWG0LdyZYZsMcVaTzLVdpDTJqD563y&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
Frame ID: 105D65E60B16C36E1797A7DBBCC55B31
Requests: 19 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=X0c0tHe0sE&t=1&renderingType=2&ev=01_250
Frame ID: 301550D00247F567CDB52628993BC8FB
Requests: 31 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A21BD4694EE71A08FEA82089ECE9FBDE
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=YN0XoS0awT&t=1&renderingType=2&ev=01_250
Frame ID: 7B39ADA32A30F444002B5BAD479CB7C4
Requests: 28 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C54DA534C73A9AA3847513E1BAC441A7
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Frame ID: FB58AF1E1520E27CBC3C3575D9C44B29
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Frame ID: 0A02AE4A5BB5586484603B4AF6506522
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DA8B3999A293CAFC0B76DA97E1116953
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 97645D720C58C96C323206A844884E8C
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=64db8a3bf27a2554d7080489
Frame ID: F1AE7354B52095E083A595E4B0AE6FCA
Requests: 5 HTTP requests in this frame

Frame: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 01208FF639E1FE79170DE1A775BC5409
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGMb2s-cBMAE&v=APEucNVM5tfDHWBtTKTLLIDnY-QU4OqfXSxPBsfMx0DRSlLbT-QSTfpwXoeCv_tcZJyo2aVc35DKeON1xDTxVgrirpZ6nJAeP_Zdr6fjNWYAoYrWtHwcqV-nq7Fvv4beReqK8vVIXl-OM1zUBK0NwLfqUizikBfuf9nz0qSJCD3xow63m8nH7zU
Frame ID: 8FB815396E9461F929B1D848AA50BF55
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1982992813A9D60B67A2C630FE94A495
Requests: 5 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: A731DDBBE0E609CAF6D184AE1DEC1380
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 929E3B4462ED3C90FFE3180BA3EFCC83
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Utah Jazz vs Orlando Magic - NBA

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Overall confidence: 100%
Detected patterns
  • require.*\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • serving-sys\.com/

Overall confidence: 100%
Detected patterns
  • sweetalert2(?:\.all)?(?:\.min)?\.js
  • /npm/sweetalert2@([\d.]+)
  • sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

372
Requests

91 %
HTTPS

42 %
IPv6

58
Domains

81
Subdomains

68
IPs

8
Countries

7478 kB
Transfer

14872 kB
Size

41
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://live.shoot-yalla.tv/uploads/img/telegram.svg HTTP 301
  • https://tv.shoot-yalla.live/uploads/img/telegram.svg
Request Chain 74
  • https://oajs.openx.net/esp?url=https%3A%2F%2Ftv.shoot-yalla.live%2Flive%2F13150%2F12618%2Futah-jazz-vs-orlando-magic%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Ftv.shoot-yalla.live%2Flive%2F13150%2F12618%2Futah-jazz-vs-orlando-magic%2F&rid=esp&cc=1
Request Chain 83
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=shoot-yalla.live&sn=ChromeSyncframe&so=0&topUrl=tv.shoot-yalla.live&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=dLxLgnxBRGk0SzBIcGdDWDc5WjY4bjhiMFdKMG0xNFFCTzBHRklmNWowcjR1YjJjcStQdXlwUHN3NzdBVTRaWlVZWi9zaFFvdFRBY3RzY1VPbC9HVkp4MjNGZG5mQjF4YmVCbjI4ekl0cHR6S2hSUXJUOVQzeVFOVkZMVDlRbmdsVGRScWs2NnYzSzFtY0JLcGk0SndHbVlLSmo5c2xhSGc0SXhUREVwU2hsajA3ejZVd21lZWx3MllSbnQrTzJiM1lQR2JGU2hwRTFJNWc3czFMMTNxamg2cU9DQ0VjNG9YSW5yMGlzdEVNYmtXN1VnRTd1TExMdlJiMkk5aEhvcmJROHFpSXg2OStmLzJpK2RVQlo1MG5FQmJ2QT09fA&cppv=2
Request Chain 111
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 135
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMQT7-NVr6URNZuq4kQg30&google_cver=1
Request Chain 136
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZURpc9whaW77jPW5wqud5AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMQT7-NVr6URNZuq4kQg30&google_cver=1
Request Chain 137
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMj9wHpwiIKsrpgomvoe1uE&google_cver=1
Request Chain 138
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE5OTAyMzQ3NTEwNDA2NDU1OQ%3D%3D
Request Chain 139
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMQT7-NVr6URNZuq4kQg30&google_cver=1
Request Chain 140
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZURpc8ubRYj34xZJPIvHxwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMQT7-NVr6URNZuq4kQg30&google_cver=1
Request Chain 141
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMj9wHpwiIKsrpgomvoe1uE&google_cver=1
Request Chain 142
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE5OTAyMzQ3NTEwNDA2NDU1OQ%3D%3D
Request Chain 161
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFWssYYy7VC5QjnTwwF6dDI&google_cver=1&google_push=AXcoOmTNiARkZ0rdGPVPpc4bj7Zz4vj_4jLrxSas96hnGNi8bx4_uwZob5Z4OuYrN29Gzq8t4peYqGi7WD3VgBa7S1ROrWaYgTNq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFWssYYy7VC5QjnTwwF6dDI&google_hm=ZURpc9whaW77jPW5wqud5AAADMAAAAAB&google_nid=index&google_push=AXcoOmTNiARkZ0rdGPVPpc4bj7Zz4vj_4jLrxSas96hnGNi8bx4_uwZob5Z4OuYrN29Gzq8t4peYqGi7WD3VgBa7S1ROrWaYgTNq
Request Chain 164
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEOy0tW3JjasOewJ8zGgKqFg&google_cver=1&google_push=AXcoOmREbMJWjftwrQ8XupJZHZC8R2G30T8NGO4-ePq6INWhk-mQNywkDbwv676Z0-bP2dfSxBbLEGa9WkdwM3THvru8Y9XkYUfG HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmREbMJWjftwrQ8XupJZHZC8R2G30T8NGO4-ePq6INWhk-mQNywkDbwv676Z0-bP2dfSxBbLEGa9WkdwM3THvru8Y9XkYUfG&google_hm=M0ZxXzdjY1FRWWNmQXdNSUZIUWg=
Request Chain 166
  • https://sync.gonet-ads.com/match/google?google_gid=CAESEOht9O1-YsyMmJoVlPeRi-0&google_cver=1&google_push=AXcoOmRK9HfPS0h6mE26lZ1mgvc0yvKk6QYez88pZx5YKjGXu5SGo92ur7MtpeTFE5foux09MEWIUp5GDtg69AbzBB_4d2j7jz8PJg HTTP 302
  • https://sync.gonet-ads.com/match/google?google_gid=CAESEOht9O1-YsyMmJoVlPeRi-0&google_cver=1&google_push=AXcoOmRK9HfPS0h6mE26lZ1mgvc0yvKk6QYez88pZx5YKjGXu5SGo92ur7MtpeTFE5foux09MEWIUp5GDtg69AbzBB_4d2j7jz8PJg&chk=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NGFkNTQ1YmIyMTdjY2M2Mg&google_push=AXcoOmRK9HfPS0h6mE26lZ1mgvc0yvKk6QYez88pZx5YKjGXu5SGo92ur7MtpeTFE5foux09MEWIUp5GDtg69AbzBB_4d2j7jz8PJg HTTP 302
  • https://sync.gonet-ads.com/match/google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NGFkNTQ1YmIyMTdjY2M2Mg&google_push= HTTP 302
  • https://s0.2mdn.net/dot.gif?google_error=5
Request Chain 167
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEJUdyATRxrqARyLMESQ_SO8&google_cver=1&google_push=AXcoOmSAlNzap2RDmlq0zrTHUiwfl5_OAxE4nN2aQHiaYrYJxMhTkMDGtCO6XN0ccFfs0yl4QfetMivQhtu3gy7d4tODYGhVBQrZdg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSAlNzap2RDmlq0zrTHUiwfl5_OAxE4nN2aQHiaYrYJxMhTkMDGtCO6XN0ccFfs0yl4QfetMivQhtu3gy7d4tODYGhVBQrZdg
Request Chain 191
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJEmlIjF8xnWEskI8q2O0KA&google_cver=1
Request Chain 193
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEB0Kyo7gk2B6xzeNo9FOKnA&google_cver=1
Request Chain 221
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFh0CBuV2QhQXzttVj6h_AU&google_cver=1&google_push=AXcoOmR6ATLgwEwnoZNRyceMNanjFrOpTLZDONQ31whqh-WV0q1mGpODf4K3siiNnFwhYgwLZnlTh1g84B523fneLt2oazOWrg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR6ATLgwEwnoZNRyceMNanjFrOpTLZDONQ31whqh-WV0q1mGpODf4K3siiNnFwhYgwLZnlTh1g84B523fneLt2oazOWrg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFh0CBuV2QhQXzttVj6h_AU&google_cver=1&google_push=AXcoOmR6ATLgwEwnoZNRyceMNanjFrOpTLZDONQ31whqh-WV0q1mGpODf4K3siiNnFwhYgwLZnlTh1g84B523fneLt2oazOWrg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR6ATLgwEwnoZNRyceMNanjFrOpTLZDONQ31whqh-WV0q1mGpODf4K3siiNnFwhYgwLZnlTh1g84B523fneLt2oazOWrg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 222
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMM7H0FF8ZsNi7t3FNDgTMQ&google_cver=1&google_push=AXcoOmT98kyiCNH4yptnthJNiDmv-9QFsrIXOFlWZ_9TPRje_5gcUPSC8A5MxuVF93qdifW0REOsrGFV0UhlFD2oJ667lQ0QPgI HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=7EuIgEftToEDMDzm8wD9sA&google_push=AXcoOmT98kyiCNH4yptnthJNiDmv-9QFsrIXOFlWZ_9TPRje_5gcUPSC8A5MxuVF93qdifW0REOsrGFV0UhlFD2oJ667lQ0QPgI
Request Chain 223
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEKfF7YTIK_HxZ0UtuaR44_w&google_cver=1&google_push=AXcoOmSKEBUAWe2PbUvBrLj1Cu0Nv1-jyWF12JFGXidSYZf-X4WXVhhCVGlJZsCVaEsK_cb_eY68YCfRGLCUOhJvR9EFR50ZtA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmSKEBUAWe2PbUvBrLj1Cu0Nv1-jyWF12JFGXidSYZf-X4WXVhhCVGlJZsCVaEsK_cb_eY68YCfRGLCUOhJvR9EFR50ZtA
Request Chain 225
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEIMHSaNhGqCk9TwXb4i69TA&google_cver=1&google_push=AXcoOmQWTOYbLa-bGiPTvoU8ssdZ9_u0ve4HQk6CrCXpkfAsrVnZxlxLH4_xxFi3DSOcc8p7mzewPUwp_ePnbmT5XQoD1QkMiWqo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQWTOYbLa-bGiPTvoU8ssdZ9_u0ve4HQk6CrCXpkfAsrVnZxlxLH4_xxFi3DSOcc8p7mzewPUwp_ePnbmT5XQoD1QkMiWqo&google_hm=NDQyNDcxNzY5MTk5MDc0MDc2Nw==
Request Chain 361
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMM7H0FF8ZsNi7t3FNDgTMQ&google_cver=1&google_push=AXcoOmQoy1L318xEILBTtJB9HZoJfAo1GjqAnOCiRtrGE1qB8W37i3r9nmljjRM3C9CpMR0u9PGlOI2kjOrHZKLsIl970uCBtK2Z HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=7EuIgEftToEDMDzm8wD9sA&google_push=AXcoOmQoy1L318xEILBTtJB9HZoJfAo1GjqAnOCiRtrGE1qB8W37i3r9nmljjRM3C9CpMR0u9PGlOI2kjOrHZKLsIl970uCBtK2Z
Request Chain 368
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFPZyHCxn-LFehWlHtOMVJs&google_cver=1

372 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
160 KB
52 KB
Document
General
Full URL
https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cf45c2e68c9a6c786bab733b74b6002a0ec7219bf885660c069ff56d66b0b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
EXPIRED
cf-ray
82018a9e9ee10c3b-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 03 Nov 2023 03:30:57 GMT
expires
Fri, 03 Nov 2023 03:31:57 GMT
last-modified
Fri, 03 Nov 2023 03:10:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rfFyarjLtiv6M%2FCpkMamhDLEYqh36N2c7OWXjhj8axUVFMkuJ%2BX6cL7Uy4iT1ZD7IBrLfI9EK6UnpcMpb2sEqAQl17dD7f6ibJlHdQgOpevhafg%2FAzK7CmUa3GTTAIr05T0jcm3M"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-xss-protection
1; mode=block
app.css
tv.shoot-yalla.live/assets/css/
72 KB
14 KB
Stylesheet
General
Full URL
https://tv.shoot-yalla.live/assets/css/app.css?t=1698982257
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5220ebe79a14f225a0b833ff34ce6b4c561ed3e192e733536fbd6c9f37fc6c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 18 Apr 2022 04:19:30 GMT
server
cloudflare
etag
W/"625ce6d2-12098"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEefnqF0%2FcWf7nibk%2FkEQ0SgyXgJR84bxrZ4x4bYGeDkbYTt5Iv6Uo5My4ITs0QbQDW0Rk3Sza6o0nKjXCbaQeT%2BRqg7gnsJrirj7%2BiwOmtD3ajhS09cSXMn%2BRI0fHssrcJOKsaQ"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
82018aa5cc3a0c3b-AMS
expires
Sun, 03 Dec 2023 03:30:57 GMT
home.css
tv.shoot-yalla.live/assets/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://tv.shoot-yalla.live/assets/css/home.css?t=1698982257
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeff21a699dabd0291e0f9677c7cdd5e198f2c70abcea9afe1329c4f9e528e8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Sat, 16 Apr 2022 05:42:45 GMT
server
cloudflare
etag
W/"625a5755-b86"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUohnxnqmkYGfwYqMnR1ZhZfKC8tEYbEQpiaPUaTc5jjAeKwohib8f%2FlNnQVnmFvksqJjvD%2FoFbwSPaOcw4tJJz0gij5dWw2hPuOiI%2Fjrf2jbtCLtD4FoS8GDYwwRnmNrBJMDwJU"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
82018aa5cc3c0c3b-AMS
expires
Sun, 03 Dec 2023 03:30:57 GMT
matche.css
tv.shoot-yalla.live/assets/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://tv.shoot-yalla.live/assets/css/matche.css?t=1698982257
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c42dd8feecd34b60cc36cebe93dc3acc1f98bfb1c0afa93676a548cac0e69218
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 18 Apr 2022 04:29:44 GMT
server
cloudflare
etag
W/"625ce938-ccf"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcbNDzeOmVNSRTUer7CfYphFENZ1WoONxaqGHWSDg5oVrVAv%2BcTAvn9PvmLKBbPJFIA0QoF54sV16B18mTOzZwq8pNxSJ73hrN5rlsYw1jjxmOrgWOAEusyP4T0ydG8Kx4jJ43MG"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
82018aa5cc3d0c3b-AMS
expires
Sun, 03 Dec 2023 03:30:57 GMT
sweetalert2.all.min.js
cdn.jsdelivr.net/npm/sweetalert2@10.10.1/dist/
68 KB
19 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@10.10.1/dist/sweetalert2.all.min.js
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddcf3ece5f9feca53c482736b47d52026ca2cba9328357f1f57e31ef9fb1ab37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
180884
x-jsd-version
10.10.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230108-FRA, cache-ams21049-AMS
x-jsd-version-type
version
server
cloudflare
etag
W/"10fca-5cN1F/acf9qB4ygXb4JY96fd+XM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXFagwA6A%2BeHM30E9J61OhA2IcxuI259EQxQu6W44Ta3nctc2YPmVmJvF5ljUWNDS49QfLikmUaIY%2BAn8qRiH%2FWSQfsuXvIcl4nGY5PYwj7RmtnX4AKlxIjsIRQvFO5FnqPnc0%2BEbWqcqBbjGOc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
82018aa62fb11caa-AMS
sweetalert2.min.css
cdn.jsdelivr.net/npm/sweetalert2@10.10.1/dist/
24 KB
5 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@10.10.1/dist/sweetalert2.min.css
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0854dc7b18243a9093e1464a1d6edffa307d1e4d8d444e0512e22f166932a35f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
163283
x-jsd-version
10.10.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220101-FRA, cache-ams21060-AMS
x-jsd-version-type
version
server
cloudflare
etag
W/"5f7c-08PNXVzicMVSn/bE36v1LHaUI9w"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojsz74zbz2kX3fxAXbT4pTgE9tZTGtOsxr0OS5Dk%2FZpnU%2BQbqjgULLPpKdIMXjs1dOcGybxTlkjPbdaLRyoa%2FDYlH5KbH4D5o6BVG4Cg9hARvDo%2BFFOgXjePVAon%2FOh2qPJMci8JOzkLeOO5Qjg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
82018aa62fae1caa-AMS
shoot-yalla.livehead.js
jscdn.greeter.me/
10 KB
11 KB
Script
General
Full URL
https://jscdn.greeter.me/shoot-yalla.livehead.js
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
06c33a0fd4a4ed98f9fe17553cc542fefb0bf499aac1ae91ec0e2c367fb4a316
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:30:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
Last-Modified
Tue, 15 Aug 2023 14:30:26 GMT
x-amz-request-id
tx00000ea56b1db1a163ccf-006544647a-bc9d9e76-fra1b
etag
"7bdeb7cd30a3a67e62987bcf92e115d5"
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1698982257.dop123.am5.t,1698982257.cds209.am5.shn,1698982257.dop123.am5.t,1698982257.cds250.am5.c
Content-Type
text/javascript
Cache-Control
max-age=2329
x-rgw-object-type
Normal
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
10250
shoot-yalla.livedynamic.js
jscdn.greeter.me/
8 KB
8 KB
Script
General
Full URL
https://jscdn.greeter.me/shoot-yalla.livedynamic.js
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
95c03596aa5342e6dc64b5c7e075cc5023788a63371a52796f2d282f8c3834a9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:30:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
Last-Modified
Tue, 15 Aug 2023 14:30:26 GMT
x-amz-request-id
tx00000532fc29b7c652f5f-006544647a-bc9d9db8-fra1b
etag
"c0b8448b11470e49820a20a657851cc2"
x-envoy-upstream-healthchecked-cluster
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1698982257.dop234.am5.t,1698982257.cds005.am5.shn,1698982257.dop234.am5.t,1698982257.cds320.am5.c
Content-Type
text/javascript
Cache-Control
max-age=2329
x-rgw-object-type
Normal
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
7961
up.js
live.demand.supply/
5 KB
3 KB
Script
General
Full URL
https://live.demand.supply/up.js
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92723b387324bd78474bfc79834d5ebb6c9edfd0742878905111c1fafa583270

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-nf-request-id
01HD4CP4S6RDT94YR3S4B7D0T8
date
Fri, 03 Nov 2023 03:30:57 GMT
content-encoding
br
cf-cache-status
HIT
age
604
cf-polished
origSize=4393
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"3419363b51a9e9c7d7a3140a2b073098-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
82018aa63f616630-AMS
link
<https://live.demand.supply/impl.v17.16.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-10-0/dHYuc2hvb3QteWFsbGEubGl2ZS8=>; rel=preload; as=script
timing-allow-origin
*
70114
pisanguttate.com/g9HRqfgMwDfYC0j9/
6 B
1 KB
Script
General
Full URL
https://pisanguttate.com/g9HRqfgMwDfYC0j9/70114
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.61.144 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:30:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://tv.shoot-yalla.live
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Credentials
true
Vary
Accept-Encoding
Keep-Alive
timeout=20
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
shoot-yalla.livevideo.js
jscdn.greeter.me/
3 KB
3 KB
Script
General
Full URL
https://jscdn.greeter.me/shoot-yalla.livevideo.js
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
5db1e2190608a45e20e395591f3e292f4e393117f538914ec67afb9568da5be2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:30:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
Last-Modified
Sat, 21 Oct 2023 22:56:41 GMT
x-amz-request-id
tx00000f5476ad67254733b-006544647a-bc9dee46-fra1b
etag
"bef663bf099f26cbed6e49fa8fa1ca4f"
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1698982257.dop227.am5.t,1698982257.cds130.am5.shn,1698982257.dop227.am5.t,1698982257.cds300.am5.c
Content-Type
text/javascript
Cache-Control
max-age=2329
x-rgw-object-type
Normal
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2594
email-decode.min.js
tv.shoot-yalla.live/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://tv.shoot-yalla.live/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 24 Oct 2023 17:55:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65380504-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xz0ifs6EIA7P91Nlf7xiEyZDry5d7ZT3Kv086VHSBQsFYYcKp%2BvgBYYP6V4dXwR2WxunetmuBZA%2BL2MDQ4IJgqwu%2BkSGqkm2MIFSvqZRfPIAIn2Un7JAASY8oqeeZ8Ut3mtaQNX4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
82018aa60c7b0c3b-AMS
expires
Sun, 05 Nov 2023 03:30:57 GMT
js
www.googletagmanager.com/gtag/
274 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3QCY3XNZTG
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fc229b81f78665be5e398d248d7a20a310c86f4b214669802f890b56f7c9f1ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92993
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 03 Nov 2023 03:30:57 GMT
key.php
tv.shoot-yalla.live/
166 B
671 B
Fetch
General
Full URL
https://tv.shoot-yalla.live/key.php?kt=1698982257
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06e315e152bbb562a16b14401e9373334adee451c9abffd171b37d09735576fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tv.shoot-yalla.live/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 03 Nov 2023 03:30:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AX6ni7PIDriBcnqoZODUmjKncc7AbZnz%2F6cH6BoEP7Ot44nMYhcrfoBF9dy1R0DGa2Z3cAGKpJ8fCof3hD2Exmml7S7dR04IGEhYKjOfDQzXMlzgrI4AYIh1T6YW3Nc7D5m0TcVx"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=60
cf-ray
82018aa70b491c99-AMS
expires
Fri, 03 Nov 2023 03:31:57 GMT
truncated
/
401 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
din-regular.woff
tv.shoot-yalla.live/assets/webfonts/
63 KB
64 KB
Font
General
Full URL
https://tv.shoot-yalla.live/assets/webfonts/din-regular.woff
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0fd8366f85ca9b53a88fba4c1a9a2a043d273e1152b923af231ebcd708fbb26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Origin
https://tv.shoot-yalla.live
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
263206
alt-svc
h3=":443"; ma=86400
content-length
64452
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Sat, 16 Apr 2022 05:42:45 GMT
server
cloudflare
etag
"625a5755-fbc4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
font/woff
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYoitnGS7ySAKd86NdbMioZmbmDehVGehnp1WgjkKXDTi7e7E0LgY9sls6w%2FrOzBUwRmD9UE40mwjHPnMtWX1Pr2iUgEI1T6TH39LC2ruNXHINDQh8enXZXjJkO0rvX4w0edCn4j"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
82018aa70b4d1c99-AMS
expires
Thu, 30 Nov 2023 02:24:11 GMT
nba_939.png
web-api.scorarab.com/uploads/team/
7 KB
7 KB
Image
General
Full URL
https://web-api.scorarab.com/uploads/team/nba_939.png
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.130.34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b0eac3076460dc9e778719f1a7242e8956eb6efb7b45696eb97b76144669b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:57 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
152051
alt-svc
h3=":443"; ma=86400
content-length
6929
x-xss-protection
1; mode=block
last-modified
Fri, 27 Oct 2023 15:24:12 GMT
server
cloudflare
etag
"653bd61c-1b11"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2KNAXzFvw9LgdnaOT047ayKu4g0WT6wgieqwHVfSmFCr%2BrMH5TVLzGSHMLwtQaca34OwUrVlRP75pA4MrgkxbxGFHukc1uF1wFAF4%2FH2gXPVgqn%2BZnrBrq3witZcAbpKx8p2UWQ6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
82018aa7886d66f2-AMS
expires
Fri, 01 Dec 2023 09:16:46 GMT
nba_959.png
web-api.scorarab.com/uploads/team/
7 KB
7 KB
Image
General
Full URL
https://web-api.scorarab.com/uploads/team/nba_959.png
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.130.34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
306bd93ebec956fc2cd99f37aa127c6d65bd497e7bb216065cc68c685c20a513
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:57 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
126824
alt-svc
h3=":443"; ma=86400
content-length
7044
x-xss-protection
1; mode=block
last-modified
Fri, 27 Oct 2023 15:24:15 GMT
server
cloudflare
etag
"653bd61f-1b84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QzR4dEVwSFWJZN%2FD6aXlTS7oUAiNWybYOpqsZb9i08MtvVDWfkehDlEEZjaolCWhXSoGw9T7nuzYWiPKRYGHGX95K%2BunGbt1Q4rxSdgxMlWwcS70FWiDtN9cQeJCCotIb%2BMewuoj%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
82018aa7886c66f2-AMS
expires
Fri, 01 Dec 2023 16:17:13 GMT
telegram.svg
tv.shoot-yalla.live/uploads/img/
Redirect Chain
  • https://live.shoot-yalla.tv/uploads/img/telegram.svg
  • https://tv.shoot-yalla.live/uploads/img/telegram.svg
1 KB
1 KB
Image
General
Full URL
https://tv.shoot-yalla.live/uploads/img/telegram.svg
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H3
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45dd60aee8728ca8786226233d74694db5f4c0110647c8e48710c49cdd5bdf41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
181312
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Fri, 03 Jun 2022 01:24:02 GMT
server
cloudflare
etag
W/"629962b2-424"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PwmLZ8nbetatuHltU69rBKPevZcdwIWrq0pFnVLPlPZWyMf51TN5E5Waw%2FSCgutWlxGp7BQguBhmCvGRGsminT4voPPMzhB7hiV1YruQp%2BvstVByNANuAJp1x%2FRz%2FkmNECcCd%2BUN"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
82018aa80bf41c99-AMS
expires
Fri, 01 Dec 2023 01:09:05 GMT

Redirect headers

date
Fri, 03 Nov 2023 03:30:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHH6iLsXR2NSMKv%2By%2B%2F90xlKf1%2BH7LqghDsPMxIcy%2BkkvEbksAlOueeARp8W3IvUjwv4LOGPiRvP4fKEiypOpY5ylddWdjzkLynyYpG6zwtTusf2GIWBCyGdOblnZD4yqBw94Xhs"}],"group":"cf-nel","max_age":604800}
location
https://tv.shoot-yalla.live/uploads/img/telegram.svg
cache-control
max-age=3600
cf-ray
82018aa7ddee6577-AMS
alt-svc
h3=":443"; ma=86400
expires
Fri, 03 Nov 2023 04:30:57 GMT
impl.v17.16.0.js
live.demand.supply/
83 KB
27 KB
Script
General
Full URL
https://live.demand.supply/impl.v17.16.0.js
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
254ed2440d3fe989e8e3e2f2a892760cd72ec637fffa6a2955e2c95895c0feef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-nf-request-id
01HE51BD0BQ8M1HW8CQ5231FT9
date
Fri, 03 Nov 2023 03:30:57 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
age
88387
cf-polished
origSize=84854
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"2ee107da8e651075e55d02eba7479e77-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
82018aa758566630-AMS
dHYuc2hvb3QteWFsbGEubGl2ZS8=
live.demand.supply/p4/v17-10-0/
986 B
549 B
Script
General
Full URL
https://live.demand.supply/p4/v17-10-0/dHYuc2hvb3QteWFsbGEubGl2ZS8=
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0146fe276f9ee10709c17ce7e798e32b0e4fb0e6c0011c1b5c2c86ec1ca8e911

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:57 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
82018aa758586630-AMS
alt-svc
h3=":443"; ma=86400
e.js
live.demand.supply/e/
0
479 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?e=ll&d=250&cs=c&dsReferer=dHYuc2hvb3QteWFsbGEubGl2ZS9saXZlLzEzMTUwLzEyNjE4L3V0YWgtamF6ei12cy1vcmxhbmRvLW1hZ2ljLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-nf-request-id
01HBTYD4N6T6Y3FXWYDHSEKYXW
date
Fri, 03 Nov 2023 03:30:57 GMT
cf-cache-status
HIT
age
1416144
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82018aa78d60b8a6-AMS
gpt.js
securepubads.g.doubleclick.net/tag/js/
98 KB
31 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3f95e4f549793592a9e668dbb5f4dc4b81b670dc557609d89d8bc1a7b111945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31170
x-xss-protection
0
server
cafe
etag
264 / 19664 / m202310300101 / config-hash: 8628985261000830790
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 03 Nov 2023 03:30:57 GMT
dHYuc2hvb3QteWFsbGEubGl2ZS9saXZlLzEzMTUwLzEyNjE4L3V0YWgtamF6ei12cy1vcmxhbmRvLW1hZ2ljLw==
live.demand.supply/p4/v17-10-0/
986 B
609 B
Script
General
Full URL
https://live.demand.supply/p4/v17-10-0/dHYuc2hvb3QteWFsbGEubGl2ZS9saXZlLzEzMTUwLzEyNjE4L3V0YWgtamF6ei12cy1vcmxhbmRvLW1hZ2ljLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0146fe276f9ee10709c17ce7e798e32b0e4fb0e6c0011c1b5c2c86ec1ca8e911

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:57 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
82018aa758596630-AMS
alt-svc
h3=":443"; ma=86400
ds.2.html
live.demand.supply/
413 B
624 B
XHR
General
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-nf-request-id
01HCA2ZQ642YFJ9X0S66KZ7KCJ
date
Fri, 03 Nov 2023 03:30:57 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1251126
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
82018aa78d61b8a6-AMS
alt-svc
h3=":443"; ma=86400
gpt.js
www.googletagservices.com/tag/js/
98 KB
31 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/shoot-yalla.livedynamic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05851395d1bef45744fda878beaf73609df0d4fa74d6df835e1feea33267950e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31171
x-xss-protection
0
server
cafe
etag
912 / 19664 / m202310300101 / config-hash: 8628985261000830790
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 03 Nov 2023 03:30:57 GMT
adipolo_logo.png
adipolo.com/wp-content/uploads/2020/06/
7 KB
7 KB
Image
General
Full URL
https://adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:57 GMT
cf-cache-status
HIT
last-modified
Tue, 02 Jun 2020 09:04:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2289127
etag
"5ed61610-1b9c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2RiHI5Jhn6NFRGi95LBkyCm0y7QdXB9LdH8GpLU%2B%2FB2R090klcM3hgd4%2BLcSV3uLd36FWoK1xAfA34aD5M4Kl3%2FcQYTdQHqSn2LFF6NH%2FF%2BZYhPqURDkk0%2BPpKXIz7ax2qTVxICai5WLIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82018aa82fa366e5-AMS
alt-svc
h3=":443"; ma=86400
content-length
7068
spt
tg1.modoro360.com/api/adserver/
31 KB
8 KB
Script
General
Full URL
https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=64db8b44ba16e1afa30cb885&AV_PUBLISHERID=64db8a3bf27a2554d7080489
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/shoot-yalla.livevideo.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1725:e278 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
942c814b7229da2f76ff9ccbb36a98a21df8bb89e73bd40339c2ac465cc23e29

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

X-Bamboo-C-SkSt
1
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
Date
Fri, 03 Nov 2023 03:30:58 GMT
Connection
keep-alive
Content-Length
7624
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Vary
Accept-Encoding, Origin
Access-Control-Allow-Origin
*
Cache-Control
max-age=300
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Expires
Fri, 03 Nov 2023 03:35:58 GMT
hb_751043_18393.js
player.aplhb.adipolo.com/prebidlink/1938311864/
2 KB
1 KB
Script
General
Full URL
https://player.aplhb.adipolo.com/prebidlink/1938311864/hb_751043_18393.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/shoot-yalla.livehead.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
56edc5d982069cb66344317f08c1fab2d8f687682c4002f98b6ec78233d71889

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
content-encoding
gzip
last-modified
Thu, 02 Nov 2023 19:21:06 GMT
server
nginx
etag
W/"6543f6a2-630"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Fri, 03 Nov 2023 04:30:58 GMT
wrapper_hb_751043_18393.js
player.aplhb.adipolo.com/prebidlink/1938311864/
3 KB
1 KB
Script
General
Full URL
https://player.aplhb.adipolo.com/prebidlink/1938311864/wrapper_hb_751043_18393.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/shoot-yalla.livehead.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
1768c334e1c3a77f8e4fe96547d8a7803f91b4ce5352d4d907745a468326baab

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
content-encoding
gzip
last-modified
Thu, 02 Nov 2023 19:21:06 GMT
server
nginx
etag
W/"6543f6a2-a2a"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Fri, 03 Nov 2023 04:30:58 GMT
frame.php
tv.shoot-yalla.live/ Frame 4C2A
256 KB
90 KB
Document
General
Full URL
https://tv.shoot-yalla.live/frame.php?ch=jazz_1&p=6&token=NmQ3YTY1NzU2ZDZhNjEzMDZjNmE2NTMxNmQ2MzM0Nzg2ZTY0Njg3MTY0Nzg2ZTZmNmQ2YTYxNzk2ZDY5NzM3OTZkNjQ2OTc3NmI2YjZjNjU3MTY4NmYzMzc5Nzg2YjMxNjQ2YTZkMzI2OTc4NmYzMTY5Nzc=&kt=1698982257
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b60f422ac64789f6f1fbbfeb1827210927b6dc5cb5e1a8a7ff42b8db8482f082
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tv.shoot-yalla.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
MISS
cf-ray
82018aa7cbcc1c99-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 03 Nov 2023 03:30:58 GMT
expires
Fri, 03 Nov 2023 03:31:57 GMT
last-modified
Fri, 03 Nov 2023 03:30:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Rj%2FOX3hS4BdDOTD5xQEpJKLstrulVbKkerljaNGA7Yep6iLq3P0TvQPY%2BpReyrllRlZiGhODWoNw2ElGJkLblltMbV4Wrl7cF2PUdZs4%2B3xzNwR3T6RTMy%2BeHthy7BIJE1BSWqc"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-xss-protection
1; mode=block
shoot-yalla.live_fluid_lb+sq_leaderboardshootyalla
live.demand.supply/cp/
30 B
374 B
XHR
General
Full URL
https://live.demand.supply/cp/shoot-yalla.live_fluid_lb+sq_leaderboardshootyalla?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=dHYuc2hvb3QteWFsbGEubGl2ZS9saXZlLzEzMTUwLzEyNjE4L3V0YWgtamF6ei12cy1vcmxhbmRvLW1hZ2ljLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
325c8999008fd3b845f93b9e4b5ff90c5abfe87fed57c0799657512b7f9b9b8f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
82018aa81e63b8a6-AMS
alt-svc
h3=":443"; ma=86400
content-length
30
shoot-yalla.tv_fluid_all
live.demand.supply/cp/
28 B
372 B
XHR
General
Full URL
https://live.demand.supply/cp/shoot-yalla.tv_fluid_all?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=dHYuc2hvb3QteWFsbGEubGl2ZS9saXZlLzEzMTUwLzEyNjE4L3V0YWgtamF6ei12cy1vcmxhbmRvLW1hZ2ljLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed5c31d1fd7bf0a2e18071425014870afc380967bdef81f99fcb8455fb8aedb8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
82018aa81e66b8a6-AMS
alt-svc
h3=":443"; ma=86400
content-length
28
e.js
live.demand.supply/x/
0
477 B
XHR
General
Full URL
https://live.demand.supply/x/e.js?ce=fs&dsReferer=dHYuc2hvb3QteWFsbGEubGl2ZS9saXZlLzEzMTUwLzEyNjE4L3V0YWgtamF6ei12cy1vcmxhbmRvLW1hZ2ljLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-nf-request-id
01HBTYD4SVFM3HW7N6KW53AZ7J
date
Fri, 03 Nov 2023 03:30:57 GMT
cf-cache-status
HIT
age
84074
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82018aa81e72b8a6-AMS
pubads_impl_fy2012.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/
424 KB
133 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6082257fe9e807fd65d06b71d533e90481bce2e163e0f25b36ab36a552bc6fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 11:45:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
56745
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136180
x-xss-protection
0
server
cafe
etag
6663949485869648659
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 01 Nov 2024 11:45:12 GMT
shoot-yalla.live_auto_728x90_sticky_display_bottom
live.demand.supply/cp/
28 B
370 B
XHR
General
Full URL
https://live.demand.supply/cp/shoot-yalla.live_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=dHYuc2hvb3QteWFsbGEubGl2ZS9saXZlLzEzMTUwLzEyNjE4L3V0YWgtamF6ei12cy1vcmxhbmRvLW1hZ2ljLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e79d2702b44ab69b511623ad8aa136e5b57fd81e9e5895cc36f122c83325f661

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
82018aa87ef2b8a6-AMS
alt-svc
h3=":443"; ma=86400
content-length
28
collect
region1.google-analytics.com/g/
0
257 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3QCY3XNZTG&gtm=45je3b11v9133090566&_p=1698982257760&gcd=11l1l1l1l1&cid=909424221.1698982258&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698982258&sct=1&seg=0&dl=https%3A%2F%2Ftv.shoot-yalla.live%2Flive%2F13150%2F12618%2Futah-jazz-vs-orlando-magic%2F&dt=Utah%20Jazz%20vs%20Orlando%20Magic%20-%20NBA&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1996
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3QCY3XNZTG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tv.shoot-yalla.live
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/
0
480 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=shoot-yalla.live_fluid_lb%2Bsq_leaderboardshootyalla&pdc=0.21014567613601684&ucv=null&e=tcp&dsReferer=dHYuc2hvb3QteWFsbGEubGl2ZS9saXZlLzEzMTUwLzEyNjE4L3V0YWgtamF6ei12cy1vcmxhbmRvLW1hZ2ljLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-nf-request-id
01HBTYD4N6T6Y3FXWYDHSEKYXW
date
Fri, 03 Nov 2023 03:30:58 GMT
cf-cache-status
HIT
age
1416145
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82018aa92fcbb8a6-AMS
shoot-yalla.live_fluid_lb+sq_leaderboardshootyalla
api.demand.supply/v17-10-0/a/
384 B
556 B
XHR
General
Full URL
https://api.demand.supply/v17-10-0/a/shoot-yalla.live_fluid_lb+sq_leaderboardshootyalla?&dsReferer=dHYuc2hvb3QteWFsbGEubGl2ZS9saXZlLzEzMTUwLzEyNjE4L3V0YWgtamF6ei12cy1vcmxhbmRvLW1hZ2ljLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1865e44671ee2de2d4ea72400053a3527aefc0610492d6802fb7243ab75d7068

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
etag
W/"180-ygGB+6PhBzBgotcv5xi1CfyBKEw"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
82018aa99ddd66a0-AMS
alt-svc
h3=":443"; ma=86400
e.js
live.demand.supply/e/
0
481 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=shoot-yalla.tv_fluid_all&pdc=0.436342442035675&ucv=null&e=tcp&dsReferer=dHYuc2hvb3QteWFsbGEubGl2ZS9saXZlLzEzMTUwLzEyNjE4L3V0YWgtamF6ei12cy1vcmxhbmRvLW1hZ2ljLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-nf-request-id
01HBTYD4N6T6Y3FXWYDHSEKYXW
date
Fri, 03 Nov 2023 03:30:58 GMT
cf-cache-status
HIT
age
1416145
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82018aa92fcdb8a6-AMS
shoot-yalla.tv_fluid_all
api.demand.supply/v17-10-0/a/
2 B
471 B
XHR
General
Full URL
https://api.demand.supply/v17-10-0/a/shoot-yalla.tv_fluid_all?&dsReferer=dHYuc2hvb3QteWFsbGEubGl2ZS9saXZlLzEzMTUwLzEyNjE4L3V0YWgtamF6ei12cy1vcmxhbmRvLW1hZ2ljLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
cf-cache-status
HIT
server
cloudflare
age
2616
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
accept-ranges
bytes
cf-ray
82018aa99dda66a0-AMS
alt-svc
h3=":443"; ma=86400
content-length
2
clappr.min.js
cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/ Frame 4C2A
470 KB
128 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/frame.php?ch=jazz_1&p=6&token=NmQ3YTY1NzU2ZDZhNjEzMDZjNmE2NTMxNmQ2MzM0Nzg2ZTY0Njg3MTY0Nzg2ZTZmNmQ2YTYxNzk2ZDY5NzM3OTZkNjQ2OTc3NmI2YjZjNjU3MTY4NmYzMzc5Nzg2YjMxNjQ2YTZkMzI2OTc4NmYzMTY5Nzc=&kt=1698982257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce00e20b1de71ae06025269109fb0cb9482ba6af1dbc262ba4eda319aaef9229
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
84860
x-jsd-version
0.4.7
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230102-FRA, cache-ams21066-AMS
x-jsd-version-type
version
server
cloudflare
etag
W/"7569d-g/bZEgP/0XCbPxVx7RLqUXpxxzU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8J3LP2UzdV5cUCEMZ%2BvU6iA7C4rb9SXnr75rQDbGlS1KtWcp%2BjryBZQzkqB0LC%2FPERzcu0FCKIhVa3yZfIMjqsbMe8uhHdogO7etesx7UVGws8ODa52dB0zjGbRI8GAb4V6qVEAWSd3fQmMiA7M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
82018aa92a181caa-AMS
level-selector.min.js
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame 4C2A
30 KB
11 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/frame.php?ch=jazz_1&p=6&token=NmQ3YTY1NzU2ZDZhNjEzMDZjNmE2NTMxNmQ2MzM0Nzg2ZTY0Njg3MTY0Nzg2ZTZmNmQ2YTYxNzk2ZDY5NzM3OTZkNjQ2OTc3NmI2YjZjNjU3MTY4NmYzMzc5Nzg2YjMxNjQ2YTZkMzI2OTc4NmYzMTY5Nzc=&kt=1698982257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
39275
x-jsd-version
0.3.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230055-FRA, cache-ams21077-AMS
x-jsd-version-type
version
server
cloudflare
etag
W/"76e2-qotJurjpL/BNF6Wix8Da/EJuL+k"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cSVjj6gaKwEhF04Gv6R%2FHMJpL3bzRtSwtaX2f0wUC5cloJS2haCaYH9tOX4ivUP3Z1FFP6T8l02CBQ83RpnrWLWxDJd5nwomu4geavR8dz8d4GaG9jLJdK%2BD2mGZchzntYxj3itAg%2BTyXk7iH8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82018aa92a1a1caa-AMS
p2p-engine.min.js
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/ Frame 4C2A
175 KB
54 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/frame.php?ch=jazz_1&p=6&token=NmQ3YTY1NzU2ZDZhNjEzMDZjNmE2NTMxNmQ2MzM0Nzg2ZTY0Njg3MTY0Nzg2ZTZmNmQ2YTYxNzk2ZDY5NzM3OTZkNjQ2OTc3NmI2YjZjNjU3MTY4NmYzMzc5Nzg2YjMxNjQ2YTZkMzI2OTc4NmYzMTY5Nzc=&kt=1698982257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbb7b2ccf8f3f8d83e925e1a3820cb58495771182e194bea9628ae48e080c038
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
35369
x-jsd-version
2.8.5
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230112-FRA, cache-ams21025-AMS
x-jsd-version-type
version
server
cloudflare
etag
W/"2baab-lwyGYqrtJkRJ2rqNbqEvmv3E+eM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPNl0wcCgLNLn5Qg%2FpzLSPRJmOd2IWMRRfJrFm9l%2Fgv4iD4q2Ziq8hFrxXu63K70cWKhxdUoKjcF5wZaZMHhIsPf9keoja8DelNIHK6BQkQSh542LdpVvTNWMvOzRhBUmGYLd6Ny%2FEspvFROjjw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82018aa92a1b1caa-AMS
clappr-p2p-plugin.min.js
cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/ Frame 4C2A
3 KB
2 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/clappr-p2p-plugin.min.js
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/frame.php?ch=jazz_1&p=6&token=NmQ3YTY1NzU2ZDZhNjEzMDZjNmE2NTMxNmQ2MzM0Nzg2ZTY0Njg3MTY0Nzg2ZTZmNmQ2YTYxNzk2ZDY5NzM3OTZkNjQ2OTc3NmI2YjZjNjU3MTY4NmYzMzc5Nzg2YjMxNjQ2YTZkMzI2OTc4NmYzMTY5Nzc=&kt=1698982257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8eb7e24873bb65c9b7193534bda15761d8853b24ca4a41d7749360972504141
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
22049
x-jsd-version
2.7.6
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230036-FRA, cache-jnb7024-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"c19-SLjttAW8dcDjADi6J1T2hbhokWc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyA1jc6sxp5FvUJp%2BYPkE8cUd4itsdglMqos7hP1mSgHHVk2YQdRbuhNuHPIMswUuu1wEiEY2iwAdTovgR8O6vsWXcmOnYztN9EFoNATwpHEdN4umH%2BU8PCL81a%2BMMpRELuOGz0kE7%2B7mUjxRBs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82018aa92a1d1caa-AMS
hbp_master_751043_18393.js
player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/
316 KB
102 KB
Script
General
Full URL
https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751043_18393.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/1938311864/hb_751043_18393.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
ec301c67db4c9e7dc2b46357be465c94b412259c6b38e7e5ce82893cf3528ff7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
content-encoding
gzip
last-modified
Tue, 24 Oct 2023 04:43:42 GMT
server
nginx
etag
W/"65374b7e-4ee18"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Fri, 03 Nov 2023 04:30:58 GMT
hbw_master_751043_18393.js
player.aplhb.adipolo.com/prebidlink/oLWia/
126 KB
41 KB
Script
General
Full URL
https://player.aplhb.adipolo.com/prebidlink/oLWia/hbw_master_751043_18393.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/1938311864/wrapper_hb_751043_18393.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
8a730029b533f2ed197e7608d02ac77e1ed480a89aae727bd19d809f8bad8513

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
content-encoding
gzip
last-modified
Thu, 02 Nov 2023 19:21:06 GMT
server
nginx
etag
W/"6543f6a2-1f8ab"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Fri, 03 Nov 2023 04:30:58 GMT
e.js
live.demand.supply/e/
0
479 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=shoot-yalla.live_auto_728x90_sticky_display_bottom&pdc=0.383733332157135&ucv=null&e=tcp&dsReferer=dHYuc2hvb3QteWFsbGEubGl2ZS9saXZlLzEzMTUwLzEyNjE4L3V0YWgtamF6ei12cy1vcmxhbmRvLW1hZ2ljLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-nf-request-id
01HBTYD4N6T6Y3FXWYDHSEKYXW
date
Fri, 03 Nov 2023 03:30:58 GMT
cf-cache-status
HIT
age
1416145
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82018aa96801b8a6-AMS
sdb.css
live.demand.supply/css/
4 KB
2 KB
Stylesheet
General
Full URL
https://live.demand.supply/css/sdb.css
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-nf-request-id
01HE4REZ5P91Z7MK6KM8H9ANHJ
date
Fri, 03 Nov 2023 03:30:58 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
80961
etag
W/"c27f4658bc4d962838cce42902fde3d9-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
82018aa96c8266e6-AMS
alt-svc
h3=":443"; ma=86400
e.js
live.demand.supply/x/
0
478 B
XHR
General
Full URL
https://live.demand.supply/x/e.js?ce=bb&r=shoot-yalla.live_auto_728x90_sticky_display_bottom&dsReferer=dHYuc2hvb3QteWFsbGEubGl2ZS9saXZlLzEzMTUwLzEyNjE4L3V0YWgtamF6ei12cy1vcmxhbmRvLW1hZ2ljLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-nf-request-id
01HBTYD4SVFM3HW7N6KW53AZ7J
date
Fri, 03 Nov 2023 03:30:58 GMT
cf-cache-status
HIT
age
84075
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82018aa96802b8a6-AMS
frame.php
tv.shoot-yalla.live/ Frame 4C2A
0
562 B
XHR
General
Full URL
https://tv.shoot-yalla.live/frame.php?ch=jazz_1&p=6&token=NmQ3YTY1NzU2ZDZhNjEzMDZjNmE2NTMxNmQ2MzM0Nzg2ZTY0Njg3MTY0Nzg2ZTZmNmQ2YTYxNzk2ZDY5NzM3OTZkNjQ2OTc3NmI2YjZjNjU3MTY4NmYzMzc5Nzg2YjMxNjQ2YTZkMzI2OTc4NmYzMTY5Nzc=&kt=1698982257
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/frame.php?ch=jazz_1&p=6&token=NmQ3YTY1NzU2ZDZhNjEzMDZjNmE2NTMxNmQ2MzM0Nzg2ZTY0Njg3MTY0Nzg2ZTZmNmQ2YTYxNzk2ZDY5NzM3OTZkNjQ2OTc3NmI2YjZjNjU3MTY4NmYzMzc5Nzg2YjMxNjQ2YTZkMzI2OTc4NmYzMTY5Nzc=&kt=1698982257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Fri, 03 Nov 2023 03:30:57 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hbmVA6BMl1T9bcrPyhUdNkCY6kdCKeYwhck7g57%2BVI7ubUDmtDuQRyxKpUVjQQE8C5xxhveWJRkJY7XITa%2BRAwVPPilK6r2VINbabOLEDZgNu3e%2BbUm207iMHFXOowU3cN2viU5Q"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
82018aaa8e361c99-AMS
expires
Fri, 03 Nov 2023 03:31:57 GMT
config.json
player.adtelligent.com/exchange_rates/313490/
11 KB
5 KB
XHR
General
Full URL
https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Ftv.shoot-yalla.live%2Flive%2F13150%2F12618%2Futah-jazz-vs-orlando-magic%2F
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_751043_18393.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
eff7ee9958d76286b14e797a7f678364fe139f5744ef78b11aed7685100d1c2f

Request headers

Referer
https://tv.shoot-yalla.live/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

expires
Sat, 04 Nov 2023 03:30:58 GMT
date
Fri, 03 Nov 2023 03:30:58 GMT
content-encoding
gzip
last-modified
Thu, 02 Nov 2023 12:01:38 GMT
server
nginx
etag
W/"65438fa2-2aca"
content-type
application/json
access-control-allow-origin
https://tv.shoot-yalla.live
cache-control
max-age=86400
x-proxy-cache
HIT
e.js
live.demand.supply/x/
0
481 B
XHR
General
Full URL
https://live.demand.supply/x/e.js?ce=nsi&dsReferer=dHYuc2hvb3QteWFsbGEubGl2ZS9saXZlLzEzMTUwLzEyNjE4L3V0YWgtamF6ei12cy1vcmxhbmRvLW1hZ2ljLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-nf-request-id
01HBTYD4SVFM3HW7N6KW53AZ7J
date
Fri, 03 Nov 2023 03:30:58 GMT
cf-cache-status
HIT
age
84075
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82018aab1926b8a6-AMS
e.js
live.demand.supply/e/
0
479 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=shoot-yalla.live_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=dHYuc2hvb3QteWFsbGEubGl2ZS9saXZlLzEzMTUwLzEyNjE4L3V0YWgtamF6ei12cy1vcmxhbmRvLW1hZ2ljLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-nf-request-id
01HBTYD4N6T6Y3FXWYDHSEKYXW
date
Fri, 03 Nov 2023 03:30:58 GMT
cf-cache-status
HIT
age
1416145
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82018aab192cb8a6-AMS
esp.js
cdn.id5-sync.com/api/1.0/
143 KB
31 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 24 Oct 2023 08:11:43 GMT
server
cloudflare
x-amz-request-id
S9PDYDYYJQBF0KQ4
age
1423
etag
W/"8a9ad568d94062c0186983f6aac0be50"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
82018aab9f241afa-AMS
x-amz-id-2
HBB4SuQjZEhArcZyClQ53I17qmtpfj0Ygvjwr7oVNbFZklMQ9TLt+mab9aWy6Id59MDu6/M94A0=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/
732 B
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
39500
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-yyz4527-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OGW6hTBAiLC8zYW%2BLafDEdBhaQLwfo6RZ%2B07XIKxXPlqfHXM%2BCA08tmRqbJTUKCooYKNsD4jvkbVeYqF8iaU7uvT7SPrWa9TrA2tzHQrfRAPj5tZMHcdrmuw9PWntJfL%2FJ2aYm5zvwiqOmCpPYw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82018aab186b06e0-AMS
connectId-gpt.js
connectid.analytics.yahoo.com/
9 KB
9 KB
Script
General
Full URL
https://connectid.analytics.yahoo.com/connectId-gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:ec00:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 02:48:17 GMT
via
1.1 66ce4848bcf993e3c57b596461cd0b82.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'
x-amz-cf-pop
MUC50-P1
age
2562
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8730
x-amz-expiration
expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified
Tue, 17 Oct 2023 13:17:45 GMT
server
AmazonS3
etag
"c46e30de24d0f12167e302e9e32ff4a5"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
MZEZOkwoiNinl3yvoXcCn9tjdhbON_SqqfESpLFUHaJxv-jJp0xtUA==
publishertag.ids.js
static.criteo.net/js/ld/
42 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 04 Nov 2023 03:30:58 GMT
ob.js
cdn-ima.33across.com/
11 KB
5 KB
Script
General
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
253132
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
82018aab99f21c10-AMS
expires
Mon, 06 Nov 2023 03:30:58 GMT
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 04:08:06 GMT
content-encoding
gzip
age
602572
x-guploader-uploadid
ABPtcPo0EtTFY7fWGwfH7YcFpkKhyxlIy8AKei3hIiamRpXW1UUlNwTbcJ7u7ADJOjBFaq-z8Y2OubPY6SA1WObOmaOYZQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 26 Oct 2024 04:08:06 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/
1 KB
1 KB
Script
General
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
cdfa82101c4140b57de31639cb762590
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
uid2SecureSignal.js
cdn.prod.uidapi.com/
3 KB
3 KB
Script
General
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:d200:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Thu, 02 Nov 2023 08:28:15 GMT
Via
1.1 878a01abbb158ab50d28bd4e882dc33a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MUC50-P1
Age
68564
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
6Fw56b8JVb9Bmtmi8SZjMAg6ljH4TZ5Q-pe_WCtjKopDffQIhfq8XA==
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-46.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 05:49:30 GMT
content-encoding
gzip
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
78089
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
B7emwY-8ezcWEXWUX-0L-NGbXmyRlqCrZ6qsYU74aeokJvvpLaAt_Q==
e.js
live.demand.supply/e/
0
479 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=d&sc=shoot-yalla.tv_fluid_all&err=Cannot%20convert%20undefined%20or%20null%20to%20object&e=as&dsReferer=dHYuc2hvb3QteWFsbGEubGl2ZS9saXZlLzEzMTUwLzEyNjE4L3V0YWgtamF6ei12cy1vcmxhbmRvLW1hZ2ljLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-nf-request-id
01HBTYD4N6T6Y3FXWYDHSEKYXW
date
Fri, 03 Nov 2023 03:30:58 GMT
cf-cache-status
HIT
age
1416145
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82018aab2930b8a6-AMS
/
vaitotoo.net/5/6289843/ Frame 4C2A
3 KB
2 KB
XHR
General
Full URL
https://vaitotoo.net/5/6289843/?oo=1&aab=1
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/frame.php?ch=jazz_1&p=6&token=NmQ3YTY1NzU2ZDZhNjEzMDZjNmE2NTMxNmQ2MzM0Nzg2ZTY0Njg3MTY0Nzg2ZTZmNmQ2YTYxNzk2ZDY5NzM3OTZkNjQ2OTc3NmI2YjZjNjU3MTY4NmYzMzc5Nzg2YjMxNjQ2YTZkMzI2OTc4NmYzMTY5Nzc=&kt=1698982257
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
dfd10e8a33f790b2577cba9350e2f0b0a737fe601e870f3f626b1fac1811db2f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
content-encoding
gzip
x-trace-id
700a031abf2ca9ae61190cd1c264a8c5
pragma
no-cache, no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://tv.shoot-yalla.live
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
tag.min.js
vaitotoo.net/ Frame 4C2A
79 KB
26 KB
Script
General
Full URL
https://vaitotoo.net/tag.min.js
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/frame.php?ch=jazz_1&p=6&token=NmQ3YTY1NzU2ZDZhNjEzMDZjNmE2NTMxNmQ2MzM0Nzg2ZTY0Njg3MTY0Nzg2ZTZmNmQ2YTYxNzk2ZDY5NzM3OTZkNjQ2OTc3NmI2YjZjNjU3MTY4NmYzMzc5Nzg2YjMxNjQ2YTZkMzI2OTc4NmYzMTY5Nzc=&kt=1698982257
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b339b3dbc6f33a53a4efb9854950d39378eda7d321029ac085dc366811cbc895
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=1
content-length
25508
x-trace-id
286df3eb18a9d64d83d80c0b8a961a63
pragma
no-cache
last-modified
Thu, 02 Nov 2023 10:44:42 GMT
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
ghb.aplhb.adipolo.com/geo/
155 B
430 B
XHR
General
Full URL
https://ghb.aplhb.adipolo.com/geo/
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/oLWia/hbw_master_751043_18393.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
89897552b145dc830240ee08b191fdaa6ad73aca3366366cd634897576394984

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:30:58 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://tv.shoot-yalla.live
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
155
tracking
ghb.aplhb.adipolo.com/adunit/
43 B
438 B
XHR
General
Full URL
https://ghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=751043&site_id=18393&pbjsv=v7.54.7&full_page_url=https%3A%2F%2Ftv.shoot-yalla.live%2Flive%2F13150%2F12618%2Futah-jazz-vs-orlando-magic%2F&adid=i264k7.b1&features=81952&vpbv=N195&tte=569&lifecycle_tte=2335
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/oLWia/hbw_master_751043_18393.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:30:58 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://tv.shoot-yalla.live
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
ads
securepubads.g.doubleclick.net/gampad/
53 KB
14 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=637430635397357&correlator=2260201591511279&eid=44807409%2C31079197%2C21065725&output=ldjh&gdfp_req=1&vrg=202310300101&ptt=17&impl=fifs&iu_parts=21939239661%3A22891901908%2Capl%2Canchor%2Canchortop&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698982258432&lmt=1698981014&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Ftv.shoot-yalla.live%2Flive%2F13150%2F12618%2Futah-jazz-vs-orlando-magic%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=909424221.1698982258&ga_sid=1698982258&ga_hid=1857058342&ga_fc=true&dlt=1698982257542&idt=563&adks=3790004705&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b62b3bcac1c14fbe138e730230d41e4ffa0be3ab861fcadbfae39f400cd59f82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13910
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tv.shoot-yalla.live
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
29 KB
12 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=637430635397357&correlator=3801497292974920&eid=44807409%2C31079197%2C21065725&output=ldjh&gdfp_req=1&vrg=202310300101&ptt=17&impl=fifs&iu_parts=44890869%3A22636493546%2Cca-pub-3831894559014614-tag%2C453455ea-be38-49bb-97cf-d384279e6a2e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698982258438&lmt=1698981014&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Ftv.shoot-yalla.live%2Flive%2F13150%2F12618%2Futah-jazz-vs-orlando-magic%2F&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=909424221.1698982258&ga_sid=1698982258&ga_hid=1857058342&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRjfze-ZuTFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjfze-ZuTFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGN_N75m5MUgAUgIIZBIZCgpwdWJjaWQub3JnGN_N75m5MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjfze-ZuTFIAFICCGQSFwoIcnRiaG91c2UY383vmbkxSABSAghkEhQKBW9wZW54GN_N75m5MUgAUgIIZBIZCgp1aWRhcGkuY29tGN_N75m5MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y3s3vmbkxSABSAghk&dlt=1698982257542&idt=563&prev_scp=ti%3Da4808ad4-84ad-42e8-ad99-1fb82291131c%26chrand%3Dy%26pof%3D0%26bid%3D0.23%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D55%26excl_cat%3DPREPOST&adks=4229603822&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
134935706010930dbfe978aee37dffe70cc504e7d8eabdbcfcb0a9ecfd317946
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12647
x-xss-protection
0
google-lineitem-id
5563951126
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138332681208
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tv.shoot-yalla.live
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2218
6 KB
3 KB
Document
General
Full URL
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tv.shoot-yalla.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:30:58 GMT
expires
Sat, 02 Nov 2024 03:30:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_fy2012.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/
39 KB
13 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_page_level_ads_fy2012.js?cb=31079197
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a19b3a770a433295ec7c946e9a2d4d263489be69ebab4d54aafb13ecd9d337b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 15:36:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
42843
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13755
x-xss-protection
0
server
cafe
etag
4541188775071356988
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 01 Nov 2024 15:36:55 GMT
track
servt.modoro360.com/
0
143 B
Image
General
Full URL
https://servt.modoro360.com/track?pid=64db8a3bf27a2554d7080489&cid=64db8a60085bb16f1504b425&cb=1698982258448&r=tv.shoot-yalla.live&stagid=64db8b44ba16e1afa30cb885&stplid=6192229fa59e3976bb4400aa&d35=&d65=Test1&d66=8&d74=&e=playerLoaded&cpid=631a2480b3d08269680f4be2&str=viewable
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
jazz_1.m3u8
a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/ Frame 4C2A
438 B
793 B
XHR
General
Full URL
https://a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/jazz_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.205.187.54 , Netherlands, ASN213373 (IPCONNECT, SC),
Reverse DNS
Software
nginx /
Resource Hash
ac9290578d829fbcd24c81a6347c0c9a2bec6ee472e3bae45799fd63f56ec342

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:30:58 GMT
Last-Modified
Fri, 03 Nov 2023 03:30:58 GMT
Server
nginx
ETag
"65446972-1b6"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
438
ads
securepubads.g.doubleclick.net/gampad/
29 KB
12 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=637430635397357&correlator=1653427334436632&eid=44807409%2C31079197%2C21065725&output=ldjh&gdfp_req=1&vrg=202310300101&ptt=17&impl=fifs&iu_parts=44890869%3A22636493546%2Cca-pub-3831894559014614-tag%2C4d029fbb-dfa8-4fe4-ba3e-92e1e15de3d0&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1000x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698982258458&lmt=1698981014&adxs=300&adys=988&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Ftv.shoot-yalla.live%2Flive%2F13150%2F12618%2Futah-jazz-vs-orlando-magic%2F&vis=1&psz=1000x116&msz=1000x116&fws=0&ohw=0&ga_vid=909424221.1698982258&ga_sid=1698982258&ga_hid=1857058342&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRjfze-ZuTFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjfze-ZuTFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGN_N75m5MUgAUgIIZBIZCgpwdWJjaWQub3JnGN_N75m5MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjfze-ZuTFIAFICCGQSFwoIcnRiaG91c2UY383vmbkxSABSAghkEhQKBW9wZW54GN_N75m5MUgAUgIIZBIZCgp1aWRhcGkuY29tGN_N75m5MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y3s3vmbkxSABSAghk&dlt=1698982257542&idt=563&prev_scp=ti%3Da4808ad4-84ad-42e8-ad99-1fb82291131c%26chrand%3Dy%26pof%3D0%26bid%3D0.19%26bid-p%3Dgoogle%26bsc%3D55%26excl_cat%3DPREPOST&adks=2688612589&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b83276ffd30e30403e0e2676d131cc64b4859bfab94246c4b0cdc93a534ab704
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12701
x-xss-protection
0
google-lineitem-id
5564063189
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138332681208
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tv.shoot-yalla.live
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Ftv.shoot-yalla.live%2Flive%2F13150%2F12618%2Futah-jazz-vs-orlando-magic%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Ftv.shoot-yalla.live%2Flive%2F13150%2F12618%2Futah-jazz-vs-orlando-magic%2F&rid=esp&cc=1
85 B
193 B
Fetch
General
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Ftv.shoot-yalla.live%2Flive%2F13150%2F12618%2Futah-jazz-vs-orlando-magic%2F&rid=esp&cc=1
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
48fccb4c63df88cc3dd9958cf11bbad180d7dd318ef0b5361ebbab5c41896ee3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-q65iueGu8iw4h8oB/rIrF6HlZfY"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tv.shoot-yalla.live
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Fri, 03 Nov 2023 03:30:58 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://tv.shoot-yalla.live
location
/esp?url=https%3A%2F%2Ftv.shoot-yalla.live%2Flive%2F13150%2F12618%2Futah-jazz-vs-orlando-magic%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
syncframe
gum.criteo.com/ Frame CDE1
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=tv.shoot-yalla.live
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://tv.shoot-yalla.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:30:58 GMT
server
Kestrel
server-processing-duration-in-ticks
290155
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
increment
id5-sync.com/api/esp/
0
235 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://tv.shoot-yalla.live/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tv.shoot-yalla.live
date
Fri, 03 Nov 2023 03:30:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
gid.js
my.rtmark.net/ Frame 4C2A
65 B
548 B
XHR
General
Full URL
https://my.rtmark.net/gid.js?userId=d39c48e6cd96497eb016e7d1b81fb7d1
Requested by
Host: vaitotoo.net
URL: https://vaitotoo.net/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b884942777d01cf9b73bca44eee759094b412a787ad29790d5794d54f8cefa9e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tv.shoot-yalla.live
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
jazz_1.m3u8
a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/ Frame 4C2A
438 B
793 B
XHR
General
Full URL
https://a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/jazz_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.205.187.54 , Netherlands, ASN213373 (IPCONNECT, SC),
Reverse DNS
Software
nginx /
Resource Hash
ac9290578d829fbcd24c81a6347c0c9a2bec6ee472e3bae45799fd63f56ec342

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:30:58 GMT
Last-Modified
Fri, 03 Nov 2023 03:30:58 GMT
Server
nginx
ETag
"65446972-1b6"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
438
jazz_1-2583.key
a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/keys/ Frame 4C2A
16 B
364 B
XHR
General
Full URL
https://a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/keys/jazz_1-2583.key
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.205.187.54 , Netherlands, ASN213373 (IPCONNECT, SC),
Reverse DNS
Software
nginx /
Resource Hash
7b5318528427d4d94f79665ed115077b3a2a606961871a64948c7de34868dd93

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:30:58 GMT
Last-Modified
Fri, 03 Nov 2023 03:30:52 GMT
Server
nginx
ETag
"6544696c-10"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16
json
pro.ip-api.com/ Frame 4C2A
148 B
304 B
Fetch
General
Full URL
https://pro.ip-api.com/json?fields=2181826&key=XOpiansRgYxGTho
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
2869219efe96de4991c0f14566c34036e81424087baf518140e1ebde08874502

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 03 Nov 2023 03:30:58 GMT
Content-Length
148
Content-Type
application/json; charset=utf-8
map
bcp.crwdcntrl.net/6/
60 B
337 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.8.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-8-73.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2ba670c5fd0d8cb2b7d984b9f53ab08329375c00809fe3b159a22cfe9ed79bb0

Request headers

Referer
https://tv.shoot-yalla.live/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:58 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://tv.shoot-yalla.live
cache-control
no-cache
x-server
10.45.7.58
access-control-allow-credentials
true
content-length
60
expires
0
fed
ups.analytics.yahoo.com/ups/58813/
2 B
215 B
XHR
General
Full URL
https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Ftv.shoot-yalla.live%2Flive%2F13150%2F12618%2Futah-jazz-vs-orlando-magic%2F
Requested by
Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://tv.shoot-yalla.live
content-type
application/json
access-control-allow-credentials
true
sid
mug.criteo.com/ Frame CDE1
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=shoot-yalla.live&sn=ChromeSyncframe&so=0&topUrl=tv.shoot-yalla.live&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=dLxLgnxBRGk0SzBIcGdDWDc5WjY4bjhiMFdKMG0xNFFCTzBHRklmNWowcjR1YjJjcStQdXlwUHN3NzdBVTRaWlVZWi9zaFFvdFRBY3RzY1VPbC9HVkp4MjNGZG5mQjF4YmVCbjI4ekl0cHR6S2hSUXJUOVQzeVFOVkZMVD...
470 B
672 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=dLxLgnxBRGk0SzBIcGdDWDc5WjY4bjhiMFdKMG0xNFFCTzBHRklmNWowcjR1YjJjcStQdXlwUHN3NzdBVTRaWlVZWi9zaFFvdFRBY3RzY1VPbC9HVkp4MjNGZG5mQjF4YmVCbjI4ekl0cHR6S2hSUXJUOVQzeVFOVkZMVDlRbmdsVGRScWs2NnYzSzFtY0JLcGk0SndHbVlLSmo5c2xhSGc0SXhUREVwU2hsajA3ejZVd21lZWx3MllSbnQrTzJiM1lQR2JGU2hwRTFJNWc3czFMMTNxamg2cU9DQ0VjNG9YSW5yMGlzdEVNYmtXN1VnRTd1TExMdlJiMkk5aEhvcmJROHFpSXg2OStmLzJpK2RVQlo1MG5FQmJ2QT09fA&cppv=2
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a6fb74131651e7dd5d1e8d54defd9efe61184d9c9200fd74940962c22c3a47b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:57 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
976515
expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:58 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=dLxLgnxBRGk0SzBIcGdDWDc5WjY4bjhiMFdKMG0xNFFCTzBHRklmNWowcjR1YjJjcStQdXlwUHN3NzdBVTRaWlVZWi9zaFFvdFRBY3RzY1VPbC9HVkp4MjNGZG5mQjF4YmVCbjI4ekl0cHR6S2hSUXJUOVQzeVFOVkZMVDlRbmdsVGRScWs2NnYzSzFtY0JLcGk0SndHbVlLSmo5c2xhSGc0SXhUREVwU2hsajA3ejZVd21lZWx3MllSbnQrTzJiM1lQR2JGU2hwRTFJNWc3czFMMTNxamg2cU9DQ0VjNG9YSW5yMGlzdEVNYmtXN1VnRTd1TExMdlJiMkk5aEhvcmJROHFpSXg2OStmLzJpK2RVQlo1MG5FQmJ2QT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
301785
content-length
0
expires
0
jazz_1-2588.ts
a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/ Frame 4C2A
441 KB
442 KB
Fetch
General
Full URL
https://a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/jazz_1-2588.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.205.187.54 , Netherlands, ASN213373 (IPCONNECT, SC),
Reverse DNS
Software
nginx /
Resource Hash
858af2282fe00aca07f14363bd0854a8ba60c3ae0b10bd6e6b729e73f99b94b1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:30:58 GMT
Last-Modified
Fri, 03 Nov 2023 03:30:42 GMT
Server
nginx
ETag
"65446962-6e4c0"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
451776
ababb9c0-984b-4d73-896e-88ba24a9d94c
https://tv.shoot-yalla.live/ Frame 4C2A
62 KB
0
Other
General
Full URL
blob:https://tv.shoot-yalla.live/ababb9c0-984b-4d73-896e-88ba24a9d94c
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2e2ee124a92ca6673a9ce2508260ac228832de36594217daffcbce988758fc5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Length
63763
Content-Type
text/javascript
/
vaitotoo.net/ Frame 4C2A
2 KB
2 KB
Fetch
General
Full URL
https://vaitotoo.net/?rb=pcnNcA9T3G2i_QiBtX9HMPuann8ZukUKfp-n5ijO91m54rAFbmt2m-NErRnJzPlHf5p_zVkKPDAQspGmmdF_-U9pdvsrMNMPiisS3g5GDEHlz_HXwpklKJ0pPkl6OXDkcUUWtm6LJExonpFJtUk6PW1BEgjfruO3cAsgyL0Dafb_OKiVm6JGiDJAaepszdohj0a64WLJLu8ArF8DJFbcENHR6lHqUxOXQAjTqVSUOLz1g6BoMHI1d_OPd0UR6jFfCVsb-s3e5moXJvXHcDZ9GO__er_iDyo46WnFEw%3D%3D&request_ab2=0&zoneid=6289843&js_build=iclick-v1.619.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1000&wih=500&wiw=1000&wfc=3&pl=https%3A%2F%2Ftv.shoot-yalla.live%2Fframe.php%3Fch%3Djazz_1%26p%3D6%26token%3DNmQ3YTY1NzU2ZDZhNjEzMDZjNmE2NTMxNmQ2MzM0Nzg2ZTY0Njg3MTY0Nzg2ZTZmNmQ2YTYxNzk2ZDY5NzM3OTZkNjQ2OTc3NmI2YjZjNjU3MTY4NmYzMzc5Nzg2YjMxNjQ2YTZkMzI2OTc4NmYzMTY5Nzc%3D%26kt%3D1698982257&drf=https%3A%2F%2Ftv.shoot-yalla.live%2F&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.619.0&bs=a9b4ac31-7f00-414c-9d04-9b6f64e65698&userId=d39c48e6cd96497eb016e7d1b81fb7d1&m=link
Requested by
Host: vaitotoo.net
URL: https://vaitotoo.net/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
1d40e4c9ea8d854183854c26f57ab2ca6394d58efafc1c2642f69b9ebfa9b9af
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
2305d8ab5079cf58918f5afa25e6e8f9
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://tv.shoot-yalla.live
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
631 B
316 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=637430635397357&correlator=1980612038274305&eid=44807409%2C31079197%2C21065725&output=ldjh&gdfp_req=1&vrg=202310300101&ptt=17&impl=fifs&iu_parts=21939239661%3A22891901908%2Capl%2Caplmcm%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698982258671&lmt=1698981014&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Ftv.shoot-yalla.live%2Flive%2F13150%2F12618%2Futah-jazz-vs-orlando-magic%2F&vis=1&psz=1600x-1&msz=970x-1&fws=512&ohw=0&ga_vid=909424221.1698982258&ga_sid=1698982258&ga_hid=1857058342&ga_fc=true&dlt=1698982257542&idt=563&prev_scp=test%3Drefresh%26hb_rfBid%3D0%26hb_div_id%3Dstick%26excl_cat%3DPREPOST&adks=2936496661&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8a7d164ade1a099ad40ccd22d5b9f15a355447ffff465df0c90b965bd5472da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
285
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tv.shoot-yalla.live
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
23 KB
10 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=637430635397357&correlator=1441708628707039&eid=44807409%2C31079197%2C21065725&output=ldjh&gdfp_req=1&vrg=202310300101&ptt=17&impl=fifs&iu_parts=21939239661%3A22891901908%2Capl%2Caplmcm%2Cresponsive&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698982258674&lmt=1698981014&adxs=0&adys=103&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Ftv.shoot-yalla.live%2Flive%2F13150%2F12618%2Futah-jazz-vs-orlando-magic%2F&vis=1&psz=1600x3797&msz=1600x0&fws=0&ohw=0&ga_vid=909424221.1698982258&ga_sid=1698982258&ga_hid=1857058342&ga_fc=true&dlt=1698982257542&idt=563&prev_scp=hb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-8176806-7%26excl_cat%3DPREPOST&adks=3826710058&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f9e497976367baadbe1fb8836a86f3d485bcb3bade56770c39c5c6a8071a858
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10419
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tv.shoot-yalla.live
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
637 B
322 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=637430635397357&correlator=3338494047863477&eid=44807409%2C31079197%2C21065725&output=ldjh&gdfp_req=1&vrg=202310300101&ptt=17&impl=fifs&iu_parts=21939239661%3A22891901908%2Capl%2Caplmcm%2Cresponsive3&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698982258676&lmt=1698981014&adxs=0&adys=1273&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Ftv.shoot-yalla.live%2Flive%2F13150%2F12618%2Futah-jazz-vs-orlando-magic%2F&vis=1&psz=1600x3797&msz=1600x0&fws=0&ohw=0&ga_vid=909424221.1698982258&ga_sid=1698982258&ga_hid=1857058342&ga_fc=true&dlt=1698982257542&idt=563&prev_scp=hb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-8176806-8%26excl_cat%3DPREPOST&adks=2134278334&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5f5e1b21ae8a90c1311ef304c90af53e66031c561e5aa9c2fc6fc7c9fe08bdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
291
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tv.shoot-yalla.live
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
637 B
322 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=637430635397357&correlator=3633557919486766&eid=44807409%2C31079197%2C21065725&output=ldjh&gdfp_req=1&vrg=202310300101&ptt=17&impl=fifs&iu_parts=21939239661%3A22891901908%2Capl%2Caplmcm%2Cresponsive4&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250&ifi=7&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698982258678&lmt=1698981014&adxs=312&adys=1300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Ftv.shoot-yalla.live%2Flive%2F13150%2F12618%2Futah-jazz-vs-orlando-magic%2F&vis=1&psz=1000x2365&msz=976x0&fws=4&ohw=1000&ga_vid=909424221.1698982258&ga_sid=1698982258&ga_hid=1857058342&ga_fc=true&dlt=1698982257542&idt=563&prev_scp=hb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-8176806-9%26excl_cat%3DPREPOST&adks=1749980851&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19f42e6c0fc7553695f9984f176a9b0e206cdcd9d3e2e062eaaaa156a5a2f7a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
291
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tv.shoot-yalla.live
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
channel
us.web3-lab.com/v1/ Frame 4C2A
287 B
653 B
Fetch
General
Full URL
https://us.web3-lab.com:8443/v1/channel
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82637c78d39671d0646c9499e626f932b0b29537ea1f6d571f9705fee21464ac

Request headers

Referer
https://tv.shoot-yalla.live/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 03 Nov 2023 03:30:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Z5K%2FMUWUmZMwnUmA4231hswbE%2F%2FoNasc8JVzFl1jYQkLBB7h7ezBxeVmcO%2Bq3S2uZBAX9hEEvcosCS6IszGJHXncPjXBk5%2FWjzJMsFrZLelN1ajYw6EmR5VQQsKOAwartBUOfMmy%2Bzd0XxAudIlSmrsQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
82018aada8ec66f8-AMS
alt-svc
h3=":8443"; ma=86400
view
securepubads.g.doubleclick.net/pcs/ Frame 6013
0
0

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6013
0
0

ads
securepubads.g.doubleclick.net/gampad/
29 KB
13 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=637430635397357&correlator=813428928516253&eid=44807409%2C31079197%2C21065725&output=ldjh&gdfp_req=1&vrg=202310300101&ptt=17&impl=fifs&iu_parts=44890869%3A22636493546%2Cca-pub-3831894559014614-tag%2C244ab1fd-d5e9-4198-aefc-4bfd781d9c20&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=8&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Daa8d0f4377b2591d%3AT%3D1698982258%3ART%3D1698982258%3AS%3DALNI_Mb4QsmwXoAEL2d80CBxDZpJ_dpT_Q&gpic=UID%3D00000cb3655f08e8%3AT%3D1698982258%3ART%3D1698982258%3AS%3DALNI_MZav9cjadAqp1E90L9rYm32WLEVCw&abxe=1&dt=1698982258748&lmt=1698981014&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Ftv.shoot-yalla.live%2Flive%2F13150%2F12618%2Futah-jazz-vs-orlando-magic%2F&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=909424221.1698982258&ga_sid=1698982258&ga_hid=1857058342&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY383vmbkxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjfze-ZuTFIAFICCGQSGQoKcHViY2lkLm9yZxidzu-ZuTFIAFICCGoSGAoJeWFob28uY29tGLfP75m5MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRjfze-ZuTFIAFICCGQSFwoIcnRiaG91c2UYzs7vmbkxSABSAghqEhQKBW9wZW54GN_N75m5MUgAUgIIZBIZCgp1aWRhcGkuY29tGN_N75m5MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y-s_vmbkxSABSAghq&dlt=1698982257542&idt=563&prev_scp=ti%3Da4808ad4-84ad-42e8-ad99-1fb82291131c%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D55%26excl_cat%3DPREPOST&adks=251597932&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa07a0f3eb0b960e52a25664259b64d9195c31ac62b9b0db48a19bbb4450f35a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:59 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13033
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tv.shoot-yalla.live
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
jazz_1-2588.ts
a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/ Frame 4C2A
1 B
361 B
XHR
General
Full URL
https://a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/jazz_1-2588.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.205.187.54 , Netherlands, ASN213373 (IPCONNECT, SC),
Reverse DNS
Software
nginx /
Resource Hash
bd4fc42a21f1f860a1030e6eba23d53ecab71bd19297ab6c074381d4ecee0018

Request headers

Referer
https://tv.shoot-yalla.live/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Range
bytes=0-0

Response headers

Date
Fri, 03 Nov 2023 03:30:58 GMT
Last-Modified
Fri, 03 Nov 2023 03:30:42 GMT
Server
nginx
ETag
"65446962-6e4c0"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Content-Range
bytes 0-0/451776
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1
amp4ads-v0.mjs
cdn.ampproject.org/rtv/032310301456000/ Frame 3E89
196 KB
56 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/032310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b748b890bd935c0b3e5ade361e771456c7372e38dbe8a948ada16737b7f482
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 01 Nov 2023 00:13:09 GMT
age
184669
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56116
x-xss-protection
0
server
sffe
etag
"890ab1af1f81066d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 31 Oct 2024 00:13:09 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/032310301456000/v0/ Frame 3E89
15 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/032310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 01 Nov 2023 00:13:09 GMT
age
184669
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 31 Oct 2024 00:13:09 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/032310301456000/v0/ Frame 3E89
95 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/032310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 01 Nov 2023 00:13:09 GMT
age
184669
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 31 Oct 2024 00:13:09 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/032310301456000/v0/ Frame 3E89
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/032310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 01 Nov 2023 00:13:09 GMT
age
184669
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"13d776bf5afa96e6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 31 Oct 2024 00:13:09 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/032310301456000/v0/ Frame 3E89
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/032310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 01 Nov 2023 00:13:09 GMT
age
184669
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 31 Oct 2024 00:13:09 GMT
14117264286870412854
tpc.googlesyndication.com/simgad/ Frame 3E89
4 KB
4 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/14117264286870412854?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qm4OLtGbG8gSchutv-FEGc2JZiXyw
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9316ccabd194e12200c6908fc42d30dc7d19847eed8255538af48d4e86a0f05c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 03:59:47 GMT
x-content-type-options
nosniff
age
343871
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4126
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 09:01:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 29 Oct 2024 03:59:47 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3E89
2 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:23:34 GMT
x-content-type-options
nosniff
server
cafe
age
444
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sat, 04 Nov 2023 03:23:34 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3E89
295 B
663 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:23:34 GMT
x-content-type-options
nosniff
server
cafe
age
444
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sat, 04 Nov 2023 03:23:34 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame F041
0
167 B
Document
General
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tv.shoot-yalla.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Fri, 03 Nov 2023 03:30:58 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
jazz_1-2589.ts
a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/ Frame 4C2A
451 KB
451 KB
Fetch
General
Full URL
https://a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/jazz_1-2589.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.205.187.54 , Netherlands, ASN213373 (IPCONNECT, SC),
Reverse DNS
Software
nginx /
Resource Hash
b455df2b38ea34c4b0795d3418463842b28d5e9490eee44e9caf175ad7fe5d5f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:30:58 GMT
Last-Modified
Fri, 03 Nov 2023 03:30:45 GMT
Server
nginx
ETag
"65446965-70bb0"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
461744
jazz_1-2590.ts
a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/ Frame 4C2A
477 KB
477 KB
Fetch
General
Full URL
https://a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/jazz_1-2590.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.205.187.54 , Netherlands, ASN213373 (IPCONNECT, SC),
Reverse DNS
Software
nginx /
Resource Hash
3cfe29ef345932cf1895133dffd1c58c937a960a93ffdf068d65dc0225a94fcc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:30:58 GMT
Last-Modified
Fri, 03 Nov 2023 03:30:48 GMT
Server
nginx
ETag
"65446968-77280"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
488064
view
securepubads.g.doubleclick.net/pcs/ Frame 50A5
0
0

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 50A5
0
0

ads
securepubads.g.doubleclick.net/gampad/
29 KB
12 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=637430635397357&correlator=3191729452235697&eid=44807409%2C31079197%2C21065725&output=ldjh&gdfp_req=1&vrg=202310300101&ptt=17&impl=fifs&iu_parts=44890869%3A22636493546%2Cca-pub-3831894559014614-tag%2Cbdbbaa9b-d815-4d74-9987-e5633dd93bfa&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1000x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=9&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D5172d49174c77f43%3AT%3D1698982258%3ART%3D1698982258%3AS%3DALNI_MbhqaacZoaINDmOvtHYgEV9WJ6WRQ&gpic=UID%3D00000cb3653864c5%3AT%3D1698982258%3ART%3D1698982258%3AS%3DALNI_MZgIRMiVXGhJDtIMgbl5rWTBaf48Q&abxe=1&dt=1698982258985&lmt=1698981014&adxs=300&adys=988&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Ftv.shoot-yalla.live%2Flive%2F13150%2F12618%2Futah-jazz-vs-orlando-magic%2F&vis=1&psz=1000x116&msz=1000x116&fws=0&ohw=0&ga_vid=909424221.1698982258&ga_sid=1698982258&ga_hid=1857058342&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY383vmbkxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjfze-ZuTFIAFICCGQSGQoKcHViY2lkLm9yZxidzu-ZuTFIAFICCGoSGAoJeWFob28uY29tGLfP75m5MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRjfze-ZuTFIAFICCGQSFwoIcnRiaG91c2UYzs7vmbkxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVdqbG9kblJIVW1oVWVUSmFVRkpQTWtGRFVtWkxaejA5SW4wPRiR0e-ZuTFIABIZCgp1aWRhcGkuY29tGN_N75m5MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y-s_vmbkxSABSAghq&dlt=1698982257542&idt=563&prev_scp=ti%3Da4808ad4-84ad-42e8-ad99-1fb82291131c%26chrand%3Dy%26pof%3D0%26bid%3D0.07%26bid-p%3Dgoogle%26bsc%3D55%26excl_cat%3DPREPOST&adks=570918107&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5767b713b55182eef1e999087ed49546a63a53a074ea5fe768e8bec837f61e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:59 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12469
x-xss-protection
0
google-lineitem-id
5563949734
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138332681208
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tv.shoot-yalla.live
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B80F
6 KB
3 KB
Document
General
Full URL
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tv.shoot-yalla.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:30:58 GMT
expires
Sat, 02 Nov 2024 03:30:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3E89
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H2
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Redirect headers

date
Fri, 03 Nov 2023 03:30:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
container.html
1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 462C
6 KB
3 KB
Document
General
Full URL
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tv.shoot-yalla.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:30:58 GMT
expires
Sat, 02 Nov 2024 03:30:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/
0
479 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=shoot-yalla.live_auto_728x90_sticky_display_bottom&pn=2&sn=3&pc=0.383733332157135&ds=true&e=wdp&dsReferer=dHYuc2hvb3QteWFsbGEubGl2ZS9saXZlLzEzMTUwLzEyNjE4L3V0YWgtamF6ei12cy1vcmxhbmRvLW1hZ2ljLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-nf-request-id
01HBTYD4N6T6Y3FXWYDHSEKYXW
date
Fri, 03 Nov 2023 03:30:59 GMT
cf-cache-status
HIT
age
1416146
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82018aaf9dbdb8a6-AMS
truncated
/
182 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
834 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml
e.js
live.demand.supply/e/
0
481 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=shoot-yalla.live_auto_728x90_sticky_display_bottom&sy=aaa58263-ea13-4508-b8fb-88dd08c0a78a&ts=55&cd=2&pud=250&pus=c&pue=1711&pid=112&pis=c&pie=1824&ppd=207&pps=a&ppe=1919&pcl=1676&ttc=1890&tti=3036&ttif=0&lca=1919&lcak=ppe&lct=1919&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=tv.shoot-yalla.live&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=a4808ad4-84ad-42e8-ad99-1fb82291131c&e=lm&dsReferer=dHYuc2hvb3QteWFsbGEubGl2ZS9saXZlLzEzMTUwLzEyNjE4L3V0YWgtamF6ei12cy1vcmxhbmRvLW1hZ2ljLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-nf-request-id
01HBTYD4N6T6Y3FXWYDHSEKYXW
date
Fri, 03 Nov 2023 03:30:59 GMT
cf-cache-status
HIT
age
1416146
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82018aaf9dbfb8a6-AMS
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0AED
624 B
285 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRC3hRoYjrXl-gEwAQ&v=APEucNWIks4qMtLfOt8_hT7gtXl1Gbqp6zftc-taY_C6rXMk3LuCB2TODVKBmr01ZBt25wuI9YDzRdCZ6u0OAUZawoKPQFHWjN035Onix0phW-UrXPNUV97C7tMRpsrsM9hgiT2qkWCmb5IsyV8ozYjtvMVHyMi1IFlEdIATuiMmZtRS04a0DAk
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:30:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame B80F
89 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 03 Nov 2023 03:30:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B80F
42 B
110 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-An8VGZKd1d8KUvX6igyaevEcFHO5Y2pO7VyEIwTPUpn2V0sK-THfbmguNT3spHAblQ7cg4Sn8LZs42j4Y2ibgPOjOJmOFPNJfLJXJDtjGSUYcMqQs
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B80F
0
56 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15444431270959144513&x=1&ct=76
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame B80F
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:09:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
1295
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 03:09:24 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame B80F
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
29459
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:20:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B80F
189 KB
59 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Nov 2023 03:30:59 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F0B8
624 B
308 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COPx4AIQpLb3lQUYlcnE-gEwAQ&v=APEucNWvXJmeJL7fO8VXdF380xReU1vNa-lOzBsqHoF1FuOCaFKaqpXIWdvZDlhqANigBtMo_Doq_LjWaLpiP7wKnNf1_xgZlZgoSJwD-pZRofNbZyYdI_gz1AXkOUCdd-kCPvMu5rVBMkpBGlbQ_1lQfbROWABWQ0rYmJWQ533roUJ_U-eR_Rq0uaJZfdKSXZMZ4OcILSIZNEqfuIbBxCTmWS8WdSeDmw
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:30:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 462C
89 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 03 Nov 2023 03:30:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 462C
42 B
107 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CnxDeLxD9rmWDpoNJ7aFj9mB5snZbXqwa8UWbHo4vUSHJe6Rno5wR5XVIzlLmMfoj1ACtlMw-ZRLxIc4Jq88X3xbIwraXKIPCpxu59AhBJ4cqlvm4
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 462C
0
121 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4651020011954534600&x=1&ct=77
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adServer.bs
bs.serving-sys.com/Serving/ Frame 462C
20 KB
7 KB
Script
General
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1079734535&gdpr=&gdpr_consent=&w=970&h=90&ncu=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCtp8GcmlEZfaBMZ_n7_UPwLG70Amu5IDXc9TLuLjLEYKd3KDUARABIJWbyiFgkYSghYwYyAEJqAMByAObBKoErgJP0ATF5QlqBSGxZj9nuGykubA9tDV4dFdD_B0CJSw_9IzzeZu9bVSQzBhBkFeJWZkXJTNYkettxqCE0Y96_tP7KpvuJ2WPCss2PbbG-D7nwTNZpW-02hhPRN9pKeL9tjgBt1WKnbGIezjyrf2B-4qnVr1HCG8FVewu3b27EChgIpboJh_7DLv1XTgcTa9BQxIpWD_Fw_o2iNDgnnb0Y-477qIEMJzKfU0DtSNWLqBC7pbB0y2F85qfGAgz9kkco_PwJC2mt5iiyDBdVPGxumDUZmRLc1p2VKc6jue-wj0vSSWFXq48BaLLF2nouHZyDldNzLE-eiDW1_AOceFJScC9jZ2C8w24HfadNptBm33hT3bEZ3hSHWofyBPA19Byuf06_m1STH9DmyxAKIEI4MAEp5PY0coE4AQDiAXe7K_6TJAGAaAGTYAHx4-g5gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMCCoGCgS1uLECqg0CTkziDRMIiYOPkPKmggMVn_O7CB3A2A6asBPIjZYVyBOQyt7jA9ATANgTCtgUAdAVAfgWAYAXAegXBQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNZKj37rpNTIWhq7_Y0z8FiLNfHtAtMpYkgWl4RXoY4KxUuS5JAU5nogPw1o1WJ9euxFlYblLTORgB%26sig%3DAOD64_28Gi4-88e_PYehORqCSdpRBjXPnQ%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-DF-6lQqowWKryXxLixmbEhMMX0Gxwc0MH72EPdPvf1afAujns_3oPw9VMKI3stQrsSqhvWCqQh8l78NlRXI42kZTqwCs4mGH_J9-6PvatKuMEPk3w0_vPy0mahwhPlwmIzzaZtlmWVVlPx-sCL_W_pNQY54jKb0NAZYkdYnlYSwZq2mP8%26cry%3D1%26dbm_d%3DAKAmf-DwLgffGhqXDWMH6d9qGZkrmGgnoJUxfyDxj_ddturr9PlQJdzcGkEhLvqaEHzZlGdOvWEmW8_HemUP-hWmw4GLQ58-lMjz6_bQ1E0V_tOxQXb4mP7m9zJMPLZoZBBT5i-KdEj-lHz_vlj9MofgN4zBPFB9iB-XXk5ZTNpcATDpOj-9bwx-7nxA6puZLGQwcxM7K5YqmDidE3UddscgwdkQNE7Pt69GpE1vmxM8aUbqAePOt-uExQb28BP71htwGS7YZ5BZuDoWUURR6a4LUCJ32jGtj42rpHRFBpoav0AA7AbUT1Q5yY6Y5A1XlPM-hz1tPal3inOwNJUw3EjeLp5KgI5KCthfesonoeKyi60vV52zE_vJhrqoXXpLwJP6KZpjqcklFR3JsZbJjtlMaDqmkck7UTMx3pGd8jcLctM7nQbEj2b7x1_yp7t2fr1ggEtASZGzxfw9BFbXI-8PNq02-jgL6XJ93U1hkmtSj9QncEY3g0qoW1wjFm5j9vzgZeQyDQPMVlY5KdDblge4bo1_ang0KzmF-JzbqYP8UkSz04DOjdJF8atr8hb9f7ZpysKDMHpiKymXYLAqBmh__SpG42pXK0YpYDsu56aoycSSRIvY3VU%26adurl%3D&e=0&ord=1698982258803062&ifrm=-1&z=10000
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.87.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-87-200.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e0e4437805d3ecc7eca8242d071abf4e46a54998e972f8a81a9485b35729b202

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
7119
expires
Sun, 05-Jun-2005 22:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 462C
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:09:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
1295
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 03:09:24 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 462C
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
29459
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:20:00 GMT
l
www.google.com/ads/measurement/ Frame 462C
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdtd4mU-hrNVZ3EhKl-PfbSh8xKK-hCQcj6r4rdLW0PNBsfZXsJMjYciqh7tcWSCaZbxXY-TC8Qa0Nux0DHK36RvLVUA
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 462C
189 KB
59 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Nov 2023 03:30:59 GMT
jazz_1-2591.ts
a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/ Frame 4C2A
440 KB
441 KB
Fetch
General
Full URL
https://a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/jazz_1-2591.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.205.187.54 , Netherlands, ASN213373 (IPCONNECT, SC),
Reverse DNS
Software
nginx /
Resource Hash
beecd824657a7a49cbfe085de5fb5f32f07bd1148e3d3a606bab87394d7e00f5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:30:59 GMT
Last-Modified
Fri, 03 Nov 2023 03:30:52 GMT
Server
nginx
ETag
"6544696c-6e110"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
450832
jazz_1-2592.ts
a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/ Frame 4C2A
469 KB
469 KB
Fetch
General
Full URL
https://a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/jazz_1-2592.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/swarmcloud-hls@latest/dist/p2p-engine.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.205.187.54 , Netherlands, ASN213373 (IPCONNECT, SC),
Reverse DNS
Software
nginx /
Resource Hash
7f36eb4ddb8b14fac625af0d0b852f870066f6834ceafe3978671fc18615f1cb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:30:59 GMT
Last-Modified
Fri, 03 Nov 2023 03:30:55 GMT
Server
nginx
ETag
"6544696f-75460"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
480352
rum
dsum-sec.casalemedia.com/ Frame F0B8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMQT7-NVr6URNZuq4kQg30&google_cver=1
43 B
340 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMQT7-NVr6URNZuq4kQg30&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COPx4AIQpLb3lQUYlcnE-gEwAQ&v=APEucNWvXJmeJL7fO8VXdF380xReU1vNa-lOzBsqHoF1FuOCaFKaqpXIWdvZDlhqANigBtMo_Doq_LjWaLpiP7wKnNf1_xgZlZgoSJwD-pZRofNbZyYdI_gz1AXkOUCdd-kCPvMu5rVBMkpBGlbQ_1lQfbROWABWQ0rYmJWQ533roUJ_U-eR_Rq0uaJZfdKSXZMZ4OcILSIZNEqfuIbBxCTmWS8WdSeDmw
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WeTJEsivcgfRBu%2Bd6XWGiAAkKOFtITBiW72EWYLPu%2BfBP7tTN5VOZn0YdRiXxtOZhLuq4LvTfX50Fipv9TEBu%2FOZmE4OzxciPSGZn%2BUoz2ASkBPX5RzfyGmGMRcIqOEkrI6i6ojcv1Cxxg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82018ab17bb66668-AMS
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMQT7-NVr6URNZuq4kQg30&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F0B8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZURpc9whaW77jPW5wqud5AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMQT7-NVr6URNZuq4kQg30&google_cver=1
43 B
765 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMQT7-NVr6URNZuq4kQg30&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COPx4AIQpLb3lQUYlcnE-gEwAQ&v=APEucNWvXJmeJL7fO8VXdF380xReU1vNa-lOzBsqHoF1FuOCaFKaqpXIWdvZDlhqANigBtMo_Doq_LjWaLpiP7wKnNf1_xgZlZgoSJwD-pZRofNbZyYdI_gz1AXkOUCdd-kCPvMu5rVBMkpBGlbQ_1lQfbROWABWQ0rYmJWQ533roUJ_U-eR_Rq0uaJZfdKSXZMZ4OcILSIZNEqfuIbBxCTmWS8WdSeDmw
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJZAWDZWuEBdmJMvQCsOK7AEgPBUtglr%2F%2BZ8tK2nqTBBC5HLmN6wrG2Txitp8omvhphEO0291uccwabnyOMghzMiSkbtYDEZb8vVTvRzQq3WP7nux1TWf8AcpVPiGGMcYYLJ1sf610pnDg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82018ab21a1906de-AMS
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMQT7-NVr6URNZuq4kQg30&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame F0B8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMj9wHpwiIKsrpgomvoe1uE&google_cver=1
0
394 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMj9wHpwiIKsrpgomvoe1uE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COPx4AIQpLb3lQUYlcnE-gEwAQ&v=APEucNWvXJmeJL7fO8VXdF380xReU1vNa-lOzBsqHoF1FuOCaFKaqpXIWdvZDlhqANigBtMo_Doq_LjWaLpiP7wKnNf1_xgZlZgoSJwD-pZRofNbZyYdI_gz1AXkOUCdd-kCPvMu5rVBMkpBGlbQ_1lQfbROWABWQ0rYmJWQ533roUJ_U-eR_Rq0uaJZfdKSXZMZ4OcILSIZNEqfuIbBxCTmWS8WdSeDmw
Protocol
H2
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
an-x-request-uuid
ce2d9ab1-28e8-4d78-89b5-c83f3e4045ff
server
nginx/1.21.3
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
31.204.150.148; 31.204.150.148; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMj9wHpwiIKsrpgomvoe1uE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F0B8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE5OTAyMzQ3NTEwNDA2NDU1OQ%3D%3D
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE5OTAyMzQ3NTEwNDA2NDU1OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COPx4AIQpLb3lQUYlcnE-gEwAQ&v=APEucNWvXJmeJL7fO8VXdF380xReU1vNa-lOzBsqHoF1FuOCaFKaqpXIWdvZDlhqANigBtMo_Doq_LjWaLpiP7wKnNf1_xgZlZgoSJwD-pZRofNbZyYdI_gz1AXkOUCdd-kCPvMu5rVBMkpBGlbQ_1lQfbROWABWQ0rYmJWQ533roUJ_U-eR_Rq0uaJZfdKSXZMZ4OcILSIZNEqfuIbBxCTmWS8WdSeDmw
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
an-x-request-uuid
d8dd7333-54d4-4576-858b-fe29fe9f4684
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE5OTAyMzQ3NTEwNDA2NDU1OQ%3D%3D
x-proxy-origin
31.204.150.148; 31.204.150.148; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0AED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMQT7-NVr6URNZuq4kQg30&google_cver=1
43 B
328 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMQT7-NVr6URNZuq4kQg30&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRC3hRoYjrXl-gEwAQ&v=APEucNWIks4qMtLfOt8_hT7gtXl1Gbqp6zftc-taY_C6rXMk3LuCB2TODVKBmr01ZBt25wuI9YDzRdCZ6u0OAUZawoKPQFHWjN035Onix0phW-UrXPNUV97C7tMRpsrsM9hgiT2qkWCmb5IsyV8ozYjtvMVHyMi1IFlEdIATuiMmZtRS04a0DAk
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y8DSeG9PaHt7YkUZtTQ0GMcCl4iKIfdr5IS7eu%2BL4wkkHoKpMnn8iJCL66jrQTpD2oY2Q7JmSCOuKdR6yB2oDNd7h%2BknUnV%2F%2FrbCpc5NXUnMEJ%2F74OJoCtnqJfJavajAHjlEge071ORYoA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82018ab17bb76668-AMS
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMQT7-NVr6URNZuq4kQg30&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0AED
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZURpc8ubRYj34xZJPIvHxwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMQT7-NVr6URNZuq4kQg30&google_cver=1
43 B
729 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMQT7-NVr6URNZuq4kQg30&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRC3hRoYjrXl-gEwAQ&v=APEucNWIks4qMtLfOt8_hT7gtXl1Gbqp6zftc-taY_C6rXMk3LuCB2TODVKBmr01ZBt25wuI9YDzRdCZ6u0OAUZawoKPQFHWjN035Onix0phW-UrXPNUV97C7tMRpsrsM9hgiT2qkWCmb5IsyV8ozYjtvMVHyMi1IFlEdIATuiMmZtRS04a0DAk
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vyV70ggJ50IVmOFjowCcVnE%2FjVi1zD0r1IYsVW6QxgXrm4TkMNiKigKwCcU7sf2J%2FwbPtlM58m0%2FaAn4n4ytp3gUGthvy2OV82vQwN0qeykbBXVt23jJQo0V7iZ6gMTF9RA4Md0iYQMJg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82018ab21a1506de-AMS
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOMQT7-NVr6URNZuq4kQg30&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0AED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMj9wHpwiIKsrpgomvoe1uE&google_cver=1
0
394 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMj9wHpwiIKsrpgomvoe1uE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRC3hRoYjrXl-gEwAQ&v=APEucNWIks4qMtLfOt8_hT7gtXl1Gbqp6zftc-taY_C6rXMk3LuCB2TODVKBmr01ZBt25wuI9YDzRdCZ6u0OAUZawoKPQFHWjN035Onix0phW-UrXPNUV97C7tMRpsrsM9hgiT2qkWCmb5IsyV8ozYjtvMVHyMi1IFlEdIATuiMmZtRS04a0DAk
Protocol
H2
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
an-x-request-uuid
8d5b4946-add5-491e-abc2-b34e071d14fc
server
nginx/1.21.3
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
31.204.150.148; 31.204.150.148; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMj9wHpwiIKsrpgomvoe1uE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0AED
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE5OTAyMzQ3NTEwNDA2NDU1OQ%3D%3D
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE5OTAyMzQ3NTEwNDA2NDU1OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRC3hRoYjrXl-gEwAQ&v=APEucNWIks4qMtLfOt8_hT7gtXl1Gbqp6zftc-taY_C6rXMk3LuCB2TODVKBmr01ZBt25wuI9YDzRdCZ6u0OAUZawoKPQFHWjN035Onix0phW-UrXPNUV97C7tMRpsrsM9hgiT2qkWCmb5IsyV8ozYjtvMVHyMi1IFlEdIATuiMmZtRS04a0DAk
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
an-x-request-uuid
a102b4bb-0bb8-40cc-a790-6998c3428fc8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE5OTAyMzQ3NTEwNDA2NDU1OQ%3D%3D
x-proxy-origin
31.204.150.148; 31.204.150.148; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F5C4
0
0

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F5C4
0
0

ads
securepubads.g.doubleclick.net/gampad/
24 KB
11 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=637430635397357&correlator=3435946954706516&eid=44807409%2C31079197%2C21065725&output=ldjh&gdfp_req=1&vrg=202310300101&ptt=17&impl=fifs&iu_parts=44890869%3A22636493546%2Cca-pub-3831894559014614-tag%2C9d11a4e5-233a-43fd-8604-e6ce413f3e8b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1000x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=10&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Da3aaed41d9e71383%3AT%3D1698982258%3ART%3D1698982258%3AS%3DALNI_Mb0zFKhOm8VwXhnRi6_rF2lKshluA&gpic=UID%3D00000cb3652e833e%3AT%3D1698982258%3ART%3D1698982258%3AS%3DALNI_MaF18pyieaqm74xanFhON952Q9GTQ&abxe=1&dt=1698982259311&lmt=1698981014&adxs=300&adys=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Ftv.shoot-yalla.live%2Flive%2F13150%2F12618%2Futah-jazz-vs-orlando-magic%2F&vis=1&psz=1000x116&msz=1000x116&fws=0&ohw=0&ga_vid=909424221.1698982258&ga_sid=1698982258&ga_hid=1857058342&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY383vmbkxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjfze-ZuTFIAFICCGQSGQoKcHViY2lkLm9yZxidzu-ZuTFIAFICCGoSGAoJeWFob28uY29tGLfP75m5MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRjfze-ZuTFIAFICCGQSFwoIcnRiaG91c2UYzs7vmbkxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVdqbG9kblJIVW1oVWVUSmFVRkpQTWtGRFVtWkxaejA5SW4wPRiR0e-ZuTFIABIZCgp1aWRhcGkuY29tGN_N75m5MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y-s_vmbkxSABSAghq&dlt=1698982257542&idt=563&prev_scp=ti%3Da4808ad4-84ad-42e8-ad99-1fb82291131c%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D55%26excl_cat%3DPREPOST&adks=1092814372&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
839a81b8a4b0d5341c7c4d230c53829d1587cd311144950541bd187415b935be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:59 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11573
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tv.shoot-yalla.live
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B80F
0
56 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7383478707371&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B80F
0
56 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7383478707371&version=m202309260101&ct=76&x=1&cor=15444431270959145000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B80F
92 KB
38 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8uGc5TC3WCXHbjCCCZrRLQ9RFvi3tAd6rWmEfOyr6XTgnuAb-QxYElGZYOFdwvFTgVSeXOjT09b6hWOOOEri4BzonqTqsDaerwCq0-Ua5PN9V9awO26-2cU2nONdIIrKMxFsLzcJRi_SyfJzPWjo3X774X7PxIcmepFacQeDkXungno8&dbm_d=AKAmf-AqzOKbCrQgYzUxHDGXDH6vaR7kbKwa8GqwtG1PO2ylTKVLr3MfbL3HMWlgVFDjuPkMuKQjmsB5OT6poTxnN_M9WLHvStqmcxGu_X02ZimhE8emztnM3FWdXRHQoOxyoSEqzJXmIHMpkipG_YCdEsXjHYuJjK5Q76Nc_TSm_47a3kYEIbzGF_9b3oP6yuNhw4v9GiYxXds7ejLWeCC3Fd7I-TfvY9uiiiMGqX1YvpfbeegTdfDsQECDpTmAKALbfq9Jr4wwAH4CdS-fKYDqbQg_OKEHYScT-ZCd19LOGxRaTKprh6TGAekREV69Bn_33-JCkqjPmjIcikj9-4qUaVBuTRIb8WVdAOHe5v8JMa64O4jGyNiH9pft8BF3nmPjGjfYJSaWwwJ9SuGGezFYq83HHuKH_r6EeXOiMH3EY51ff5BLzkJy9WgllWdKvNlZuMCxulAjsO6lC7CeSVuJtq90xbb13SvxWmf6xnFe5GmrT5C_qcJRJXceI4rJ6xKLFy-10W5xQ9IZDZnEDI7hDWzRPb1yI1gY8snjcbuBDScJ6rXwb3400xhTIxtmHgqtKu56lrZupfJBhpw7_XLsUvQBrYqMca_JqAzMUTTFfUUEzvEt4X7hjswaDm1VTvvJy0moOMclGk3UpozIUckcHLN-zE_ZtRI1mUVOMy70EYyVjKhi82atzUK3fdH-F1YfyRRglTZt8_ZOsXgHzr5HXXnZcc0F8f5RjBqqj9Ao83KLSU0GHZSpXFJjD8JH5sCNQSFBG0dE3vgnRq1GzcMx8ho0yIIm8MXNO5nbfwKpie8D1Qcw4hhje81PPI8sML9iXRP5LeSMBC3AvZiP13twGXgGh3n_oPtsD1ApWDmvNKayOMh4k-JE8SnP2_TLLZpzioPaqC6qU7uL0C3oN4oqUvafGdEmxp-7gYMdmbmgYEfONNABVfxbdDQ8x_ZAifaGEsfEDTsg5kZI7T08lPLhoNxtfnc6MFgmhDN84ZDdXrsCZ5sL018Y07R_bxM6xqr0cRPK0BI_yMCUU2cIzMXcimTwTZV0HtSoLQfiO58y3jA0zaIYOdopA2DOAxCflX1T7mQqK2g0W5TsUj8YdxpiI_cibjQzDSZAeX7XBpOSped5KkBtMhvRTdyFuEPl9xE-1HTuwiDS0DYGhTrO57L_bN7ScdCNHduCcpP4ssMN_cZPzy1M1ZHavn1bbWL0tgLL5bY6kmppMXbbl0RoH-zKQyJEfPjzX29ZqD-jPVoQ3irKfa-vJLa2HUOzOeUcHXNSYiXy7iaV4sd-tY3WGCELaEgyw5s-HdjwV9kIiZ-AwBnJ1RpU0sR0xjbYKrMdbbLEa6264e2F5Q0Km4AowF1Hgvitq-lk3shxiJ-YZyqu5xqA1XtPvmBiQlqA_Me8fRfND0TMEIm2H8AaYrLByMNM_xgcO-iZPlbHXnwDMp2B35x7RyQpfDbj-sLfpMXhFifCJuTK88GmbBWg0_1LWhJ_18nMCTjgCmXE0_1Srn0gNR22Hv6qPJhPqRUZC-VWOlptixdrXpx7t2aYN9AYlXPHwAXxq24_woPODz8Htm3BtFCwktwQ2Q3SFsZtanOsVGe3HBKq_3rSj1CkEphWTxnSjiXJeuHkbyaZjbVB1AwaJYqREIgQopwidiWbYrpw240ClJkj1eschcI4mkt3Td4UarUV_ux5UxeXPYADn8iRiwKul5Dch--os1xuoimehFFde6Jo92y6HcKWO7v1F8ekLT-w88k1UoAwu8-7emcnPpGEm8XfDdeXSc1lXYO1CtLg567wSxA3hnHb5Og1SSnEnY_WMtxwdpCeIGo4IYbsqw-w6mrxc3hsq8qe5E45AwgOJuwvGULgeJqNv9IkbSgr_-G03nQZrcR02FobZMOb78dJFtCdT2R6GyMWsdJahcFxWenolHFPN27bTfgCjJYuWaHsy13LEEqOJYXOIsJYoB5_6VHClCOyZk1xAK5aVW4hsdEpd-U6OCsE6QPeS_3wjbxEyhCTo2onisdqGmvGF1Pny_viPHaOf7Sz0ICSaRBabc3FH5u_2JR2oFAnzWodXMOUTmyZFOfBQPXIbxEggSHrxhdYYynlywqxm3UptJET493idRVHg7cgyVCNyFiljvmK93a75l1FZlRvT7JflXCTWxQdSKkk5BOXJ1ZG_A42Nu-2MdEhCPMsVcblpytctGefqdiD1St7EJeauU9ybnuopZWVi3JZ1SrTUGlhjOtZb1Ni9Ds6j527dO5BdtxfQ4xqye3BCPf7MxGbbJ0XvCQLyH36foqVumBlOvTYPUd26-VSYK8jKd0imy9AnubsdKLmLKvSK78U7Tc-fzu0TQR2QfKc7viqUeBlSjuqisAdPdJZdnsGkm9hGhxPVZFARVMQbPK2plJnRL4zng1wUvrORKqhgaLLOwG6BRunIXRNn7j02MOEJLyQ0_oA5nlKbVKds6PyShOw8gDOHNHfsNQQEO5ZfjzvWJd0E-3fHBmgIJyh1USoqfTwJF_bZTxkBhD9T6tetabxPLNYcapiKQrkxv7u6YSWDM3nAucLYSh83Xzg9P7QqQYcaCPAa1GDezR49xKTti_Dd9CSGWDJ6tcCR-ovx5NunO7EWBar_bjDLmU2twMcOKgwR_Q_g9gaduP7D58fQS1bZ01e_4597cDi9J1rRU6pkPbxNaFB8eFh2_BSmQrsyFho1YTpOwP74KqZfPHEkxKBnmONzFD7pNITvFaI3YRYMOyFn_px1Dcg3MCyLm6NOi_pAwDxnhk3VygUkQzKcqgUoEoq2xDWJ-AvhSJqbw7LVjOLHYud-QZb2WiRMRN3rDrMSdpOhcEVtQLavynwesTHifDsiCTbr-pG4QLT6EZrFNYBoW-MEAAQQgf5nySku7hKkSkfdDxy9DFVyeXHJdxMSYHCyv8um2V3gFE8bqNepXTL3wnrN3ehFdt3-bYJ6X3MnjKQkm0clafSd1A3xHc_PcnkTH6KPjgZ2JoLaFcUi6M3TTVslzOF71HxGAJX72iYzp8JK9s-HwnImcHBPR86n61DFKSoCkdY67vxIqJONkZrAg-h6coDd5qKSgXJkJl1SZHik9Zt4bM1CKsu3GvjnvWEZfwVMVJaES2dD3FlwZlQp97e40MKsxjRZRYJ2x_qL0tzPFpEpKUBltZMvRLj6bnLH4jNvuHOY23fR7oc1CrVR09DM-FY9cvNoUzpUVP4SDSkoOppN1ELhCvzHd07u4rlZN2Z06fGLoeg_6tQ2c6ZHUqIXyBl568-Z5PwRlee7iBZD-3yldrtETM2AGARMoiJhWyJe-G8LIK8Ow-QbHuTUuCB2OEkImGW3FKvrPx0dQ-Ar1DIMcOMvX-B8NPUTlRh64SfJbb8jzB7WfU7nMCmybDlTYHf1_J0qBEg3EaIT7t7hXLEAELmjN8TtHeZK9vCQj7FXSvVbv5NOhw0hyC9VcUV_qegxUylnfflKgrh7k1R1fvMnfv3HjpsTdqhDx8XY0IsWs1Gb1IFNUsJY_ouFFnK_FYJkjrS5kxV95ytS6OAq4DRTOZrKR-eZHei5BhSSBVdomVWT4CgndGbS19DfytvIaOgzUaB7KSPGIeldM8mBliAaauLtvw6kPtZH6N_vYK0B1S3MegvaHXRxuJFMAopSXZ8vxyRDD5HRVXj-KMA0PN5CqdYipXNICRLp01_sqZqc-aGEBMqOaFRYThhHkZrF4nre17xodBoe4BbDiwoFO8HkRkNMBvWZ4KP1Ekd_qKG4QaRni-JGv_ym5YH7RFknRGBDVEMO-o9O89nLO2t8VVbUgOVrJcmDkCjDbv_d14ZzdNuP7y0Ao5sj4q5NBuizYVAd8kIcz4OMU6fcawkLCe8lMk8xac0vdaN9FfHHVAGAaT3WmSoMT2FX9bf9WQrOwQLpycbARwUS0HiQ10qaGe-qUrzDugBgfOH0LoGwfT6AjvE-XGNJO7u_jtkjgsH51g45M7d05cL&cid=CAQSTADICaaNk5V723ssSoIzdzsvhkex1b_FHkorlXVsTJ41qicO23k8FlP1iwpiJsZILOGaEmj_BzInQ8_ReEf4DKzwPHN1rTj3rH68ZKQYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftv.shoot-yalla.live%2F&ds=l&xdt=1&iif=1&cor=15444431270959145000&adk=2228999115&idt=182&cac=0&dtd=18
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cfb929f38dbe17f3a4357bd37296a55a7e9b46445f7d964b1592e5c3953d6a46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39169
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 462C
0
56 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3559437327610&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 462C
0
56 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3559437327610&version=m202309260101&ct=77&x=1&cor=4651020011954534000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 462C
16 KB
12 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DsqpD852q5-bJbC9HdSOp-wkkxqfJWN_aFwU3I7MC4s3j6wuC-6O-EHfJ61NV51farG6p_P49ORNvQ1VY297Emz9dmZyzoKAoWd9XNJ7oSwqLuYxap-gG0VX8k-Ecl1I_4WeO5zAXqetNPl59NM2rtrZOiZ9Y8IBOUjBrjYXM4qxJBctU&cry=1&dbm_d=AKAmf-DwcLzxf5m9-PQwzgw9zq-OoH390XJvo7tmjMh3wQKVqgVlJZTTR113ZzCRuv3Yj0KNNLyxz5_QBZlAy9OKf0f6_WIAQhrak7HOsiVBwVbRMxIG117d9uwzXOczYZkl-4pyYh7rdmglMMVuC0OpqkJ7blbBuyVWPQoUeHvB138zfdGwJ8vTZ80lDuOO_txV_dsh8laWR1lLw5ycqUL7uDBjH-Q6GY98Bat1v2jEuvBjhF97Ii7Pkl_hoPSfkhLi0pVkyGgXh8kw6QWlt9MHXzXf7n_mZjYfb4XNHAgJLqGXPAmZz1JPL0YBRwrvisVojKk9JGnwxwIj09Ly5CEYaqwQ7V9-ZAaDhSLb3KoxXyUNnkPuLzOJbYAlfotzyESTCu0mQtxgR06ZJa9U643KxAGzwZ90jw00i33S_rtzdPtsPKMHoomGqVwwp_QdT3rjcMwbR9QKe4g0D35bMJDedGh42CvgWhQAz5l9QG5ECdg85eG16dl4d47yZ-4i07cdrhgmCHDOhYcSfd0aRdHC4VRfKSLY4fAP5JY8xLlV3txf3UxMCO5oTcztJX3YH9uAHetG1BRgluRyigHempZfMOiwYIZACJKhO6Lkb1q1ni1v4szbc4H7unAGI4x8i1eewXwlRLM3og3pQbzsRKeGpCfZEQKgqY9zNkE6iq-t0F40neA3ozGwQzvEiMWoxwmcjR2bv_Eu-PF_M4N3g5OeYdIhLVzsA5AKwa_8QwHc8zRR_Zu7SFch6pIVhmgCohIDwbWyBzp0WUsnRfRdwQVpjhbLxwxboe3MIPAGNLyN59yUWDM8PrjsgTtSOWl4WgYFpjcmMWW0vpB4cQjheT0nMbdwA91ZteJcU1HxQvZ160kiB-w9SPQTab-_X-HZczseUucbUf_bzVGrKauqQ6N0OBpyjEc-AP7bxVirCIRRhFzAY4XC946RCC4uYGcamYGm-U_3ikOKkOXZv82HPsI_uCMhHdBgKHXBi-2RdUa_38tYqL4ePYd3ZUE6q2cx31dgxLb0ryE_y_anC8fJQ5ACDYIurS1MOv4gSfvcULZAeyYPE8uAUVImhlMbiFYYA8ZCpBgKyjeOurvJaIydw1gZeMgVy6Sc_FGg1r6EaH9SujtGhL0vTjN6M2d_FZwIFYEvpefm84cxh2AfuHFOFWreIKE6gV2DI_RIUI2kprPc1DfEYG19OWF2uI2OuuFqHmdhnmBMkK0coTfLjOCJH_cqMTRqHJEDBW9bUXrUqBu0H_5nQbjV3eVf-7tgpzwPIPH-AUOUkOg84DH6c1eskMObsw8A089BduVZAzxNBtRUlLw9fwC-Qa6ZuuqsJraWva108wUL8Vz2gXSbmxRqShCon8PbNnvikWJ3BWT9YDZSywGpXI44tKgHh_s9xoqgWsEjcVnVuYYQ7pxF9hATYXFctLtcbhKywxJ-blIw6jVqMwRVdLA4x7aJGe0AgJrb6DleV0Wvc7ihZQXtxLqGRhsNk6tl_DRJayVIBgOYk3ucMYJLIxpCY7y0VvWiPDdU2tk-A1wtRkYB-KL9dgtQv95KruIYxIWaStCgjtrgoS8EZ1M-S6ebSgf_I1s7u5I7zNtVvllBQeT1MsJ0j-b5OYrmST1MedfLl6fediNB3c6kYEmom4bagUsH6-PpSlxB--oEW0akCn0FNHUBM-pykE0RbxcRzpWlgLdcjmiROrlT3ms-vm672LiwrX4m-VrDgr_-8pIKWalcR5M-shShgnCDEB7UvWJe4fFR1T_V1X4ZInHGVJ4qy0i_v_ooDFY3SxKhE7PbjaYQyj22YwAwbOmQJbkiS3IfGbhMWDaZkJQcVHwY_Z4HxCv47vCF_I8yUwyFEs3irGPWYBodzZLhm8V66GmH5XFtHnKUnhybvXT-dTle9JQ1hEFVqTbGwiVlyXHy9fSl7LQRKXLA76wF9YbhDNkCtoas8r5cbB1bE8uaUQjLWqQrJNhotcYgB8QNYzPboul_iDjuEKmOU8TZMjGc5xSgWSVSpNCQl7GijaMn-_yUXhBpngBh-EjnHzqoFDhBmOwFIEPQiAWtc4Kp6fmm1fbHgMBu1Wdo5mUC41SaW4Y9McKpCe1nfzdYmddCPkBMSB3v_CrtyzlH5RdGPMV8m7-jnD7hEV_Tp8udXl7f0aGH4jAWlBJuf1pLAyoyBeD4dFd0UnBYTWE1uy2wvfdj4bJsyxv03LEL2dVjWj_RTchGTJZM3SZWdfEIBl-ApZFurU8ZldEnjrWoBFXBETDVqxv9ia37bqkuurasK6kVqhca_4RdQ-GQ0UdNpyUb_l4ZFKzv6uazs6eQekqU-4_402d7qe2ajJvXITY2vPAYz8GpzsTgCgrKipDwOnNNm-dPFLbVunVw_5TlsZuZb2kVMG6q3RyIGrEcA7mzEOjFqrp7tclGg8yKx8Lt8ZunJDZ87y2xVLsEokQzgqevTffWbc_uAA-F7ELbUWbJWEtkznxCDs6C_eNHQZF0nGYArDJkTfpPXbWstNWOy3y2DlzxHxyV7kOEHg_px28GoIWwqu71NDDwcuhkZahXLDsy6veOnXm0brcZNUi5F_9ZstZr0jojvPHLlPl0a7xEcWqdtuYynYbRpuFXojC38IEHKYB1wGD6M4pi6_LpuaH7NqePISRBDM6WQaLHhIxyOAN0uyATwK3QyGuh989_zoX0oJUcu8o0Vnu_O1gWW0wZJrcAmVAAsVTndrAcncapMQPBDpa_N1cAv0OyODSy74XqHYMcsm3amZo2nmla1MGcnV_bLH5I2dCkzEUZP4syIAVz7aw4lNxTzjM9wSMhpfizYE5xWQyzu8enhyZcxz0ttJVCZFEoP-a6MqK7AET8KfpMC8psAVx7pmBZgSlZMPtXINqD0LNUrzqdkqzczyhswJTS32Rg1h8gkV9kfqadKORNE1HgERqBBl-nKeEvA1AbD1TmOG21xUn_qUpwQ9niyFtFqSui6jAFv41gOEpJIESc3MDKd-0KegXBADpLerTR_MXI97oCBkUckV6oBJVopyUfLxyY5FGi_6X_vY6NJEDzzO85b7zR4Kt-UG1WoufzklZC-_Nb8PYyTIBqXqCzLEsimawZ2jmlit5r1Jfvs9WwO4b_jguQHmggBwG3mf9p7Kyiuj6AnM3xhr-Ag9hA9zgrPIU0ndUqMErBdVPdqDJAkDR8nFPex7btyutRdOPeel53DxJDZp-XQoaKpHni2dh1rDGKL7S5_fIeFTDEOoMDTWfjuigNugqBt9sZ4plk-AZeN1nfAqPGcVbqB87JnQgwQOXSOxIZUqT6STBKlJ8Bf6MOZXn8UUnh0REQKWkQY0SX3K4zPQTOaUt36Zi4EIVliKSY2CT_wziJSPoPrKqAKJNqfPpwDWsCaGvBjYyQ59liWM8zQvYGnXRTrQGSTnBvGS42bzV9RkR4ebABMciSvCfIO7mTwvhrkNL5R65HE8sRp4UIRo5hGHmMN46Z3HltIH2QL7qaAAtPD0o2I-U1n7hxmgeiPT5enuYfepBXTkAYuZ2coMo3WBhziTc_Q61x5bJsMLlYAQSf1rb-iY2MQ72qzv2eNtfcs4SOTOZJT7lseTbr-3ttpp4ioGenhF45rCF3X8ATFWAI62X944E-2nUrWLPEk1laWCIfa_9UJbwtHGImLtymgC1zI-KSRM-8gkacGT4vV15ppgbRyWrAhj_zeMMWoWYfGDSq7_QffDbmlsnO-nH5uYg6YN2mV2-1qTba8lV3zwY0nYkIbh3ewMb2ABI1OeBL3OVSMejJH5YuzT94MLgvSDTV3A0T6gy5s2aIZLh0yMlzLxf3uaTO9h5pj3jPRDbFPJWaPlZCj-7kWiTa1Dc8pH6E9GYnTGcfJv_M0QJOG1ADJyFC9lpvYJkmZ7W8V-WSZYZCLXPOVEolVphwGOn0NqkJRlmbFBCoL_PMu5g1rQ&cid=CAQSPADICaaNZKj37rpNTIWhq7_Y0z8FiLNfHtAtMpYkgWl4RXoY4KxUuS5JAU5nogPw1o1WJ9euxFlYblLTORgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftv.shoot-yalla.live%2F&ds=l&xdt=1&iif=1&cor=4651020011954534000&adk=3047537735&idt=182&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc80051f79f4a6c89645c6ffe9adad0a33f01fb15708240ee7e1e18167df6f1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12243
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 462C
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DsqpD852q5-bJbC9HdSOp-wkkxqfJWN_aFwU3I7MC4s3j6wuC-6O-EHfJ61NV51farG6p_P49ORNvQ1VY297Emz9dmZyzoKAoWd9XNJ7oSwqLuYxap-gG0VX8k-Ecl1I_4WeO5zAXqetNPl59NM2rtrZOiZ9Y8IBOUjBrjYXM4qxJBctU&cry=1&dbm_d=AKAmf-DwcLzxf5m9-PQwzgw9zq-OoH390XJvo7tmjMh3wQKVqgVlJZTTR113ZzCRuv3Yj0KNNLyxz5_QBZlAy9OKf0f6_WIAQhrak7HOsiVBwVbRMxIG117d9uwzXOczYZkl-4pyYh7rdmglMMVuC0OpqkJ7blbBuyVWPQoUeHvB138zfdGwJ8vTZ80lDuOO_txV_dsh8laWR1lLw5ycqUL7uDBjH-Q6GY98Bat1v2jEuvBjhF97Ii7Pkl_hoPSfkhLi0pVkyGgXh8kw6QWlt9MHXzXf7n_mZjYfb4XNHAgJLqGXPAmZz1JPL0YBRwrvisVojKk9JGnwxwIj09Ly5CEYaqwQ7V9-ZAaDhSLb3KoxXyUNnkPuLzOJbYAlfotzyESTCu0mQtxgR06ZJa9U643KxAGzwZ90jw00i33S_rtzdPtsPKMHoomGqVwwp_QdT3rjcMwbR9QKe4g0D35bMJDedGh42CvgWhQAz5l9QG5ECdg85eG16dl4d47yZ-4i07cdrhgmCHDOhYcSfd0aRdHC4VRfKSLY4fAP5JY8xLlV3txf3UxMCO5oTcztJX3YH9uAHetG1BRgluRyigHempZfMOiwYIZACJKhO6Lkb1q1ni1v4szbc4H7unAGI4x8i1eewXwlRLM3og3pQbzsRKeGpCfZEQKgqY9zNkE6iq-t0F40neA3ozGwQzvEiMWoxwmcjR2bv_Eu-PF_M4N3g5OeYdIhLVzsA5AKwa_8QwHc8zRR_Zu7SFch6pIVhmgCohIDwbWyBzp0WUsnRfRdwQVpjhbLxwxboe3MIPAGNLyN59yUWDM8PrjsgTtSOWl4WgYFpjcmMWW0vpB4cQjheT0nMbdwA91ZteJcU1HxQvZ160kiB-w9SPQTab-_X-HZczseUucbUf_bzVGrKauqQ6N0OBpyjEc-AP7bxVirCIRRhFzAY4XC946RCC4uYGcamYGm-U_3ikOKkOXZv82HPsI_uCMhHdBgKHXBi-2RdUa_38tYqL4ePYd3ZUE6q2cx31dgxLb0ryE_y_anC8fJQ5ACDYIurS1MOv4gSfvcULZAeyYPE8uAUVImhlMbiFYYA8ZCpBgKyjeOurvJaIydw1gZeMgVy6Sc_FGg1r6EaH9SujtGhL0vTjN6M2d_FZwIFYEvpefm84cxh2AfuHFOFWreIKE6gV2DI_RIUI2kprPc1DfEYG19OWF2uI2OuuFqHmdhnmBMkK0coTfLjOCJH_cqMTRqHJEDBW9bUXrUqBu0H_5nQbjV3eVf-7tgpzwPIPH-AUOUkOg84DH6c1eskMObsw8A089BduVZAzxNBtRUlLw9fwC-Qa6ZuuqsJraWva108wUL8Vz2gXSbmxRqShCon8PbNnvikWJ3BWT9YDZSywGpXI44tKgHh_s9xoqgWsEjcVnVuYYQ7pxF9hATYXFctLtcbhKywxJ-blIw6jVqMwRVdLA4x7aJGe0AgJrb6DleV0Wvc7ihZQXtxLqGRhsNk6tl_DRJayVIBgOYk3ucMYJLIxpCY7y0VvWiPDdU2tk-A1wtRkYB-KL9dgtQv95KruIYxIWaStCgjtrgoS8EZ1M-S6ebSgf_I1s7u5I7zNtVvllBQeT1MsJ0j-b5OYrmST1MedfLl6fediNB3c6kYEmom4bagUsH6-PpSlxB--oEW0akCn0FNHUBM-pykE0RbxcRzpWlgLdcjmiROrlT3ms-vm672LiwrX4m-VrDgr_-8pIKWalcR5M-shShgnCDEB7UvWJe4fFR1T_V1X4ZInHGVJ4qy0i_v_ooDFY3SxKhE7PbjaYQyj22YwAwbOmQJbkiS3IfGbhMWDaZkJQcVHwY_Z4HxCv47vCF_I8yUwyFEs3irGPWYBodzZLhm8V66GmH5XFtHnKUnhybvXT-dTle9JQ1hEFVqTbGwiVlyXHy9fSl7LQRKXLA76wF9YbhDNkCtoas8r5cbB1bE8uaUQjLWqQrJNhotcYgB8QNYzPboul_iDjuEKmOU8TZMjGc5xSgWSVSpNCQl7GijaMn-_yUXhBpngBh-EjnHzqoFDhBmOwFIEPQiAWtc4Kp6fmm1fbHgMBu1Wdo5mUC41SaW4Y9McKpCe1nfzdYmddCPkBMSB3v_CrtyzlH5RdGPMV8m7-jnD7hEV_Tp8udXl7f0aGH4jAWlBJuf1pLAyoyBeD4dFd0UnBYTWE1uy2wvfdj4bJsyxv03LEL2dVjWj_RTchGTJZM3SZWdfEIBl-ApZFurU8ZldEnjrWoBFXBETDVqxv9ia37bqkuurasK6kVqhca_4RdQ-GQ0UdNpyUb_l4ZFKzv6uazs6eQekqU-4_402d7qe2ajJvXITY2vPAYz8GpzsTgCgrKipDwOnNNm-dPFLbVunVw_5TlsZuZb2kVMG6q3RyIGrEcA7mzEOjFqrp7tclGg8yKx8Lt8ZunJDZ87y2xVLsEokQzgqevTffWbc_uAA-F7ELbUWbJWEtkznxCDs6C_eNHQZF0nGYArDJkTfpPXbWstNWOy3y2DlzxHxyV7kOEHg_px28GoIWwqu71NDDwcuhkZahXLDsy6veOnXm0brcZNUi5F_9ZstZr0jojvPHLlPl0a7xEcWqdtuYynYbRpuFXojC38IEHKYB1wGD6M4pi6_LpuaH7NqePISRBDM6WQaLHhIxyOAN0uyATwK3QyGuh989_zoX0oJUcu8o0Vnu_O1gWW0wZJrcAmVAAsVTndrAcncapMQPBDpa_N1cAv0OyODSy74XqHYMcsm3amZo2nmla1MGcnV_bLH5I2dCkzEUZP4syIAVz7aw4lNxTzjM9wSMhpfizYE5xWQyzu8enhyZcxz0ttJVCZFEoP-a6MqK7AET8KfpMC8psAVx7pmBZgSlZMPtXINqD0LNUrzqdkqzczyhswJTS32Rg1h8gkV9kfqadKORNE1HgERqBBl-nKeEvA1AbD1TmOG21xUn_qUpwQ9niyFtFqSui6jAFv41gOEpJIESc3MDKd-0KegXBADpLerTR_MXI97oCBkUckV6oBJVopyUfLxyY5FGi_6X_vY6NJEDzzO85b7zR4Kt-UG1WoufzklZC-_Nb8PYyTIBqXqCzLEsimawZ2jmlit5r1Jfvs9WwO4b_jguQHmggBwG3mf9p7Kyiuj6AnM3xhr-Ag9hA9zgrPIU0ndUqMErBdVPdqDJAkDR8nFPex7btyutRdOPeel53DxJDZp-XQoaKpHni2dh1rDGKL7S5_fIeFTDEOoMDTWfjuigNugqBt9sZ4plk-AZeN1nfAqPGcVbqB87JnQgwQOXSOxIZUqT6STBKlJ8Bf6MOZXn8UUnh0REQKWkQY0SX3K4zPQTOaUt36Zi4EIVliKSY2CT_wziJSPoPrKqAKJNqfPpwDWsCaGvBjYyQ59liWM8zQvYGnXRTrQGSTnBvGS42bzV9RkR4ebABMciSvCfIO7mTwvhrkNL5R65HE8sRp4UIRo5hGHmMN46Z3HltIH2QL7qaAAtPD0o2I-U1n7hxmgeiPT5enuYfepBXTkAYuZ2coMo3WBhziTc_Q61x5bJsMLlYAQSf1rb-iY2MQ72qzv2eNtfcs4SOTOZJT7lseTbr-3ttpp4ioGenhF45rCF3X8ATFWAI62X944E-2nUrWLPEk1laWCIfa_9UJbwtHGImLtymgC1zI-KSRM-8gkacGT4vV15ppgbRyWrAhj_zeMMWoWYfGDSq7_QffDbmlsnO-nH5uYg6YN2mV2-1qTba8lV3zwY0nYkIbh3ewMb2ABI1OeBL3OVSMejJH5YuzT94MLgvSDTV3A0T6gy5s2aIZLh0yMlzLxf3uaTO9h5pj3jPRDbFPJWaPlZCj-7kWiTa1Dc8pH6E9GYnTGcfJv_M0QJOG1ADJyFC9lpvYJkmZ7W8V-WSZYZCLXPOVEolVphwGOn0NqkJRlmbFBCoL_PMu5g1rQ&cid=CAQSPADICaaNZKj37rpNTIWhq7_Y0z8FiLNfHtAtMpYkgWl4RXoY4KxUuS5JAU5nogPw1o1WJ9euxFlYblLTORgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftv.shoot-yalla.live%2F&ds=l&xdt=1&iif=1&cor=4651020011954534000&adk=3047537735&idt=182&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 02:22:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
90513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 02:22:26 GMT
versionsFR.js
secure-ds.serving-sys.com/BurstingCachedScripts/versions/ Frame 462C
213 B
508 B
Script
General
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/versions/versionsFR.js
Requested by
Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1079734535&gdpr=&gdpr_consent=&w=970&h=90&ncu=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCtp8GcmlEZfaBMZ_n7_UPwLG70Amu5IDXc9TLuLjLEYKd3KDUARABIJWbyiFgkYSghYwYyAEJqAMByAObBKoErgJP0ATF5QlqBSGxZj9nuGykubA9tDV4dFdD_B0CJSw_9IzzeZu9bVSQzBhBkFeJWZkXJTNYkettxqCE0Y96_tP7KpvuJ2WPCss2PbbG-D7nwTNZpW-02hhPRN9pKeL9tjgBt1WKnbGIezjyrf2B-4qnVr1HCG8FVewu3b27EChgIpboJh_7DLv1XTgcTa9BQxIpWD_Fw_o2iNDgnnb0Y-477qIEMJzKfU0DtSNWLqBC7pbB0y2F85qfGAgz9kkco_PwJC2mt5iiyDBdVPGxumDUZmRLc1p2VKc6jue-wj0vSSWFXq48BaLLF2nouHZyDldNzLE-eiDW1_AOceFJScC9jZ2C8w24HfadNptBm33hT3bEZ3hSHWofyBPA19Byuf06_m1STH9DmyxAKIEI4MAEp5PY0coE4AQDiAXe7K_6TJAGAaAGTYAHx4-g5gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMCCoGCgS1uLECqg0CTkziDRMIiYOPkPKmggMVn_O7CB3A2A6asBPIjZYVyBOQyt7jA9ATANgTCtgUAdAVAfgWAYAXAegXBQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNZKj37rpNTIWhq7_Y0z8FiLNfHtAtMpYkgWl4RXoY4KxUuS5JAU5nogPw1o1WJ9euxFlYblLTORgB%26sig%3DAOD64_28Gi4-88e_PYehORqCSdpRBjXPnQ%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-DF-6lQqowWKryXxLixmbEhMMX0Gxwc0MH72EPdPvf1afAujns_3oPw9VMKI3stQrsSqhvWCqQh8l78NlRXI42kZTqwCs4mGH_J9-6PvatKuMEPk3w0_vPy0mahwhPlwmIzzaZtlmWVVlPx-sCL_W_pNQY54jKb0NAZYkdYnlYSwZq2mP8%26cry%3D1%26dbm_d%3DAKAmf-DwLgffGhqXDWMH6d9qGZkrmGgnoJUxfyDxj_ddturr9PlQJdzcGkEhLvqaEHzZlGdOvWEmW8_HemUP-hWmw4GLQ58-lMjz6_bQ1E0V_tOxQXb4mP7m9zJMPLZoZBBT5i-KdEj-lHz_vlj9MofgN4zBPFB9iB-XXk5ZTNpcATDpOj-9bwx-7nxA6puZLGQwcxM7K5YqmDidE3UddscgwdkQNE7Pt69GpE1vmxM8aUbqAePOt-uExQb28BP71htwGS7YZ5BZuDoWUURR6a4LUCJ32jGtj42rpHRFBpoav0AA7AbUT1Q5yY6Y5A1XlPM-hz1tPal3inOwNJUw3EjeLp5KgI5KCthfesonoeKyi60vV52zE_vJhrqoXXpLwJP6KZpjqcklFR3JsZbJjtlMaDqmkck7UTMx3pGd8jcLctM7nQbEj2b7x1_yp7t2fr1ggEtASZGzxfw9BFbXI-8PNq02-jgL6XJ93U1hkmtSj9QncEY3g0qoW1wjFm5j9vzgZeQyDQPMVlY5KdDblge4bo1_ang0KzmF-JzbqYP8UkSz04DOjdJF8atr8hb9f7ZpysKDMHpiKymXYLAqBmh__SpG42pXK0YpYDsu56aoycSSRIvY3VU%26adurl%3D&e=0&ord=1698982258803062&ifrm=-1&z=10000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-199.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
77e0cbf5f73df644f929b908ed8697c27fecc3b456810ba75909ca8d14067104

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:59 GMT
content-encoding
gzip
x-amz-request-id
H29ZFHFN9RQQMVSY
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
content-length
126
x-amz-id-2
S2pIgx8GOm0fJ23czms39rhaKY3Y5ChDwHTK0BXnHomY/u2kn4eXCAYgEvLH5GcafJDn2g8DQ0I=
last-modified
Wed, 04 Oct 2023 14:58:21 GMT
server
AmazonS3
etag
"7760d8126d8e1e7690d4e2ab3748812f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1413367
accept-ranges
bytes
x-amz-cf-id
hECahoVGu8UTA4rhjoN8Lh1YvJEgMCU5txrfkugp2m3DrjWYrk9hgA==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F9D7
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
4132
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 02:22:07 GMT
etag
48472445140208031
expires
Sat, 04 Nov 2023 02:22:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 462C
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac05e4c70f736c4a4a6105f4001df4bc532c44d6cfe0b78b94ad72c89df438a0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame B80F
172 KB
61 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
Origin
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 07:14:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72983
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 07:14:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/ Frame B80F
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8uGc5TC3WCXHbjCCCZrRLQ9RFvi3tAd6rWmEfOyr6XTgnuAb-QxYElGZYOFdwvFTgVSeXOjT09b6hWOOOEri4BzonqTqsDaerwCq0-Ua5PN9V9awO26-2cU2nONdIIrKMxFsLzcJRi_SyfJzPWjo3X774X7PxIcmepFacQeDkXungno8&dbm_d=AKAmf-AqzOKbCrQgYzUxHDGXDH6vaR7kbKwa8GqwtG1PO2ylTKVLr3MfbL3HMWlgVFDjuPkMuKQjmsB5OT6poTxnN_M9WLHvStqmcxGu_X02ZimhE8emztnM3FWdXRHQoOxyoSEqzJXmIHMpkipG_YCdEsXjHYuJjK5Q76Nc_TSm_47a3kYEIbzGF_9b3oP6yuNhw4v9GiYxXds7ejLWeCC3Fd7I-TfvY9uiiiMGqX1YvpfbeegTdfDsQECDpTmAKALbfq9Jr4wwAH4CdS-fKYDqbQg_OKEHYScT-ZCd19LOGxRaTKprh6TGAekREV69Bn_33-JCkqjPmjIcikj9-4qUaVBuTRIb8WVdAOHe5v8JMa64O4jGyNiH9pft8BF3nmPjGjfYJSaWwwJ9SuGGezFYq83HHuKH_r6EeXOiMH3EY51ff5BLzkJy9WgllWdKvNlZuMCxulAjsO6lC7CeSVuJtq90xbb13SvxWmf6xnFe5GmrT5C_qcJRJXceI4rJ6xKLFy-10W5xQ9IZDZnEDI7hDWzRPb1yI1gY8snjcbuBDScJ6rXwb3400xhTIxtmHgqtKu56lrZupfJBhpw7_XLsUvQBrYqMca_JqAzMUTTFfUUEzvEt4X7hjswaDm1VTvvJy0moOMclGk3UpozIUckcHLN-zE_ZtRI1mUVOMy70EYyVjKhi82atzUK3fdH-F1YfyRRglTZt8_ZOsXgHzr5HXXnZcc0F8f5RjBqqj9Ao83KLSU0GHZSpXFJjD8JH5sCNQSFBG0dE3vgnRq1GzcMx8ho0yIIm8MXNO5nbfwKpie8D1Qcw4hhje81PPI8sML9iXRP5LeSMBC3AvZiP13twGXgGh3n_oPtsD1ApWDmvNKayOMh4k-JE8SnP2_TLLZpzioPaqC6qU7uL0C3oN4oqUvafGdEmxp-7gYMdmbmgYEfONNABVfxbdDQ8x_ZAifaGEsfEDTsg5kZI7T08lPLhoNxtfnc6MFgmhDN84ZDdXrsCZ5sL018Y07R_bxM6xqr0cRPK0BI_yMCUU2cIzMXcimTwTZV0HtSoLQfiO58y3jA0zaIYOdopA2DOAxCflX1T7mQqK2g0W5TsUj8YdxpiI_cibjQzDSZAeX7XBpOSped5KkBtMhvRTdyFuEPl9xE-1HTuwiDS0DYGhTrO57L_bN7ScdCNHduCcpP4ssMN_cZPzy1M1ZHavn1bbWL0tgLL5bY6kmppMXbbl0RoH-zKQyJEfPjzX29ZqD-jPVoQ3irKfa-vJLa2HUOzOeUcHXNSYiXy7iaV4sd-tY3WGCELaEgyw5s-HdjwV9kIiZ-AwBnJ1RpU0sR0xjbYKrMdbbLEa6264e2F5Q0Km4AowF1Hgvitq-lk3shxiJ-YZyqu5xqA1XtPvmBiQlqA_Me8fRfND0TMEIm2H8AaYrLByMNM_xgcO-iZPlbHXnwDMp2B35x7RyQpfDbj-sLfpMXhFifCJuTK88GmbBWg0_1LWhJ_18nMCTjgCmXE0_1Srn0gNR22Hv6qPJhPqRUZC-VWOlptixdrXpx7t2aYN9AYlXPHwAXxq24_woPODz8Htm3BtFCwktwQ2Q3SFsZtanOsVGe3HBKq_3rSj1CkEphWTxnSjiXJeuHkbyaZjbVB1AwaJYqREIgQopwidiWbYrpw240ClJkj1eschcI4mkt3Td4UarUV_ux5UxeXPYADn8iRiwKul5Dch--os1xuoimehFFde6Jo92y6HcKWO7v1F8ekLT-w88k1UoAwu8-7emcnPpGEm8XfDdeXSc1lXYO1CtLg567wSxA3hnHb5Og1SSnEnY_WMtxwdpCeIGo4IYbsqw-w6mrxc3hsq8qe5E45AwgOJuwvGULgeJqNv9IkbSgr_-G03nQZrcR02FobZMOb78dJFtCdT2R6GyMWsdJahcFxWenolHFPN27bTfgCjJYuWaHsy13LEEqOJYXOIsJYoB5_6VHClCOyZk1xAK5aVW4hsdEpd-U6OCsE6QPeS_3wjbxEyhCTo2onisdqGmvGF1Pny_viPHaOf7Sz0ICSaRBabc3FH5u_2JR2oFAnzWodXMOUTmyZFOfBQPXIbxEggSHrxhdYYynlywqxm3UptJET493idRVHg7cgyVCNyFiljvmK93a75l1FZlRvT7JflXCTWxQdSKkk5BOXJ1ZG_A42Nu-2MdEhCPMsVcblpytctGefqdiD1St7EJeauU9ybnuopZWVi3JZ1SrTUGlhjOtZb1Ni9Ds6j527dO5BdtxfQ4xqye3BCPf7MxGbbJ0XvCQLyH36foqVumBlOvTYPUd26-VSYK8jKd0imy9AnubsdKLmLKvSK78U7Tc-fzu0TQR2QfKc7viqUeBlSjuqisAdPdJZdnsGkm9hGhxPVZFARVMQbPK2plJnRL4zng1wUvrORKqhgaLLOwG6BRunIXRNn7j02MOEJLyQ0_oA5nlKbVKds6PyShOw8gDOHNHfsNQQEO5ZfjzvWJd0E-3fHBmgIJyh1USoqfTwJF_bZTxkBhD9T6tetabxPLNYcapiKQrkxv7u6YSWDM3nAucLYSh83Xzg9P7QqQYcaCPAa1GDezR49xKTti_Dd9CSGWDJ6tcCR-ovx5NunO7EWBar_bjDLmU2twMcOKgwR_Q_g9gaduP7D58fQS1bZ01e_4597cDi9J1rRU6pkPbxNaFB8eFh2_BSmQrsyFho1YTpOwP74KqZfPHEkxKBnmONzFD7pNITvFaI3YRYMOyFn_px1Dcg3MCyLm6NOi_pAwDxnhk3VygUkQzKcqgUoEoq2xDWJ-AvhSJqbw7LVjOLHYud-QZb2WiRMRN3rDrMSdpOhcEVtQLavynwesTHifDsiCTbr-pG4QLT6EZrFNYBoW-MEAAQQgf5nySku7hKkSkfdDxy9DFVyeXHJdxMSYHCyv8um2V3gFE8bqNepXTL3wnrN3ehFdt3-bYJ6X3MnjKQkm0clafSd1A3xHc_PcnkTH6KPjgZ2JoLaFcUi6M3TTVslzOF71HxGAJX72iYzp8JK9s-HwnImcHBPR86n61DFKSoCkdY67vxIqJONkZrAg-h6coDd5qKSgXJkJl1SZHik9Zt4bM1CKsu3GvjnvWEZfwVMVJaES2dD3FlwZlQp97e40MKsxjRZRYJ2x_qL0tzPFpEpKUBltZMvRLj6bnLH4jNvuHOY23fR7oc1CrVR09DM-FY9cvNoUzpUVP4SDSkoOppN1ELhCvzHd07u4rlZN2Z06fGLoeg_6tQ2c6ZHUqIXyBl568-Z5PwRlee7iBZD-3yldrtETM2AGARMoiJhWyJe-G8LIK8Ow-QbHuTUuCB2OEkImGW3FKvrPx0dQ-Ar1DIMcOMvX-B8NPUTlRh64SfJbb8jzB7WfU7nMCmybDlTYHf1_J0qBEg3EaIT7t7hXLEAELmjN8TtHeZK9vCQj7FXSvVbv5NOhw0hyC9VcUV_qegxUylnfflKgrh7k1R1fvMnfv3HjpsTdqhDx8XY0IsWs1Gb1IFNUsJY_ouFFnK_FYJkjrS5kxV95ytS6OAq4DRTOZrKR-eZHei5BhSSBVdomVWT4CgndGbS19DfytvIaOgzUaB7KSPGIeldM8mBliAaauLtvw6kPtZH6N_vYK0B1S3MegvaHXRxuJFMAopSXZ8vxyRDD5HRVXj-KMA0PN5CqdYipXNICRLp01_sqZqc-aGEBMqOaFRYThhHkZrF4nre17xodBoe4BbDiwoFO8HkRkNMBvWZ4KP1Ekd_qKG4QaRni-JGv_ym5YH7RFknRGBDVEMO-o9O89nLO2t8VVbUgOVrJcmDkCjDbv_d14ZzdNuP7y0Ao5sj4q5NBuizYVAd8kIcz4OMU6fcawkLCe8lMk8xac0vdaN9FfHHVAGAaT3WmSoMT2FX9bf9WQrOwQLpycbARwUS0HiQ10qaGe-qUrzDugBgfOH0LoGwfT6AjvE-XGNJO7u_jtkjgsH51g45M7d05cL&cid=CAQSTADICaaNk5V723ssSoIzdzsvhkex1b_FHkorlXVsTJ41qicO23k8FlP1iwpiJsZILOGaEmj_BzInQ8_ReEf4DKzwPHN1rTj3rH68ZKQYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftv.shoot-yalla.live%2F&ds=l&xdt=1&iif=1&cor=15444431270959145000&adk=2228999115&idt=182&cac=0&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 13:34:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
50201
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 13:34:18 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/ Frame B80F
30 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8uGc5TC3WCXHbjCCCZrRLQ9RFvi3tAd6rWmEfOyr6XTgnuAb-QxYElGZYOFdwvFTgVSeXOjT09b6hWOOOEri4BzonqTqsDaerwCq0-Ua5PN9V9awO26-2cU2nONdIIrKMxFsLzcJRi_SyfJzPWjo3X774X7PxIcmepFacQeDkXungno8&dbm_d=AKAmf-AqzOKbCrQgYzUxHDGXDH6vaR7kbKwa8GqwtG1PO2ylTKVLr3MfbL3HMWlgVFDjuPkMuKQjmsB5OT6poTxnN_M9WLHvStqmcxGu_X02ZimhE8emztnM3FWdXRHQoOxyoSEqzJXmIHMpkipG_YCdEsXjHYuJjK5Q76Nc_TSm_47a3kYEIbzGF_9b3oP6yuNhw4v9GiYxXds7ejLWeCC3Fd7I-TfvY9uiiiMGqX1YvpfbeegTdfDsQECDpTmAKALbfq9Jr4wwAH4CdS-fKYDqbQg_OKEHYScT-ZCd19LOGxRaTKprh6TGAekREV69Bn_33-JCkqjPmjIcikj9-4qUaVBuTRIb8WVdAOHe5v8JMa64O4jGyNiH9pft8BF3nmPjGjfYJSaWwwJ9SuGGezFYq83HHuKH_r6EeXOiMH3EY51ff5BLzkJy9WgllWdKvNlZuMCxulAjsO6lC7CeSVuJtq90xbb13SvxWmf6xnFe5GmrT5C_qcJRJXceI4rJ6xKLFy-10W5xQ9IZDZnEDI7hDWzRPb1yI1gY8snjcbuBDScJ6rXwb3400xhTIxtmHgqtKu56lrZupfJBhpw7_XLsUvQBrYqMca_JqAzMUTTFfUUEzvEt4X7hjswaDm1VTvvJy0moOMclGk3UpozIUckcHLN-zE_ZtRI1mUVOMy70EYyVjKhi82atzUK3fdH-F1YfyRRglTZt8_ZOsXgHzr5HXXnZcc0F8f5RjBqqj9Ao83KLSU0GHZSpXFJjD8JH5sCNQSFBG0dE3vgnRq1GzcMx8ho0yIIm8MXNO5nbfwKpie8D1Qcw4hhje81PPI8sML9iXRP5LeSMBC3AvZiP13twGXgGh3n_oPtsD1ApWDmvNKayOMh4k-JE8SnP2_TLLZpzioPaqC6qU7uL0C3oN4oqUvafGdEmxp-7gYMdmbmgYEfONNABVfxbdDQ8x_ZAifaGEsfEDTsg5kZI7T08lPLhoNxtfnc6MFgmhDN84ZDdXrsCZ5sL018Y07R_bxM6xqr0cRPK0BI_yMCUU2cIzMXcimTwTZV0HtSoLQfiO58y3jA0zaIYOdopA2DOAxCflX1T7mQqK2g0W5TsUj8YdxpiI_cibjQzDSZAeX7XBpOSped5KkBtMhvRTdyFuEPl9xE-1HTuwiDS0DYGhTrO57L_bN7ScdCNHduCcpP4ssMN_cZPzy1M1ZHavn1bbWL0tgLL5bY6kmppMXbbl0RoH-zKQyJEfPjzX29ZqD-jPVoQ3irKfa-vJLa2HUOzOeUcHXNSYiXy7iaV4sd-tY3WGCELaEgyw5s-HdjwV9kIiZ-AwBnJ1RpU0sR0xjbYKrMdbbLEa6264e2F5Q0Km4AowF1Hgvitq-lk3shxiJ-YZyqu5xqA1XtPvmBiQlqA_Me8fRfND0TMEIm2H8AaYrLByMNM_xgcO-iZPlbHXnwDMp2B35x7RyQpfDbj-sLfpMXhFifCJuTK88GmbBWg0_1LWhJ_18nMCTjgCmXE0_1Srn0gNR22Hv6qPJhPqRUZC-VWOlptixdrXpx7t2aYN9AYlXPHwAXxq24_woPODz8Htm3BtFCwktwQ2Q3SFsZtanOsVGe3HBKq_3rSj1CkEphWTxnSjiXJeuHkbyaZjbVB1AwaJYqREIgQopwidiWbYrpw240ClJkj1eschcI4mkt3Td4UarUV_ux5UxeXPYADn8iRiwKul5Dch--os1xuoimehFFde6Jo92y6HcKWO7v1F8ekLT-w88k1UoAwu8-7emcnPpGEm8XfDdeXSc1lXYO1CtLg567wSxA3hnHb5Og1SSnEnY_WMtxwdpCeIGo4IYbsqw-w6mrxc3hsq8qe5E45AwgOJuwvGULgeJqNv9IkbSgr_-G03nQZrcR02FobZMOb78dJFtCdT2R6GyMWsdJahcFxWenolHFPN27bTfgCjJYuWaHsy13LEEqOJYXOIsJYoB5_6VHClCOyZk1xAK5aVW4hsdEpd-U6OCsE6QPeS_3wjbxEyhCTo2onisdqGmvGF1Pny_viPHaOf7Sz0ICSaRBabc3FH5u_2JR2oFAnzWodXMOUTmyZFOfBQPXIbxEggSHrxhdYYynlywqxm3UptJET493idRVHg7cgyVCNyFiljvmK93a75l1FZlRvT7JflXCTWxQdSKkk5BOXJ1ZG_A42Nu-2MdEhCPMsVcblpytctGefqdiD1St7EJeauU9ybnuopZWVi3JZ1SrTUGlhjOtZb1Ni9Ds6j527dO5BdtxfQ4xqye3BCPf7MxGbbJ0XvCQLyH36foqVumBlOvTYPUd26-VSYK8jKd0imy9AnubsdKLmLKvSK78U7Tc-fzu0TQR2QfKc7viqUeBlSjuqisAdPdJZdnsGkm9hGhxPVZFARVMQbPK2plJnRL4zng1wUvrORKqhgaLLOwG6BRunIXRNn7j02MOEJLyQ0_oA5nlKbVKds6PyShOw8gDOHNHfsNQQEO5ZfjzvWJd0E-3fHBmgIJyh1USoqfTwJF_bZTxkBhD9T6tetabxPLNYcapiKQrkxv7u6YSWDM3nAucLYSh83Xzg9P7QqQYcaCPAa1GDezR49xKTti_Dd9CSGWDJ6tcCR-ovx5NunO7EWBar_bjDLmU2twMcOKgwR_Q_g9gaduP7D58fQS1bZ01e_4597cDi9J1rRU6pkPbxNaFB8eFh2_BSmQrsyFho1YTpOwP74KqZfPHEkxKBnmONzFD7pNITvFaI3YRYMOyFn_px1Dcg3MCyLm6NOi_pAwDxnhk3VygUkQzKcqgUoEoq2xDWJ-AvhSJqbw7LVjOLHYud-QZb2WiRMRN3rDrMSdpOhcEVtQLavynwesTHifDsiCTbr-pG4QLT6EZrFNYBoW-MEAAQQgf5nySku7hKkSkfdDxy9DFVyeXHJdxMSYHCyv8um2V3gFE8bqNepXTL3wnrN3ehFdt3-bYJ6X3MnjKQkm0clafSd1A3xHc_PcnkTH6KPjgZ2JoLaFcUi6M3TTVslzOF71HxGAJX72iYzp8JK9s-HwnImcHBPR86n61DFKSoCkdY67vxIqJONkZrAg-h6coDd5qKSgXJkJl1SZHik9Zt4bM1CKsu3GvjnvWEZfwVMVJaES2dD3FlwZlQp97e40MKsxjRZRYJ2x_qL0tzPFpEpKUBltZMvRLj6bnLH4jNvuHOY23fR7oc1CrVR09DM-FY9cvNoUzpUVP4SDSkoOppN1ELhCvzHd07u4rlZN2Z06fGLoeg_6tQ2c6ZHUqIXyBl568-Z5PwRlee7iBZD-3yldrtETM2AGARMoiJhWyJe-G8LIK8Ow-QbHuTUuCB2OEkImGW3FKvrPx0dQ-Ar1DIMcOMvX-B8NPUTlRh64SfJbb8jzB7WfU7nMCmybDlTYHf1_J0qBEg3EaIT7t7hXLEAELmjN8TtHeZK9vCQj7FXSvVbv5NOhw0hyC9VcUV_qegxUylnfflKgrh7k1R1fvMnfv3HjpsTdqhDx8XY0IsWs1Gb1IFNUsJY_ouFFnK_FYJkjrS5kxV95ytS6OAq4DRTOZrKR-eZHei5BhSSBVdomVWT4CgndGbS19DfytvIaOgzUaB7KSPGIeldM8mBliAaauLtvw6kPtZH6N_vYK0B1S3MegvaHXRxuJFMAopSXZ8vxyRDD5HRVXj-KMA0PN5CqdYipXNICRLp01_sqZqc-aGEBMqOaFRYThhHkZrF4nre17xodBoe4BbDiwoFO8HkRkNMBvWZ4KP1Ekd_qKG4QaRni-JGv_ym5YH7RFknRGBDVEMO-o9O89nLO2t8VVbUgOVrJcmDkCjDbv_d14ZzdNuP7y0Ao5sj4q5NBuizYVAd8kIcz4OMU6fcawkLCe8lMk8xac0vdaN9FfHHVAGAaT3WmSoMT2FX9bf9WQrOwQLpycbARwUS0HiQ10qaGe-qUrzDugBgfOH0LoGwfT6AjvE-XGNJO7u_jtkjgsH51g45M7d05cL&cid=CAQSTADICaaNk5V723ssSoIzdzsvhkex1b_FHkorlXVsTJ41qicO23k8FlP1iwpiJsZILOGaEmj_BzInQ8_ReEf4DKzwPHN1rTj3rH68ZKQYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftv.shoot-yalla.live%2F&ds=l&xdt=1&iif=1&cor=15444431270959145000&adk=2228999115&idt=182&cac=0&dtd=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d2e8de8d05446a49a58d8b8af9bc4698dbd4a63c4083d893ec232b1f3b0defe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 13:34:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
50171
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11597
x-xss-protection
0
server
cafe
etag
8023538936332676572
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 13:34:48 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame B80F
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 02:22:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
90513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 02:22:26 GMT
truncated
/ Frame B80F
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a75ca5fd364c6f05ec150270188508f6b16984849fa9665206e88aea1f81442

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame F9D7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFWssYYy7VC5QjnTwwF6dDI&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFWssYYy7VC5QjnTwwF6dDI&google_hm=ZURpc9whaW77jPW5wqud5AAADMAAAAAB&google_nid=index&google_push=AXcoOmTNiARkZ0rdGPVPpc4bj7Zz4vj_4jLrx...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFWssYYy7VC5QjnTwwF6dDI&google_hm=ZURpc9whaW77jPW5wqud5AAADMAAAAAB&google_nid=index&google_push=AXcoOmTNiARkZ0rdGPVPpc4bj7Zz4vj_4jLrxSas96hnGNi8bx4_uwZob5Z4OuYrN29Gzq8t4peYqGi7WD3VgBa7S1ROrWaYgTNq
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fdxwmu%2B6EiJxxgkPHbrsakSo8tMmW7SIn5tCpNmeh%2BtYymkovJD4jKaY6bfxunTLwOwQOGJr67W%2FXW%2BQAZdj9VU45ghBOgshOgiuJtFfjcEdYGO6Sd2YV3vuG3xfs22mkJ4Rn6rOqAVshQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFWssYYy7VC5QjnTwwF6dDI&google_hm=ZURpc9whaW77jPW5wqud5AAADMAAAAAB&google_nid=index&google_push=AXcoOmTNiARkZ0rdGPVPpc4bj7Zz4vj_4jLrxSas96hnGNi8bx4_uwZob5Z4OuYrN29Gzq8t4peYqGi7WD3VgBa7S1ROrWaYgTNq
cache-control
no-cache
cf-ray
82018ab23c986668-AMS
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
us
sync.go.sonobi.com/ Frame F9D7
0
401 B
Image
General
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmTeXioXRVxiqaMy-uuGuDR7yTVo7UvMZ2XldbMo3iAh_blXLgmWSHmiDkqJM0hzAN4ID85Sh69ISDWvDQyPUV4rW0pv2GGn%26google_hm%3D%5BUID%5D&google_gid=CAESEKgMCEnwYdwL1WBaF-i2qjE&google_cver=1
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-152
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
-
s.ad.smaato.net/c/n/// Frame F9D7
0
237 B
Image
General
Full URL
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBcXmFbpY6_HfkB0x29YqOA&google_cver=1&google_push=AXcoOmQOD6GZa52BSe_ditrSBUplwpfa-aXD6sLUJjC7QLMaaZ2eyQLiptjgdE86eY54aAaZMswdtL490AkMv905MPoFdjNBPUIn
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:f400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:59 GMT
cache-control
no-cache, must-revalidate
via
1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MUC50-P2
x-amz-cf-id
UBSwrhNKxGS3Ia0d4-nxIpx_4Y3XCnyzFtf-4afdKCU61nlRRTG6TQ==
x-cache
Miss from cloudfront
pixel
cm.g.doubleclick.net/ Frame F9D7
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEOy0tW3JjasOewJ8zGgKqFg&google_cver=1&google_push=AXcoOmREbMJWjftwrQ8XupJZHZC8R2G30T8NGO4-ePq6INWhk-mQNywkDbwv676Z0-bP2dfSxBbLEGa9WkdwM3THvru8Y9XkYUfG
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmREbMJWjftwrQ8XupJZHZC8R2G30T8NGO4-ePq6INWhk-mQNywkDbwv676Z0-bP2dfSxBbLEGa9WkdwM3THvru8Y9XkYUfG&google_hm=M0ZxXzdjY1FRWWNmQXdN...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmREbMJWjftwrQ8XupJZHZC8R2G30T8NGO4-ePq6INWhk-mQNywkDbwv676Z0-bP2dfSxBbLEGa9WkdwM3THvru8Y9XkYUfG&google_hm=M0ZxXzdjY1FRWWNmQXdNSUZIUWg=
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmREbMJWjftwrQ8XupJZHZC8R2G30T8NGO4-ePq6INWhk-mQNywkDbwv676Z0-bP2dfSxBbLEGa9WkdwM3THvru8Y9XkYUfG&google_hm=M0ZxXzdjY1FRWWNmQXdNSUZIUWg=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
sync
ssbsync.smartadserver.com/api/ Frame F9D7
0
45 B
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGTBIZhC9VUbZ-ObJmsdOb8&google_cver=1&google_push=AXcoOmSKiMHmN2_k4SlQAPmc8N5b49-gco8fRHrleMOzpudOZdY8JREFdD8JJ7rT4fAr-TEJddRJm2SzL40qbaFDHj6Ymo1u9vxk
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:59 GMT
content-length
0
dot.gif
s0.2mdn.net/ Frame F9D7
Redirect Chain
  • https://sync.gonet-ads.com/match/google?google_gid=CAESEOht9O1-YsyMmJoVlPeRi-0&google_cver=1&google_push=AXcoOmRK9HfPS0h6mE26lZ1mgvc0yvKk6QYez88pZx5YKjGXu5SGo92ur7MtpeTFE5foux09MEWIUp5GDtg69AbzBB_4...
  • https://sync.gonet-ads.com/match/google?google_gid=CAESEOht9O1-YsyMmJoVlPeRi-0&google_cver=1&google_push=AXcoOmRK9HfPS0h6mE26lZ1mgvc0yvKk6QYez88pZx5YKjGXu5SGo92ur7MtpeTFE5foux09MEWIUp5GDtg69AbzBB_4...
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NGFkNTQ1YmIyMTdjY2M2Mg&google_push=AXcoOmRK9HfPS0h6mE26lZ1mgvc0yvKk6QYez88pZx5YKjGXu5SGo92ur7MtpeTFE5foux09MEWIUp5GDtg69AbzBB_4d2j...
  • https://sync.gonet-ads.com/match/google
  • https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NGFkNTQ1YmIyMTdjY2M2Mg&google_push=
  • https://s0.2mdn.net/dot.gif?google_error=5
43 B
73 B
Image
General
Full URL
https://s0.2mdn.net/dot.gif?google_error=5
Protocol
H3
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 20:41:59 GMT
x-content-type-options
nosniff
age
24546
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 20:41:59 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s0.2mdn.net/dot.gif?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
239
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F9D7
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEJUdyATRxrqARyLMESQ_SO8&google_cver=1&google_push=AXcoOmSAlNzap2RDmlq0zrTHUiwfl5_OAxE4nN2aQHiaYrYJxMhTkMDGtCO6XN0ccFf...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSAlNzap2RDmlq0zrTHUiwfl5_OAxE4nN2aQHiaYrYJxMhTkMDGtCO6XN0ccFfs0yl4QfetMivQhtu3gy7d4tODYGhVBQrZdg
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSAlNzap2RDmlq0zrTHUiwfl5_OAxE4nN2aQHiaYrYJxMhTkMDGtCO6XN0ccFfs0yl4QfetMivQhtu3gy7d4tODYGhVBQrZdg
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
3ec8c17f.36f0171f
date
Fri, 03 Nov 2023 03:30:59 GMT
x-bytefaas-request-id
20231103033059AD3FFD75AE98420097A6
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-54-206-24.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
x-parent-response-time
93,23.54.206.24
server-timing
cdn-cache; desc=MISS, edge; dur=85, origin; dur=8, inner; dur=5
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231103033059AD3FFD75AE98420097A6
x-cache-remote
TCP_MISS from a23-218-219-29.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSAlNzap2RDmlq0zrTHUiwfl5_OAxE4nN2aQHiaYrYJxMhTkMDGtCO6XN0ccFfs0yl4QfetMivQhtu3gy7d4tODYGhVBQrZdg
x-bytefaas-execution-duration
4.09
access-control-allow-origin
*
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
01e5f5982d15f752ffa4c8a97289182a9243d80cea6b819873cc5f9a53374f509fa23a88796004b250c5766b410c8773ac5715a703b07b842e2c7240cf1edd7553790ae1f0cdcb1865437c3e3519ed43d1a495e47bdc34f41aadf76963db9787ea3c1ad3bf6b46a7e95585d5e7c8af3699
x-origin-response-time
9,23.218.219.29
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Fri, 03 Nov 2023 03:30:59 GMT
attr
cm.g.doubleclick.net/pixel/ Frame F9D7
0
59 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JAqEUt-zxZJ6pklaFlJoiqsj_iJzUWO2-PhFLJvFjMklFHyLVOY_9yXonZ0DkT9ixLrFjgDsA
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:59 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame F72D
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
587833
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 27 Oct 2023 08:13:46 GMT
expires
Sat, 26 Oct 2024 08:13:46 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 4D79
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
587833
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 27 Oct 2023 08:13:46 GMT
expires
Sat, 26 Oct 2024 08:13:46 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ebHtml5PoliteBanner.js
secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ Frame 462C
309 KB
83 KB
Script
General
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5PoliteBanner.js
Requested by
Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1079734535&gdpr=&gdpr_consent=&w=970&h=90&ncu=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCtp8GcmlEZfaBMZ_n7_UPwLG70Amu5IDXc9TLuLjLEYKd3KDUARABIJWbyiFgkYSghYwYyAEJqAMByAObBKoErgJP0ATF5QlqBSGxZj9nuGykubA9tDV4dFdD_B0CJSw_9IzzeZu9bVSQzBhBkFeJWZkXJTNYkettxqCE0Y96_tP7KpvuJ2WPCss2PbbG-D7nwTNZpW-02hhPRN9pKeL9tjgBt1WKnbGIezjyrf2B-4qnVr1HCG8FVewu3b27EChgIpboJh_7DLv1XTgcTa9BQxIpWD_Fw_o2iNDgnnb0Y-477qIEMJzKfU0DtSNWLqBC7pbB0y2F85qfGAgz9kkco_PwJC2mt5iiyDBdVPGxumDUZmRLc1p2VKc6jue-wj0vSSWFXq48BaLLF2nouHZyDldNzLE-eiDW1_AOceFJScC9jZ2C8w24HfadNptBm33hT3bEZ3hSHWofyBPA19Byuf06_m1STH9DmyxAKIEI4MAEp5PY0coE4AQDiAXe7K_6TJAGAaAGTYAHx4-g5gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMCCoGCgS1uLECqg0CTkziDRMIiYOPkPKmggMVn_O7CB3A2A6asBPIjZYVyBOQyt7jA9ATANgTCtgUAdAVAfgWAYAXAegXBQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNZKj37rpNTIWhq7_Y0z8FiLNfHtAtMpYkgWl4RXoY4KxUuS5JAU5nogPw1o1WJ9euxFlYblLTORgB%26sig%3DAOD64_28Gi4-88e_PYehORqCSdpRBjXPnQ%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-DF-6lQqowWKryXxLixmbEhMMX0Gxwc0MH72EPdPvf1afAujns_3oPw9VMKI3stQrsSqhvWCqQh8l78NlRXI42kZTqwCs4mGH_J9-6PvatKuMEPk3w0_vPy0mahwhPlwmIzzaZtlmWVVlPx-sCL_W_pNQY54jKb0NAZYkdYnlYSwZq2mP8%26cry%3D1%26dbm_d%3DAKAmf-DwLgffGhqXDWMH6d9qGZkrmGgnoJUxfyDxj_ddturr9PlQJdzcGkEhLvqaEHzZlGdOvWEmW8_HemUP-hWmw4GLQ58-lMjz6_bQ1E0V_tOxQXb4mP7m9zJMPLZoZBBT5i-KdEj-lHz_vlj9MofgN4zBPFB9iB-XXk5ZTNpcATDpOj-9bwx-7nxA6puZLGQwcxM7K5YqmDidE3UddscgwdkQNE7Pt69GpE1vmxM8aUbqAePOt-uExQb28BP71htwGS7YZ5BZuDoWUURR6a4LUCJ32jGtj42rpHRFBpoav0AA7AbUT1Q5yY6Y5A1XlPM-hz1tPal3inOwNJUw3EjeLp5KgI5KCthfesonoeKyi60vV52zE_vJhrqoXXpLwJP6KZpjqcklFR3JsZbJjtlMaDqmkck7UTMx3pGd8jcLctM7nQbEj2b7x1_yp7t2fr1ggEtASZGzxfw9BFbXI-8PNq02-jgL6XJ93U1hkmtSj9QncEY3g0qoW1wjFm5j9vzgZeQyDQPMVlY5KdDblge4bo1_ang0KzmF-JzbqYP8UkSz04DOjdJF8atr8hb9f7ZpysKDMHpiKymXYLAqBmh__SpG42pXK0YpYDsu56aoycSSRIvY3VU%26adurl%3D&e=0&ord=1698982258803062&ifrm=-1&z=10000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-199.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7352b3fe4a527a40949b798008949d0e4e08c6bccc51e5a30c9e4e627ae47e73

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:59 GMT
content-encoding
gzip
x-amz-request-id
RX5REW9B80W579QX
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
content-length
84858
x-amz-id-2
amfSyzPDz+7CgvpHRzFtJJY0iElLyCHak286+gsdIVH9z/JxH6LD/IlAIjNz/l5pzUfE7agRZe8=
last-modified
Wed, 04 Oct 2023 14:16:44 GMT
server
AmazonS3
etag
"81e7166bcb0957c64931e7dfa94a5a07"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1313033
accept-ranges
bytes
x-amz-cf-id
0-mPthxMpS2dgoIO3DLEU7kvxGrWHevUgwp1_Mv88uBC9RD8S5cXaA==
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame F72D
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:11:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
1169
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Nov 2024 03:11:30 GMT
container.html
1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 734F
6 KB
3 KB
Document
General
Full URL
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tv.shoot-yalla.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:30:58 GMT
expires
Sat, 02 Nov 2024 03:30:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/
0
481 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=shoot-yalla.live_fluid_lb%2Bsq_leaderboardshootyalla&pn=1&sn=3&pc=0.21014567613601684&ds=true&e=wdp&dsReferer=dHYuc2hvb3QteWFsbGEubGl2ZS9saXZlLzEzMTUwLzEyNjE4L3V0YWgtamF6ei12cy1vcmxhbmRvLW1hZ2ljLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-nf-request-id
01HBTYD4N6T6Y3FXWYDHSEKYXW
date
Fri, 03 Nov 2023 03:30:59 GMT
cf-cache-status
HIT
age
1416146
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82018ab2d80eb8a6-AMS
e.js
live.demand.supply/e/
0
481 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=shoot-yalla.live_fluid_lb%2Bsq_leaderboardshootyalla&sy=aaa58263-ea13-4508-b8fb-88dd08c0a78a&ts=55&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=tv.shoot-yalla.live&mlre=undefined&mlin=0&mlsi=1000x280&mlbw=4g&mlcs=NaN&mltp=a4808ad4-84ad-42e8-ad99-1fb82291131c&e=lm&dsReferer=dHYuc2hvb3QteWFsbGEubGl2ZS9saXZlLzEzMTUwLzEyNjE4L3V0YWgtamF6ei12cy1vcmxhbmRvLW1hZ2ljLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-nf-request-id
01HBTYD4N6T6Y3FXWYDHSEKYXW
date
Fri, 03 Nov 2023 03:30:59 GMT
cf-cache-status
HIT
age
1416146
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82018ab2d810b8a6-AMS
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 4D79
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:11:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
1169
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Nov 2024 03:11:30 GMT
multitracking
ghb.aplhb.adipolo.com/adunit/
0
230 B
XHR
General
Full URL
https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/oLWia/hbw_master_751043_18393.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tv.shoot-yalla.live/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://tv.shoot-yalla.live
Date
Fri, 03 Nov 2023 03:30:59 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
pixel
googleads.g.doubleclick.net/xbbe/ Frame 80AA
640 B
262 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRC3hRoYjrXl-gEwAQ&v=APEucNWJD-AXLiE0zQt8Jf8TSxSDh5e_YSV9GjeRGmYdL1nsIVMteez_e9o_TTvomrEcdREpNH2Dnk95RNtl6zWOrittqyJbiBLicS7N5GYjslD7555iozGdlQ5yCeIt_JPGtjKMxpBzjz6NDgqcf7nmLG3FTa1n0e_BpskQ7mpT4sk4dHPVFIVtotA1WnI0PRQWOyaY1qbPP0vUpU8sUu0sf1xKno6_Iw
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:30:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 734F
89 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 03 Nov 2023 03:30:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 734F
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DgdbHBnkUDV6WyiD6ZSoXVVkLD8_DWq2MMCBdRUKJx52LGs26wX0e3xYkTBGImRwKwqMIilSgD1h_0CIYV6ejqdM2IEuMKJEwltS-CyTp7xHZ--ew
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 734F
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=454570151984943894&x=1&ct=76
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 734F
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
29459
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:20:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 734F
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
29459
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:20:00 GMT
l
www.google.com/ads/measurement/ Frame 734F
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSjPD1UrGcJ4UpBj74O21YQs_Qaodn5-uo_V0Y4iiXOcWMw_i9u1XbqHes3uh5-_DjoftxleJe24eUstjcVcbBY_awdtw
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 734F
189 KB
59 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Nov 2023 03:30:59 GMT
URLUtil.js
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_112_0_0/ Frame 462C
7 KB
2 KB
Script
General
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_112_0_0/URLUtil.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5PoliteBanner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-199.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
91cf683ee0db61e475ee4f5c12ba9281256db5662fd80f2b812067fd9d39b691

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:59 GMT
content-encoding
gzip
x-amz-request-id
18B5SXSC3BCVXRP5
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
content-length
1951
x-amz-id-2
gXMRn5sxpvE46ZxeX907MOWacVpdgsdnIcoWIq4fT1Cs9KVZVtK/alvg0M0EzlxxFjsVk2+Q5Yc=
last-modified
Wed, 04 Oct 2023 14:16:50 GMT
server
AmazonS3
etag
"3470a076f0022d50a41874998110932e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1347999
accept-ranges
bytes
x-amz-cf-id
nHcXCynyZmr-o5t3KWY39y1bBG9JMcWuPohR3mhUOsTAMF2B1qwqyw==
index.html
secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/ Frame 105D
12 KB
4 KB
Document
General
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/index.html?versionId=DAMWG0LdyZYZsMcVaTzLVdpDTJqD563y&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5PoliteBanner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-199.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f74f38236aabcdf56bcba65d1a71a6821397b73a763b1ce2127567f60db1e447

Request headers

Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
content-encoding
gzip
content-length
4062
content-type
text/html
date
Fri, 03 Nov 2023 03:30:59 GMT
etag
"5b49c162250b9699aea432588038aac5"
expires
Mon, 31 Dec 2035 00:00:00 GMT
last-modified
Fri, 13 Oct 2023 15:35:42 GMT
server
AmazonS3
vary
Accept-Encoding
x-amz-cf-id
dbhR6rRyTyxeyq_Z8oGz7pJ2nBog0DQdg6kaUs-ZvOrUULTNiPsP2g==
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
DAMWG0LdyZYZsMcVaTzLVdpDTJqD563y
IntersectionObserverVisibilityProvider.js
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_112_0_0/ Frame 462C
10 KB
3 KB
Script
General
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_112_0_0/IntersectionObserverVisibilityProvider.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5PoliteBanner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-199.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
099657171463b4ada4b9bbf48a40e2305f67331a210ca4bc457051e0499ee23b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:59 GMT
content-encoding
gzip
x-amz-request-id
18B6GRM88P5NNARY
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
content-length
2964
x-amz-id-2
X2AWivujUSPTORJCkkndbg1Y/ztnfNEU+mySKccTceEf4NitghBauiOr9gKmQGUcMsbLRwJBW7k=
last-modified
Wed, 04 Oct 2023 14:16:50 GMT
server
AmazonS3
etag
"08712066615c929ef7883423b4376874"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1765342
accept-ranges
bytes
x-amz-cf-id
3E0R67QqCjFoyg15pwb1EqI-9_h8svvnmq9jAbiBNyn2O0NJ2On9Vg==
nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html
s0.2mdn.net/sadbundle/14879938197739012096/ Frame 3015
2 KB
925 B
Document
General
Full URL
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=X0c0tHe0sE&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34203ceb9d0f82a0428e892f9ecbafbaea293692c4dc3d52dfa7bed5dfd87f5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
897
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:30:59 GMT
expires
Sat, 02 Nov 2024 03:30:59 GMT
last-modified
Thu, 28 Sep 2023 08:52:25 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B80F
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuQZeqbDS2spINB3L7onxw1vfji5ls4Rj_L_vaR0k4KaeBoprql_qCuVMDk9WenEbYg7gjwAs-5QiALMX45qkWhDkkF3YqDxKZzeWf4KpR27hbxRqMSPe945LBcQQ1g3cJxvxkSWaTFGQFPks5a8AM2oCbLh7vp0snOE6kQVoMoBklonEts9605ivmhUxtE6JXCcOFdXkjQjHdEni8WAlr2Sgi4a6QoPzldKGpVxVOuxH-R1LgB6HNtP7jJ_inUHr8xT3Uc2_J5riYALibLasJ4ue7VV47-yrC9IQFLYGgKSDvY1Ku0psVLrGQ6lEGAlhSuT42x0_njk9nS8Oz_Q3eKEQ4d_HHWy_5U-eOOdsCOaDHhxCgop85PHnk2EU5BBh0GUzRIBmyR5Rv-3vo3xNMd9ftPJchOCkTnokrJyMQzP6B1MBebp6YeQYktyVYrLrBitpMzur1xNNtMWukRE1tZOBvnvK0V3ZG0vS8rnWd7j87jQ-j56afMJNbIN-ThEyL_4i22fT_2o3lNSvUEKJ_z0sMLuSYFYZ9_HMo_xJpfK_lqLEAM13XbnT-_8ORF9P1YRdXI7nvtBLV01OWmYF26twbzz2Moq4UiTs-vo4QAQ564RJgn6bLg6x43QXf0cHzhtcl4hWQ8PvApa2IiIany_8q9pJaYDzRY1yjHuxXEnpbq-LRua_oLFFYk6KrKXF67eBPCehGb54-aOhLLcHyHkVrShdr_js2Zn9GRqJFl2KqvvPkW1RbFFC_MApcdMrDXzqZlplisQ03yr5HcT8oKgoasrL5qo7yrhcyM8Pku5mDzVpEnFWe4KW6dlNSgTqZQ3KqbBC2RQ_dC3UZhiq036Ztg-BMsBI7ghjakDjzAjPiebbFSpMC-z21Xx2mAy7G2QBlXCAxIjebKHf1GVJKdpFQdeYeUYOE18BkPFaqr9ptYt5JNK5RhT6LCO_vOTZvIqAM0EexrDqUsLIhn6kzlcird1FJcWb5EtjhBIrIZJMIn70I4RnGxcF0ptbK-vYVAmiZOO92_ZFzmvXp-JHIkGVNsS1gtreUryY-0epHVzkOgOUFgCPGHyVCZ3QrOhD9yrk1vjUsxMptlDV3JpX9gmrYUwS1XM7IsTm62tevpYdXiByNmokYFNqt_VtcI6BOhW3954i3csXdjWYkXdTz0y8RZEIKvHoMRsy5MDq9shkii5CQittwPNZHs2CFmUTXF_IYv9_y-NEccDJVUpPdS_HwxMD1mW1a47yqB5E4us8yJFWl9wqcqOUTdaRUBYttoGb1m3RPsKTl4UOjxA0TwsGoGmZib5WqM2hNw47-Er2gl8MNYMt7iKLXvyvaFYjz6vZOPsFKG9JaB83DDUdQxdUdxvaTbZIULGM7hv1iNsmLHOwXO-vAAXlkJ3KHnwAM1g0fAoALYKtIIB-NZaGzGNVfr2YXYtxC6EGIhGoSb4EbDgLAuMn5_LB42JRgYWnwIioB9&sai=AMfl-YRkODqFTc_QZ0MgCcWmLsryR6h_Lm7FLGIZJp2qtiyUVAtNWkCV2OhGJkENI9iXroINUekqyW9bO429w5_whtSruhO23XhSUGjW3BhTJfc-NznCJZgnblM4pLKM2aF-_t85xiA33zzWLbaJjqZg-86Jb3Orq0bnobfwXeRnXPRDs9JGnDN9JDYg-1Mxjq-MLC9zPkn_ng6mCck9PbW9Bs5UggubO62paLsusdaKHiBdb0qEyzio8mtlYxN4kMKMViThIDLhOVLoGSbfuWo8-OQzQ44hLlev-SqJDmP3VGLROLET_ACpt7aCHbWL&sig=Cg0ArKJSzFVEs1aFQspAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=243&cbvp=1&cstd=236&cisv=r20231031.61317&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 03 Nov 2023 03:30:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sd
us-u.openx.net/w/1.0/ Frame 80AA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJEmlIjF8xnWEskI8q2O0KA&google_cver=1
43 B
105 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJEmlIjF8xnWEskI8q2O0KA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRC3hRoYjrXl-gEwAQ&v=APEucNWJD-AXLiE0zQt8Jf8TSxSDh5e_YSV9GjeRGmYdL1nsIVMteez_e9o_TTvomrEcdREpNH2Dnk95RNtl6zWOrittqyJbiBLicS7N5GYjslD7555iozGdlQ5yCeIt_JPGtjKMxpBzjz6NDgqcf7nmLG3FTa1n0e_BpskQ7mpT4sk4dHPVFIVtotA1WnI0PRQWOyaY1qbPP0vUpU8sUu0sf1xKno6_Iw
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJEmlIjF8xnWEskI8q2O0KA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 80AA
43 B
210 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRC3hRoYjrXl-gEwAQ&v=APEucNWJD-AXLiE0zQt8Jf8TSxSDh5e_YSV9GjeRGmYdL1nsIVMteez_e9o_TTvomrEcdREpNH2Dnk95RNtl6zWOrittqyJbiBLicS7N5GYjslD7555iozGdlQ5yCeIt_JPGtjKMxpBzjz6NDgqcf7nmLG3FTa1n0e_BpskQ7mpT4sk4dHPVFIVtotA1WnI0PRQWOyaY1qbPP0vUpU8sUu0sf1xKno6_Iw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 80AA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEB0Kyo7gk2B6xzeNo9FOKnA&google_cver=1
23 B
163 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEB0Kyo7gk2B6xzeNo9FOKnA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRC3hRoYjrXl-gEwAQ&v=APEucNWJD-AXLiE0zQt8Jf8TSxSDh5e_YSV9GjeRGmYdL1nsIVMteez_e9o_TTvomrEcdREpNH2Dnk95RNtl6zWOrittqyJbiBLicS7N5GYjslD7555iozGdlQ5yCeIt_JPGtjKMxpBzjz6NDgqcf7nmLG3FTa1n0e_BpskQ7mpT4sk4dHPVFIVtotA1WnI0PRQWOyaY1qbPP0vUpU8sUu0sf1xKno6_Iw
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires
Fri, 03 Nov 2023 03:30:59 GMT
pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEB0Kyo7gk2B6xzeNo9FOKnA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 80AA
23 B
163 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRC3hRoYjrXl-gEwAQ&v=APEucNWJD-AXLiE0zQt8Jf8TSxSDh5e_YSV9GjeRGmYdL1nsIVMteez_e9o_TTvomrEcdREpNH2Dnk95RNtl6zWOrittqyJbiBLicS7N5GYjslD7555iozGdlQ5yCeIt_JPGtjKMxpBzjz6NDgqcf7nmLG3FTa1n0e_BpskQ7mpT4sk4dHPVFIVtotA1WnI0PRQWOyaY1qbPP0vUpU8sUu0sf1xKno6_Iw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires
Fri, 03 Nov 2023 03:30:59 GMT
pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 734F
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8603821692094&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 734F
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8603821692094&version=m202309260101&ct=76&x=1&cor=454570151984943900
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 734F
91 KB
38 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ASOQPGD8A_2bkbeDffLfLLrnhG-oVnvzm5jLQbZ3RFKlHfazhSQZHZXzAMzIsMOnxT1X-HcEllRzRc5BT7cBKRaPpQHv8XUsSueVRY6Zqo0wc_Esi3y9mc_lod6GjmKk1OpEqXA79xTCgn6rGciE6BQPxIWaJ4zln-lQOCB95ei-6Pgug&dbm_d=AKAmf-DNUgoaNXDlNj7c8fY2hKwL-iv8gKzFMc_62FTemTMcJ2H15KcdpUMG03nGuo2zB2k0EbiV8nDNhmQsW2vTuR31bEQIUtUwoFsqBC_PM6LPGVyrUKVqWnFW1mWkLxZ1xRnigDIpWfzC3OSp6RJLpEhPfhhcIccSAnWQdRSdEmGvLuRnlg9y9yuUXImQg5Uhlv2_4MxwHa3KiS19m2uNFoAA7rjenSC9CFQbUNZ51kbAWWeNhqm5g3cZ-9Ry9ppT-Q7GrNer-GXSrENVWOUGay1ECi9I4sUmTNNMDaEbHSD3PE6DQtYH64eEs_CvwPfc-YZ7QfWDWimCwOl5UKhuGWa1LCWUocZIk3rC8QjwOX1rdaAeKxnVu_7N0ET2XQxlU6-umHOOTVPYWKFp-WdTk_bAaN9YBULVkp-iD3U_C1IJiCY8d2ibYyi2Xi2MXDhNKSMSr4DhQXKE6lsqewRxT_1I6N83LdJqxJ9G-ov-5sEh5Lwj96WBZZJNt7FlOLpPYD7B8oM4IdzVV6v1s1Au7Ryda-uNnOCUwQzghtDJnhwPFvbT7scLLI95mY56I7tEh_R7T4-G8vyPkhdgHnI4IrW7xiTP4SLlWWiEBh0ZHwao2YqAlFf3rP-wXYUrx-mRqSyS3s_jwygOlvESK-HgKbosr4bJ_B4JrEnM0sDtNQT7qvduFhohUhYbdUj_0IDpCa_cmF826x_eezsABmmhirUjyY6dA1aHBNqSLeY_1KpJdsO_aqkqhVRBaJUO0UaN3Hgh62DCppmoFIHb63gy83J88ZlAWyxuN_YjM-nZsORWQsYFcSfix-109ilGwY3FhIy_47l6V9xA6Ulf51FrUhAfmEyh_udeyRiaUlRrzmZ4JBthnodYKdgROGBoICSsznHGovYK7dnZe8wKD1osIRGjzfdjty8H6wn0v1cdn8OYyUIEsFSND2UJj-J02V232R2Vxu1xs7iUHk8ur9-2NSLgrSPXfB5X3yY-85Be0_n3yzhg3_vP7jsYA9RYdYmPPiApjJp5yIInnrM91a-LGnYKzwpCZv6RQlBY8VavLDQSQf8qPFoDgfzMODLR9ARFDpNk0kpSMi3U_4hZTQqmwt0J5NQquuM9Ajr1bmvNvpoo1nSFJ26XAPqW-8ynndhFtVEftbU-4U3GQfvvNBIZi7g1sM1nUoEvUZTFgU1E9CX-y5jfxt3DoBRXv_D2G4jRFkUy25rIuRIJTlWUUrB6EwvMWa1CWiK7TPGk70uSWssHmviLZffJyGbeoOEdM3S-1XGYgXzgKAgkykwjm-XGUClEVlNwwwQwyp9c0sOUSNO8xl_SvbETW10_PDIt7QePfXk3MwQY5ecppMukdQFr4Pucpw_oBQTpKOl6UAOMCcGj4KZ45pFolKzA9cPPPBp3yupw8wyYeSTZOE-yZ1mHxICPoOh1IJkG510rr0efFe4tjRPHDkkCEpWiDohfSnrnyQMTJPAK8gVD78QeqQ0znRHLGYCCQY5IgHFWwH9QP5I9ofSmt_mCUKc62qqqTfSwn_zPj6eMaZnCJDh48QkUI6AGqHVMClNrENg8EzD5hyAMUPFYLqpavEWKYLmBuJd9OB05KodtBqjIkuP6gulgs_8HY5msSD-knG67iYPL_LBk_ZmxKKlpdqZixfQ-m-bihmy5oq1CCSdPcKNIezB8cISYicZg5ym3Rdc2IejXHdqm1v21ILPGmotJat-fBzUkgmvVjVFShss_w_Qn1MX_THWR1cginRL-Ghnx-OtNJN3Kbwq8sbLXXGooUyBW-IYZIQ1KJFtuv_zSj0vX5Q_E788lIpstoCZyH7q63Uo-SZClzs0sSRoKXs8bOTfqdL25m464x9EHCM_YnC5F7lAEW56dUJJ6QsxnQAYrEA4xYv3PYCnNnVlS57hMcWazZtQvSHohAUh56OS8lyPMwF8sBEteAK3RQ6gY0BCyRix5bpS5bDadq8ih59jmuP_rhT7QZ3grL6amq1A8ARoINas55Ghjbdlup9AUogwT0YFg9l4xlvaGp58bReq3jrDwTpxnJ1SVxUFoANDAPMiODDIBGyDyhujuXYHGYaExp0PIs2mMJZBQcyXYUZVWLlTUaUIIoxUcT3h6nBld4Y27CJHhrnKFTGqZZGMZvAo_KFAEaM0rm1F8N0ukLNc3HCgz3Lpfz2iF5X1xzolB4KWScg83B6DIRVwkgEUM36EZFSUpUlw7yVD5uDXESryfKAhyvByTQ7xfzTP38wmF3k8xCb5yaSJoEsu682YAvcAc_yBaQBXLRdNyGPMRc1v-sr-Vx9uLYlSEnW9v8hLLYdO_OzR25x4YWaUEiO2u0Yuy-fJ1nKKGMrrbTPRpQtYN0QGYEo_kYz04njPKUMHvk_qWUk7uangwd5CTC51hhWOrPuN5nXyrS4AgxC8Io2_e4xw0WquGvNWYdfczuYkXui2fKzcSdG1Ndax_3_iVmUHzdAUiF-HqNwUv2o4nVkYvQ1o1-39026MaBxGmoQvog0_W7Bkl2XFfX8YJU8iwlo1XGl7kjI_-MONH1io-1cnrnsJyUQRVIHcq6SZJtkUssgRZdtDibJaM5uPoEBBAWJ6jlBEemSeYFP9XENXZdaK9DPl4mpEEdk7uy-ZrzMcSCt6_mj_JUncS1uUSJtf5Jy3BeZvYg699rJ_e9qOCMLhpGexHxm0xZwu30mas521TcU8cTMuT50Ry1BH2Uq5aIm0DrR-g7GphUnRlmK2_kCmV6THRn3xrnp_I264UDW4Tb2mitHr85AuhFsN66lPxGB-MVw_oVfCtqC6ae2XLe7OV4kwDEgipf3dPRMpMQH7pGd8PJ-1CKXBcswm2Uih0OGRIdG56zmImtq5UqQzwagKumstSFeacThZiqZCFYPNBHN_I9wnl7iUlIKLbZhdOPnRGVEYbLqwQjGisxxXEg4bxPERlvOmYZbpmkg13eiZEE0RWyGGl7o_BgdRVYPfWhKcWOBHfatlrPdvNx5iRc5piane4hZU-trHrvGMHOnbEDz9cNwDxW74zRD6eXGEno2EYAGGRmYyJ0RUj2BflLhEogSt76u7QkgfaqPuU9x0DTttjNBsNYp4KVrmtEU6I2ifz78ZdVwAK7K-fFKTP1Ri6KLsjjud1XYo5qHHIEEq8u9ZdNBXVp6f8aBzkIhElrvsOprXw1IYW1Yne28HhvhU0V8FJEkocAs25OgiwwRyJfg5p_NBPxAA9CvnPQNCf_iJ2RmhVujQndebLKQjFygcZzszjegVJDSyZJx9M7i8fetj_aHtV10jcvVz_Yx65m6DwCOY5CGHvyBXTVQmmG015gMdtQPdYHZfO7JZghV-Dk8TzjPqCuh75Yy-MzxnYCvJr66yAQ5-0qBp_hOU7eWjIBCz5eUGlVLN1qk4AhhwhGHFUmqwZC5aGwnVN04j24LJ9C0CT6Ig5H6axMayXwgG-h7vw83j_CUK6XGK8zdXdoTZEbbv1p8b9nsDG3hEyH6Ns9sMaXoKawXEcf3RT3VX_kshFyjelwFSOif2K_ZsQBEVeRbRgFFY19EbxZ0SRC97hljNpJ4RMQ6r9C2pW8XADG6KwOo-lIg5GUiXVS2VA5jYQBbvOE5Qcy90s8RIAnjcVdnLCgY_Us0QnXMx9kmVHyW5nISJNWHj13UOqqhsLSZ70SxSKKrg6EUrziZzWBLMcq2n2zxhhNfEfSLN-jTWmyA3z381BMkNu97z107I7NPDQkSyyae2G_SofHZl1b805icxRh_krqNHlflpbRf-y8vdmud583kML3LJ29K4sG8eRBqsg1gVTTuA-gwQrXwuGS_xaUJUDAqEaGOlZMU7JwSlFtPkahhMxe9c9nmdXEqLZzZxN0hSQ9P5MBg5-IMy2xHGhcI9X1Y3TbeM&cid=CAQSPADICaaNAgNEG6ObLtZxlphWJZ27Uetcf_QPHUlJVrImT3IHHROY-vFnQouyu7aUXAprVHvS7j6TNoSNcxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftv.shoot-yalla.live%2F&ds=l&xdt=1&iif=1&cor=454570151984943900&adk=2857193498&idt=70&cac=0&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f3455c2295c31c55d1818c5dd1d7e44d8b8651cf0b569c0bacbaecb6f68a28d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38853
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
evt
lm.serving-sys.com/lm/ Frame 462C
0
230 B
XHR
General
Full URL
https://lm.serving-sys.com/lm/evt
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5PoliteBanner.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.76.235.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-76-235-209.eu-central-1.compute.amazonaws.com
Software
LogModule 0.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
Access-Control-Allow-Credentials
true
Server
LogModule 0.6
Content-Length
0
Content-Type
text/plain
Serving
bs.serving-sys.com/ Frame 462C
24 B
337 B
XHR
General
Full URL
https://bs.serving-sys.com/Serving?cn=display&c=40&dmae=0&sessionid=2668656297493226470&ai=1091776460&usercookie=u2=a47afddb-30f9-4109-807d-2ef61126fc03&oo=1&clsrc=2&clbv=_2_245_3_0&gdprpurposes=834&dg=1078198249&sdg=1079446192&ctick=104&ord=0.4880022938485675
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5PoliteBanner.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.87.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-87-200.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399

Request headers

Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
24
expires
Sun, 05-Jun-2005 22:00:00 GMT
adServer.bs
bs.serving-sys.com/Serving/ Frame 462C
0
294 B
Ping
General
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&dmae=0&int=1091776460~~0~~1078198249~~2668656297493226470^VsR~0~0~01020~106^VsRAg~0~0~01020~106^VsRAd~0~0~01020~106^AdStart~0~0~01020~107&usercookie=u2=a47afddb-30f9-4109-807d-2ef61126fc03&OptOut=1&rnd=0.6609067426396928&res=32
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5PoliteBanner.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.87.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-87-200.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Sun, 05-Jun-2005 22:00:00 GMT
camp_int=Advertiser-Banco%2520Popular%2520Dominicano%5ECampaign-BPD%2520%257c%2520BRANDING%2520INSTITUCIONAL_2023%5ESite-Double-click%2520Bid%2520Manager%5ETipoDeCompra-16769_OCT_2023_BANCO%2520POP...
bcp.crwdcntrl.net/5/c=14313/ Frame 462C
49 B
263 B
Image
General
Full URL
https://bcp.crwdcntrl.net/5/c=14313/camp_int=Advertiser-Banco%2520Popular%2520Dominicano%5ECampaign-BPD%2520%257c%2520BRANDING%2520INSTITUCIONAL_2023%5ESite-Double-click%2520Bid%2520Manager%5ETipoDeCompra-16769_OCT_2023_BANCO%2520POPULAR_AUTO%2520FERIA%2520POPULAR_BANCO%2520POPULAR%2520AUTOFERIA%2520DIGITAL%2520OCTUBRE%25202023_DV360_CPM_IMP_SB_45212_45239_0_0_0_970x90_SET%2520DE%2520BANNERS%2520INTERESES%2520PYME%252fEMPRESA%5Eimpressions
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.8.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-8-73.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.2.92
content-length
49
expires
0
camp_int=Advertiser-Banco%2520Popular%2520Dominicano%5ECampaign-BPD%2520%257c%2520BRANDING%2520INSTITUCIONAL_2023%5ESite-Double-click%2520Bid%2520Manager%5ETipoDeCompra-16769_OCT_2023_BANCO%2520POP...
bcp.crwdcntrl.net/5/c=12100/ Frame 462C
49 B
264 B
Image
General
Full URL
https://bcp.crwdcntrl.net/5/c=12100/camp_int=Advertiser-Banco%2520Popular%2520Dominicano%5ECampaign-BPD%2520%257c%2520BRANDING%2520INSTITUCIONAL_2023%5ESite-Double-click%2520Bid%2520Manager%5ETipoDeCompra-16769_OCT_2023_BANCO%2520POPULAR_AUTO%2520FERIA%2520POPULAR_BANCO%2520POPULAR%2520AUTOFERIA%2520DIGITAL%2520OCTUBRE%25202023_DV360_CPM_IMP_SB_45212_45239_0_0_0_970x90_SET%2520DE%2520BANNERS%2520INTERESES%2520PYME%252fEMPRESA%5Eimpressions
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.8.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-8-73.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.1.171
content-length
49
expires
0
adkit.js
secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/ Frame 105D
71 KB
23 KB
Script
General
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/index.html?versionId=DAMWG0LdyZYZsMcVaTzLVdpDTJqD563y&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-199.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a047140cc174d554a323b1b787199a21c2c976e9991fa0428ac9a94a641190ed

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/index.html?versionId=DAMWG0LdyZYZsMcVaTzLVdpDTJqD563y&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:59 GMT
content-encoding
gzip
last-modified
Tue, 18 Jul 2023 10:47:09 GMT
server
AmazonS3
x-amz-request-id
HBSGT7N0E2FFYCMD
x-amz-cf-pop
JFK50-P7
etag
"257b68f9ecc3e5a28f10fd241e580d02"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
Jgi17OLS2vvPjBmcHT1WbnilT39vwrZYWZs03sdCBtDTQ3ZNQfutaQ==
x-amz-id-2
sZORBlvsPwaBNHoBeGY+XFv35uCnZ3xYG3cQRt+6oeP3/FWlBREVT866CIcq1Qgl6oPk4rudu/o=
content-length
22905
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 3015
120 KB
41 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=X0c0tHe0sE&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=X0c0tHe0sE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 17:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37802
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 17:00:57 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.0.5/ Frame 3015
55 KB
21 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.0.5/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=X0c0tHe0sE&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a441c4f1b90c992eacea5aa9ed1f7143c5e0ca315d26edcc3468ce5ea61e03a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2279926
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20311
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-ddb1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eoum7h8%2BPAqHyex2NxabfkrPAWFpzrR5gTFIM8e%2BXAFqiuEkCMjgmM1SkgoC%2FUGhNX0SyPOWYPFiEbj4Lu7ZwRBFwKi%2BriTANqGFwBBg9Go2OJoAKSEPHSYjNuOENj9vwj5xOCrsA7cvPH%2F1a6dhcj8S"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82018ab4885f0b38-AMS
expires
Wed, 23 Oct 2024 03:30:59 GMT
adServer.bs
bs.serving-sys.com/Serving/ Frame 462C
0
294 B
XHR
General
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&dmae=0&interactionsStr=$$1091776460~~0~~1078198249~~2668656297493226470%5EActualSize~970x90x0x1x0000x0x0x970x90~0~01020~167$$&usercookie=u2=a47afddb-30f9-4109-807d-2ef61126fc03&OptOut=1&rnd=0.3302770263143986&res=32
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5PoliteBanner.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.87.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-87-200.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Sun, 05-Jun-2005 22:00:00 GMT
adServer.bs
bs.serving-sys.com/Serving/ Frame 462C
0
294 B
XHR
General
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&dmae=0&interactionsStr=$$1091776460~~0~~1078198249~~2668656297493226470%5EAdParams~ifr%3D2%26loc%3D0x0%26size%3D970x90%26cb%3D2%26env%3D0%26vsbp%3D10%26bi%3D-1%26idx%3D1~0~01020~167$$&usercookie=u2=a47afddb-30f9-4109-807d-2ef61126fc03&OptOut=1&rnd=0.7621045404322373&res=32
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5PoliteBanner.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.87.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-87-200.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Sun, 05-Jun-2005 22:00:00 GMT
config.js
secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/ Frame 105D
4 KB
1 KB
Script
General
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/config.js?versionId=cxbBh7vBsclXWZV_7OWAosu9ORAGYa0Q
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-199.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3306b0aeb55f1b0e88abe898f2b5c7238a487f4619482192729a1ac9d1e61b6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/index.html?versionId=DAMWG0LdyZYZsMcVaTzLVdpDTJqD563y&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
cxbBh7vBsclXWZV_7OWAosu9ORAGYa0Q
content-encoding
gzip
date
Fri, 03 Nov 2023 03:30:59 GMT
last-modified
Fri, 13 Oct 2023 15:35:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
etag
"59dbbe017f16264b3cc25a8e63570d2f"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
XGilL0C2u8PMMgYfZdjFSNaRO7w03nGO2R0tul42cKZZiOpGjKJNZQ==
content-length
1124
expires
Mon, 31 Dec 2035 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F72D
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BXt8sc2lEZZ7jF9T8x_APhL-lgAYAAAAAOAHgBAI&bg=!bm2lbSLNAAb4oU7C2KE7ADQBe5WfONTdQbR6OsFRRwXSa6C7k8fS3K_mGbI6wD1Eh5BFyDM-pWu_9rvHNEESh83Ch7iOAgAAALNSAAAABGgBB5kDR6w6-471uFRNT9K0EZq-nMx7sdFoG477FAeAJH6ytPl-XbC2m6xzrP2CWIzN28dOoi8_lfZmVcvSr4xaDxUPpKq355tTi8mHXZqTOgZptSVCRS4_034RY3Elar4Cq3VtEILAlBrJtCYXzRF5zx928yRxDvS38cxyRPSJry9NGHQXZ4VYK7ZzxdNMDwzD8nNt8Egg_LoAa8YKC1_YHcRq0o0CkBEf8EfTHtG58CM31WQffhYT-LWoz2d48g8an1uwol5z1V3OLQvu_Onetfq31Rr9BDcJGvV5Wkl167a0xAVOezc62aq_pPWLg-4W3nmgiJzJbm8YPyPYdcukTNQCnwhAH95c2tb7bY-tdtTQPGWGLmd2iUf_OWZZ-T5sW1MLEnek9YV5nR4szz8WfuBQO-IZf9EpAPGr9ElIxaZn7-wiatrRaEcBPWSQJuilr1VbETN86oIoiFTPqnEBRuv-oOMZX2zhCXTriMXQINCCjAli4AUuEsC58nMhD2dtw_bbH_Eq04_RvLu0q2C7Cq_58A2j1vNHfn-YVxtwb5vYS9tZeMr-xyM6V2DBZC9K1cnGeBKJmNSZSfJqsRBkfsVPLR_TAogGVz22ye5ESZ-1rOTbzhT781YwHGJtW3XWeXAyi8GXuzSrabx_mpApHYYUk-RcTpBJGgx1JbPz2eYUNlPdEIDTTjiuBUIHzadqnQpWi1L9LdNnm04FPjaDqipDjiAyHPxknSNyfcm50Pj5ivCBfTIi7rf3Qwt5e9IdCSobjnXkzN0b1PzvoYlj-PRgS87_7Kzxt2qCxmwIUY9B9AuVSFzv3sKHhD4Nf6v3chTcRw1v3hKuEDPF0vYYUKmlBXIMIV5wcQA23OuoxrmhTRL4_Fnaw2qDTj6HdLAF0MMBVKWtkxsRX-XseASq8Xgags9l5-8MFBM0tPXbkxrAXI4Esk-AbqwTFJYH2sBdCGbuOGzMfUwFvBoukdVIqDCL_d8DyVPvb3dY74Z1HZ1VGWBQ9vJ1DhtzU2c7gZ7_xEYMhC1nUUpxOAFfYsix-BnOIjMPOp_5rSuZp0DrJYtqMtjp2f_dUgeAFXEB-E7ZqLBobPx4bueVlYc6rn4HTIjcrzO84gO3Je0S
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D79
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BXUUAc2lEZeucF8_px_AP3pSryAwAAAAAOAHgBAI&bg=!VFelVxjNAAb4oU7C2KE7ADQBe5WfOC5nAqeIJfgFr6kHaOvhbyp1YND3i4QpqO23Ouv4ZWDymnbmCIIANuE4qw4KXBx0AgAAAI9SAAAABmgBB5kDTjZ23OxbBacDGmvRRYiV_kSfbM4v1Sjz2TppxFOA1r118EaLVmWiRpv34kkVUUy_N219V5tIJZLvPyB5b7VW4u9ndWcFjGWntXetqwasCbMrecixxX2cZniHsPqNa5s3GQMP8mosDQjPl8nyy0iQkcib91-FAA4w_kQ32wKjU6_knyJ57n396H4UnKOXCVa-hYra0pIL4-zofbGJEtN9kqKwRHEBsE7tBi3tupxm4WTNTW8UTmiAi47AWnT6ubpwfUx4F9oe-U6SozgDeR8X89i4wUNrg97nkyRhG5vaB2EoAxyk5dOFub5UUh0WO1A-QmgdtvBdvnoT2Qcvvm9T2dCmGr2JWUmey3wiQsQdBXOQuwLK9qcjPyngTEaHph65Q1DYJvb-fBMoHHd5-fh5rJ-oQUXzWSajlXVj19_HeT0smcsNHlO2quRDbxX904JVVpy-_tb5vl7Z3m7DmBb2lXkPEbBE29Y28uWOzcrJu_8RRJvquhu2bj8pLmEunSdP-eJLr7O0jFJG9rpytl2nf-dx7K-GCSgB32_sIfq98N3bL6Uqc0BY5C-mSKTCObopwHr6CHrEIMXpQw0PQ6L2KxE6hjZnBRK61PZhCESgKHsxlQTxzsFGLFP7b4l338QJSKE8Zd-NeDxYMu5JnD_gkh4xQPCE9SD3wsWwmrMRREexiefhHstjjfYV1m--vFzCneZs34kNOQlPOmceCTJxkhoCNCMVqT0ywnUzeL-bb7VtCPJoiRBcb85KHVdOWvJApBodGVmefOGBbb-pbU5CdYViQfsWv6ftAxnN2MvU79N3bNwD7rvXCbBamBkoIz-aXl1z0FMfYtOc9bZy8OvoIpTaG16Ti3qi7EdZzrVmC17cCbBN9c4Bjj7XnJE75sAQLBQGfU5Z0FhTL46IwSleLckxBoi1CGXcdaceYpF_9L_JdgxlJQqmip78IBcwzUBafV6F8otgH_G6NgavIVfj6_UdmC1PwXET7N3GA5USOWbEZVXJhw6nn8lmVzBloRLdhxsd4s3IW2drOja-oqgud6NHfN0gDfeCrNeTttouPUY2wWyxLbSdXW0wup4rh24rSqwA58jCflRy1vWW3icU1BpcsatH0pTLiVLhlgXKHw
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:30:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
optional.js
secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/contrib/requirejs-optional/ Frame 105D
241 B
548 B
Script
General
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/contrib/requirejs-optional/optional.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-199.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b3d2d45118f3987c4a926a5e7454898f3b1a9c2be1efb1297f5e0ec555361c1f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/index.html?versionId=DAMWG0LdyZYZsMcVaTzLVdpDTJqD563y&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:30:59 GMT
content-encoding
gzip
last-modified
Tue, 18 Jul 2023 10:47:10 GMT
server
AmazonS3
x-amz-request-id
26R87S3661B7ZBCM
x-amz-cf-pop
JFK50-P7
etag
"fff4f7d0d640c4b6ea3612ad292bc75b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
Bazv9_YhzO__iU3M8OU7wMSti587shVpSCTplX9Kd9vy70qOiXDUSg==
x-amz-id-2
ofKswRSVfRYzdn5UkcV38ShWTFokonui9CCfa370asJvZiXRtddU/7fnSqNDCUh9Qxurdp6fDEQ=
content-length
178
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 734F
172 KB
60 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
Origin
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 07:14:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72983
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 07:14:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/ Frame 734F
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ASOQPGD8A_2bkbeDffLfLLrnhG-oVnvzm5jLQbZ3RFKlHfazhSQZHZXzAMzIsMOnxT1X-HcEllRzRc5BT7cBKRaPpQHv8XUsSueVRY6Zqo0wc_Esi3y9mc_lod6GjmKk1OpEqXA79xTCgn6rGciE6BQPxIWaJ4zln-lQOCB95ei-6Pgug&dbm_d=AKAmf-DNUgoaNXDlNj7c8fY2hKwL-iv8gKzFMc_62FTemTMcJ2H15KcdpUMG03nGuo2zB2k0EbiV8nDNhmQsW2vTuR31bEQIUtUwoFsqBC_PM6LPGVyrUKVqWnFW1mWkLxZ1xRnigDIpWfzC3OSp6RJLpEhPfhhcIccSAnWQdRSdEmGvLuRnlg9y9yuUXImQg5Uhlv2_4MxwHa3KiS19m2uNFoAA7rjenSC9CFQbUNZ51kbAWWeNhqm5g3cZ-9Ry9ppT-Q7GrNer-GXSrENVWOUGay1ECi9I4sUmTNNMDaEbHSD3PE6DQtYH64eEs_CvwPfc-YZ7QfWDWimCwOl5UKhuGWa1LCWUocZIk3rC8QjwOX1rdaAeKxnVu_7N0ET2XQxlU6-umHOOTVPYWKFp-WdTk_bAaN9YBULVkp-iD3U_C1IJiCY8d2ibYyi2Xi2MXDhNKSMSr4DhQXKE6lsqewRxT_1I6N83LdJqxJ9G-ov-5sEh5Lwj96WBZZJNt7FlOLpPYD7B8oM4IdzVV6v1s1Au7Ryda-uNnOCUwQzghtDJnhwPFvbT7scLLI95mY56I7tEh_R7T4-G8vyPkhdgHnI4IrW7xiTP4SLlWWiEBh0ZHwao2YqAlFf3rP-wXYUrx-mRqSyS3s_jwygOlvESK-HgKbosr4bJ_B4JrEnM0sDtNQT7qvduFhohUhYbdUj_0IDpCa_cmF826x_eezsABmmhirUjyY6dA1aHBNqSLeY_1KpJdsO_aqkqhVRBaJUO0UaN3Hgh62DCppmoFIHb63gy83J88ZlAWyxuN_YjM-nZsORWQsYFcSfix-109ilGwY3FhIy_47l6V9xA6Ulf51FrUhAfmEyh_udeyRiaUlRrzmZ4JBthnodYKdgROGBoICSsznHGovYK7dnZe8wKD1osIRGjzfdjty8H6wn0v1cdn8OYyUIEsFSND2UJj-J02V232R2Vxu1xs7iUHk8ur9-2NSLgrSPXfB5X3yY-85Be0_n3yzhg3_vP7jsYA9RYdYmPPiApjJp5yIInnrM91a-LGnYKzwpCZv6RQlBY8VavLDQSQf8qPFoDgfzMODLR9ARFDpNk0kpSMi3U_4hZTQqmwt0J5NQquuM9Ajr1bmvNvpoo1nSFJ26XAPqW-8ynndhFtVEftbU-4U3GQfvvNBIZi7g1sM1nUoEvUZTFgU1E9CX-y5jfxt3DoBRXv_D2G4jRFkUy25rIuRIJTlWUUrB6EwvMWa1CWiK7TPGk70uSWssHmviLZffJyGbeoOEdM3S-1XGYgXzgKAgkykwjm-XGUClEVlNwwwQwyp9c0sOUSNO8xl_SvbETW10_PDIt7QePfXk3MwQY5ecppMukdQFr4Pucpw_oBQTpKOl6UAOMCcGj4KZ45pFolKzA9cPPPBp3yupw8wyYeSTZOE-yZ1mHxICPoOh1IJkG510rr0efFe4tjRPHDkkCEpWiDohfSnrnyQMTJPAK8gVD78QeqQ0znRHLGYCCQY5IgHFWwH9QP5I9ofSmt_mCUKc62qqqTfSwn_zPj6eMaZnCJDh48QkUI6AGqHVMClNrENg8EzD5hyAMUPFYLqpavEWKYLmBuJd9OB05KodtBqjIkuP6gulgs_8HY5msSD-knG67iYPL_LBk_ZmxKKlpdqZixfQ-m-bihmy5oq1CCSdPcKNIezB8cISYicZg5ym3Rdc2IejXHdqm1v21ILPGmotJat-fBzUkgmvVjVFShss_w_Qn1MX_THWR1cginRL-Ghnx-OtNJN3Kbwq8sbLXXGooUyBW-IYZIQ1KJFtuv_zSj0vX5Q_E788lIpstoCZyH7q63Uo-SZClzs0sSRoKXs8bOTfqdL25m464x9EHCM_YnC5F7lAEW56dUJJ6QsxnQAYrEA4xYv3PYCnNnVlS57hMcWazZtQvSHohAUh56OS8lyPMwF8sBEteAK3RQ6gY0BCyRix5bpS5bDadq8ih59jmuP_rhT7QZ3grL6amq1A8ARoINas55Ghjbdlup9AUogwT0YFg9l4xlvaGp58bReq3jrDwTpxnJ1SVxUFoANDAPMiODDIBGyDyhujuXYHGYaExp0PIs2mMJZBQcyXYUZVWLlTUaUIIoxUcT3h6nBld4Y27CJHhrnKFTGqZZGMZvAo_KFAEaM0rm1F8N0ukLNc3HCgz3Lpfz2iF5X1xzolB4KWScg83B6DIRVwkgEUM36EZFSUpUlw7yVD5uDXESryfKAhyvByTQ7xfzTP38wmF3k8xCb5yaSJoEsu682YAvcAc_yBaQBXLRdNyGPMRc1v-sr-Vx9uLYlSEnW9v8hLLYdO_OzR25x4YWaUEiO2u0Yuy-fJ1nKKGMrrbTPRpQtYN0QGYEo_kYz04njPKUMHvk_qWUk7uangwd5CTC51hhWOrPuN5nXyrS4AgxC8Io2_e4xw0WquGvNWYdfczuYkXui2fKzcSdG1Ndax_3_iVmUHzdAUiF-HqNwUv2o4nVkYvQ1o1-39026MaBxGmoQvog0_W7Bkl2XFfX8YJU8iwlo1XGl7kjI_-MONH1io-1cnrnsJyUQRVIHcq6SZJtkUssgRZdtDibJaM5uPoEBBAWJ6jlBEemSeYFP9XENXZdaK9DPl4mpEEdk7uy-ZrzMcSCt6_mj_JUncS1uUSJtf5Jy3BeZvYg699rJ_e9qOCMLhpGexHxm0xZwu30mas521TcU8cTMuT50Ry1BH2Uq5aIm0DrR-g7GphUnRlmK2_kCmV6THRn3xrnp_I264UDW4Tb2mitHr85AuhFsN66lPxGB-MVw_oVfCtqC6ae2XLe7OV4kwDEgipf3dPRMpMQH7pGd8PJ-1CKXBcswm2Uih0OGRIdG56zmImtq5UqQzwagKumstSFeacThZiqZCFYPNBHN_I9wnl7iUlIKLbZhdOPnRGVEYbLqwQjGisxxXEg4bxPERlvOmYZbpmkg13eiZEE0RWyGGl7o_BgdRVYPfWhKcWOBHfatlrPdvNx5iRc5piane4hZU-trHrvGMHOnbEDz9cNwDxW74zRD6eXGEno2EYAGGRmYyJ0RUj2BflLhEogSt76u7QkgfaqPuU9x0DTttjNBsNYp4KVrmtEU6I2ifz78ZdVwAK7K-fFKTP1Ri6KLsjjud1XYo5qHHIEEq8u9ZdNBXVp6f8aBzkIhElrvsOprXw1IYW1Yne28HhvhU0V8FJEkocAs25OgiwwRyJfg5p_NBPxAA9CvnPQNCf_iJ2RmhVujQndebLKQjFygcZzszjegVJDSyZJx9M7i8fetj_aHtV10jcvVz_Yx65m6DwCOY5CGHvyBXTVQmmG015gMdtQPdYHZfO7JZghV-Dk8TzjPqCuh75Yy-MzxnYCvJr66yAQ5-0qBp_hOU7eWjIBCz5eUGlVLN1qk4AhhwhGHFUmqwZC5aGwnVN04j24LJ9C0CT6Ig5H6axMayXwgG-h7vw83j_CUK6XGK8zdXdoTZEbbv1p8b9nsDG3hEyH6Ns9sMaXoKawXEcf3RT3VX_kshFyjelwFSOif2K_ZsQBEVeRbRgFFY19EbxZ0SRC97hljNpJ4RMQ6r9C2pW8XADG6KwOo-lIg5GUiXVS2VA5jYQBbvOE5Qcy90s8RIAnjcVdnLCgY_Us0QnXMx9kmVHyW5nISJNWHj13UOqqhsLSZ70SxSKKrg6EUrziZzWBLMcq2n2zxhhNfEfSLN-jTWmyA3z381BMkNu97z107I7NPDQkSyyae2G_SofHZl1b805icxRh_krqNHlflpbRf-y8vdmud583kML3LJ29K4sG8eRBqsg1gVTTuA-gwQrXwuGS_xaUJUDAqEaGOlZMU7JwSlFtPkahhMxe9c9nmdXEqLZzZxN0hSQ9P5MBg5-IMy2xHGhcI9X1Y3TbeM&cid=CAQSPADICaaNAgNEG6ObLtZxlphWJZ27Uetcf_QPHUlJVrImT3IHHROY-vFnQouyu7aUXAprVHvS7j6TNoSNcxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftv.shoot-yalla.live%2F&ds=l&xdt=1&iif=1&cor=454570151984943900&adk=2857193498&idt=70&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 13:34:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
50201
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 13:34:18 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/ Frame 734F
30 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231031/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ASOQPGD8A_2bkbeDffLfLLrnhG-oVnvzm5jLQbZ3RFKlHfazhSQZHZXzAMzIsMOnxT1X-HcEllRzRc5BT7cBKRaPpQHv8XUsSueVRY6Zqo0wc_Esi3y9mc_lod6GjmKk1OpEqXA79xTCgn6rGciE6BQPxIWaJ4zln-lQOCB95ei-6Pgug&dbm_d=AKAmf-DNUgoaNXDlNj7c8fY2hKwL-iv8gKzFMc_62FTemTMcJ2H15KcdpUMG03nGuo2zB2k0EbiV8nDNhmQsW2vTuR31bEQIUtUwoFsqBC_PM6LPGVyrUKVqWnFW1mWkLxZ1xRnigDIpWfzC3OSp6RJLpEhPfhhcIccSAnWQdRSdEmGvLuRnlg9y9yuUXImQg5Uhlv2_4MxwHa3KiS19m2uNFoAA7rjenSC9CFQbUNZ51kbAWWeNhqm5g3cZ-9Ry9ppT-Q7GrNer-GXSrENVWOUGay1ECi9I4sUmTNNMDaEbHSD3PE6DQtYH64eEs_CvwPfc-YZ7QfWDWimCwOl5UKhuGWa1LCWUocZIk3rC8QjwOX1rdaAeKxnVu_7N0ET2XQxlU6-umHOOTVPYWKFp-WdTk_bAaN9YBULVkp-iD3U_C1IJiCY8d2ibYyi2Xi2MXDhNKSMSr4DhQXKE6lsqewRxT_1I6N83LdJqxJ9G-ov-5sEh5Lwj96WBZZJNt7FlOLpPYD7B8oM4IdzVV6v1s1Au7Ryda-uNnOCUwQzghtDJnhwPFvbT7scLLI95mY56I7tEh_R7T4-G8vyPkhdgHnI4IrW7xiTP4SLlWWiEBh0ZHwao2YqAlFf3rP-wXYUrx-mRqSyS3s_jwygOlvESK-HgKbosr4bJ_B4JrEnM0sDtNQT7qvduFhohUhYbdUj_0IDpCa_cmF826x_eezsABmmhirUjyY6dA1aHBNqSLeY_1KpJdsO_aqkqhVRBaJUO0UaN3Hgh62DCppmoFIHb63gy83J88ZlAWyxuN_YjM-nZsORWQsYFcSfix-109ilGwY3FhIy_47l6V9xA6Ulf51FrUhAfmEyh_udeyRiaUlRrzmZ4JBthnodYKdgROGBoICSsznHGovYK7dnZe8wKD1osIRGjzfdjty8H6wn0v1cdn8OYyUIEsFSND2UJj-J02V232R2Vxu1xs7iUHk8ur9-2NSLgrSPXfB5X3yY-85Be0_n3yzhg3_vP7jsYA9RYdYmPPiApjJp5yIInnrM91a-LGnYKzwpCZv6RQlBY8VavLDQSQf8qPFoDgfzMODLR9ARFDpNk0kpSMi3U_4hZTQqmwt0J5NQquuM9Ajr1bmvNvpoo1nSFJ26XAPqW-8ynndhFtVEftbU-4U3GQfvvNBIZi7g1sM1nUoEvUZTFgU1E9CX-y5jfxt3DoBRXv_D2G4jRFkUy25rIuRIJTlWUUrB6EwvMWa1CWiK7TPGk70uSWssHmviLZffJyGbeoOEdM3S-1XGYgXzgKAgkykwjm-XGUClEVlNwwwQwyp9c0sOUSNO8xl_SvbETW10_PDIt7QePfXk3MwQY5ecppMukdQFr4Pucpw_oBQTpKOl6UAOMCcGj4KZ45pFolKzA9cPPPBp3yupw8wyYeSTZOE-yZ1mHxICPoOh1IJkG510rr0efFe4tjRPHDkkCEpWiDohfSnrnyQMTJPAK8gVD78QeqQ0znRHLGYCCQY5IgHFWwH9QP5I9ofSmt_mCUKc62qqqTfSwn_zPj6eMaZnCJDh48QkUI6AGqHVMClNrENg8EzD5hyAMUPFYLqpavEWKYLmBuJd9OB05KodtBqjIkuP6gulgs_8HY5msSD-knG67iYPL_LBk_ZmxKKlpdqZixfQ-m-bihmy5oq1CCSdPcKNIezB8cISYicZg5ym3Rdc2IejXHdqm1v21ILPGmotJat-fBzUkgmvVjVFShss_w_Qn1MX_THWR1cginRL-Ghnx-OtNJN3Kbwq8sbLXXGooUyBW-IYZIQ1KJFtuv_zSj0vX5Q_E788lIpstoCZyH7q63Uo-SZClzs0sSRoKXs8bOTfqdL25m464x9EHCM_YnC5F7lAEW56dUJJ6QsxnQAYrEA4xYv3PYCnNnVlS57hMcWazZtQvSHohAUh56OS8lyPMwF8sBEteAK3RQ6gY0BCyRix5bpS5bDadq8ih59jmuP_rhT7QZ3grL6amq1A8ARoINas55Ghjbdlup9AUogwT0YFg9l4xlvaGp58bReq3jrDwTpxnJ1SVxUFoANDAPMiODDIBGyDyhujuXYHGYaExp0PIs2mMJZBQcyXYUZVWLlTUaUIIoxUcT3h6nBld4Y27CJHhrnKFTGqZZGMZvAo_KFAEaM0rm1F8N0ukLNc3HCgz3Lpfz2iF5X1xzolB4KWScg83B6DIRVwkgEUM36EZFSUpUlw7yVD5uDXESryfKAhyvByTQ7xfzTP38wmF3k8xCb5yaSJoEsu682YAvcAc_yBaQBXLRdNyGPMRc1v-sr-Vx9uLYlSEnW9v8hLLYdO_OzR25x4YWaUEiO2u0Yuy-fJ1nKKGMrrbTPRpQtYN0QGYEo_kYz04njPKUMHvk_qWUk7uangwd5CTC51hhWOrPuN5nXyrS4AgxC8Io2_e4xw0WquGvNWYdfczuYkXui2fKzcSdG1Ndax_3_iVmUHzdAUiF-HqNwUv2o4nVkYvQ1o1-39026MaBxGmoQvog0_W7Bkl2XFfX8YJU8iwlo1XGl7kjI_-MONH1io-1cnrnsJyUQRVIHcq6SZJtkUssgRZdtDibJaM5uPoEBBAWJ6jlBEemSeYFP9XENXZdaK9DPl4mpEEdk7uy-ZrzMcSCt6_mj_JUncS1uUSJtf5Jy3BeZvYg699rJ_e9qOCMLhpGexHxm0xZwu30mas521TcU8cTMuT50Ry1BH2Uq5aIm0DrR-g7GphUnRlmK2_kCmV6THRn3xrnp_I264UDW4Tb2mitHr85AuhFsN66lPxGB-MVw_oVfCtqC6ae2XLe7OV4kwDEgipf3dPRMpMQH7pGd8PJ-1CKXBcswm2Uih0OGRIdG56zmImtq5UqQzwagKumstSFeacThZiqZCFYPNBHN_I9wnl7iUlIKLbZhdOPnRGVEYbLqwQjGisxxXEg4bxPERlvOmYZbpmkg13eiZEE0RWyGGl7o_BgdRVYPfWhKcWOBHfatlrPdvNx5iRc5piane4hZU-trHrvGMHOnbEDz9cNwDxW74zRD6eXGEno2EYAGGRmYyJ0RUj2BflLhEogSt76u7QkgfaqPuU9x0DTttjNBsNYp4KVrmtEU6I2ifz78ZdVwAK7K-fFKTP1Ri6KLsjjud1XYo5qHHIEEq8u9ZdNBXVp6f8aBzkIhElrvsOprXw1IYW1Yne28HhvhU0V8FJEkocAs25OgiwwRyJfg5p_NBPxAA9CvnPQNCf_iJ2RmhVujQndebLKQjFygcZzszjegVJDSyZJx9M7i8fetj_aHtV10jcvVz_Yx65m6DwCOY5CGHvyBXTVQmmG015gMdtQPdYHZfO7JZghV-Dk8TzjPqCuh75Yy-MzxnYCvJr66yAQ5-0qBp_hOU7eWjIBCz5eUGlVLN1qk4AhhwhGHFUmqwZC5aGwnVN04j24LJ9C0CT6Ig5H6axMayXwgG-h7vw83j_CUK6XGK8zdXdoTZEbbv1p8b9nsDG3hEyH6Ns9sMaXoKawXEcf3RT3VX_kshFyjelwFSOif2K_ZsQBEVeRbRgFFY19EbxZ0SRC97hljNpJ4RMQ6r9C2pW8XADG6KwOo-lIg5GUiXVS2VA5jYQBbvOE5Qcy90s8RIAnjcVdnLCgY_Us0QnXMx9kmVHyW5nISJNWHj13UOqqhsLSZ70SxSKKrg6EUrziZzWBLMcq2n2zxhhNfEfSLN-jTWmyA3z381BMkNu97z107I7NPDQkSyyae2G_SofHZl1b805icxRh_krqNHlflpbRf-y8vdmud583kML3LJ29K4sG8eRBqsg1gVTTuA-gwQrXwuGS_xaUJUDAqEaGOlZMU7JwSlFtPkahhMxe9c9nmdXEqLZzZxN0hSQ9P5MBg5-IMy2xHGhcI9X1Y3TbeM&cid=CAQSPADICaaNAgNEG6ObLtZxlphWJZ27Uetcf_QPHUlJVrImT3IHHROY-vFnQouyu7aUXAprVHvS7j6TNoSNcxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftv.shoot-yalla.live%2F&ds=l&xdt=1&iif=1&cor=454570151984943900&adk=2857193498&idt=70&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d2e8de8d05446a49a58d8b8af9bc4698dbd4a63c4083d893ec232b1f3b0defe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 13:34:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
50171
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11597
x-xss-protection
0
server
cafe
etag
8023538936332676572
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 13:34:48 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 734F
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 02:22:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
90513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 02:22:26 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A21B
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
4132
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 02:22:07 GMT
etag
48472445140208031
expires
Sat, 04 Nov 2023 02:22:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 734F
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a53486248a5eb3b5c2097c9b7bdeaa8117b442e8ffae2d36465f21e26236195

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
2023_10_PaaSWasdrogers_controller.js
s0.2mdn.net/creatives/assets/5012106/ Frame 3015
23 KB
3 KB
Script
General
Full URL
https://s0.2mdn.net/creatives/assets/5012106/2023_10_PaaSWasdrogers_controller.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=X0c0tHe0sE&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58eaf6bef0ea6b1977b822f00fbd7b95c4d954a4ea6451d7b2eb38e9a0fa092b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=X0c0tHe0sE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
414
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2990
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 14:48:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:39:06 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3015
8 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1daa562f9c0c9811bb591c23247da6c8ba9c4b7defd2966d6d285d538222bf59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5842
x-xss-protection
0
interactions.js
secure-ds.serving-sys.com/BurstingCachedScripts//AdBuilderScripts/Interactions/1_23_0/ Frame 105D
77 KB
16 KB
Script
General
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts//AdBuilderScripts/Interactions/1_23_0/interactions.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-199.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b6233b419d0d1cd612c3327f9a4887b243b1d816cc339de1a5b84a3f6dd852c7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/index.html?versionId=DAMWG0LdyZYZsMcVaTzLVdpDTJqD563y&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:00 GMT
content-encoding
gzip
last-modified
Tue, 18 Jul 2023 10:13:07 GMT
server
AmazonS3
x-amz-request-id
1TAJHZSW0Q9NKWP6
x-amz-cf-pop
JFK50-P7
etag
"a4fcb10e97cdee7a3e1cb0ac73478261"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
PPAM69HE-yLLqz_eR32m1ZIvjrTOxgsohSmUZ07Bwsbzy--NYQ8mcA==
x-amz-id-2
oRKrwt+JVJGxQH24wBCEGHRTjf7cYtdi+2azlRpgBi5D1H7gop2Giwi8+k3OfIkpb9x34EstWag=
content-length
15784
i.match
s.tribalfusion.com/z/ Frame A21B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFh0CBuV2QhQXzttVj6h_AU&google_cver=1&google_push=AXcoOmR6ATLgwEwnoZNRyceMNanjFrOpTLZDONQ31whqh-WV0q1mGpODf4K3siiNnFwhYgwLZnlTh1g84B523fneLt2oazOWrg&re...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFh0CBuV2QhQXzttVj6h_AU&google_cver=1&google_push=AXcoOmR6ATLgwEwnoZNRyceMNanjFrOpTLZDONQ31whqh-WV0q1mGpODf4K3siiNnFwhYgwLZnlTh1g84B523fneLt2oazOWrg&...
43 B
419 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFh0CBuV2QhQXzttVj6h_AU&google_cver=1&google_push=AXcoOmR6ATLgwEwnoZNRyceMNanjFrOpTLZDONQ31whqh-WV0q1mGpODf4K3siiNnFwhYgwLZnlTh1g84B523fneLt2oazOWrg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR6ATLgwEwnoZNRyceMNanjFrOpTLZDONQ31whqh-WV0q1mGpODf4K3siiNnFwhYgwLZnlTh1g84B523fneLt2oazOWrg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:00 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82018ab7188fb8ae-AMS
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:00 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
424
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFh0CBuV2QhQXzttVj6h_AU&google_cver=1&google_push=AXcoOmR6ATLgwEwnoZNRyceMNanjFrOpTLZDONQ31whqh-WV0q1mGpODf4K3siiNnFwhYgwLZnlTh1g84B523fneLt2oazOWrg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR6ATLgwEwnoZNRyceMNanjFrOpTLZDONQ31whqh-WV0q1mGpODf4K3siiNnFwhYgwLZnlTh1g84B523fneLt2oazOWrg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82018ab5bfd0b8ae-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A21B
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMM7H0FF8ZsNi7t3FNDgTMQ&google_cver=1&google_push=AXcoOmT98kyiCNH4yptnthJNiDmv-9QFsrIXOFlWZ_9TPRje_5gcUPSC8A5MxuVF93qdifW0REOsrGFV0UhlFD2o...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=7EuIgEftToEDMDzm8wD9sA&google_push=AXcoOmT98kyiCNH4yptnthJNiDmv-9QFsrIXOFlWZ_9TPRje_5gcUPSC8A5MxuVF93qdifW0REOsrGFV0UhlFD2oJ667lQ0QPgI
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=7EuIgEftToEDMDzm8wD9sA&google_push=AXcoOmT98kyiCNH4yptnthJNiDmv-9QFsrIXOFlWZ_9TPRje_5gcUPSC8A5MxuVF93qdifW0REOsrGFV0UhlFD2oJ667lQ0QPgI
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 03 Nov 2023 03:31:00 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=7EuIgEftToEDMDzm8wD9sA&google_push=AXcoOmT98kyiCNH4yptnthJNiDmv-9QFsrIXOFlWZ_9TPRje_5gcUPSC8A5MxuVF93qdifW0REOsrGFV0UhlFD2oJ667lQ0QPgI
x-host
tde-deliveryengine-production-bb588bf9-dr6k5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame A21B
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEKfF7YTIK_HxZ0UtuaR44_w&google_cver=1&google_push=AXcoOmSKEBUAWe2PbUvBrLj1Cu0Nv1-jyWF12JFGXidSYZf-X4WXVhhCVGlJZsCVaEsK_cb_eY68YCfRGLC...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmSKEBUAWe2PbUvBrLj1Cu0Nv1-jyWF12JFGXidSYZf-X4WXVhhCVGlJZsCVaEsK_cb_eY68YCfRGLCUOhJvR9EFR50ZtA
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmSKEBUAWe2PbUvBrLj1Cu0Nv1-jyWF12JFGXidSYZf-X4WXVhhCVGlJZsCVaEsK_cb_eY68YCfRGLCUOhJvR9EFR50ZtA
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmSKEBUAWe2PbUvBrLj1Cu0Nv1-jyWF12JFGXidSYZf-X4WXVhhCVGlJZsCVaEsK_cb_eY68YCfRGLCUOhJvR9EFR50ZtA
Date
Fri, 03 Nov 2023 03:31:00 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
sync
x.bidswitch.net/ Frame A21B
43 B
146 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEO3UDU4nllXZy85h5cuoa9c&google_cver=1&google_push=AXcoOmTNvtmG2LTleZDL7mzQQMr2kVvY7oHgB4ZqQuEjaAQ2al7IJaD01xRDfmIUXP5my0Eb7E99y464922TL4lVZPrXMWZtA7s
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.98.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-98-46.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame A21B
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEIMHSaNhGqCk9TwXb4i69TA&google_cver=1&google_push=AXcoOmQWTOYbLa-bGiPTvoU8ssdZ9_u0ve4HQk6CrCXpkfAsrVnZxlxLH4_xxFi3DSOcc8p7mzewPUwp_ePnbmT5XQoD1Qk...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQWTOYbLa-bGiPTvoU8ssdZ9_u0ve4HQk6CrCXpkfAsrVnZxlxLH4_xxFi3DSOcc8p7mzewPUwp_ePnbmT5XQoD1QkMiWqo&google_hm=NDQyNDcxNzY...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQWTOYbLa-bGiPTvoU8ssdZ9_u0ve4HQk6CrCXpkfAsrVnZxlxLH4_xxFi3DSOcc8p7mzewPUwp_ePnbmT5XQoD1QkMiWqo&google_hm=NDQyNDcxNzY5MTk5MDc0MDc2Nw==
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQWTOYbLa-bGiPTvoU8ssdZ9_u0ve4HQk6CrCXpkfAsrVnZxlxLH4_xxFi3DSOcc8p7mzewPUwp_ePnbmT5XQoD1QkMiWqo&google_hm=NDQyNDcxNzY5MTk5MDc0MDc2Nw==
Date
Fri, 03 Nov 2023 03:31:00 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
attr
cm.g.doubleclick.net/pixel/ Frame A21B
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LZZTGJ7dCE-0czpcr55l1QnUeTWOUAsbWiJQvIi1qjiinLJw0TxwbUcJWh
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html
s0.2mdn.net/sadbundle/14879938197739012096/ Frame 7B39
2 KB
925 B
Document
General
Full URL
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=YN0XoS0awT&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34203ceb9d0f82a0428e892f9ecbafbaea293692c4dc3d52dfa7bed5dfd87f5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
897
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:31:00 GMT
expires
Sat, 02 Nov 2024 03:31:00 GMT
last-modified
Thu, 28 Sep 2023 08:52:25 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 734F
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst-f9QAahB5W_d0GGrG5uzvqdcuXpplImBSAk6dfDLWeNoX-L68i14Zny75jIKF1O2kK6AwO7zCP8Xx4f9lVZlRiyotkMK7hNHAKvivgTgHF46kfUr12iwjdaqRFCVjqrv_kjic11hp0QWMMIrVbHwsCEZ5EJ68QC3BxOsYWXFofdnskdbS4t_Inbim1qewJj5bASCRZD9lreCP4DdQrYQFUOlf87KMMirkRQGOWTmB6MgmPw2zu8Z-7QIk0b8Ms131A3nzFsjKdjLEE3tRTpWwGiwbVg3ERUbl0dv563PMolNF8cgIaA6HxGciUXhD49foBN7-y5lNRAe8_NcTRr_9-9mfTOGa0xWKnR2iwqhg1fjItqynm7oADGNC0LDijXt8hpCMTwEJ2Re2JkmFywFc7ITJZhW3_4QymrbszT0Jp6d470W6krldqXVthOYLSaEkxJebIgajjoyWmkHSUMr16MJPkKl7Ry-Opmx21Zh1n3bIiEBaKMPM-ujT5Lh09BCI3SwgKy3WUBvqAXrE3xdN6jht9bpa2MKj1uAA7vVQvnA4Ciahco245_Q1AKHBWjiC3I-KzIQCJvUIuXobQ8MAC9wour8Am5MUCpkNxI0asgTE0vNJa7EofyWgwC7D8FgIWgEtxEX5aKCpwuv0CEHM8tJoxX0dLW9kZenqHiPLl8W7ZOsSEXQBQxj-qfl1fo7y0kF-bmvQOzU5KF3pCaGbtHCvfNNXBU_OLVnt9ePhN2OCu2f_QSn0kUH0kWciiONeYw8uHbgnq96OE34YZfDQCMBVQS0FzwcN_Zk9TcTAYlInrcE2W-7Agia7h0vPbe4vzI27U3KSEgKJ5d61tB8gf9lVlkN4DlhTTlRgMdFL2AzGGzJyVybUI_ni7p2FuBkCkXxgRdwovPhyafeLO-vXF42tqZr5UMZpvgxvkLq335ePrZUv6IFamOtjIlXw3FFNxPhf1l8ZeM7qt_Vn1Mg4YFLKgCRlbRzdXTMMuHIfplbPxTM6KGV97FFUy8JiY390YFIfh7nFqxQUFBzHYYksi3N6ysLnUmqJJWumKVSl4Rljjx7vwGyj8vIO7IQmrA_CJcV3EL3KOBmwPvB5Hqbm02S7jYrlLf-HqKSqqTgJIfN4UTU7_msdqn5IVs-4fctskF1p2RHgUwQRAw0WNK6z_d7Xr9OAGDQ1Yu9K8wRpKFiXwy7qqrkWW18naD3PQDXe9xy9QBkUQaByZtkY2fxiMTNZNMM0zfwXZoM4FIrV61dgELutdDqaiTbuNYRm3p-qm3fJa2ynaMnN6oR0zpt20il0D8JCiYiTuagU8EN91nLWZWeuXJCG7sSia9j3AhCrmdScMVbkOGIudxdWZDBzciWnqQUULflBMLFoGzTs-AwraUsHPNlCZT0TKI4znx7Xkxc_E9XapvZIdUPOlOa2tpAgNjvA7Leojr_K3K-bQpVB&sai=AMfl-YQKKyCPzV6ptLn9uiJ7IgjQbSdHHXeOO_UR4WbMp5I8UDLjl-_PdjprKEh6HdR3--365RnPeBnJdco8WvkrFQvzkivtx4m14NGGXr8nfGel12-6G2fBz4qtYdTs3_a5OcKcYJJJh7qS-gzgn1lSPx4PVNLMlgVKcWrhNW9KE8VHcUvUTmJUHQMIxfzka9G8DMVYKJ68ObR-r-zmvJcnIcQ65BorMIMiHV6BqBDqIZVZN2JHWlSuuv7vA4LvJd1_pDZqOn2WjzHlJbFrKlKlr8-dzirGnm8&sig=Cg0ArKJSzG0U8xc5jPw5EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=86&cbvp=1&cstd=76&cisv=r20231031.33401&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 03 Nov 2023 03:31:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame C54D
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
587834
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 27 Oct 2023 08:13:46 GMT
expires
Sat, 26 Oct 2024 08:13:46 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cbBdsV2.js
s0.2mdn.net/creatives/assets/3781309/ Frame 3015
25 KB
5 KB
Script
General
Full URL
https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/5012106/2023_10_PaaSWasdrogers_controller.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22d77c667d6084c6eb69aa5b1f28bac84df2d473de862e29d060054a84b20106
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=X0c0tHe0sE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:25:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
338
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5325
x-xss-protection
0
last-modified
Tue, 04 Jul 2023 08:21:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:40:22 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B80F
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuQZeqbDS2spINB3L7onxw1vfji5ls4Rj_L_vaR0k4KaeBoprql_qCuVMDk9WenEbYg7gjwAs-5QiALMX45qkWhDkkF3YqDxKZzeWf4KpR27hbxRqMSPe945LBcQQ1g3cJxvxkSWaTFGQFPks5a8AM2oCbLh7vp0snOE6kQVoMoBklonEts9605ivmhUxtE6JXCcOFdXkjQjHdEni8WAlr2Sgi4a6QoPzldKGpVxVOuxH-R1LgB6HNtP7jJ_inUHr8xT3Uc2_J5riYALibLasJ4ue7VV47-yrC9IQFLYGgKSDvY1Ku0psVLrGQ6lEGAlhSuT42x0_njk9nS8Oz_Q3eKEQ4d_HHWy_5U-eOOdsCOaDHhxCgop85PHnk2EU5BBh0GUzRIBmyR5Rv-3vo3xNMd9ftPJchOCkTnokrJyMQzP6B1MBebp6YeQYktyVYrLrBitpMzur1xNNtMWukRE1tZOBvnvK0V3ZG0vS8rnWd7j87jQ-j56afMJNbIN-ThEyL_4i22fT_2o3lNSvUEKJ_z0sMLuSYFYZ9_HMo_xJpfK_lqLEAM13XbnT-_8ORF9P1YRdXI7nvtBLV01OWmYF26twbzz2Moq4UiTs-vo4QAQ564RJgn6bLg6x43QXf0cHzhtcl4hWQ8PvApa2IiIany_8q9pJaYDzRY1yjHuxXEnpbq-LRua_oLFFYk6KrKXF67eBPCehGb54-aOhLLcHyHkVrShdr_js2Zn9GRqJFl2KqvvPkW1RbFFC_MApcdMrDXzqZlplisQ03yr5HcT8oKgoasrL5qo7yrhcyM8Pku5mDzVpEnFWe4KW6dlNSgTqZQ3KqbBC2RQ_dC3UZhiq036Ztg-BMsBI7ghjakDjzAjPiebbFSpMC-z21Xx2mAy7G2QBlXCAxIjebKHf1GVJKdpFQdeYeUYOE18BkPFaqr9ptYt5JNK5RhT6LCO_vOTZvIqAM0EexrDqUsLIhn6kzlcird1FJcWb5EtjhBIrIZJMIn70I4RnGxcF0ptbK-vYVAmiZOO92_ZFzmvXp-JHIkGVNsS1gtreUryY-0epHVzkOgOUFgCPGHyVCZ3QrOhD9yrk1vjUsxMptlDV3JpX9gmrYUwS1XM7IsTm62tevpYdXiByNmokYFNqt_VtcI6BOhW3954i3csXdjWYkXdTz0y8RZEIKvHoMRsy5MDq9shkii5CQittwPNZHs2CFmUTXF_IYv9_y-NEccDJVUpPdS_HwxMD1mW1a47yqB5E4us8yJFWl9wqcqOUTdaRUBYttoGb1m3RPsKTl4UOjxA0TwsGoGmZib5WqM2hNw47-Er2gl8MNYMt7iKLXvyvaFYjz6vZOPsFKG9JaB83DDUdQxdUdxvaTbZIULGM7hv1iNsmLHOwXO-vAAXlkJ3KHnwAM1g0fAoALYKtIIB-NZaGzGNVfr2YXYtxC6EGIhGoSb4EbDgLAuMn5_LB42JRgYWnwIioB9&sai=AMfl-YRkODqFTc_QZ0MgCcWmLsryR6h_Lm7FLGIZJp2qtiyUVAtNWkCV2OhGJkENI9iXroINUekqyW9bO429w5_whtSruhO23XhSUGjW3BhTJfc-NznCJZgnblM4pLKM2aF-_t85xiA33zzWLbaJjqZg-86Jb3Orq0bnobfwXeRnXPRDs9JGnDN9JDYg-1Mxjq-MLC9zPkn_ng6mCck9PbW9Bs5UggubO62paLsusdaKHiBdb0qEyzio8mtlYxN4kMKMViThIDLhOVLoGSbfuWo8-OQzQ44hLlev-SqJDmP3VGLROLET_ACpt7aCHbWL&sig=Cg0ArKJSzFVEs1aFQspAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=549&vt=11&dtpt=306&dett=3&cstd=236&cisv=r20231031.61317&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
EBLoader.js
secure-ds.serving-sys.com/BurstingScript/ Frame 105D
12 KB
4 KB
Script
General
Full URL
https://secure-ds.serving-sys.com/BurstingScript/EBLoader.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-199.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7ae0b8e3f80fd2c97dea35c4a3643b17368ea41e6e63f083065bfb2a38caf37c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/index.html?versionId=DAMWG0LdyZYZsMcVaTzLVdpDTJqD563y&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:00 GMT
content-encoding
gzip
x-amz-request-id
PBZKZ9E99F7PZTQS
x-amz-cf-pop
JFK50-P7
x-amz-server-side-encryption
AES256
content-length
3615
x-amz-id-2
dY1sog/jFEOXiYot7VLY5EaWxRlMw+g1cFNblO7r9aXCbhbJezkSDuJakCliYca4euOvAZIL6gI=
pragma
no-cache
last-modified
Tue, 18 Jul 2023 10:48:48 GMT
server
AmazonS3
etag
"b92fa833b298e9df5fa8ee69009adb9a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-amz-cf-id
4OXxlVtKMzrf0CE86k4M55OedEnm5LY-Vch0e6nzkZFnV1iXH_OAlw==
expires
Fri, 03 Nov 2023 03:31:00 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 7B39
120 KB
41 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=YN0XoS0awT&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=YN0XoS0awT&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 17:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37803
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 17:00:57 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.0.5/ Frame 7B39
55 KB
20 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.0.5/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=YN0XoS0awT&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a441c4f1b90c992eacea5aa9ed1f7143c5e0ca315d26edcc3468ce5ea61e03a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2279927
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20311
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-ddb1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DV8aRyaXDNfUFMwcF%2BMR3kwxsqsyK1dYE%2Bdzaq7Sov7zKpv%2BT2pFgJv0Xuoe%2F84psN%2FOMNwLoQQo1StyuRAi1QvVsTh6n59PBZwCnFbEbCm7KNBr22jsnGM0rnlNA9b5WNhI%2B8qvJlWJIMe%2FcFW8oOrq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82018ab599340b38-AMS
expires
Wed, 23 Oct 2024 03:31:00 GMT
cbstyle.css
s0.2mdn.net/creatives/assets/3758114/ Frame 3015
25 KB
5 KB
Stylesheet
General
Full URL
https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5d0407c813ca4bde74789d41f00c993617159d54e14e606baa4378d53bff3b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=X0c0tHe0sE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:25:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
338
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4582
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 09:29:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:40:22 GMT
cbLib.js
s0.2mdn.net/creatives/assets/3781309/ Frame 3015
32 KB
8 KB
Script
General
Full URL
https://s0.2mdn.net/creatives/assets/3781309/cbLib.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feb97a90ef148adbb793ce925a51b98dc5bcbdc003a7f888b7e656f8429817e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=X0c0tHe0sE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
781
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7876
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 12:12:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:32:59 GMT
cbResourceList.js
s0.2mdn.net/creatives/assets/3781309// Frame 3015
104 KB
12 KB
Script
General
Full URL
https://s0.2mdn.net/creatives/assets/3781309//cbResourceList.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bd4dddbcde866b6a618dba65eb7cd50ab39ad4f84c39650ab4d3bf600a69f0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=X0c0tHe0sE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:25:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
337
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12574
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 14:41:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:40:23 GMT
moduleList.js
s0.2mdn.net/creatives/assets/3781309/ Frame 3015
8 KB
1 KB
Script
General
Full URL
https://s0.2mdn.net/creatives/assets/3781309/moduleList.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49d0967f8f9ae0c6edeebc099978717c9a737ec670a1391ebc1c6528e181e31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=X0c0tHe0sE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:16:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1083
x-xss-protection
0
last-modified
Wed, 04 Oct 2023 14:34:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:31:36 GMT
AssetsList.js
s0.2mdn.net/creatives/assets/3757766/ Frame 3015
1 KB
361 B
Script
General
Full URL
https://s0.2mdn.net/creatives/assets/3757766/AssetsList.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b22015e781bca8c265c5e679c44002e17b35f1e56b8d458bf41806f037e04350
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=X0c0tHe0sE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:16:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
863
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
333
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 08:13:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:31:37 GMT
cbElements.js
s0.2mdn.net/creatives/assets/4615943/ Frame 3015
170 KB
28 KB
Script
General
Full URL
https://s0.2mdn.net/creatives/assets/4615943/cbElements.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d147adcd55f09c5eebc9c134a483e7a583f4cbb14f4465f9425485a2f4e63c6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=X0c0tHe0sE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:22:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
508
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28312
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 13:57:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:37:32 GMT
cbElements.css
s0.2mdn.net/creatives/assets/4615943/ Frame 3015
36 KB
5 KB
Stylesheet
General
Full URL
https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a0a114ed200d6bdb584db70452d1009ba742975b542b6d1dfede479d5e46807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=X0c0tHe0sE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
781
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5002
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 13:57:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:32:59 GMT
EB.js
secure-ds.serving-sys.com/BurstingCachedScripts/HTML5Res_2_174_1_0/ Frame 105D
79 KB
28 KB
XHR
General
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/HTML5Res_2_174_1_0/EB.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingScript/EBLoader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-199.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b1f1881d36e033f8a3a3c2d76a8cee754ed1f5bf38cd2b8616489997ebd4cb0f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/index.html?versionId=DAMWG0LdyZYZsMcVaTzLVdpDTJqD563y&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:00 GMT
content-encoding
gzip
x-amz-request-id
RKKKE767SE8YD12F
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
content-length
28366
x-amz-id-2
X9ITCify+2RwFFFfX9omqh5OAc9NP8CuFTPUpMmmg90tZsxRQnrTHL9a2Ew4ekH1EEVO9c0Pn6c=
last-modified
Wed, 04 Oct 2023 14:16:49 GMT
server
AmazonS3
etag
"1e19bdb7b58f499266826e96c99faa92"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1996041
accept-ranges
bytes
x-amz-cf-id
Xw7eYu2KJbXm_9CcUk6HXOanKf__rQWYt2L18MgiH54CEDLgV33LHQ==
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3015
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 03:31:00 GMT
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame C54D
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:11:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
1170
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Nov 2024 03:11:30 GMT
dobraslab-medium-webfont.woff
s0.2mdn.net/creatives/assets/3512464/ Frame 3015
11 KB
11 KB
Font
General
Full URL
https://s0.2mdn.net/creatives/assets/3512464/dobraslab-medium-webfont.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3304ebafae2f97adb0f5d016454298a110bc449f68cda9c1afa3e01a325963e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Origin
https://s0.2mdn.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:27:13 GMT
x-content-type-options
nosniff
age
227
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11356
x-xss-protection
0
last-modified
Tue, 15 Oct 2019 14:21:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:42:13 GMT
dobraslab-book-webfont.woff
s0.2mdn.net/creatives/assets/3512464/ Frame 3015
28 KB
28 KB
Font
General
Full URL
https://s0.2mdn.net/creatives/assets/3512464/dobraslab-book-webfont.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0129fef24101a11eaa58cb3eab025b451acc53fb30a6dcd6cce7237b07427e2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Origin
https://s0.2mdn.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:17:14 GMT
x-content-type-options
nosniff
age
826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28524
x-xss-protection
0
last-modified
Tue, 15 Oct 2019 14:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:32:14 GMT
aebl____-webfont.woff
s0.2mdn.net/creatives/assets/3512464/ Frame 3015
20 KB
20 KB
Font
General
Full URL
https://s0.2mdn.net/creatives/assets/3512464/aebl____-webfont.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
609c9c8da515ce83f6dadac3fc67c7d3b9dd8ad6898eb9dda19c0b20b9a906a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Origin
https://s0.2mdn.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:26:56 GMT
x-content-type-options
nosniff
age
244
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20060
x-xss-protection
0
last-modified
Tue, 15 Oct 2019 14:21:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:41:56 GMT
OpenSans-Regular.ttf
s0.2mdn.net/creatives/assets/3512464/ Frame 3015
95 KB
58 KB
Font
General
Full URL
https://s0.2mdn.net/creatives/assets/3512464/OpenSans-Regular.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Origin
https://s0.2mdn.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:27:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
218
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59331
x-xss-protection
0
last-modified
Tue, 15 Oct 2019 14:29:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:42:22 GMT
2023_10_PaaSWasdrogers_controller.js
s0.2mdn.net/creatives/assets/5012106/ Frame 7B39
23 KB
3 KB
Script
General
Full URL
https://s0.2mdn.net/creatives/assets/5012106/2023_10_PaaSWasdrogers_controller.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=YN0XoS0awT&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58eaf6bef0ea6b1977b822f00fbd7b95c4d954a4ea6451d7b2eb38e9a0fa092b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=YN0XoS0awT&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
414
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2990
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 14:48:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:39:06 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7B39
7 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2e547877cbdc102eb9b4f0f2c80170a9658698da15b4758d0806de246640339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5758
x-xss-protection
0
image.js
secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/comp/image/ Frame 105D
2 KB
1 KB
Script
General
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/comp/image/image.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-199.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3807c51a39a1b8f50e09a8390f26d13c1b9724476d55913750aaf8addd91a5f0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/index.html?versionId=DAMWG0LdyZYZsMcVaTzLVdpDTJqD563y&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:00 GMT
content-encoding
gzip
last-modified
Tue, 18 Jul 2023 10:47:10 GMT
server
AmazonS3
x-amz-request-id
M4JM4DY1948P4X79
x-amz-cf-pop
JFK50-P7
etag
"bdbba956fba782397025036aa424985f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
ifr1xD8FEqv3mKDiKIiiHge4Gn9wdgoFEkLp4FyNsywPrGgIhLUEXg==
x-amz-id-2
mRXbjzE4MBLCy31pLTl7SWAcehN/yBM1JxNTcvLWPP/aCOt9vOStXfwxzGcYapP0M4XAJAo89DA=
content-length
653
hotspot.js
secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/comp/hotspot/ Frame 105D
568 B
726 B
Script
General
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/comp/hotspot/hotspot.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-199.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3b79ef5d825ac2a75bec6ba12481736d11dc0a6e477932557e140948d229670c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/index.html?versionId=DAMWG0LdyZYZsMcVaTzLVdpDTJqD563y&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:00 GMT
content-encoding
gzip
last-modified
Tue, 18 Jul 2023 10:47:09 GMT
server
AmazonS3
x-amz-request-id
PBZRT0BGVH6VGA10
x-amz-cf-pop
JFK50-P7
etag
"43a3f1d1487ec86fcb61358e207f6302"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
XOwYeqgpaZhpvAVVbUHN5i5Q_YIWP7quhWnMa-kS0XN5P-iSNTTswQ==
x-amz-id-2
lOiVnewaqHH0ez8WMiR4MXxj1eb3uF/0LXMm30iM+x+r1GKjKsTb3vwwtAVHicaoSGt8JysMyFw=
content-length
355
uspCta.js
s0.2mdn.net/creatives/assets/3758099/ Frame 3015
9 KB
2 KB
Script
General
Full URL
https://s0.2mdn.net/creatives/assets/3758099/uspCta.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c9ff8ea5b71f626b4784bce1f9c4f99d867bbbaf8118c333d8900c3e3096ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=X0c0tHe0sE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:24:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1658
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 09:25:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:39:08 GMT
whiteBox.js
s0.2mdn.net/creatives/assets/3758108/ Frame 3015
6 KB
983 B
Script
General
Full URL
https://s0.2mdn.net/creatives/assets/3758108/whiteBox.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56473919810ca41d9a3fc806e7c069812236485277832f0f776355d6b5aa392f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=X0c0tHe0sE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:18:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
751
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
946
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 14:08:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:33:29 GMT
mainImage.js
s0.2mdn.net/creatives/assets/3773403/ Frame 3015
12 KB
2 KB
Script
General
Full URL
https://s0.2mdn.net/creatives/assets/3773403/mainImage.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0e26767704a5936ffb300a08dc8d082e1f09e1bc12042e300ca43dacd363bcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=X0c0tHe0sE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:16:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
863
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1932
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 08:49:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:31:37 GMT
2023_10_PaaSWasdrogers_design.css
s0.2mdn.net/creatives/assets/5012106/ Frame 3015
8 KB
1 KB
Stylesheet
General
Full URL
https://s0.2mdn.net/creatives/assets/5012106/2023_10_PaaSWasdrogers_design.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff0b2cfeb8c551e0f0bf67f73ab77de1a8f8bdee2aff664cfa1ea1557183ffa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=X0c0tHe0sE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:24:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
413
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1341
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 09:14:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:39:07 GMT
factSloganSplashV3.css
s0.2mdn.net/creatives/assets/3782803/ Frame 3015
4 KB
760 B
Stylesheet
General
Full URL
https://s0.2mdn.net/creatives/assets/3782803/factSloganSplashV3.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42cd03b26510a01a94937934bcecac21051253240437083e6f4b32b3b599d1ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=X0c0tHe0sE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:20:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
724
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 11:52:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:35:25 GMT
factSloganSplashV3.js
s0.2mdn.net/creatives/assets/3782803/ Frame 3015
35 KB
4 KB
Script
General
Full URL
https://s0.2mdn.net/creatives/assets/3782803/factSloganSplashV3.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a108713b0fc6c655c2e5347c35a5dfe5a5e970bb23f99ad521b695d943e74cba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=X0c0tHe0sE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:24:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
413
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4512
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 11:52:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:39:07 GMT
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame FB58
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:11:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
1170
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Nov 2024 03:11:30 GMT
jquery.min.js
secure-ds.serving-sys.com/BurstingCachedScripts/AdBuilderScripts/ Frame 105D
91 KB
33 KB
Script
General
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/AdBuilderScripts/jquery.min.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/index.html?versionId=DAMWG0LdyZYZsMcVaTzLVdpDTJqD563y&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-199.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
04bebecfb9f7ce92cf947ce283fccf067cf6870f65af3456dd22b6c102447c83

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/index.html?versionId=DAMWG0LdyZYZsMcVaTzLVdpDTJqD563y&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:00 GMT
content-encoding
gzip
last-modified
Tue, 18 Jul 2023 10:13:07 GMT
server
AmazonS3
x-amz-request-id
M4JPXVY8F0Y8ZZQE
x-amz-cf-pop
JFK50-P7
etag
"1d14cd3798bc4d6aaf65dd625870723f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
Jmw0umXegRUvr3YZ29iGyWWzPeSAAJMb9GrH33jzC02ckTlCKOFLrQ==
x-amz-id-2
rwiWxP8ZHfxgUI+NY2U3+uFS0fR0G+zX3UZI0Uk43jBAG56EkYgYKy06g4XLTWx1sv02C+zdwgA=
content-length
33424
jazz_1.m3u8
a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/ Frame 4C2A
438 B
793 B
XHR
General
Full URL
https://a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/jazz_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.205.187.54 , Netherlands, ASN213373 (IPCONNECT, SC),
Reverse DNS
Software
nginx /
Resource Hash
ac9290578d829fbcd24c81a6347c0c9a2bec6ee472e3bae45799fd63f56ec342

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:31:00 GMT
Last-Modified
Fri, 03 Nov 2023 03:30:58 GMT
Server
nginx
ETag
"65446972-1b6"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
438
uspCta.css
s0.2mdn.net/creatives/assets/3758099/ Frame 3015
10 KB
1 KB
Stylesheet
General
Full URL
https://s0.2mdn.net/creatives/assets/3758099/uspCta.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ee14843c640d449091f4f93908ace51b8da267c77ee0b35df0de10681792bc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=X0c0tHe0sE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:24:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1176
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 09:25:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:39:08 GMT
whiteBox.css
s0.2mdn.net/creatives/assets/3758108/ Frame 3015
47 KB
5 KB
Stylesheet
General
Full URL
https://s0.2mdn.net/creatives/assets/3758108/whiteBox.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5929e5619ff2bc33326c3129ef8262b0e770af5b8933335b0eac230208c91c1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=X0c0tHe0sE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:18:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
751
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5218
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 08:00:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:33:29 GMT
mainImage.css
s0.2mdn.net/creatives/assets/3773403/ Frame 3015
7 KB
1 KB
Stylesheet
General
Full URL
https://s0.2mdn.net/creatives/assets/3773403/mainImage.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cf83b7bd8929de46fed575eacae708eb79c6f0085461d2e041c2603ff6be607
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=X0c0tHe0sE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:16:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
863
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1094
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 14:08:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:31:37 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7B39
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 03:31:00 GMT
cbBdsV2.js
s0.2mdn.net/creatives/assets/3781309/ Frame 7B39
25 KB
5 KB
Script
General
Full URL
https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/5012106/2023_10_PaaSWasdrogers_controller.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22d77c667d6084c6eb69aa5b1f28bac84df2d473de862e29d060054a84b20106
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=YN0XoS0awT&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:25:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
338
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5325
x-xss-protection
0
last-modified
Tue, 04 Jul 2023 08:21:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:40:22 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 734F
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst-f9QAahB5W_d0GGrG5uzvqdcuXpplImBSAk6dfDLWeNoX-L68i14Zny75jIKF1O2kK6AwO7zCP8Xx4f9lVZlRiyotkMK7hNHAKvivgTgHF46kfUr12iwjdaqRFCVjqrv_kjic11hp0QWMMIrVbHwsCEZ5EJ68QC3BxOsYWXFofdnskdbS4t_Inbim1qewJj5bASCRZD9lreCP4DdQrYQFUOlf87KMMirkRQGOWTmB6MgmPw2zu8Z-7QIk0b8Ms131A3nzFsjKdjLEE3tRTpWwGiwbVg3ERUbl0dv563PMolNF8cgIaA6HxGciUXhD49foBN7-y5lNRAe8_NcTRr_9-9mfTOGa0xWKnR2iwqhg1fjItqynm7oADGNC0LDijXt8hpCMTwEJ2Re2JkmFywFc7ITJZhW3_4QymrbszT0Jp6d470W6krldqXVthOYLSaEkxJebIgajjoyWmkHSUMr16MJPkKl7Ry-Opmx21Zh1n3bIiEBaKMPM-ujT5Lh09BCI3SwgKy3WUBvqAXrE3xdN6jht9bpa2MKj1uAA7vVQvnA4Ciahco245_Q1AKHBWjiC3I-KzIQCJvUIuXobQ8MAC9wour8Am5MUCpkNxI0asgTE0vNJa7EofyWgwC7D8FgIWgEtxEX5aKCpwuv0CEHM8tJoxX0dLW9kZenqHiPLl8W7ZOsSEXQBQxj-qfl1fo7y0kF-bmvQOzU5KF3pCaGbtHCvfNNXBU_OLVnt9ePhN2OCu2f_QSn0kUH0kWciiONeYw8uHbgnq96OE34YZfDQCMBVQS0FzwcN_Zk9TcTAYlInrcE2W-7Agia7h0vPbe4vzI27U3KSEgKJ5d61tB8gf9lVlkN4DlhTTlRgMdFL2AzGGzJyVybUI_ni7p2FuBkCkXxgRdwovPhyafeLO-vXF42tqZr5UMZpvgxvkLq335ePrZUv6IFamOtjIlXw3FFNxPhf1l8ZeM7qt_Vn1Mg4YFLKgCRlbRzdXTMMuHIfplbPxTM6KGV97FFUy8JiY390YFIfh7nFqxQUFBzHYYksi3N6ysLnUmqJJWumKVSl4Rljjx7vwGyj8vIO7IQmrA_CJcV3EL3KOBmwPvB5Hqbm02S7jYrlLf-HqKSqqTgJIfN4UTU7_msdqn5IVs-4fctskF1p2RHgUwQRAw0WNK6z_d7Xr9OAGDQ1Yu9K8wRpKFiXwy7qqrkWW18naD3PQDXe9xy9QBkUQaByZtkY2fxiMTNZNMM0zfwXZoM4FIrV61dgELutdDqaiTbuNYRm3p-qm3fJa2ynaMnN6oR0zpt20il0D8JCiYiTuagU8EN91nLWZWeuXJCG7sSia9j3AhCrmdScMVbkOGIudxdWZDBzciWnqQUULflBMLFoGzTs-AwraUsHPNlCZT0TKI4znx7Xkxc_E9XapvZIdUPOlOa2tpAgNjvA7Leojr_K3K-bQpVB&sai=AMfl-YQKKyCPzV6ptLn9uiJ7IgjQbSdHHXeOO_UR4WbMp5I8UDLjl-_PdjprKEh6HdR3--365RnPeBnJdco8WvkrFQvzkivtx4m14NGGXr8nfGel12-6G2fBz4qtYdTs3_a5OcKcYJJJh7qS-gzgn1lSPx4PVNLMlgVKcWrhNW9KE8VHcUvUTmJUHQMIxfzka9G8DMVYKJ68ObR-r-zmvJcnIcQ65BorMIMiHV6BqBDqIZVZN2JHWlSuuv7vA4LvJd1_pDZqOn2WjzHlJbFrKlKlr8-dzirGnm8&sig=Cg0ArKJSzG0U8xc5jPw5EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=292&vt=11&dtpt=206&dett=3&cstd=76&cisv=r20231031.33401&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
nba_939.png
web-api.scorarab.com/uploads/team/
7 KB
7 KB
Image
General
Full URL
https://web-api.scorarab.com/uploads/team/nba_939.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.130.34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b0eac3076460dc9e778719f1a7242e8956eb6efb7b45696eb97b76144669b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:00 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
152054
alt-svc
h3=":443"; ma=86400
content-length
6929
x-xss-protection
1; mode=block
last-modified
Fri, 27 Oct 2023 15:24:12 GMT
server
cloudflare
etag
"653bd61c-1b11"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSakeZ6ecj3gz6%2BIOTCSpw%2B5zWWmSYQyszslED1AqukUn14E71mGt1kSEkP1S5ShPOxzosw0NmHw6tsJ0pSSvoKL2qy05yiWHNdaDpk8XeZv3TDjcha6JBCWOPUZeXg3aNz%2Bv%2B9UqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
82018ab68e3666f2-AMS
expires
Fri, 01 Dec 2023 09:16:46 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310300101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa19e0bd71bc7deab403d65dc645a38a9fe6d9ca42c605393d03440d6027810e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12142
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Nov 2023 03:31:00 GMT
nba_939.png
web-api.scorarab.com/uploads/team/
7 KB
7 KB
Image
General
Full URL
https://web-api.scorarab.com/uploads/team/nba_939.png
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b0eac3076460dc9e778719f1a7242e8956eb6efb7b45696eb97b76144669b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:00 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
152054
alt-svc
h3=":443"; ma=86400
content-length
6929
x-xss-protection
1; mode=block
last-modified
Fri, 27 Oct 2023 15:24:12 GMT
server
cloudflare
etag
"653bd61c-1b11"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohaKXy7s7d%2BqbEgfpS6QdHYwjrajWyFGigr8C0q7OM61ZARsThJb53eQOT%2BtEB52bJJZcucwNNX%2FHL048gepkkfPOlmXmjZCiyu88SPRQ06TIwb5L4T%2Bdi1ACQOoG%2Bjws31n59FHAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
82018ab71edf670b-AMS
expires
Fri, 01 Dec 2023 09:16:46 GMT
jquery.mobile-events.min.js
secure-ds.serving-sys.com/BurstingCachedScripts/AdBuilderScripts/ Frame 105D
18 KB
4 KB
Script
General
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/AdBuilderScripts/jquery.mobile-events.min.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/index.html?versionId=DAMWG0LdyZYZsMcVaTzLVdpDTJqD563y&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-199.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b8171c8f2827406e089cbc98ea4d9b5904cd05bc701a7f12242e368fa21d1f7c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/index.html?versionId=DAMWG0LdyZYZsMcVaTzLVdpDTJqD563y&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:00 GMT
content-encoding
gzip
last-modified
Tue, 18 Jul 2023 10:13:07 GMT
server
AmazonS3
x-amz-request-id
PBZMWMJRHF4K7QA5
x-amz-cf-pop
JFK50-P7
etag
"d0c4feddacbc122bed5ed9a5e3268345"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
fcAqoYstb63pq5QCHDBUM8_ypSoAcYY8Bos7jF1oB-xsC2YZKInaCg==
x-amz-id-2
D9G8Mxlfk484FAPoB4J6hyiSajwfnOKE4WFgBqIVibtxlfyyewca1X9I6umRSOA57kCIwU87OuI=
content-length
3530
CB-logo.svg
s0.2mdn.net/creatives/assets/3782689/ Frame 3015
5 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/3782689/CB-logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c1e6e3f592d8c8b63e2b543ac0ccbae369ddb4604066dc97420c7a1d586ba8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=X0c0tHe0sE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
781
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1492
x-xss-protection
0
last-modified
Fri, 12 Jun 2020 07:30:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:32:59 GMT
cbstyle.css
s0.2mdn.net/creatives/assets/3758114/ Frame 7B39
25 KB
5 KB
Stylesheet
General
Full URL
https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5d0407c813ca4bde74789d41f00c993617159d54e14e606baa4378d53bff3b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=YN0XoS0awT&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:25:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
338
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4582
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 09:29:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:40:22 GMT
cbLib.js
s0.2mdn.net/creatives/assets/3781309/ Frame 7B39
32 KB
8 KB
Script
General
Full URL
https://s0.2mdn.net/creatives/assets/3781309/cbLib.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feb97a90ef148adbb793ce925a51b98dc5bcbdc003a7f888b7e656f8429817e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=YN0XoS0awT&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
781
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7876
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 12:12:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:32:59 GMT
cbResourceList.js
s0.2mdn.net/creatives/assets/3781309// Frame 7B39
104 KB
12 KB
Script
General
Full URL
https://s0.2mdn.net/creatives/assets/3781309//cbResourceList.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bd4dddbcde866b6a618dba65eb7cd50ab39ad4f84c39650ab4d3bf600a69f0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=YN0XoS0awT&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:25:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
337
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12574
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 14:41:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:40:23 GMT
moduleList.js
s0.2mdn.net/creatives/assets/3781309/ Frame 7B39
8 KB
1 KB
Script
General
Full URL
https://s0.2mdn.net/creatives/assets/3781309/moduleList.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49d0967f8f9ae0c6edeebc099978717c9a737ec670a1391ebc1c6528e181e31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=YN0XoS0awT&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:16:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1083
x-xss-protection
0
last-modified
Wed, 04 Oct 2023 14:34:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:31:36 GMT
AssetsList.js
s0.2mdn.net/creatives/assets/3757766/ Frame 7B39
1 KB
361 B
Script
General
Full URL
https://s0.2mdn.net/creatives/assets/3757766/AssetsList.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b22015e781bca8c265c5e679c44002e17b35f1e56b8d458bf41806f037e04350
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=YN0XoS0awT&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:16:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
863
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
333
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 08:13:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:31:37 GMT
cbElements.js
s0.2mdn.net/creatives/assets/4615943/ Frame 7B39
170 KB
28 KB
Script
General
Full URL
https://s0.2mdn.net/creatives/assets/4615943/cbElements.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d147adcd55f09c5eebc9c134a483e7a583f4cbb14f4465f9425485a2f4e63c6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=YN0XoS0awT&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:22:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
508
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28312
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 13:57:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:37:32 GMT
cbElements.css
s0.2mdn.net/creatives/assets/4615943/ Frame 7B39
36 KB
5 KB
Stylesheet
General
Full URL
https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a0a114ed200d6bdb584db70452d1009ba742975b542b6d1dfede479d5e46807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=YN0XoS0awT&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
781
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5002
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 13:57:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:32:59 GMT
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 0A02
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:11:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
1170
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Nov 2024 03:11:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C54D
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BAA_Uc2lEZeG8MqXhx_APwueo-AMAAAAAOAHgBAI&bg=!4OOl46zNAAb4oU7C2KE7ADQBe5WfOCVixkMQKwFajh1OJEEmH8zk4j9Jd1yTwmXsuTfTfIgGLRLbloh96EOAmzvQvTM8AgAAAKNSAAAABmgBB5kDQULNl2N29GmiNWqvxHo-9sCaxtJsnU0ERXbFZn1mFGVxyoOaGVRbf3sceF2tagNrFsAQUYSX7O9lCrFKjOVIG-RAj8dUZRMl15oM0kmnKjFrXtxvolgfT3yGJyg3dcJc4ptf0cBqeR6woR24dA5NkZ9-VMV-dgvL8dK0k1F63SRbKOBh6ZIPy-8nla7gGQK6vf5VDTFFYLnaD5Ze9hPG0MFeBu6d_Bn1KKP30YQ95bWxEXgxMzoJZeEd4HOhaeA0iNVtYMZhm0qpmrVMSmsS346XRcJLz5ntyjo7C8sSD1gNqs-nZ0Ur9EmORlsLT6AG9TSposWWuDdKjFKLKLI-uVr_iJW3REz__sCNz4gWLlcyL-7m7AJ8djbtKMtWkVq9IgEzOTTj92TJWaXHwanB4LVhNfgGhwqRzfpZgD_5ICGNvwpbDQ95x0t5pSmAU0xjhvnfdBMe2-tTrcVyFkqz_7Dqg3EYI1lN43gyD1FIBD6huyjOjXSWpk2xr6SmcMCXOWoFz3oaSk0M1Fb0SuCw7kIO1n4ghqhQKJQubrzKlPSaXa_6_DHl1ypL9ttlSBnVNWHRzTeIuMO4eA74yReJh8HpRxUeJy8OJlCuO9TebInhAZu2Boft4YDxGJP2BZOtd2trg89RDNnF1FQY1fSccnvPfqfAeL9NrkdSB-pUe5gknwGAw5havtM1Ou___lhHzM7zLC7C9LNyQX3EqPKeDLb6M5V-BfaUJA5AnZnZeqmFC4eDMSLFLvPDHK4WqIQsU7DSM1DtrvcaIN658yHXwX1PZysp38ASpWMc6uESgMeJrn2EZrtxWCwM73sgdHLAq8TL9RflqvwQ7rrzlPsCGdzaVCy_jfu4Vuq_RVHFD1o3ByBG_n9bG9dOCfBZU31L0I7FIeXWwYfz-n18ch2elRdVBTHx56X3DZylWrzYAZWfTf9GC7F2EhA471y6BvUQFUtqsVviYnufMPP6IjudFK6dijS_cJhpqMmTRBOqq3WFNCMWe49HqfXfvzNWPVS0Zljt-xPzwodpu2FImajJyo2e5nGOV4mprn6Gf58B21u4T7Grlbl-qPbPMypnKev1QrhwlHrI_QY_kwrq8YO-Y01s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
CSSPlugin.min.js
secure-ds.serving-sys.com/BurstingCachedScripts/AdBuilderScripts/ Frame 105D
27 KB
11 KB
Script
General
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/AdBuilderScripts/CSSPlugin.min.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/index.html?versionId=DAMWG0LdyZYZsMcVaTzLVdpDTJqD563y&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-199.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
484fe4a5e1df3fe20f5e032826bb99c91806f3947cf0a1d7249af40942c466ed

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/index.html?versionId=DAMWG0LdyZYZsMcVaTzLVdpDTJqD563y&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:00 GMT
content-encoding
gzip
last-modified
Tue, 18 Jul 2023 10:13:06 GMT
server
AmazonS3
x-amz-request-id
TMBXXDV1P69CVGN3
x-amz-cf-pop
JFK50-P7
etag
"11367100ead0fa91f9924179efcefb7e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
dDVnxeinmaJvK98FJGZXMQrDrtBcMAr0Z_Al9m-vIFYfxNkWSVaByw==
x-amz-id-2
rJMXC8J7neix8WxBVPtWJOkT9bh9QkYULGHXAsZ2nsElcP5EuzCNiyg2tFeSoPxESpyQ/b/BmcQ=
content-length
11288
uspCta.js
s0.2mdn.net/creatives/assets/3758099/ Frame 7B39
9 KB
2 KB
Script
General
Full URL
https://s0.2mdn.net/creatives/assets/3758099/uspCta.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c9ff8ea5b71f626b4784bce1f9c4f99d867bbbaf8118c333d8900c3e3096ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=YN0XoS0awT&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:24:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1658
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 09:25:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:39:08 GMT
whiteBox.js
s0.2mdn.net/creatives/assets/3758108/ Frame 7B39
6 KB
983 B
Script
General
Full URL
https://s0.2mdn.net/creatives/assets/3758108/whiteBox.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56473919810ca41d9a3fc806e7c069812236485277832f0f776355d6b5aa392f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=YN0XoS0awT&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:18:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
751
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
946
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 14:08:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:33:29 GMT
mainImage.js
s0.2mdn.net/creatives/assets/3773403/ Frame 7B39
12 KB
2 KB
Script
General
Full URL
https://s0.2mdn.net/creatives/assets/3773403/mainImage.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0e26767704a5936ffb300a08dc8d082e1f09e1bc12042e300ca43dacd363bcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=YN0XoS0awT&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:16:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
863
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1932
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 08:49:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:31:37 GMT
2023_10_PaaSWasdrogers_design.css
s0.2mdn.net/creatives/assets/5012106/ Frame 7B39
8 KB
1 KB
Stylesheet
General
Full URL
https://s0.2mdn.net/creatives/assets/5012106/2023_10_PaaSWasdrogers_design.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff0b2cfeb8c551e0f0bf67f73ab77de1a8f8bdee2aff664cfa1ea1557183ffa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=YN0XoS0awT&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:24:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
413
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1341
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 09:14:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:39:07 GMT
factSloganSplashV3.css
s0.2mdn.net/creatives/assets/3782803/ Frame 7B39
4 KB
760 B
Stylesheet
General
Full URL
https://s0.2mdn.net/creatives/assets/3782803/factSloganSplashV3.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42cd03b26510a01a94937934bcecac21051253240437083e6f4b32b3b599d1ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=YN0XoS0awT&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:20:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
724
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 11:52:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:35:25 GMT
factSloganSplashV3.js
s0.2mdn.net/creatives/assets/3782803/ Frame 7B39
35 KB
4 KB
Script
General
Full URL
https://s0.2mdn.net/creatives/assets/3782803/factSloganSplashV3.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a108713b0fc6c655c2e5347c35a5dfe5a5e970bb23f99ad521b695d943e74cba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=YN0XoS0awT&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:24:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
413
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4512
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 11:52:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:39:07 GMT
dobraslab-medium-webfont.woff
s0.2mdn.net/creatives/assets/3512464/ Frame 7B39
11 KB
11 KB
Font
General
Full URL
https://s0.2mdn.net/creatives/assets/3512464/dobraslab-medium-webfont.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3304ebafae2f97adb0f5d016454298a110bc449f68cda9c1afa3e01a325963e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Origin
https://s0.2mdn.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:27:13 GMT
x-content-type-options
nosniff
age
227
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11356
x-xss-protection
0
last-modified
Tue, 15 Oct 2019 14:21:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:42:13 GMT
dobraslab-book-webfont.woff
s0.2mdn.net/creatives/assets/3512464/ Frame 7B39
28 KB
28 KB
Font
General
Full URL
https://s0.2mdn.net/creatives/assets/3512464/dobraslab-book-webfont.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0129fef24101a11eaa58cb3eab025b451acc53fb30a6dcd6cce7237b07427e2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Origin
https://s0.2mdn.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:17:14 GMT
x-content-type-options
nosniff
age
826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28524
x-xss-protection
0
last-modified
Tue, 15 Oct 2019 14:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:32:14 GMT
aebl____-webfont.woff
s0.2mdn.net/creatives/assets/3512464/ Frame 7B39
20 KB
20 KB
Font
General
Full URL
https://s0.2mdn.net/creatives/assets/3512464/aebl____-webfont.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
609c9c8da515ce83f6dadac3fc67c7d3b9dd8ad6898eb9dda19c0b20b9a906a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Origin
https://s0.2mdn.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:26:56 GMT
x-content-type-options
nosniff
age
244
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20060
x-xss-protection
0
last-modified
Tue, 15 Oct 2019 14:21:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:41:56 GMT
OpenSans-Regular.ttf
s0.2mdn.net/creatives/assets/3512464/ Frame 7B39
95 KB
58 KB
Font
General
Full URL
https://s0.2mdn.net/creatives/assets/3512464/OpenSans-Regular.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Origin
https://s0.2mdn.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:27:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
218
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59331
x-xss-protection
0
last-modified
Tue, 15 Oct 2019 14:29:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:42:22 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DA8B
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tv.shoot-yalla.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
36313
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Nov 2023 17:25:47 GMT
expires
Fri, 01 Nov 2024 17:25:47 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9764
829 B
561 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0583a8c7355e6c435b2f7cd4ff605acf64578d9139de73f5b4927faf75feefdc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wYQtCnkJ01GJi-5ULxkLjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tv.shoot-yalla.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-wYQtCnkJ01GJi-5ULxkLjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:31:00 GMT
expires
Fri, 03 Nov 2023 03:31:00 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
EasePack.min.js
secure-ds.serving-sys.com/BurstingCachedScripts/AdBuilderScripts/ Frame 105D
4 KB
2 KB
Script
General
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/AdBuilderScripts/EasePack.min.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/index.html?versionId=DAMWG0LdyZYZsMcVaTzLVdpDTJqD563y&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-199.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1962a1c66c902d9648e4ade28d36cef821499b07d13f6cbe50aa5e57561d08f1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/index.html?versionId=DAMWG0LdyZYZsMcVaTzLVdpDTJqD563y&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:00 GMT
content-encoding
gzip
last-modified
Tue, 18 Jul 2023 10:13:06 GMT
server
AmazonS3
x-amz-request-id
TMBV6KX5E8SXEPSY
x-amz-cf-pop
JFK50-P7
etag
"367d034dd8d374fcdff6dea4e059142a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
VUT0WYOQDOlIl89MF32KPK6z8frDNdpEYz4ZAjkZURmdysFmc0s27A==
x-amz-id-2
7YEZwJOb2CXopZhR7qRCK41tfKbYtIA0yZ2HsPuRXYu06r4OmRa54tjxd2R3yEyKBzU4SkawJ6Q=
content-length
1456
whiteBox.css
s0.2mdn.net/creatives/assets/3758108/ Frame 7B39
47 KB
5 KB
Stylesheet
General
Full URL
https://s0.2mdn.net/creatives/assets/3758108/whiteBox.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5929e5619ff2bc33326c3129ef8262b0e770af5b8933335b0eac230208c91c1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=YN0XoS0awT&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:18:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
751
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5218
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 08:00:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:33:29 GMT
uspCta.css
s0.2mdn.net/creatives/assets/3758099/ Frame 7B39
10 KB
1 KB
Stylesheet
General
Full URL
https://s0.2mdn.net/creatives/assets/3758099/uspCta.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ee14843c640d449091f4f93908ace51b8da267c77ee0b35df0de10681792bc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=YN0XoS0awT&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:24:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1176
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 09:25:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:39:08 GMT
mainImage.css
s0.2mdn.net/creatives/assets/3773403/ Frame 7B39
7 KB
1 KB
Stylesheet
General
Full URL
https://s0.2mdn.net/creatives/assets/3773403/mainImage.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cf83b7bd8929de46fed575eacae708eb79c6f0085461d2e041c2603ff6be607
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=YN0XoS0awT&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:16:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
863
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1094
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 14:08:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:31:37 GMT
631a2480b3d08269680f4be2
feed.avplayer.com/backend/api/playlist/
5 KB
964 B
XHR
General
Full URL
https://feed.avplayer.com/backend/api/playlist/631a2480b3d08269680f4be2?AV_TAGID=64db8b44ba16e1afa30cb885&pid=64db8a3bf27a2554d7080489&cid=64db8a60085bb16f1504b425&AV_TEMPID=6192229fa59e3976bb4400aa&AV_PUBLISHERID=64db8a3bf27a2554d7080489
Requested by
Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=64db8b44ba16e1afa30cb885&AV_PUBLISHERID=64db8a3bf27a2554d7080489
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2e1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
istio-envoy /
Resource Hash
37aeb49d50cc7ad2b8f41bec5329dedcf7d9084d38615b898bb7295e1157a035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
istio-envoy
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-envoy-upstream-service-time
12
content-length
734
expires
Fri, 03 Nov 2023 04:31:00 GMT
avcplayer.js
player.avplayer.com/script/8.3/v/
467 KB
134 KB
Script
General
Full URL
https://player.avplayer.com/script/8.3/v/avcplayer.js
Requested by
Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=64db8b44ba16e1afa30cb885&AV_PUBLISHERID=64db8a3bf27a2554d7080489
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
5e9b8ebfa1254b34af577ad1427510ffd97d29ed1ac0b14370d6f31954d075cf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:31:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 Oct 2023 12:11:28 GMT
ETag
"1698408688"
X-HW
1698982260.dop216.am5.t,1698982260.cds271.am5.shn,1698982260.cds271.am5.c
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
137284
activeview
pagead2.googlesyndication.com/pcs/ Frame 462C
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWlcEYXnvROy-IW3wBZFi4-0wgq7P_h9v_6XeBPMQTO9if3JslPQnVTOHRELPtjrKD5PJxBSrc9MFc8bYpQiOKZVCxazjXfdJHAvz4N_DpX4v_j9goXd0ZkmZvkOsQPzg&sai=AMfl-YQwzQefi_nH9RJeFMXulPPoLi5fdl3Dy3DHqukFqk3uCDFitcAkYoiE8NAHSYJgIULo8w-iEQIwsbKm5V0KPGL2D8OSGhSYwv7zyxI9AlvFT3pVVR-_C6BLLfQu&sig=Cg0ArKJSzBEQQcBQBnd_EAE&cid=CAQSPADICaaNZKj37rpNTIWhq7_Y0z8FiLNfHtAtMpYkgWl4RXoY4KxUuS5JAU5nogPw1o1WJ9euxFlYblLTORgB&id=lidar2&mcvt=1007&p=1110,315,1200,1285&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=251597932&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698982259113&rpt=351&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9764
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310300101&jk=637430635397357&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

CB-logo.svg
s0.2mdn.net/creatives/assets/3782689/ Frame 7B39
5 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/3782689/CB-logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbLib.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c1e6e3f592d8c8b63e2b543ac0ccbae369ddb4604066dc97420c7a1d586ba8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=YN0XoS0awT&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
781
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1492
x-xss-protection
0
last-modified
Fri, 12 Jun 2020 07:30:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:32:59 GMT
TweenLite.min.js
secure-ds.serving-sys.com/BurstingCachedScripts/AdBuilderScripts/ Frame 105D
21 KB
8 KB
Script
General
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/AdBuilderScripts/TweenLite.min.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/index.html?versionId=DAMWG0LdyZYZsMcVaTzLVdpDTJqD563y&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-199.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3eb568caecd6ca476ae2143f0ec1597b4621e69708fc452354bd53c8d6b25373

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/index.html?versionId=DAMWG0LdyZYZsMcVaTzLVdpDTJqD563y&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:00 GMT
content-encoding
gzip
last-modified
Tue, 18 Jul 2023 10:13:07 GMT
server
AmazonS3
x-amz-request-id
PBZZSH09D0TWYVBK
x-amz-cf-pop
JFK50-P7
etag
"5ef824d2c8d4c77989c81525b59567eb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
V7a-WPjCcaANdyNR304r8ozANWBfVI77WUZpaWFdTUi7Giyh98FfAQ==
x-amz-id-2
cTcngyHKclB/BQLN5WEZDxl9MwCbqZ/K4zBGM2VDT5yzwC7RAFMGYhuA0gpvOg/GuwunFG0RX6s=
content-length
7373
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame DA8B
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:11:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
1170
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Nov 2024 03:11:30 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B80F
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9nxxWuIEBKqaroi9Qj42p63EdZTlagOHCm8w4peW5yJMb7ZQp2eXHqUr7XPIi1bzPtrC_mWmXBuXcsW7XbMIYMp1fyO9FD_CLgOehuEehWCDteXr97KV0IXHvabunTl1Fj4iXL7jnmXtT&sai=AMfl-YRSOAyMcHbGE8SJD5B2Tfq32hWUmijCrCVy5pzip9hU65nEQPyDMjVGNWEeJKbkt2iHmZdJ0HIUaA2frBlsukM-BSKJbs69oup_chRhD5UdNsp4KHXJz5iSkltxpPju6aoUGrk7mWQEi-JSqA&sig=Cg0ArKJSzAc2eiCsA1-DEAE&cid=CAQSTADICaaNk5V723ssSoIzdzsvhkex1b_FHkorlXVsTJ41qicO23k8FlP1iwpiJsZILOGaEmj_BzInQ8_ReEf4DKzwPHN1rTj3rH68ZKQYAQ&id=lidar2&mcvt=1000&p=103,0,353,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3826710058&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698982259040&rpt=474&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
970x90.svg
secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/ Frame 105D
4 KB
2 KB
Image
General
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/970x90.svg?versionId=kaACYekdG0ojxTWm7LjeVjWlYXOnW6_R
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-199.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
19fb2a01f28c4d3258caef64e9a9caf9a654e6132745662e9cb9b3b98c3df3c7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/index.html?versionId=DAMWG0LdyZYZsMcVaTzLVdpDTJqD563y&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
kaACYekdG0ojxTWm7LjeVjWlYXOnW6_R
content-encoding
gzip
date
Fri, 03 Nov 2023 03:31:00 GMT
last-modified
Fri, 13 Oct 2023 15:35:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"5b7fd9b93c34ffe4eac5f0e53c928757"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
sd-z_7uaF39bWCn4cJsBkaHHGfUTNZSYs_NwQuAnRaAJFTS4G7AAjA==
content-length
1811
expires
Mon, 31 Dec 2035 00:00:00 GMT
Sub%209.svg
secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/ Frame 105D
13 KB
4 KB
Image
General
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/Sub%209.svg?versionId=9ddKnjJUD7FBclzFDt..w5T_H9I30Vb9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-199.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6e568d12a1c36522614b6810b62dc6311b82caf24c3cbc6a08c983e7b3393b7e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/index.html?versionId=DAMWG0LdyZYZsMcVaTzLVdpDTJqD563y&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
9ddKnjJUD7FBclzFDt..w5T_H9I30Vb9
content-encoding
gzip
date
Fri, 03 Nov 2023 03:31:00 GMT
last-modified
Fri, 13 Oct 2023 15:35:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"78463df7cc4e3d8a1497c16c7f3df6d9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
NUOOx4cLOaDqSIBVT-457pOjfKkqQlj-lcgJHSQcBFhXqzv1T4ik7w==
content-length
3650
expires
Mon, 31 Dec 2035 00:00:00 GMT
Boton%20AW.svg
secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/ Frame 105D
4 KB
4 KB
Image
General
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/Boton%20AW.svg?versionId=3SN_n0f51i2eEwnCCQWMRdVkomswSLai
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-199.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
43f71acce1e33e699dca80489cbfca298a9d2e62f8b418711e93569343eb6424

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/index.html?versionId=DAMWG0LdyZYZsMcVaTzLVdpDTJqD563y&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
3SN_n0f51i2eEwnCCQWMRdVkomswSLai
date
Fri, 03 Nov 2023 03:31:00 GMT
last-modified
Fri, 13 Oct 2023 15:35:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
etag
"4e96519815bc15335a6cabe260bd507f"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
4141
x-amz-cf-id
uBfJjLweoLR70ccRwwoUgkodOoZ4RBwb-AVEF5oEuc2KDDfi9Yrg3A==
expires
Mon, 31 Dec 2035 00:00:00 GMT
Logo%20AF.svg
secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/ Frame 105D
15 KB
6 KB
Image
General
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/Logo%20AF.svg?versionId=irYQpb3Y5KT41eV7LanvntXlR3WNucJ9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-199.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
27dca54df0121d401e73aa689f12b452552300d66b4d85dbd3620882dc185483

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/index.html?versionId=DAMWG0LdyZYZsMcVaTzLVdpDTJqD563y&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
irYQpb3Y5KT41eV7LanvntXlR3WNucJ9
content-encoding
gzip
date
Fri, 03 Nov 2023 03:31:00 GMT
last-modified
Fri, 13 Oct 2023 15:35:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"87b32f4ccc8d58ee4dc0eb48cb750a2c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
LwdKB1DScJNKDcqCs_RyxBr3sF4xsUZLFzsCm-bmbyzmLJGKtkQnhw==
content-length
5657
expires
Mon, 31 Dec 2035 00:00:00 GMT
Head%209Py.svg
secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/ Frame 105D
13 KB
4 KB
Image
General
Full URL
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/Head%209Py.svg?versionId=pOF60uTmUShryOrH5UQ_yqdnPBVUOjbm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-199.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0e5acb2ea5e47f9e0705e387e6eb37efb4358f51d829de4ddfa4b3261f522ad7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://secure-ds.serving-sys.com/resources/PROD/html5/1073746760/20231013/1077273926/82859835576821196/index.html?versionId=DAMWG0LdyZYZsMcVaTzLVdpDTJqD563y&v=_2_174_1_0&n=1&sHost=secure-ds.serving-sys.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
pOF60uTmUShryOrH5UQ_yqdnPBVUOjbm
content-encoding
gzip
date
Fri, 03 Nov 2023 03:31:00 GMT
last-modified
Fri, 13 Oct 2023 15:35:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"d163701d7d8431a9ac5c242f01062478"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
plE0wF6pPzHraMzHij7PAzrL4LnAQVBaR2ALP29-iqrgW_fxUFVoWA==
content-length
3958
expires
Mon, 31 Dec 2035 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame DA8B
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?OkrEpw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ui.js
player.avplayer.com/script/8.3/v/
369 KB
83 KB
Script
General
Full URL
https://player.avplayer.com/script/8.3/v/ui.js
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
b04bdbc4035697ffd9ea50cc74dbb3323119a55935c79ff097903914e9d97ead

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:31:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 Oct 2023 12:11:28 GMT
ETag
"1698408688"
X-HW
1698982260.dop216.am5.t,1698982260.cds271.am5.shn,1698982260.dop216.am5.t,1698982260.cds143.am5.c
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
84696
adServer.bs
bs.serving-sys.com/Serving/ Frame 462C
0
294 B
Ping
General
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&dmae=0&int=1091776460~~0~~1078198249~~2668656297493226470^VsIAB~0~0~01020~1118&usercookie=u2=a47afddb-30f9-4109-807d-2ef61126fc03&OptOut=1&rnd=0.23652513841969247&res=32
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5PoliteBanner.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.87.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-87-200.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:00 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Sun, 05-Jun-2005 22:00:00 GMT
sprite.svg
player.avplayer.com/script/8.3/v/assets/
15 KB
5 KB
Fetch
General
Full URL
https://player.avplayer.com/script/8.3/v/assets/sprite.svg
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/ui.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
e41de3c6155dadd975865a80daf027d450c656e1ddb132cabc96fb800f35629e

Request headers

Accept
image/svg
Referer
https://tv.shoot-yalla.live/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:31:01 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 Oct 2023 12:11:29 GMT
ETag
"1698408689"
X-HW
1698982260.dop247.am5.t,1698982261.cds218.am5.shn,1698982261.dop247.am5.t,1698982261.cds231.am5.c
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4828
AVmanager.js
player.aniview.com/script/6.1/ Frame F1AE
450 KB
129 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=64db8a3bf27a2554d7080489
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3100:189::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
06ceb675c8c76ea5bdbe69ac96b9a1b022c160e67c75330e3adcb661f11d0b99

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:01 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqSBYL2UpD9ljGJuvaa04T4UStufzBuAl7L41_r8-L1Aeq1gkbX8INYp4w5oC2eJLIfXk70mlvzoXOhx0X_H0ear_AcBUQC
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
131426
last-modified
Sun, 22 Oct 2023 07:19:48 GMT
server
UploadServer
etag
"8e7113a72b0ab721669c4c6d91a61813"
vary
Accept-Encoding
x-goog-generation
1697959188642482
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=oGHI9A==, md5=jnETpysKtyFmnExtkaYYEw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
131426
accept-ranges
bytes
expires
Fri, 03 Nov 2023 03:41:01 GMT
arrow-white.svg
s0.2mdn.net/creatives/assets/3782689/ Frame 3015
659 B
491 B
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/3782689/arrow-white.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ee73a11f7deaf542b5417e0fa5adac6d92212515da73813d552157337d25cfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=X0c0tHe0sE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
316
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
455
x-xss-protection
0
last-modified
Fri, 12 Jun 2020 07:26:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:40:44 GMT
Wasdrogerabonnementen_970x250.png
s0.2mdn.net/creatives/assets/5012109/ Frame 3015
676 KB
677 KB
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/5012109/Wasdrogerabonnementen_970x250.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0853d900297c15c973c5452ea5c0c1e1a6c4b464a487ffd9f017f5eb91ea8d62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14879938197739012096/nl-NL_Display_Branding_2023_10_PaaSWasdrogers_970x250.html?e=69&leftOffset=0&topOffset=0&c=X0c0tHe0sE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:01 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
692694
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 07:57:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:46:01 GMT
OpenSans-Bold.ttf
s0.2mdn.net/creatives/assets/3512464/ Frame 3015
102 KB
61 KB
Font
General
Full URL
https://s0.2mdn.net/creatives/assets/3512464/OpenSans-Bold.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7916a37377e38527d4306303cfe89b653b49b0a6b0b05c6b7593f7ab0248da8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css
Origin
https://s0.2mdn.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:18:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
743
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62275
x-xss-protection
0
last-modified
Tue, 17 Dec 2019 08:35:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 03:33:38 GMT
large-poster.jpg
content1.avplayer.com/60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/
17 KB
17 KB
Image
General
Full URL
https://content1.avplayer.com/60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/large-poster.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::213:c66b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
9f66145fbaf681859fb04fc4cdedf358806d85dd27355199545b97db90d48829

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:01 GMT
x-guploader-uploadid
ABPtcPrvP7WdXOASfZOxRYwesgyItepsHZz7bsHacr43z7tyi85B0vXrhxvK48uu4tkY8ppoJ3C_zzN6hkDc9ceeshXXcg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
16959
last-modified
Thu, 08 Sep 2022 15:38:37 GMT
server
UploadServer
etag
"0ee97d2dcd219d582aee0cecbb70cafd"
x-goog-generation
1662651517684609
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=SZ/7Cg==, md5=Dul9Lc0hnVgq7gzsu3DK/Q==
access-control-expose-headers
Content-Type, range
cache-control
public, max-age=2592000
x-goog-stored-content-length
16959
accept-ranges
bytes
expires
Sun, 03 Dec 2023 03:31:01 GMT
Yamkarish.mp4
cdn-adipolo.urekamedia.com/test/a92a53cfdb1b435a8/
880 KB
881 KB
Media
General
Full URL
https://cdn-adipolo.urekamedia.com/test/a92a53cfdb1b435a8/Yamkarish.mp4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b69aa3b1ddab3889f728d1e9f06b11390eaabacf8244bca766525354e55bd915

Request headers

Referer
https://tv.shoot-yalla.live/
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Range
bytes=0-

Response headers

x-77-pop
frankfurtDE
date
Fri, 03 Nov 2023 03:31:01 GMT
x-age-lb
822103
x-77-cache
HIT
Content-Range
bytes 0-900871/900872
x-accel-date
1698160158
Content-Length
900872
x-77-nzt
AcO1ryc3Nzf/V4sMAA
x-accel-expires
@1699196903
x-77-age
822103
x-cache-lb
HIT
last-modified
Tue, 06 Sep 2022 14:19:18 GMT
server
CDN77-Turbo
etag
"631756e6-dbf08"
x-77-nzt-ray
25b0213164f8159b756944659eade207
content-type
video/mp4
access-control-allow-origin
*
gen_204
pagead2.googlesyndication.com/pagead/ Frame 462C
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3559437327610&version=m202309260101&ct=77&x=1&cor=4651020011954534000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B80F
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7383478707371&version=m202309260101&ct=76&x=1&cor=15444431270959145000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310300101&jk=637430635397357&bg=!mZqlmtXNAAb4oU7C2KE7ADQBe5WfOMcjInzZvySuDKnWN1ZMhz2UitHCt8ZEfKmA1BowRJTC_l8Whek4R94FzvUj-m0IAgAAAEtSAAAABmgBB5kDI6-GErgBfXroJRVcK35lAznrzAo4axIqNPb4wnK_3OHuS43rI8wfmg2e9Et8igYwchc0ohQiPqt-rao_dXsSIB431tH4TSJeKBa43c_Nj6ZpoDTwDXgvi5294vSMkmh9ocL4zahBGUt08uv18tkzlpFTbnwc07EWOx2wyA7LtRKo0tVA0iABmIREmrgfhgb6RyrSccxGQfdEQVdll7sVmXPPPrhOhYlH2vVU_KVH-uWy8Gu9U7E9ULw8ScpYAegeHS54SzGulL3PwCa8jENuOd6MFOzJtJs4heN7NP0KlcPVXPyPeRnzsT7lo5swJ0v5db2so_tyMeiFf8cVF_CMdnFY6YZSlHkNdPHi38NsBQLxoVdNxN_JQKgJ_UoZVAuVmQ0VKsQfe3WcSGEdjVEs6KRw1wZhM1LAu3-iytdJAndmIVIY6pHADgZBIAwccqBcqOcFs8Y1Emp5Z-p5f7IdhWlnTC2L7fjQIrBLXkxnxxGi5qoRgpzpqtzlWeYuVOPvJvlb9ngIjgrfafvYm0ROZmBrCzoHJYzVSehRXZOKPh0k_-k1u5VEyxm_FKDyqDS5-nE9-o1GLnv2sBNrDw0A_nch6299CABmsNj9_hFnp2bAjBI6ZSLd7Hg3YR6WDOvlPJFDt81lJTN-LU7z-p3GdsrwSOQqBuM749c6vi7dc2P66XWaf0VUqq3ShZcLcNW4Kuw5kwgi2HVU4KgeCF5XJyuIjMCBVZh1tqbg7kG8RQ_GWNliMRNSGZPbyxugrvnmV2AIIJ4HiACd1fBMIYA65hcn63ly_GHYyis0QhumUQm1GFMivZFeV1S2ejdGcInPmjhSreL3y1p4sL_OE5BM3Lmzjepx52fwE41oFys5PKDgHPgDA0-FQLO1Px5UN3M8lvp73NOU8Y_r-rtpvxOEWOFBomvLBqCCUgXruvkBWtFseox9K78NHjyvDCT4HtOJVJUE-UhgCfzA6GYdPP7XW1TaU6xAkfAMVK1rB9ivhPsdf3QoUipqCXb585Kl8RTDwhp07-3oDWpEYM6np9P0QSrw5Ugbn-ruWOL1BwXTHUo98Q6Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

truncated
/
194 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23ccc2eb5ab2f26dc90911585b07893758e681dca2f83417457640c91a407fb9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
573 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0213165f17c942a002a9ab00385e768717b2a9ebe889cdb37f092d3bc7715f33

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
242 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00cc63cd6ed4b645ed0a274e431628073d79150a2e0a3c20c5ab2685abc43c95

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
528 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cede6b4d3db7dfd01d7d6e9bf322105ac466e167be6ca281e9ac500b1f302194

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
224 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
306 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6621912d07a2de8622885fddfd9a6ce5f5bdb3a0923d599fa2bd70982df19029

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
325 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
398 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
/
serv.modoro360.com/api/adserver/tag/
127 KB
6 KB
XHR
General
Full URL
https://serv.modoro360.com/api/adserver/tag/?AV_TAGID=64db8b44ba16e1afa30cb885&AV_PUBLISHERID=64db8a3bf27a2554d7080489&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Ftv.shoot-yalla.live%2Flive%2F13150%2F12618%2Futah-jazz-vs-orlando-magic%2F&AV_CHANNELID=64db8a60085bb16f1504b425&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&TRACK_URL=servt.modoro360.com&pce=1&npx=1&AV_DETDOMAIN=tv.shoot-yalla.live&AV_DADPOS=1&AV_OPLACEMENT=1&AV_TAG=64db8b44ba16e1afa30cb885&AV_TEMPLATE=6192229fa59e3976bb4400aa&AV_GPID=/64db8a3bf27a2554d7080489/64db8b44ba16e1afa30cb885/tv.shoot-yalla.live&d36=6.2.139&responsive=1&sver=4&avtoken=261219&omv=1.0.1&AV_D65=Test1&AV_D66=8.4.5&clsid=4fb1b5ca-efde-4b90-b6c6-e2828dfcacc9&rando=60&AV_WIDTH=500&AV_HEIGHT=281&AV_DNT=0&cb=1698982261227&AV_CGUID=01ftrvrvyj4bm5fq8f05&AV_CGUIDLIST=01ftrvrvyj4bm5fq8f05,01ftrvrvyj4bm5fq8f06,01ftrvrvyj4bm5fq8f04&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=64db8a3bf27a2554d7080489
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.83.253.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-253-175.compute-1.amazonaws.com
Software
/
Resource Hash
ecce27dc9da46299d3315af10259efe0b635e6132746dc6ff2267bcaf65219bd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:01 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://tv.shoot-yalla.live
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Sun, 22 Oct 2023 13:44:21 GMT
track
servt.modoro360.com/
0
142 B
Image
General
Full URL
https://servt.modoro360.com/track?r=tv.shoot-yalla.live&sn=&ic=0&tgt=0&app=&wi=500&he=281&test=&d36=6.2.139&apppkg=&fv=1&proto=https&d65=Test1&d66=8.4.5&clsid=4fb1b5ca-efde-4b90-b6c6-e2828dfcacc9&rando=60&pid=64db8a3bf27a2554d7080489&cid=64db8a60085bb16f1504b425&stagid=64db8b44ba16e1afa30cb885&stplid=6192229fa59e3976bb4400aa&pt=2&d66=8.4.5&d74=&stagid=64db8b44ba16e1afa30cb885&stplid=6192229fa59e3976bb4400aa&cvid=631a0c74c080af4ad20201d2&cpid=631a2480b3d08269680f4be2&str=viewable&cmssynd=%5B%5D&e=inventory&vi=100&cb=1698982261226
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:01 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 734F
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8603821692094&version=m202309260101&ct=76&x=1&cor=454570151984943900
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
avpb7.51.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame F1AE
222 KB
71 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=64db8a3bf27a2554d7080489
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3100:189::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
da113d5c8af5bc0b2ef4a2ad0f7111caf9374be70bb5ee17ea2149bb66ae6ad2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:01 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpRRWdUi8cGmunV4EJnY80N1EWphy9i2mhhrjjmaVpIj4PYV64ar9nnn6Hus49NWojkR_pqCG6GTf2FbuzmWUD0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
72053
last-modified
Sun, 22 Oct 2023 07:19:49 GMT
server
UploadServer
etag
"2c4aff4ffc206a5fec8a0487c85e3bdd"
vary
Accept-Encoding
x-goog-generation
1697959189324608
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=45byVA==, md5=LEr/T/wgal/sigSHyF473Q==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
72053
accept-ranges
bytes
expires
Fri, 03 Nov 2023 03:41:01 GMT
avpb7.51.0a4.js
player.aniview.com/script/6.1/libs/prebid/ Frame F1AE
65 KB
21 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a4.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=64db8a3bf27a2554d7080489
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3100:189::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
02bc356eb76e07148556c04423a5b9fca14e665572e2b26a67ddd6e91f30f41e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:01 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqq_kyGjIN251ac9qgB0dDWe_6J1zDC0tXEit1YLdAQH-qlux0G7VAHv8fG8UVUbscI_yp_MvlYjioJ6kG96j1Y-70djLBM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
21452
last-modified
Sun, 22 Oct 2023 07:19:49 GMT
server
UploadServer
etag
"cf8cf775869bd56fa5b0f9c05f8649c9"
vary
Accept-Encoding
x-goog-generation
1697959189353301
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=BUmMFA==, md5=z4z3dYab1W+lsPnAX4ZJyQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
21452
accept-ranges
bytes
expires
Fri, 03 Nov 2023 03:41:01 GMT
avpb7.51.0a5.js
player.aniview.com/script/6.1/libs/prebid/ Frame F1AE
69 KB
23 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a5.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=64db8a3bf27a2554d7080489
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3100:189::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
96846fb895748b870e5f744b328ae2f611a996fe04e023547f5534121c41d86f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:01 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpFUWA2Be-pCU_GWLV7lfGCADkoLSeawhk-A7rKupO0HlzpEKSTbtPsQ6juVtRizscAQlfxVDHG3EB9B1g_CA3ylg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
22568
last-modified
Sun, 22 Oct 2023 07:19:49 GMT
server
UploadServer
etag
"7e3e66d3d4e212c749c7e7d1bbe3f062"
vary
Accept-Encoding
x-goog-generation
1697959189362266
x-goog-hash
crc32c=zVGnNQ==, md5=fj5m09TiEsdJx+fRu+PwYg==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
22568
accept-ranges
bytes
content-type
text/javascript; charset=UTF-8
expires
Fri, 03 Nov 2023 03:41:01 GMT
jazz_1.m3u8
a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/ Frame 4C2A
438 B
793 B
XHR
General
Full URL
https://a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/jazz_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.205.187.54 , Netherlands, ASN213373 (IPCONNECT, SC),
Reverse DNS
Software
nginx /
Resource Hash
30bf45fa84ae6f7443b8334ef394ace3e448d2cc4a9a844c9aa2ffc06d4fef92

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:31:01 GMT
Last-Modified
Fri, 03 Nov 2023 03:31:01 GMT
Server
nginx
ETag
"65446975-1b6"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
438
cdb
bidder.criteo.com/
0
198 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.51.0&cb=79531499210&lsavail=1&bundle=xKKoIF9OdkpGUkRiREZFdCUyRkhNbEZiVE5qWGRET2dqM2FKM1JrdEVPR2QlMkZyJTJGUiUyQkhLR3pmaXVkJTJCOXdBa2RhZnRoa3NiaVRNZHJVUFJ0MndnU2QzJTJCYjZHQkx2dnVmYmxGY255QmhKaTloaFIzd1pMeEVkZFk4d3BnU0ZZZXNUUGNCYWQ5UHYyZ0JlU3BwWjlGJTJGM3JmcEFZOFY2S1QlMkZnaWxKNnZDbGhnalpEVFE2WGEwJTNE
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://tv.shoot-yalla.live/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tv.shoot-yalla.live
date
Fri, 03 Nov 2023 03:31:01 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
c
prebid.a-mo.net/a/
0
173 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tv.shoot-yalla.live/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Fri, 03 Nov 2023 03:31:01 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://tv.shoot-yalla.live
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
ads
securepubads.g.doubleclick.net/gampad/
96 KB
44 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=637430635397357&correlator=2520349710941873&eid=44807409%2C31079197%2C21065725&output=ldjh&gdfp_req=1&vrg=202310300101&ptt=17&impl=fifs&iu_parts=21939239661%3A22891901908%2Capl%2Caplmcm%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=160x600&ifi=11&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Da3aaed41d9e71383%3AT%3D1698982258%3ART%3D1698982258%3AS%3DALNI_Mb0zFKhOm8VwXhnRi6_rF2lKshluA&gpic=UID%3D00000cb3652e833e%3AT%3D1698982258%3ART%3D1698982258%3AS%3DALNI_MaF18pyieaqm74xanFhON952Q9GTQ&abxe=1&dt=1698982261887&lmt=1698981014&adxs=1600&adys=313&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Ftv.shoot-yalla.live%2Flive%2F13150%2F12618%2Futah-jazz-vs-orlando-magic%2F&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=160&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=909424221.1698982258&ga_sid=1698982258&ga_hid=1857058342&ga_fc=true&dlt=1698982257542&idt=563&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-1698982261866-0%26excl_cat%3DPREPOST&adks=4173754796&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
10a9bbbbcc7d11e2b2d7bd1c4d75126e0bc030ca50223f03d8d9b9b07972a899
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:02 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44986
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tv.shoot-yalla.live
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
jazz_1.m3u8
a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/ Frame 4C2A
438 B
793 B
XHR
General
Full URL
https://a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/jazz_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.205.187.54 , Netherlands, ASN213373 (IPCONNECT, SC),
Reverse DNS
Software
nginx /
Resource Hash
30bf45fa84ae6f7443b8334ef394ace3e448d2cc4a9a844c9aa2ffc06d4fef92

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:31:01 GMT
Last-Modified
Fri, 03 Nov 2023 03:31:01 GMT
Server
nginx
ETag
"65446975-1b6"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
438
container.html
1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0120
6 KB
3 KB
Document
General
Full URL
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl_fy2012.js?cb=31079197
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tv.shoot-yalla.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:30:58 GMT
expires
Sat, 02 Nov 2024 03:30:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8FB8
466 B
235 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGMb2s-cBMAE&v=APEucNVM5tfDHWBtTKTLLIDnY-QU4OqfXSxPBsfMx0DRSlLbT-QSTfpwXoeCv_tcZJyo2aVc35DKeON1xDTxVgrirpZ6nJAeP_Zdr6fjNWYAoYrWtHwcqV-nq7Fvv4beReqK8vVIXl-OM1zUBK0NwLfqUizikBfuf9nz0qSJCD3xow63m8nH7zU
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:31:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 0120
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:25:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
29140
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9345
x-xss-protection
0
server
cafe
etag
15168757854195530193
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:25:22 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame 0120
7 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 20:17:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
26042
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 20:17:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0120
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstWyL7m6FR7dzXeuiVe29Bd0Jj9JWaHIMrfduFJA0Js1KqobkoVoqTfnFKYlHZpjARKaS9j6n7XXrUBUd2FtQgmj86ZT6PULdRD_3ZbeRGCDlJWyaKXO8_mHwAial2eHYZ1E9VAcya45IL4qXAZYAt6hHYEpgbVxFfj2CidgPXUKwHKGxWUQ8oP2hXZ0tYtD9OkO7A2xfU613l9AQqBOVLo2oBBLtbh09MUc84VtVd9cPYyGqh6MCTf5V4R7uSGR_lIb-n9Ysz-S3CkRApZtxK5UYkah7ntiK6KoSttetPjh7aCJQwKRUqJcDv9u7IH5qyt4AgaqzBGnXf3AUadNGCEORh2N6NY1i0lcKIwYGP5IYVAycNsERemp4ozOugECbxBThBrUzL3nUHnxX3LLsTb5mOUMTGg4oAdGCrKbCR8ZWnXu1T3Kv9fG7dDCspZtgWgXMx0ytF72l6przoEEUNGn0BBy3U9BMVSELIFD6X2YbUtl3uEAFVBMCF6-7LZqdDSGZBX74a4OrlQmULHR2dqlAGfsSiTGEkAp82M2EGnF09N7LcwO4SKjpBPsthDNO6lKsuyXSxXHbMWQGvAMqt-o7lmuFTWgf9kR3qohNdJFDYAKi1rK6tSYZgPgFwWUhkxeUFb2BEwoZdWnoOkcLHXPOj2doMfrwgdWC-4GoG-HjYi89bTOdj9uwptOJuX7jfWjZ1cvn-GIDYl9-dedYWM4PcX0pe07X9kNGPd67vdvWoR0KzZwMkbWtWCb3oqoAg9H1wOH3hQ7p_NSJg3Ekru-f1PoQuEpPwCTyrYJiAmUXzDYv545SY5DJrOuAsuGH4JO5cm9ncjGq_6iyLT9AragGkUms-eYOu3evyut25KIAgKEorcwkrcmB65HoTt9AzCfZmmDenxPBO-teiXmf2alhQYfNpUHFDlCU1DIzzQdQUp-N3RLwlrcA_gtbimleIjSUkiABGry9R9fM4GUGb-V7wksYcKBptnLvMoY0v6AZCKaLq6heG3U_uuhpbrB6Cfm5TenVXQvylFyhDpr6BgnwJGbn4B7nHWxqxrqWX8u6OlDBNCbc7OiVYpNTOpmwKlo9sbGDGtXVmqdCieVs6DnQ3VCLIRt71u1S_FspnI9KEUDNVoqPAFpvN-jJiwwWPAtq_cXnbFVO4KArWxyoqk4AkfkaJjMleeBD2Usvdd0S47mtoIFKiHEKhkjiCoHs-du9DB7gYMhCnENS2ZUWDmuEVa5J829H6QCbPkeWOmunFycA9TvKLXzj49EztK90yV4A3ugW6Qag8F2Y39N31xjx97VqHYB6K7pDYYq_QSlKr5CtIOe1DkOxzICMI3UvMQQKvfTeDweIyMHhNmWedBZgMsaoH6XN3BpcIvFIqUSxbApcF2U1YWDYtsZcP8bksliemih6RIgRd2HlfiMh6Bvwj1m_41XE67U4A9pCK_SjF720CkAPwo9Ru7LMGoU9n9IS9V6kmJ7OBt&sai=AMfl-YRd3lqoqZJ-nVPKDVXvJcQ2bCF4ZgdibSvcZGDG-XF0nDerRF7ixdLbUKT888CIyIWS9zE_sVczxcuF8wyj7XOmtUffhmWtVoIDprWvsrhEdvGCx_ol6ZnEGBVWSo2gbwkzZmv2S7xvNKbg0S99HXwuYVlZQXtlbOMxjmQDKqlU7uYAj9F-mrLL_BtYVP7T4MgUl0h3m_qJqYoeLlW5Gyt13iWbIDb0BSFGLmV0YGe4rRfvWiXJe0QZeM2huHQ4_63FZ44p8YCfrLqpULWjNAv_zDD5WrDpTt8FFzLhGTURnIasVVzaRLwbXeziJGwkwvtCcHfVv5V3k6Olrqo5OuJP-zU4xUEEmzuHyvwAoe88m6iWPD9tcmIGxFeZgPq_dCRCEImtNn6NF7B2RC1IzZCWk_39f6s64iDzd6CplrpliGboctqrlg&sig=Cg0ArKJSzGWIP0zHTpN_EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231101.92914&arae=0&ftch=1&adurl=
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 03 Nov 2023 03:31:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 0120
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 02:22:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
90516
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 02:22:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 0120
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
29462
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:20:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1982
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
4135
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 02:22:07 GMT
etag
48472445140208031
expires
Sat, 04 Nov 2023 02:22:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 0120
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 19:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
29462
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 19:20:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0120
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DEKP5w-bMDIlkpteiJPZI9PzfqD15QSVf1aJaONr7iFtb64rR1E7UJDeLlbnO1DOC0jqm__USQeeGf4OvQ-M6BlOb3v_sxrbPmBKqAswuL5N_3ZIA
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 0120
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_IMcafcZPN6htyOwyE-giQfcqqNOxAyc7anyAlGtOEDODC_g9wLU3g0YJcKgBg6k4GCNB2kcS37k8qHDAFueiFH0mgg
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0120
189 KB
59 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Nov 2023 03:31:02 GMT
11447508629039149190
s0.2mdn.net/simgad/ Frame 0120
19 KB
19 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/11447508629039149190
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eef8e23801cc13c6ecdde36dafb161c3149c6f82b88bc7204f4bb51e395d94c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 10:33:48 GMT
x-content-type-options
nosniff
age
406634
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19711
x-xss-protection
0
last-modified
Thu, 20 Apr 2023 20:50:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 28 Oct 2024 10:33:48 GMT
beacon
tag.researchnow.com/t/ Frame 0120
42 B
445 B
Image
General
Full URL
https://tag.researchnow.com/t/beacon?pr=288231&adn=3&ca=29702965&si=3554638&pl=365167042&cr=191021523&did=ADID&ord=613813850&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-26.muc50.r.cloudfront.net
Software
Apache/2.4.57 () / PHP/7.2.34
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 02:33:26 GMT
via
1.1 55965767fb32678a90a721ccc878aa86.cloudfront.net (CloudFront)
server
Apache/2.4.57 ()
x-amz-cf-pop
MUC50-P3
age
3456
x-powered-by
PHP/7.2.34
x-cache
Hit from cloudfront
content-type
image/gif
p3p
CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
42
x-amz-cf-id
YHPVQA1HftWeeZaXhoONhEZg96XuQkMo4wD4SNL8rmHOlwiLMnZ6KQ==
expires
0
view
googleads4.g.doubleclick.net/pcs/ Frame 0120
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstWyL7m6FR7dzXeuiVe29Bd0Jj9JWaHIMrfduFJA0Js1KqobkoVoqTfnFKYlHZpjARKaS9j6n7XXrUBUd2FtQgmj86ZT6PULdRD_3ZbeRGCDlJWyaKXO8_mHwAial2eHYZ1E9VAcya45IL4qXAZYAt6hHYEpgbVxFfj2CidgPXUKwHKGxWUQ8oP2hXZ0tYtD9OkO7A2xfU613l9AQqBOVLo2oBBLtbh09MUc84VtVd9cPYyGqh6MCTf5V4R7uSGR_lIb-n9Ysz-S3CkRApZtxK5UYkah7ntiK6KoSttetPjh7aCJQwKRUqJcDv9u7IH5qyt4AgaqzBGnXf3AUadNGCEORh2N6NY1i0lcKIwYGP5IYVAycNsERemp4ozOugECbxBThBrUzL3nUHnxX3LLsTb5mOUMTGg4oAdGCrKbCR8ZWnXu1T3Kv9fG7dDCspZtgWgXMx0ytF72l6przoEEUNGn0BBy3U9BMVSELIFD6X2YbUtl3uEAFVBMCF6-7LZqdDSGZBX74a4OrlQmULHR2dqlAGfsSiTGEkAp82M2EGnF09N7LcwO4SKjpBPsthDNO6lKsuyXSxXHbMWQGvAMqt-o7lmuFTWgf9kR3qohNdJFDYAKi1rK6tSYZgPgFwWUhkxeUFb2BEwoZdWnoOkcLHXPOj2doMfrwgdWC-4GoG-HjYi89bTOdj9uwptOJuX7jfWjZ1cvn-GIDYl9-dedYWM4PcX0pe07X9kNGPd67vdvWoR0KzZwMkbWtWCb3oqoAg9H1wOH3hQ7p_NSJg3Ekru-f1PoQuEpPwCTyrYJiAmUXzDYv545SY5DJrOuAsuGH4JO5cm9ncjGq_6iyLT9AragGkUms-eYOu3evyut25KIAgKEorcwkrcmB65HoTt9AzCfZmmDenxPBO-teiXmf2alhQYfNpUHFDlCU1DIzzQdQUp-N3RLwlrcA_gtbimleIjSUkiABGry9R9fM4GUGb-V7wksYcKBptnLvMoY0v6AZCKaLq6heG3U_uuhpbrB6Cfm5TenVXQvylFyhDpr6BgnwJGbn4B7nHWxqxrqWX8u6OlDBNCbc7OiVYpNTOpmwKlo9sbGDGtXVmqdCieVs6DnQ3VCLIRt71u1S_FspnI9KEUDNVoqPAFpvN-jJiwwWPAtq_cXnbFVO4KArWxyoqk4AkfkaJjMleeBD2Usvdd0S47mtoIFKiHEKhkjiCoHs-du9DB7gYMhCnENS2ZUWDmuEVa5J829H6QCbPkeWOmunFycA9TvKLXzj49EztK90yV4A3ugW6Qag8F2Y39N31xjx97VqHYB6K7pDYYq_QSlKr5CtIOe1DkOxzICMI3UvMQQKvfTeDweIyMHhNmWedBZgMsaoH6XN3BpcIvFIqUSxbApcF2U1YWDYtsZcP8bksliemih6RIgRd2HlfiMh6Bvwj1m_41XE67U4A9pCK_SjF720CkAPwo9Ru7LMGoU9n9IS9V6kmJ7OBt&sai=AMfl-YRd3lqoqZJ-nVPKDVXvJcQ2bCF4ZgdibSvcZGDG-XF0nDerRF7ixdLbUKT888CIyIWS9zE_sVczxcuF8wyj7XOmtUffhmWtVoIDprWvsrhEdvGCx_ol6ZnEGBVWSo2gbwkzZmv2S7xvNKbg0S99HXwuYVlZQXtlbOMxjmQDKqlU7uYAj9F-mrLL_BtYVP7T4MgUl0h3m_qJqYoeLlW5Gyt13iWbIDb0BSFGLmV0YGe4rRfvWiXJe0QZeM2huHQ4_63FZ44p8YCfrLqpULWjNAv_zDD5WrDpTt8FFzLhGTURnIasVVzaRLwbXeziJGwkwvtCcHfVv5V3k6Olrqo5OuJP-zU4xUEEmzuHyvwAoe88m6iWPD9tcmIGxFeZgPq_dCRCEImtNn6NF7B2RC1IzZCWk_39f6s64iDzd6CplrpliGboctqrlg&sig=Cg0ArKJSzGWIP0zHTpN_EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=50&vt=11&dtpt=49&dett=2&cstd=0&cisv=r20231101.92914&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: tv.shoot-yalla.live
URL: https://tv.shoot-yalla.live/live/13150/12618/utah-jazz-vs-orlando-magic/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
i.match
a.tribalfusion.com/ Frame 1982
43 B
432 B
Image
General
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEFh0CBuV2QhQXzttVj6h_AU&google_cver=1&google_push=AXcoOmSXY9vK9Ge4TF1_Mv-GpHsQNv4er6UpQ59ydKOQVanJtwJDer4cui0NlviWLiiwiOXPnvYbD90lizH5oZAC6q1lHwMXPJc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSXY9vK9Ge4TF1_Mv-GpHsQNv4er6UpQ59ydKOQVanJtwJDer4cui0NlviWLiiwiOXPnvYbD90lizH5oZAC6q1lHwMXPJc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:02 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82018ac45a89b8ae-AMS
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1982
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMM7H0FF8ZsNi7t3FNDgTMQ&google_cver=1&google_push=AXcoOmQoy1L318xEILBTtJB9HZoJfAo1GjqAnOCiRtrGE1qB8W37i3r9nmljjRM3C9CpMR0u9PGlOI2kjOrHZKLs...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=7EuIgEftToEDMDzm8wD9sA&google_push=AXcoOmQoy1L318xEILBTtJB9HZoJfAo1GjqAnOCiRtrGE1qB8W37i3r9nmljjRM3C9CpMR0u9PGlOI2kjOrHZKLsIl970uCBtK2Z
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=7EuIgEftToEDMDzm8wD9sA&google_push=AXcoOmQoy1L318xEILBTtJB9HZoJfAo1GjqAnOCiRtrGE1qB8W37i3r9nmljjRM3C9CpMR0u9PGlOI2kjOrHZKLsIl970uCBtK2Z
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 03 Nov 2023 03:31:02 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=7EuIgEftToEDMDzm8wD9sA&google_push=AXcoOmQoy1L318xEILBTtJB9HZoJfAo1GjqAnOCiRtrGE1qB8W37i3r9nmljjRM3C9CpMR0u9PGlOI2kjOrHZKLsIl970uCBtK2Z
x-host
tde-deliveryengine-production-bb588bf9-bhmr8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
x.bidswitch.net/ Frame 1982
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEO3UDU4nllXZy85h5cuoa9c&google_cver=1&google_push=AXcoOmRvGDkQNU_2irBAC8XlQAmIXCQfvTyzX8XZnk_GbtmYPHeu9pqClAUcz2tmoilxQ5No762wklQkDfIdyp5IXRyWxjdOZeQ
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.98.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-98-46.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame 1982
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LYjunyXef2xtVxvgQYA5fgMQcyd1mfdGKqm8Yj6XCwSg
Requested by
Host: 1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
URL: https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
prebid
id5-sync.com/api/config/
135 B
419 B
XHR
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
91d9858a3fbbbbb194b1de253ee64efccf4524e1f7289276deb4be8607995973
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://tv.shoot-yalla.live/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tv.shoot-yalla.live
date
Fri, 03 Nov 2023 03:31:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
pbhid
id.hadron.ad.gt/api/v1/
227 B
340 B
XHR
General
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=239&_it=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6814fd06e3003ae0a0970fdd3a7b59e91cf3e8afa3fec26ef2efa38f73cb3d72

Request headers

Referer
https://tv.shoot-yalla.live/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 03 Nov 2023 03:31:02 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
82018ac4e90a06bc-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
envelope
api.rlcdn.com/api/identity/
44 B
363 B
XHR
General
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=105
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tv.shoot-yalla.live/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 03 Nov 2023 03:31:02 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://tv.shoot-yalla.live
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
isyn
prebid.a-mo.net/ Frame A731
0
0
Document
General
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://tv.shoot-yalla.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Fri, 03 Nov 2023 03:31:01 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
partner
sync.search.spotxchange.com/ Frame 8FB8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFPZyHCxn-LFehWlHtOMVJs&google_cver=1
0
0

partner
sync.search.spotxchange.com/ Frame 8FB8
0
0

sync
ups.analytics.yahoo.com/ups/58269/ Frame 8FB8
0
38 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGMb2s-cBMAE&v=APEucNVM5tfDHWBtTKTLLIDnY-QU4OqfXSxPBsfMx0DRSlLbT-QSTfpwXoeCv_tcZJyo2aVc35DKeON1xDTxVgrirpZ6nJAeP_Zdr6fjNWYAoYrWtHwcqV-nq7Fvv4beReqK8vVIXl-OM1zUBK0NwLfqUizikBfuf9nz0qSJCD3xow63m8nH7zU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 929E
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
587836
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 27 Oct 2023 08:13:46 GMT
expires
Sat, 26 Oct 2024 08:13:46 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0120
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a6744a47552ccab49f50680a6fc85056a4cd856799f6eb7796becc6ec1a29c7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
v1
lb.eu-1-id5-sync.com/lb/
33 B
279 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
bea8091879ede592e7bac620c6efe94571e4089361a632effd1be68c62bdbd16
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://tv.shoot-yalla.live/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tv.shoot-yalla.live
date
Fri, 03 Nov 2023 03:31:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 929E
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:11:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
1172
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Nov 2024 03:11:30 GMT
371.json
id5-sync.com/g/v2/
251 B
536 B
XHR
General
Full URL
https://id5-sync.com/g/v2/371.json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
292e419a8d4bd49105d596079a23779465f61c14bc2489fe09ae8b95696a82ea
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://tv.shoot-yalla.live/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tv.shoot-yalla.live
date
Fri, 03 Nov 2023 03:31:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 929E
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BQdG9dWlEZbHNOYfD9u8Pkti28AcAAAAAOAHgBAI&bg=!KimlKWbNAAb4oU7C2KE7ADQBe5WfOHrbfl4y8umSwfaLfY5vuvRFxmiOGCqE9QB8XPdnCswEFW4zpDImzfzdGj-ik14NAgAAAH1SAAAABmgBB5kDSL4owPlSUWrp0i6FNaQ19Fo33JYOKcjJ22xSWAhLhjqkh3qyd51YdiWRJdAcJ43HicbwHtLCEFuufxOe-HMc-gE5MGUaNKQqd-yB9a5RvOHmke7gqwG1kJnqZHPSWkL0LNUMVBQSzdpbnejuhBZVDNeUKa3ORo-j0vyAbMrhXeqhb-73ChgNSJZaUbAE8S7eRflljMnlErqG5DFB5emx3pWDWemkWpkUxLqp6R0MSYjEdfG0g9OZ3unaB_ag3gjQxg3_syFSGDfHLJ_ODorKD5nbYNaR0u5nZdCTszupIErS5rjM7xBa_2A9fZWJ9PtEOLyWsGk6GEzLtGIQnkVKW6j0dEOQcmuOj4FecytA7et9srEuVL8GZW-TBLoXRWqdZ_Zg623zqcR2HHdWzx5crc2D2R9pLW6OUwyDLOu5V_TEU5umoMzcY7oF-zZf96vjDWtCyuaopirT54e12Wh8H5R8-g4Pd5146AD7ccQkRRu2Rs8ZTZBSrQH7wY-Jv-xvgty6RUmwFLJJ-SVkbOfS3y6E08cG0-ZBmHN_6ocVq1fvqFO6EW06xIXQBXhxyA4IJpLDkalGrQfLZuHU8dezYICTa7vegBgZ3CGpHDxMEpc3J61xnaLfvKMlTsuf7Y7gONUZOTG_Yw4oYQKZiq6ZcpdwtbmmEVY4mJ58tgTmMhtt3Ya1ssZ2gF72NM7AYST1iZJ9x9RKygDTs5UitTNEKkbxJLcrGVLbWPAgwZB4IvD0CPukyBu-QKS_0bhLchPsMlt-WbhnrDKOwsG-dLchCeLERcMq6QPKZoZpgfMAcfmK6BfR4P1dvP-uQRCVn5PnbXl-t_6Wan9OAyIw01jhDLlkXPM9Ky0zVx-6OSE87arIZwz3cjzBEr5SmmKXbXghv5Ld9CoSuR1AcbqxjoobS5ZCebXWWdFM7--EctP53MLUBDr1dXX5cJczj5x3JDd7fH7EYW8YvziCWlbn-jL4NHejLyHvZxf1_aq1UcSkvW2_ux-H2Yztj3N_VXpKxvv8lhZ9jeO0KNxFPEkM_-QR7HM6zmeyz3YyaR4zxG-KAjh4VB7ijSqs8OyOTTSh-oGLX6XrpbVSVvSkzcbcQvPgXLyVOzdxhm6Nqg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
multitracking
ghb.aplhb.adipolo.com/adunit/
0
230 B
XHR
General
Full URL
https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/oLWia/hbw_master_751043_18393.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tv.shoot-yalla.live/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://tv.shoot-yalla.live
Date
Fri, 03 Nov 2023 03:31:02 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
jazz_1.m3u8
a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/ Frame 4C2A
438 B
793 B
XHR
General
Full URL
https://a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/jazz_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.205.187.54 , Netherlands, ASN213373 (IPCONNECT, SC),
Reverse DNS
Software
nginx /
Resource Hash
30bf45fa84ae6f7443b8334ef394ace3e448d2cc4a9a844c9aa2ffc06d4fef92

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:31:03 GMT
Last-Modified
Fri, 03 Nov 2023 03:31:01 GMT
Server
nginx
ETag
"65446975-1b6"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
438
e.js
live.demand.supply/e/
0
480 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?r=shoot-yalla.tv_fluid_all&e=ubs&dsReferer=dHYuc2hvb3QteWFsbGEubGl2ZS9saXZlLzEzMTUwLzEyNjE4L3V0YWgtamF6ei12cy1vcmxhbmRvLW1hZ2ljLw==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-nf-request-id
01HBTYD4N6T6Y3FXWYDHSEKYXW
date
Fri, 03 Nov 2023 03:31:03 GMT
cf-cache-status
HIT
age
1416150
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
82018acd9e9eb8a6-AMS
activeview
pagead2.googlesyndication.com/pcs/ Frame 0120
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8d15TnCHg0qbFjCez4veZ_VkkkZPuiOhTP6Dtd4PTrLshT3gG_rjtkCw2eQSUfdGSOQZHJBcoKiPbEbFEjpSuyTw6rvgKFh9_OWryLEWn5Io4QrJ0eYtyvbbyoCZ2m1cNtb9EJ1RllXJu&sai=AMfl-YTVDit635pWISUBN7f8hGsNeVFvQKfh8AzGPBi-8I4SLPVlv4wwQZ9KYo6MbQcX9yWwM1Wt3qdHMbnt-FWU5swStMVQ8QwIHZJV9fXTWSo9dL66F_MiovKs1oIL&sig=Cg0ArKJSzPGAqFZF4-8zEAE&cid=CAQSPADICaaNKjQOLVX36CY7Mw5oJ3tsjxRyjoDt36ptUQboul9qCaVzSrI4Im4_7KZFuz3es97_9iFlM1uQ-BgB&id=lidar2&mcvt=1000&p=312,1600,912,1760&mtos=0,934,1000,1068,1068&tos=0,934,66,68,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=0.81&if=1&vu=1&app=0&itpl=20&adk=4173754796&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698982262263&rpt=210&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Nov 2023 03:31:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
int
lm.serving-sys.com/lm/ Frame 462C
0
230 B
XHR
General
Full URL
https://lm.serving-sys.com/lm/int
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5PoliteBanner.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.76.235.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-76-235-209.eu-central-1.compute.amazonaws.com
Software
LogModule 0.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
https://1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
Access-Control-Allow-Credentials
true
Server
LogModule 0.6
Content-Length
0
Content-Type
text/plain
jazz_1.m3u8
a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/ Frame 4C2A
438 B
793 B
XHR
General
Full URL
https://a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/jazz_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.205.187.54 , Netherlands, ASN213373 (IPCONNECT, SC),
Reverse DNS
Software
nginx /
Resource Hash
a1b001604b1dd3a0bb2cebdaefcd791fb8e971d72c42c94ab2b97147c84c7a24

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:31:04 GMT
Last-Modified
Fri, 03 Nov 2023 03:31:04 GMT
Server
nginx
ETag
"65446978-1b6"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
438
jazz_1.m3u8
a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/ Frame 4C2A
438 B
793 B
XHR
General
Full URL
https://a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/jazz_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.205.187.54 , Netherlands, ASN213373 (IPCONNECT, SC),
Reverse DNS
Software
nginx /
Resource Hash
a1b001604b1dd3a0bb2cebdaefcd791fb8e971d72c42c94ab2b97147c84c7a24

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:31:05 GMT
Last-Modified
Fri, 03 Nov 2023 03:31:04 GMT
Server
nginx
ETag
"65446978-1b6"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
438
track
servt.modoro360.com/ Frame F1AE
0
145 B
Ping
General
Full URL
https://servt.modoro360.com/track?d=Chrome&cou=NL&cos=Windows&r=tv.shoot-yalla.live&rs=tv.shoot-yalla.live&sid=28624&t=1698982261&cip=31.204.150.148&sn=&tgt=0&osv=10&bv=119.0&brn=Chrome&wi=500&he=281&app=&AV_PUBLISHERID=64db8a3bf27a2554d7080489&test=&d64=bcd615d74c3634984acbfd6f7008332c&d63=bcd615d74c3634984acbfd6f7008332c&aafaid=&proto=https&uid=1698982261568-979478255989-001237-006-002461&cha=0.7&stagid=64db8b44ba16e1afa30cb885&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.139&cb=88669231410&d39=&d65=Test1&d66=8.4.5&d74=&d56=&apppkg=&d9=1000&pt=2&d66=8.4.5&d74=&stagid=64db8b44ba16e1afa30cb885&stplid=6192229fa59e3976bb4400aa&cvid=631a0c74c080af4ad20201d2&cpid=631a2480b3d08269680f4be2&str=viewable&cmssynd=%5B%5D&AV_WIDTH=500&AV_HEIGHT=281
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=64db8a3bf27a2554d7080489
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tv.shoot-yalla.live/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 03 Nov 2023 03:31:06 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
jazz_1.m3u8
a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/ Frame 4C2A
438 B
793 B
XHR
General
Full URL
https://a4.bath002.site/watch/hHcbRlEhX2K2FRIq9W8saw/1698985603/1698985857/1/jazz_1.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.4.7/dist/clappr.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.205.187.54 , Netherlands, ASN213373 (IPCONNECT, SC),
Reverse DNS
Software
nginx /
Resource Hash
a1b001604b1dd3a0bb2cebdaefcd791fb8e971d72c42c94ab2b97147c84c7a24

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tv.shoot-yalla.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 03:31:06 GMT
Last-Modified
Fri, 03 Nov 2023 03:31:04 GMT
Server
nginx
ETag
"65446978-1b6"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
438

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvng5XHZ6amfeheqzXDwzn5hKfBmFAoj3jn8ki12eq7Nh81njxSUQv2xgLWfK7wQVBqjLL-inDffrhG3eX3Ia9jjaes5JT51W-o9cD98jtNu3nLnFw_L2l6MEn_ZG8PYdA2o9oNu9FqkaT4jeo8jVCgLPZew76k77CJv_Ae-9ntoFGgo0KJGEiHXHI5Yfqh4KD7Q3wzs0SAsSnU6RWk46XXrclSGdfdwfIQAHe3zdjGU4W5iwuO3ZQkeZLCXvaRHD0b_k6GACsr8SoE9zzBuqs_l62xCU1XCPhp5uZO-9tO-7b_eE5lB7T8XR3YjJjBQQuXUqfiHVVRcYwglqJj45iN4tQYlgMEFqM5rg8JUvub6UPxwHt4xlJk83JNfLDAgOG5Zpj6yd-abD5S3UpV2mbNbVrsPbu_iYINAKO2IM-h6X4H8jBr3g&sai=AMfl-YQ0LFbDzIey5cBT2mme3b4aUCiBREbuO1rx5HOnSYlSDJ6CG-yz8qynm7FFv762J0KUsq2rNkOQIeIuUfMq0iI5Ihrh13-jHJNy7It7RmVdvM-WsDyWyz1kgZXbK1mEelXlNi1hf0Mvk7J_umW8&sig=Cg0ArKJSzNPXLcFFH5_-EAE&uach_m=[UACH]&urlfix=1&adurl=
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstm803hMg7sbE_xXompM_ffyBWCYSU3k8vw3GFckUfNuH9DeLOot5O0VnWzXDbrX2uLX2HDE1UP_eR6zJbzGjq-oo5QMlUm2XmY3RWoS9vjJsOpTapS49FOtVyKmwjNeVzi3dgza3HRODQnKGbLUg_ciG3VBrztvcxI2vDPBUr7NouAMLPKGMP0te46DIZZeHXTmMGEdSHKT4DR03aJvMZF49eKnw1BwmsRT92VKzFKSKTcr8oJV29uZ6VtxjmQv91Im8eOaBeE9jnamWPoH-aIDFdLtIZjGvQIGBtdKtr7JO2UDqbAz5ZG5GEJZ0IflDwZbNYApSsWZmpwl0jU0k29b14JFY91euHQun9ze18VX6-23_vjf7D6noiG_jddosOszkG5JNn7H4Nvd6dVcQFh1da-RvpkhIQ2ac8iBys7bk4uoxE2rQ&sai=AMfl-YRcCw85GlBqA97alaaWWn4GEuRc0sxE7FzdHswH8wlc3-ZbVWIrlrTbsU0AaIpAC92uNoZq_XRqC94PHzehujSzT252LqHiMek4it3DfpYM_F0xP1ZwO5E3ZIAxtxF06gcKKt2kE2ntgO82PCM&sig=Cg0ArKJSzEChORrUGikpEAE&uach_m=[UACH]&urlfix=1&adurl=
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8v4bYs7_iVap9aP_YuNJ_DtfPAfxl4-asSbR1k3XPwm4D2H4cRgQdJWpbpBnxYBwhOAc8yLrhFbacI532i9lwqb0CFZnRb1acceObSA7Lanf1c465NaLpF3SEtwCR0zb58giERv8HMHlg3odmbFjhE4JfOyoRD9KmC0P1d520pDdK-Fwjp3D_3SP4S4gaPsb_VISaomgPK7WvgH5MzgigvxzRE1J5oAMe-3bMPgoi-ao5H5_URaCeFyc9EteaduJfhYHAakvgR9bCNxkX6DX9mX3hDPhT3qM9EfQdfCUzU3Ggy0a31WVldLVTMoWNZrIWbUF-C8tQy4tCouGtsz7PjAZPOdq3FHBAqz3B9Ej8VCTssH5AzV_fEtNtRmuhtUO3YD5JIUzWXLb7h7anLdmUTmzfjxuZEKIXuz1HdQT2CsfXW0JJ&sai=AMfl-YSOqhJ1y9Z_evL54dM5eL-wjRqdWe8ufAruLDO5jncfQAGw5ROpZ6tH47-VxcuaonU__OC1KZCkbBdp4EHXPZm2D19hA_tO_pNzzumvwrN844j2p6-JaGgflGlwbg&sig=Cg0ArKJSzFay_t-pp34zEAE&uach_m=[UACH]&urlfix=1&adurl=
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFPZyHCxn-LFehWlHtOMVJs&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Verdicts & Comments Add Verdict or Comment

215 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| documentPictureInPicture function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal string| currentUrl string| mainURL number| p object| matche string| u_key string| k_url function| update_frame function| _0x17035d function| _0x1bbb function| _0x144026 function| _0x516788 object| divChannels object| rowChannel function| _0xef9dd0 function| _0x12aaab object| channels function| _0x599d function| _0x19cc99 object| channel0 function| gtag object| dataLayer string| demandSupplySc string| demandSupplyCr number| demandSupplySr object| houseAdCampaigns string| demandSupplyTi object| demandSupplyTc object| demandSupplyTcI number| demandSupplyPDI number| demandSupplyDFSS number| demandSupplyCRR object| demandSupply object| googletag object| adipolo function| runCode object| opavibingo object| gptAdSlots undefined| interstitialSlot undefined| staticSlot object| anchorSlot function| removeCustomBanner object| vmpbjs object| vpb object| th object| dspbjs object| demandSupplyFS object| _app object| ggeac object| google_tag_data boolean| google_plmetrics object| google_js_reporting_queue object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal undefined| google_measure_js_timing object| 3jcfzwh29pq object| zfgformats object| vmpbjsChunk object| google_reactive_ads_global_state number| google_unique_id object| aniplayerPos object| pbjs object| regeneratorRuntime object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_144 object| Criteo object| Criteo_identitytag_144 object| __uid2SecureSignalProvider object| __uid2 object| syncCallbacks object| _33across function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| webpackChunk_aniview_player object| avContentPlayer object| google_image_requests object| storageAni

41 Cookies

Domain/Path Name / Value
live.demand.supply/ Name: demandSupplyTi
Value: a4808ad4-84ad-42e8-ad99-1fb82291131c
.demand.supply/ Name: __cf_bm
Value: xXEi_oZHsXeFcOZPMxu9BxHGZjeE2IJ4V3vTdVJBa0c-1698982257-0-AatrdVez9oLUtdsw0t/Lru+MZU/2Dl0FZlL1NGHkKQ5AYAUU+pSXUAdN6hqvtO7BRMn5LIC2iC+xXqIXqtCO+do=
pisanguttate.com/ Name: GL_UI4
Value: eJw9jd1OhDAYRPln1QWdhAfwEQrryu6l8SG8JKX9YOtCuykV4tvbmOjVnEzOZIIgiKpHhGuWIP7iRzxzKV5PdCDRtg0Nbf0iZMMYNYfh3LTD6Yg7tXSO9xO5BLtl5tZ1bk2wH0mTVaITRlKBJ2%2F9NVdtNp0g7S3XskA6e2MqkPfWbAvZKkai%2BUzI3i%2FW%2BExn%2Fmks4ro%2Be1bac8gQmaWKy3vkH0pLPyz3iGpWllmAh9vE3WDs3CmZhUhHyyUhfMNOcEejsd%2FIJS1XZ26AmWT37%2F%2F%2BxlvNkElalfDnxl3I%2FgB4U06W
pisanguttate.com/ Name: GL_GI10
Value: eJwVyb0OgjAUBtDeO2CIP8kXeQCfoAHBxF0HBsOgmxuhDTTBlrRXn9%2BwnOUopbjYgd2CQ13pc9no6lLqqrmCRnD3AA8e287KZOPce5NAEfxuwdFj%2FwpfmU5tmNcCDcifQcRG039ADhtX37W3AvYJ%2BS3EJcReLGjJCCxhNZlCgX7Z8Q%2BUySDN
.shoot-yalla.live/ Name: _ga_3QCY3XNZTG
Value: GS1.1.1698982258.1.0.1698982258.0.0.0
.shoot-yalla.live/ Name: _ga
Value: GA1.1.909424221.1698982258
tv.shoot-yalla.live/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.shoot-yalla.live/ Name: _pubcid
Value: b0f3d1ff-2e5f-49b9-b84b-578e60abc8ed
vaitotoo.net/ Name: OAID
Value: d39c48e6cd96497eb016e7d1b81fb7d1
vaitotoo.net/ Name: oaidts
Value: 1698982258
.shoot-yalla.live/ Name: lotame_domain_check
Value: shoot-yalla.live
.criteo.com/ Name: uid
Value: f47a0c18-6d1e-43e1-9858-e0d4e836ea6c
my.rtmark.net/ Name: ID
Value: d39c48e6cd96497eb016e7d1b81fb7d1
tv.shoot-yalla.live/ Name: prefetchAd_6289843
Value: true
vaitotoo.net/ Name: syncedCookie
Value: true
.openx.net/ Name: i
Value: 67d86fb4-6461-4f2d-993d-13b600245f2a|1698982258
.shoot-yalla.live/ Name: cto_bundle
Value: xKKoIF9OdkpGUkRiREZFdCUyRkhNbEZiVE5qWGRET2dqM2FKM1JrdEVPR2QlMkZyJTJGUiUyQkhLR3pmaXVkJTJCOXdBa2RhZnRoa3NiaVRNZHJVUFJ0MndnU2QzJTJCYjZHQkx2dnVmYmxGY255QmhKaTloaFIzd1pMeEVkZFk4d3BnU0ZZZXNUUGNCYWQ5UHYyZ0JlU3BwWjlGJTJGM3JmcEFZOFY2S1QlMkZnaWxKNnZDbGhnalpEVFE2WGEwJTNE
.shoot-yalla.live/ Name: __gads
Value: ID=a3aaed41d9e71383:T=1698982258:RT=1698982258:S=ALNI_Mb0zFKhOm8VwXhnRi6_rF2lKshluA
.shoot-yalla.live/ Name: __gpi
Value: UID=00000cb3652e833e:T=1698982258:RT=1698982258:S=ALNI_MaF18pyieaqm74xanFhON952Q9GTQ
.doubleclick.net/ Name: IDE
Value: AHWqTUmOP4PPsVrYNEvB6hzm9qddn2ZN2SHvoFFpldU0G9sXnK1ZDUnnuUOxt28PB8s
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adnxs.com/ Name: uuid2
Value: 6199023475104064559
.casalemedia.com/ Name: CMPS
Value: 3264
.doubleclick.net/ Name: APC
Value: AfxxVi5Ag_S-vlshPXHcDqS_R-0UHVjIVrH2QH6gauoKV-n6oEjvvw
.casalemedia.com/ Name: CMID
Value: ZURpc9whaW77jPW5wqud5AAA
.casalemedia.com/ Name: CMPRO
Value: 3264
.yieldmo.com/ Name: yieldmo_id
Value: 3Fq_7ccQQYcfAwMIFHQh%7C1698969600000%7C0
.go.sonobi.com/ Name: HAPLB8G
Value: s85152|ZURpd
.adsby.bidtheatre.com/ Name: __kuid
Value: 7a83091d-8075-49db-b507-bdd662fe1467.468196260
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22EC4B8880-47ED-4E81-0330-3CE6F300FDB0%22%7D
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjExMjE3NDezNLS0NDA3MTA3MxfiM9RN8jMzMAoyr3CNNzcHAHJ5XT0lAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjExMjE3NDezNLS0NDA3MTA3MxfiM9RN8jMzMAoyr3CNNzcHAHJ5XT0lAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA129fT1CE70y3AvdM62DCmPSDLJNLMMcQziNTSztLC0MDIyMwCyXjGi8gEe7HnePQAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA129fT1CE70y3AvdM62DCmPSDLJNLMMcQQAG9Rq0B4AAAA
sync.gonet-ads.com/ Name: chk
Value: 1
.modoro360.com/ Name: aniC
Value: 1698982261568-979478255989-001237-006-002461
tv.shoot-yalla.live/ Name: _lr_retry_request
Value: true
tv.shoot-yalla.live/ Name: _lr_env_src_ats
Value: false
ads.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22EC4B8880-47ED-4E81-0330-3CE6F300FDB0%22%7D
.tribalfusion.com/ Name: ANON_ID
Value: a7nteZbwyEoipuMNpa2U7bM9BukpRjtsEh7BiUu57QHUqFZbdrXN1D340EAgEmClTYYEAVji6OSpKq4ZbGT3xLbZaD0938RQGt7B
.gonet-ads.com/ Name: pid
Value: NGFkNTQ1YmIyMTdjY2M2Mg

8 Console Messages

Source Level URL
Text
javascript warning URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5PoliteBanner.js(Line 109)
Message:
The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript warning URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_245_3_0/ebHtml5PoliteBanner.js(Line 109)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network error URL: https://bcp.crwdcntrl.net/5/c=14313/camp_int=Advertiser-Banco%2520Popular%2520Dominicano%5ECampaign-BPD%2520%257c%2520BRANDING%2520INSTITUCIONAL_2023%5ESite-Double-click%2520Bid%2520Manager%5ETipoDeCompra-16769_OCT_2023_BANCO%2520POPULAR_AUTO%2520FERIA%2520POPULAR_BANCO%2520POPULAR%2520AUTOFERIA%2520DIGITAL%2520OCTUBRE%25202023_DV360_CPM_IMP_SB_45212_45239_0_0_0_970x90_SET%2520DE%2520BANNERS%2520INTERESES%2520PYME%252fEMPRESA%5Eimpressions
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://bcp.crwdcntrl.net/5/c=12100/camp_int=Advertiser-Banco%2520Popular%2520Dominicano%5ECampaign-BPD%2520%257c%2520BRANDING%2520INSTITUCIONAL_2023%5ESite-Double-click%2520Bid%2520Manager%5ETipoDeCompra-16769_OCT_2023_BANCO%2520POPULAR_AUTO%2520FERIA%2520POPULAR_BANCO%2520POPULAR%2520AUTOFERIA%2520DIGITAL%2520OCTUBRE%25202023_DV360_CPM_IMP_SB_45212_45239_0_0_0_970x90_SET%2520DE%2520BANNERS%2520INTERESES%2520PYME%252fEMPRESA%5Eimpressions
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/AdBuilderScripts/jquery.mobile-events.min.js(Line 4)
Message:
The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFPZyHCxn-LFehWlHtOMVJs&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=105
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1c8599d561a7ef963da818ff903d848b.safeframe.googlesyndication.com
a.rfihub.com
a.tribalfusion.com
a4.bath002.site
adipolo.com
ads.travelaudience.com
ads.yieldmo.com
analytics.pangle-ads.com
api.demand.supply
api.rlcdn.com
bcp.crwdcntrl.net
bidder.criteo.com
bs.serving-sys.com
cdn-adipolo.urekamedia.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connectid.analytics.yahoo.com
content1.avplayer.com
dsum-sec.casalemedia.com
feed.avplayer.com
ghb.aplhb.adipolo.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
invstatic101.creativecdn.com
jscdn.greeter.me
lb.eu-1-id5-sync.com
live.demand.supply
live.shoot-yalla.tv
lm.serving-sys.com
match.adsby.bidtheatre.com
mug.criteo.com
my.rtmark.net
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pisanguttate.com
player.adtelligent.com
player.aniview.com
player.aplhb.adipolo.com
player.avplayer.com
prebid.a-mo.net
pro.ip-api.com
region1.google-analytics.com
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
secure-ds.serving-sys.com
securepubads.g.doubleclick.net
serv.modoro360.com
servt.modoro360.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.criteo.net
sync.go.sonobi.com
sync.gonet-ads.com
sync.search.spotxchange.com
sync.teads.tv
tag.researchnow.com
tags.crwdcntrl.net
tg1.modoro360.com
tpc.googlesyndication.com
tv.shoot-yalla.live
ups.analytics.yahoo.com
us-u.openx.net
us.web3-lab.com
vaitotoo.net
web-api.scorarab.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
securepubads.g.doubleclick.net
sync.search.spotxchange.com
www.googletagservices.com
104.18.35.167
104.18.36.155
108.138.36.46
109.205.187.54
139.45.195.8
139.45.197.243
142.250.181.226
142.250.185.130
145.40.97.67
162.19.138.120
162.19.138.83
172.67.130.34
18.173.154.26
185.86.139.94
185.89.211.116
188.114.96.3
188.42.105.236
193.0.160.131
193.108.153.24
2.21.20.199
2001:4860:4802:34::36
205.185.216.10
23.109.61.144
23.35.237.56
2600:9000:225b:d200:a:e047:753:a221
2600:9000:225b:ec00:10:dd8:5e40:93a1
2600:9000:237d:f400:1b:5138:8a40:93a1
2606:4700:10::6816:3456
2606:4700:10::6816:445
2606:4700::6810:5914
2606:4700::6810:8616
2606:4700::6811:180e
2606:4700::6812:19ad
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2001
2a00:1450:4001:810::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:830::2001
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:3100:189::2c79
2a02:26f0:3100::1725:e278
2a02:26f0:3100::1725:e2e1
2a02:26f0:7100::213:c66b
2a02:6ea0:c700::11
2a06:98c1:3120::3
2a06:98c1:3121::3
2a0c:5c87:5241::2
3.71.149.231
3.76.235.209
34.102.146.192
34.120.133.55
34.120.135.53
34.96.70.87
35.190.0.66
35.244.159.8
45.133.44.3
51.77.64.70
52.19.8.73
52.50.105.105
52.59.87.200
52.59.98.46
54.83.253.175
64.227.64.62
69.16.175.42
69.166.1.35
96.46.186.186
00cc63cd6ed4b645ed0a274e431628073d79150a2e0a3c20c5ab2685abc43c95
0129fef24101a11eaa58cb3eab025b451acc53fb30a6dcd6cce7237b07427e2f
0146fe276f9ee10709c17ce7e798e32b0e4fb0e6c0011c1b5c2c86ec1ca8e911
0213165f17c942a002a9ab00385e768717b2a9ebe889cdb37f092d3bc7715f33
02bc356eb76e07148556c04423a5b9fca14e665572e2b26a67ddd6e91f30f41e
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
04bebecfb9f7ce92cf947ce283fccf067cf6870f65af3456dd22b6c102447c83
0583a8c7355e6c435b2f7cd4ff605acf64578d9139de73f5b4927faf75feefdc
05851395d1bef45744fda878beaf73609df0d4fa74d6df835e1feea33267950e
06c33a0fd4a4ed98f9fe17553cc542fefb0bf499aac1ae91ec0e2c367fb4a316
06ceb675c8c76ea5bdbe69ac96b9a1b022c160e67c75330e3adcb661f11d0b99
06e315e152bbb562a16b14401e9373334adee451c9abffd171b37d09735576fe
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0853d900297c15c973c5452ea5c0c1e1a6c4b464a487ffd9f017f5eb91ea8d62
0854dc7b18243a9093e1464a1d6edffa307d1e4d8d444e0512e22f166932a35f
099657171463b4ada4b9bbf48a40e2305f67331a210ca4bc457051e0499ee23b
0a0a114ed200d6bdb584db70452d1009ba742975b542b6d1dfede479d5e46807
0a441c4f1b90c992eacea5aa9ed1f7143c5e0ca315d26edcc3468ce5ea61e03a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e5acb2ea5e47f9e0705e387e6eb37efb4358f51d829de4ddfa4b3261f522ad7
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
0ee14843c640d449091f4f93908ace51b8da267c77ee0b35df0de10681792bc6
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
10a9bbbbcc7d11e2b2d7bd1c4d75126e0bc030ca50223f03d8d9b9b07972a899
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
134935706010930dbfe978aee37dffe70cc504e7d8eabdbcfcb0a9ecfd317946
1768c334e1c3a77f8e4fe96547d8a7803f91b4ce5352d4d907745a468326baab
1865e44671ee2de2d4ea72400053a3527aefc0610492d6802fb7243ab75d7068
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1962a1c66c902d9648e4ade28d36cef821499b07d13f6cbe50aa5e57561d08f1
19f42e6c0fc7553695f9984f176a9b0e206cdcd9d3e2e062eaaaa156a5a2f7a7
19fb2a01f28c4d3258caef64e9a9caf9a654e6132745662e9cb9b3b98c3df3c7
1bd4dddbcde866b6a618dba65eb7cd50ab39ad4f84c39650ab4d3bf600a69f0b
1d2e8de8d05446a49a58d8b8af9bc4698dbd4a63c4083d893ec232b1f3b0defe
1d40e4c9ea8d854183854c26f57ab2ca6394d58efafc1c2642f69b9ebfa9b9af
1daa562f9c0c9811bb591c23247da6c8ba9c4b7defd2966d6d285d538222bf59
1ee73a11f7deaf542b5417e0fa5adac6d92212515da73813d552157337d25cfc
22d77c667d6084c6eb69aa5b1f28bac84df2d473de862e29d060054a84b20106
23ccc2eb5ab2f26dc90911585b07893758e681dca2f83417457640c91a407fb9
254ed2440d3fe989e8e3e2f2a892760cd72ec637fffa6a2955e2c95895c0feef
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27dca54df0121d401e73aa689f12b452552300d66b4d85dbd3620882dc185483
2869219efe96de4991c0f14566c34036e81424087baf518140e1ebde08874502
292e419a8d4bd49105d596079a23779465f61c14bc2489fe09ae8b95696a82ea
2a53486248a5eb3b5c2097c9b7bdeaa8117b442e8ffae2d36465f21e26236195
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c
2ba670c5fd0d8cb2b7d984b9f53ab08329375c00809fe3b159a22cfe9ed79bb0
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
306bd93ebec956fc2cd99f37aa127c6d65bd497e7bb216065cc68c685c20a513
30bf45fa84ae6f7443b8334ef394ace3e448d2cc4a9a844c9aa2ffc06d4fef92
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
325c8999008fd3b845f93b9e4b5ff90c5abfe87fed57c0799657512b7f9b9b8f
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3304ebafae2f97adb0f5d016454298a110bc449f68cda9c1afa3e01a325963e0
34203ceb9d0f82a0428e892f9ecbafbaea293692c4dc3d52dfa7bed5dfd87f5f
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
37aeb49d50cc7ad2b8f41bec5329dedcf7d9084d38615b898bb7295e1157a035
3807c51a39a1b8f50e09a8390f26d13c1b9724476d55913750aaf8addd91a5f0
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3b79ef5d825ac2a75bec6ba12481736d11dc0a6e477932557e140948d229670c
3cfe29ef345932cf1895133dffd1c58c937a960a93ffdf068d65dc0225a94fcc
3eb568caecd6ca476ae2143f0ec1597b4621e69708fc452354bd53c8d6b25373
3f9e497976367baadbe1fb8836a86f3d485bcb3bade56770c39c5c6a8071a858
42cd03b26510a01a94937934bcecac21051253240437083e6f4b32b3b599d1ba
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f71acce1e33e699dca80489cbfca298a9d2e62f8b418711e93569343eb6424
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b748b890bd935c0b3e5ade361e771456c7372e38dbe8a948ada16737b7f482
45dd60aee8728ca8786226233d74694db5f4c0110647c8e48710c49cdd5bdf41
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
484fe4a5e1df3fe20f5e032826bb99c91806f3947cf0a1d7249af40942c466ed
48fccb4c63df88cc3dd9958cf11bbad180d7dd318ef0b5361ebbab5c41896ee3
4cf45c2e68c9a6c786bab733b74b6002a0ec7219bf885660c069ff56d66b0b6c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56473919810ca41d9a3fc806e7c069812236485277832f0f776355d6b5aa392f
56edc5d982069cb66344317f08c1fab2d8f687682c4002f98b6ec78233d71889
5767b713b55182eef1e999087ed49546a63a53a074ea5fe768e8bec837f61e3d
58eaf6bef0ea6b1977b822f00fbd7b95c4d954a4ea6451d7b2eb38e9a0fa092b
5929e5619ff2bc33326c3129ef8262b0e770af5b8933335b0eac230208c91c1e
5c1e6e3f592d8c8b63e2b543ac0ccbae369ddb4604066dc97420c7a1d586ba8a
5db1e2190608a45e20e395591f3e292f4e393117f538914ec67afb9568da5be2
5e9b8ebfa1254b34af577ad1427510ffd97d29ed1ac0b14370d6f31954d075cf
609c9c8da515ce83f6dadac3fc67c7d3b9dd8ad6898eb9dda19c0b20b9a906a4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6621912d07a2de8622885fddfd9a6ce5f5bdb3a0923d599fa2bd70982df19029
6814fd06e3003ae0a0970fdd3a7b59e91cf3e8afa3fec26ef2efa38f73cb3d72
6b0eac3076460dc9e778719f1a7242e8956eb6efb7b45696eb97b76144669b7e
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6cf83b7bd8929de46fed575eacae708eb79c6f0085461d2e041c2603ff6be607
6e568d12a1c36522614b6810b62dc6311b82caf24c3cbc6a08c983e7b3393b7e
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
7352b3fe4a527a40949b798008949d0e4e08c6bccc51e5a30c9e4e627ae47e73
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce
77e0cbf5f73df644f929b908ed8697c27fecc3b456810ba75909ca8d14067104
7ae0b8e3f80fd2c97dea35c4a3643b17368ea41e6e63f083065bfb2a38caf37c
7b5318528427d4d94f79665ed115077b3a2a606961871a64948c7de34868dd93
7f36eb4ddb8b14fac625af0d0b852f870066f6834ceafe3978671fc18615f1cb
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82637c78d39671d0646c9499e626f932b0b29537ea1f6d571f9705fee21464ac
839a81b8a4b0d5341c7c4d230c53829d1587cd311144950541bd187415b935be
858af2282fe00aca07f14363bd0854a8ba60c3ae0b10bd6e6b729e73f99b94b1
89897552b145dc830240ee08b191fdaa6ad73aca3366366cd634897576394984
8a730029b533f2ed197e7608d02ac77e1ed480a89aae727bd19d809f8bad8513
8a75ca5fd364c6f05ec150270188508f6b16984849fa9665206e88aea1f81442
8c9ff8ea5b71f626b4784bce1f9c4f99d867bbbaf8118c333d8900c3e3096ef8
91cf683ee0db61e475ee4f5c12ba9281256db5662fd80f2b812067fd9d39b691
91d9858a3fbbbbb194b1de253ee64efccf4524e1f7289276deb4be8607995973
92723b387324bd78474bfc79834d5ebb6c9edfd0742878905111c1fafa583270
9316ccabd194e12200c6908fc42d30dc7d19847eed8255538af48d4e86a0f05c
942c814b7229da2f76ff9ccbb36a98a21df8bb89e73bd40339c2ac465cc23e29
95c03596aa5342e6dc64b5c7e075cc5023788a63371a52796f2d282f8c3834a9
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
96846fb895748b870e5f744b328ae2f611a996fe04e023547f5534121c41d86f
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a6744a47552ccab49f50680a6fc85056a4cd856799f6eb7796becc6ec1a29c7
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f66145fbaf681859fb04fc4cdedf358806d85dd27355199545b97db90d48829
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a047140cc174d554a323b1b787199a21c2c976e9991fa0428ac9a94a641190ed
a0fd8366f85ca9b53a88fba4c1a9a2a043d273e1152b923af231ebcd708fbb26
a108713b0fc6c655c2e5347c35a5dfe5a5e970bb23f99ad521b695d943e74cba
a19b3a770a433295ec7c946e9a2d4d263489be69ebab4d54aafb13ecd9d337b4
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a1b001604b1dd3a0bb2cebdaefcd791fb8e971d72c42c94ab2b97147c84c7a24
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6082257fe9e807fd65d06b71d533e90481bce2e163e0f25b36ab36a552bc6fe
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a6fb74131651e7dd5d1e8d54defd9efe61184d9c9200fd74940962c22c3a47b5
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
a8eb7e24873bb65c9b7193534bda15761d8853b24ca4a41d7749360972504141
aa19e0bd71bc7deab403d65dc645a38a9fe6d9ca42c605393d03440d6027810e
ac05e4c70f736c4a4a6105f4001df4bc532c44d6cfe0b78b94ad72c89df438a0
ac9290578d829fbcd24c81a6347c0c9a2bec6ee472e3bae45799fd63f56ec342
ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b04bdbc4035697ffd9ea50cc74dbb3323119a55935c79ff097903914e9d97ead
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f1881d36e033f8a3a3c2d76a8cee754ed1f5bf38cd2b8616489997ebd4cb0f
b22015e781bca8c265c5e679c44002e17b35f1e56b8d458bf41806f037e04350
b339b3dbc6f33a53a4efb9854950d39378eda7d321029ac085dc366811cbc895
b3d2d45118f3987c4a926a5e7454898f3b1a9c2be1efb1297f5e0ec555361c1f
b455df2b38ea34c4b0795d3418463842b28d5e9490eee44e9caf175ad7fe5d5f
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b5f5e1b21ae8a90c1311ef304c90af53e66031c561e5aa9c2fc6fc7c9fe08bdb
b60f422ac64789f6f1fbbfeb1827210927b6dc5cb5e1a8a7ff42b8db8482f082
b6233b419d0d1cd612c3327f9a4887b243b1d816cc339de1a5b84a3f6dd852c7
b62b3bcac1c14fbe138e730230d41e4ffa0be3ab861fcadbfae39f400cd59f82
b69aa3b1ddab3889f728d1e9f06b11390eaabacf8244bca766525354e55bd915
b8171c8f2827406e089cbc98ea4d9b5904cd05bc701a7f12242e368fa21d1f7c
b83276ffd30e30403e0e2676d131cc64b4859bfab94246c4b0cdc93a534ab704
b884942777d01cf9b73bca44eee759094b412a787ad29790d5794d54f8cefa9e
bd4fc42a21f1f860a1030e6eba23d53ecab71bd19297ab6c074381d4ecee0018
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bea8091879ede592e7bac620c6efe94571e4089361a632effd1be68c62bdbd16
beecd824657a7a49cbfe085de5fb5f32f07bd1148e3d3a606bab87394d7e00f5
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075
c2e547877cbdc102eb9b4f0f2c80170a9658698da15b4758d0806de246640339
c42dd8feecd34b60cc36cebe93dc3acc1f98bfb1c0afa93676a548cac0e69218
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
c8a7d164ade1a099ad40ccd22d5b9f15a355447ffff465df0c90b965bd5472da
ce00e20b1de71ae06025269109fb0cb9482ba6af1dbc262ba4eda319aaef9229
cede6b4d3db7dfd01d7d6e9bf322105ac466e167be6ca281e9ac500b1f302194
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb929f38dbe17f3a4357bd37296a55a7e9b46445f7d964b1592e5c3953d6a46
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d147adcd55f09c5eebc9c134a483e7a583f4cbb14f4465f9425485a2f4e63c6d
da113d5c8af5bc0b2ef4a2ad0f7111caf9374be70bb5ee17ea2149bb66ae6ad2
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dc80051f79f4a6c89645c6ffe9adad0a33f01fb15708240ee7e1e18167df6f1f
ddcf3ece5f9feca53c482736b47d52026ca2cba9328357f1f57e31ef9fb1ab37
df86557c0f11c06f425dab021ec5a970b22b6fa8b9651af3d26f137fb30c3702
dfd10e8a33f790b2577cba9350e2f0b0a737fe601e870f3f626b1fac1811db2f
e0e26767704a5936ffb300a08dc8d082e1f09e1bc12042e300ca43dacd363bcf
e0e4437805d3ecc7eca8242d071abf4e46a54998e972f8a81a9485b35729b202
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e2e2ee124a92ca6673a9ce2508260ac228832de36594217daffcbce988758fc5
e3306b0aeb55f1b0e88abe898f2b5c7238a487f4619482192729a1ac9d1e61b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f95e4f549793592a9e668dbb5f4dc4b81b670dc557609d89d8bc1a7b111945
e41de3c6155dadd975865a80daf027d450c656e1ddb132cabc96fb800f35629e
e5220ebe79a14f225a0b833ff34ce6b4c561ed3e192e733536fbd6c9f37fc6c7
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e79d2702b44ab69b511623ad8aa136e5b57fd81e9e5895cc36f122c83325f661
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec301c67db4c9e7dc2b46357be465c94b412259c6b38e7e5ce82893cf3528ff7
ecce27dc9da46299d3315af10259efe0b635e6132746dc6ff2267bcaf65219bd
ed5c31d1fd7bf0a2e18071425014870afc380967bdef81f99fcb8455fb8aedb8
eef8e23801cc13c6ecdde36dafb161c3149c6f82b88bc7204f4bb51e395d94c3
eeff21a699dabd0291e0f9677c7cdd5e198f2c70abcea9afe1329c4f9e528e8c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff7ee9958d76286b14e797a7f678364fe139f5744ef78b11aed7685100d1c2f
f3455c2295c31c55d1818c5dd1d7e44d8b8651cf0b569c0bacbaecb6f68a28d0
f49d0967f8f9ae0c6edeebc099978717c9a737ec670a1391ebc1c6528e181e31
f5d0407c813ca4bde74789d41f00c993617159d54e14e606baa4378d53bff3b3
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f74f38236aabcdf56bcba65d1a71a6821397b73a763b1ce2127567f60db1e447
f7916a37377e38527d4306303cfe89b653b49b0a6b0b05c6b7593f7ab0248da8
fa07a0f3eb0b960e52a25664259b64d9195c31ac62b9b0db48a19bbb4450f35a
fbb7b2ccf8f3f8d83e925e1a3820cb58495771182e194bea9628ae48e080c038
fc229b81f78665be5e398d248d7a20a310c86f4b214669802f890b56f7c9f1ef
feb97a90ef148adbb793ce925a51b98dc5bcbdc003a7f888b7e656f8429817e5
ff0b2cfeb8c551e0f0bf67f73ab77de1a8f8bdee2aff664cfa1ea1557183ffa3